From 69dda64735172e6c370a6475fc26658a66a85aea Mon Sep 17 00:00:00 2001 From: Timothy Mower Date: Thu, 20 Sep 2018 16:04:13 -0700 Subject: [PATCH 001/475] [docs] Clarify mfa_delete cannot toggle state --- website/docs/r/s3_bucket.html.markdown | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/website/docs/r/s3_bucket.html.markdown b/website/docs/r/s3_bucket.html.markdown index 7d68b04a432..914373ad437 100644 --- a/website/docs/r/s3_bucket.html.markdown +++ b/website/docs/r/s3_bucket.html.markdown @@ -359,7 +359,7 @@ The `CORS` object supports the following: The `versioning` object supports the following: * `enabled` - (Optional) Enable versioning. Once you version-enable a bucket, it can never return to an unversioned state. You can, however, suspend versioning on that bucket. -* `mfa_delete` - (Optional) Enable MFA delete for either `Change the versioning state of your bucket` or `Permanently delete an object version`. Default is `false`. +* `mfa_delete` - (Optional) Enable MFA delete for either `Change the versioning state of your bucket` or `Permanently delete an object version`. Default is `false`. This cannot be used to toggle this setting but is available to allow managed buckets to reflect the state in AWS The `logging` object supports the following: From ee910c848a71b8ceade475c12c58767af58d34f0 Mon Sep 17 00:00:00 2001 From: Edward Date: Thu, 7 Feb 2019 13:37:43 +0000 Subject: [PATCH 002/475] Add support for DynamoDbv2 IoT topic rule action --- aws/resource_aws_iot_topic_rule.go | 38 ++++++++++++++++++-- aws/resource_aws_iot_topic_rule_test.go | 40 +++++++++++++++++++++ aws/structure.go | 16 +++++++++ website/docs/r/iot_topic_rule.html.markdown | 5 +++ 4 files changed, 96 insertions(+), 3 deletions(-) diff --git a/aws/resource_aws_iot_topic_rule.go b/aws/resource_aws_iot_topic_rule.go index 425247d9af8..0eedc0dbde3 100644 --- a/aws/resource_aws_iot_topic_rule.go +++ b/aws/resource_aws_iot_topic_rule.go @@ -146,6 +146,23 @@ func resourceAwsIotTopicRule() *schema.Resource { }, }, }, + "dynamodbv2": { + Type: schema.TypeSet, + Optional: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "role_arn": { + Type: schema.TypeString, + Required: true, + ValidateFunc: validateArn, + }, + "table_name": { + Type: schema.TypeString, + Required: true, + }, + }, + }, + }, "elasticsearch": { Type: schema.TypeSet, Optional: true, @@ -326,6 +343,7 @@ func createTopicRulePayload(d *schema.ResourceData) *iot.TopicRulePayload { cloudwatchAlarmActions := d.Get("cloudwatch_alarm").(*schema.Set).List() cloudwatchMetricActions := d.Get("cloudwatch_metric").(*schema.Set).List() dynamoDbActions := d.Get("dynamodb").(*schema.Set).List() + dynamoDbv2Actions := d.Get("dynamodbv2").(*schema.Set).List() elasticsearchActions := d.Get("elasticsearch").(*schema.Set).List() firehoseActions := d.Get("firehose").(*schema.Set).List() kinesisActions := d.Get("kinesis").(*schema.Set).List() @@ -336,9 +354,9 @@ func createTopicRulePayload(d *schema.ResourceData) *iot.TopicRulePayload { sqsActions := d.Get("sqs").(*schema.Set).List() numActions := len(cloudwatchAlarmActions) + len(cloudwatchMetricActions) + - len(dynamoDbActions) + len(elasticsearchActions) + len(firehoseActions) + - len(kinesisActions) + len(lambdaActions) + len(republishActions) + - len(s3Actions) + len(snsActions) + len(sqsActions) + len(dynamoDbActions) + len(dynamoDbv2Actions) + len(elasticsearchActions) + + len(firehoseActions) + len(kinesisActions) + len(lambdaActions) + + len(republishActions) + len(s3Actions) + len(snsActions) + len(sqsActions) actions := make([]*iot.Action, numActions) i := 0 @@ -401,6 +419,19 @@ func createTopicRulePayload(d *schema.ResourceData) *iot.TopicRulePayload { i++ } + // Add DynamoDBv2 actions + for _, a := range dynamoDbv2Actions { + raw := a.(map[string]interface{}) + act := &iot.Action{ + DynamoDBv2: &iot.DynamoDBv2Action{ + PutItem: &iot.PutItemInput{TableName: aws.String(raw["table_name"].(string))}, + RoleArn: aws.String(raw["role_arn"].(string)), + }, + } + actions[i] = act + i++ + } + // Add Elasticsearch actions for _, a := range elasticsearchActions { @@ -570,6 +601,7 @@ func resourceAwsIotTopicRuleRead(d *schema.ResourceData, meta interface{}) error d.Set("cloudwatch_alarm", flattenIoTRuleCloudWatchAlarmActions(out.Rule.Actions)) d.Set("cloudwatch_metric", flattenIoTRuleCloudWatchMetricActions(out.Rule.Actions)) d.Set("dynamodb", flattenIoTRuleDynamoDbActions(out.Rule.Actions)) + d.Set("dynamodbv2", flattenIoTRuleDynamoDbv2Actions(out.Rule.Actions)) d.Set("elasticsearch", flattenIoTRuleElasticSearchActions(out.Rule.Actions)) d.Set("firehose", flattenIoTRuleFirehoseActions(out.Rule.Actions)) d.Set("kinesis", flattenIoTRuleKinesisActions(out.Rule.Actions)) diff --git a/aws/resource_aws_iot_topic_rule_test.go b/aws/resource_aws_iot_topic_rule_test.go index c007ec82100..2244e2aa126 100644 --- a/aws/resource_aws_iot_topic_rule_test.go +++ b/aws/resource_aws_iot_topic_rule_test.go @@ -90,6 +90,24 @@ func TestAccAWSIoTTopicRule_cloudwatchmetric(t *testing.T) { }) } +func TestAccAWSIoTTopicRule_dynamoDbv2(t *testing.T) { + rName := acctest.RandString(5) + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSIoTTopicRuleDestroy, + Steps: []resource.TestStep{ + { + Config: testAccAWSIoTTopicRule_dynamoDbv2(rName), + Check: resource.ComposeTestCheckFunc( + testAccCheckAWSIoTTopicRuleExists_basic("aws_iot_topic_rule.rule"), + ), + }, + }, + }) +} + func TestAccAWSIoTTopicRule_elasticsearch(t *testing.T) { rName := acctest.RandString(5) @@ -396,6 +414,28 @@ resource "aws_iot_topic_rule" "rule" { `, rName) } +func testAccAWSIoTTopicRule_dynamoDbv2(rName string) string { + return fmt.Sprintf(testAccAWSIoTTopicRuleRole+` +data "aws_region" "current" { + current = true +} + +resource "aws_iot_topic_rule" "rule" { + name = "test_rule_%[1]s" + description = "Example rule" + enabled = true + sql = "SELECT field as column_name FROM 'topic/test'" + sql_version = "2015-10-08" + + dynamodbv2 { + table_name = "${aws_iam_role.iot_role.arn}" + role_arn = "${aws_dynamodb_table.iot_table.arn}" + } +} +`, rName) +} + + func testAccAWSIoTTopicRule_elasticsearch(rName string) string { return fmt.Sprintf(testAccAWSIoTTopicRuleRole+` data "aws_region" "current" { diff --git a/aws/structure.go b/aws/structure.go index 3fa41fcf3c0..9764f624d61 100644 --- a/aws/structure.go +++ b/aws/structure.go @@ -2858,6 +2858,22 @@ func flattenIoTRuleDynamoDbActions(actions []*iot.Action) []map[string]interface return results } +func flattenIoTRuleDynamoDbv2Actions(actions []*iot.Action) []map[string]interface{} { + results := make([]map[string]interface{}, 0) + + for _, a := range actions { + result := make(map[string]interface{}) + v := a.DynamoDBv2 + if v != nil { + result["role_arn"] = *v.RoleArn + result["table_name"] = *v.PutItem + results = append(results, result) + } + } + + return results +} + func flattenIoTRuleElasticSearchActions(actions []*iot.Action) []map[string]interface{} { results := make([]map[string]interface{}, 0) diff --git a/website/docs/r/iot_topic_rule.html.markdown b/website/docs/r/iot_topic_rule.html.markdown index 365905c5cf8..e48cfcf6802 100644 --- a/website/docs/r/iot_topic_rule.html.markdown +++ b/website/docs/r/iot_topic_rule.html.markdown @@ -103,6 +103,11 @@ The `dynamodb` object takes the following arguments: * `role_arn` - (Required) The ARN of the IAM role that grants access to the DynamoDB table. * `table_name` - (Required) The name of the DynamoDB table. +The `dynamodbv2` object takes the following arguments: + +* `role_arn` - (Required) The ARN of the IAM role that grants access to the DynamoDB table. +* `table_name` - (Required) The name of the DynamoDB table. + The `elasticsearch` object takes the following arguments: * `endpoint` - (Required) The endpoint of your Elasticsearch domain. From e84e78e16d9812a9d3328ef67c8f0af4b812e9e8 Mon Sep 17 00:00:00 2001 From: Edward Browncross Date: Fri, 8 Feb 2019 13:10:01 +0000 Subject: [PATCH 003/475] fix linting error --- aws/resource_aws_iot_topic_rule_test.go | 1 - 1 file changed, 1 deletion(-) diff --git a/aws/resource_aws_iot_topic_rule_test.go b/aws/resource_aws_iot_topic_rule_test.go index 2244e2aa126..b9688badaff 100644 --- a/aws/resource_aws_iot_topic_rule_test.go +++ b/aws/resource_aws_iot_topic_rule_test.go @@ -435,7 +435,6 @@ resource "aws_iot_topic_rule" "rule" { `, rName) } - func testAccAWSIoTTopicRule_elasticsearch(rName string) string { return fmt.Sprintf(testAccAWSIoTTopicRuleRole+` data "aws_region" "current" { From 50ed84d9d4847bc7fe862c507a8e5d25a47f7285 Mon Sep 17 00:00:00 2001 From: Oleksiy Veretiuk Date: Wed, 21 Aug 2019 15:44:33 +0300 Subject: [PATCH 004/475] Add iotAnalytics action --- aws/resource_aws_iot_topic_rule.go | 33 ++++++++++++++++++- aws/resource_aws_iot_topic_rule_test.go | 35 +++++++++++++++++++++ aws/structure.go | 17 ++++++++++ website/docs/r/iot_topic_rule.html.markdown | 4 +++ 4 files changed, 88 insertions(+), 1 deletion(-) diff --git a/aws/resource_aws_iot_topic_rule.go b/aws/resource_aws_iot_topic_rule.go index 42cd8900c6b..13d15077c4e 100644 --- a/aws/resource_aws_iot_topic_rule.go +++ b/aws/resource_aws_iot_topic_rule.go @@ -318,6 +318,23 @@ func resourceAwsIotTopicRule() *schema.Resource { Type: schema.TypeString, Computed: true, }, + "iot_analytics_actions": { + Type: schema.TypeSet, + Optional: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "channel_name": { + Type: schema.TypeString, + Required: true, + }, + "role_arn": { + Type: schema.TypeString, + Required: true, + ValidateFunc: validateArn, + }, + }, + }, + }, }, } } @@ -334,11 +351,12 @@ func createTopicRulePayload(d *schema.ResourceData) *iot.TopicRulePayload { s3Actions := d.Get("s3").(*schema.Set).List() snsActions := d.Get("sns").(*schema.Set).List() sqsActions := d.Get("sqs").(*schema.Set).List() + iotAnalyticsActions := d.Get("iot_analytics_actions").(*schema.Set).List() numActions := len(cloudwatchAlarmActions) + len(cloudwatchMetricActions) + len(dynamoDbActions) + len(elasticsearchActions) + len(firehoseActions) + len(kinesisActions) + len(lambdaActions) + len(republishActions) + - len(s3Actions) + len(snsActions) + len(sqsActions) + len(s3Actions) + len(snsActions) + len(sqsActions) + len(iotAnalyticsActions) actions := make([]*iot.Action, numActions) i := 0 @@ -522,6 +540,18 @@ func createTopicRulePayload(d *schema.ResourceData) *iot.TopicRulePayload { i++ } + // Add Analytic actions + for _, a := range iotAnalyticsActions { + raw := a.(map[string]interface{}) + actions[i] = &iot.Action{ + IotAnalytics: &iot.IotAnalyticsAction{ + ChannelName: aws.String(raw["channel_name"].(string)), + RoleArn: aws.String(raw["role_arn"].(string)), + }, + } + i++ + } + return &iot.TopicRulePayload{ Description: aws.String(d.Get("description").(string)), RuleDisabled: aws.Bool(!d.Get("enabled").(bool)), @@ -582,6 +612,7 @@ func resourceAwsIotTopicRuleRead(d *schema.ResourceData, meta interface{}) error d.Set("s3", flattenIoTRuleS3Actions(out.Rule.Actions)) d.Set("sns", flattenIoTRuleSnsActions(out.Rule.Actions)) d.Set("sqs", flattenIoTRuleSqsActions(out.Rule.Actions)) + d.Set("iot_analytics", flattenIoTRuleIotAnalyticsActions(out.Rule.Actions)) return nil } diff --git a/aws/resource_aws_iot_topic_rule_test.go b/aws/resource_aws_iot_topic_rule_test.go index f43fbfbe6b7..eb957af1a71 100644 --- a/aws/resource_aws_iot_topic_rule_test.go +++ b/aws/resource_aws_iot_topic_rule_test.go @@ -282,6 +282,24 @@ func TestAccAWSIoTTopicRule_sqs(t *testing.T) { }) } +func TestAccAWSIoTTopicRule_iot_analytics(t *testing.T) { + rName := acctest.RandString(5) + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSIoTTopicRuleDestroy, + Steps: []resource.TestStep{ + { + Config: testAccAWSIoTTopicRule_iot_analytics(rName), + Check: resource.ComposeTestCheckFunc( + testAccCheckAWSIoTTopicRuleExists_basic("aws_iot_topic_rule.rule"), + ), + }, + }, + }) +} + func testAccCheckAWSIoTTopicRuleDestroy(s *terraform.State) error { conn := testAccProvider.Meta().(*AWSClient).iotconn @@ -612,3 +630,20 @@ resource "aws_iot_topic_rule" "rule" { } `, rName) } + +func testAccAWSIoTTopicRule_iot_analytics(rName string) string { + return fmt.Sprintf(testAccAWSIoTTopicRuleRole+` +resource "aws_iot_topic_rule" "rule" { + name = "test_rule_%[1]s" + description = "Example rule" + enabled = true + sql = "SELECT * FROM 'topic/test'" + sql_version = "2015-10-08" + + iot_analytics { + channel_name = "fakedata" + role_arn = "${aws_iam_role.iot_role.arn}" + } +} +`, rName) +} diff --git a/aws/structure.go b/aws/structure.go index db19625ed74..2b7925c4460 100644 --- a/aws/structure.go +++ b/aws/structure.go @@ -2985,6 +2985,23 @@ func flattenIoTRuleSqsActions(actions []*iot.Action) []map[string]interface{} { return results } +func flattenIoTRuleIotAnalyticsActions(actions []*iot.Action) []map[string]interface{} { + results := make([]map[string]interface{}, 0) + + for _, a := range actions { + result := make(map[string]interface{}) + v := a.IotAnalytics + if v != nil { + result["role_arn"] = aws.StringValue(v.RoleArn) + result["channel_name"] = aws.StringValue(v.ChannelName) + + results = append(results, result) + } + } + + return results +} + func flattenCognitoUserPoolPasswordPolicy(s *cognitoidentityprovider.PasswordPolicyType) []map[string]interface{} { m := map[string]interface{}{} diff --git a/website/docs/r/iot_topic_rule.html.markdown b/website/docs/r/iot_topic_rule.html.markdown index 218dfc284db..a0e80268c98 100644 --- a/website/docs/r/iot_topic_rule.html.markdown +++ b/website/docs/r/iot_topic_rule.html.markdown @@ -152,6 +152,10 @@ The `sqs` object takes the following arguments: * `role_arn` - (Required) The ARN of the IAM role that grants access. * `use_base64` - (Required) Specifies whether to use Base64 encoding. +The `iot_analytics` object takes the following arguments: + +* `channel_name` - (Required) Name of AWS IOT Analytics channel. +* `role_arn` - (Required) The ARN of the IAM role that grants access. ## Attributes Reference In addition to all arguments above, the following attributes are exported: From f1cd27b697d37cca9085901a74303904a82d75b2 Mon Sep 17 00:00:00 2001 From: Oleksiy Veretiuk Date: Wed, 21 Aug 2019 16:58:33 +0300 Subject: [PATCH 005/475] Fix block name --- aws/resource_aws_iot_topic_rule.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/aws/resource_aws_iot_topic_rule.go b/aws/resource_aws_iot_topic_rule.go index 13d15077c4e..0bfc3bddbfe 100644 --- a/aws/resource_aws_iot_topic_rule.go +++ b/aws/resource_aws_iot_topic_rule.go @@ -318,7 +318,7 @@ func resourceAwsIotTopicRule() *schema.Resource { Type: schema.TypeString, Computed: true, }, - "iot_analytics_actions": { + "iot_analytics": { Type: schema.TypeSet, Optional: true, Elem: &schema.Resource{ @@ -351,7 +351,7 @@ func createTopicRulePayload(d *schema.ResourceData) *iot.TopicRulePayload { s3Actions := d.Get("s3").(*schema.Set).List() snsActions := d.Get("sns").(*schema.Set).List() sqsActions := d.Get("sqs").(*schema.Set).List() - iotAnalyticsActions := d.Get("iot_analytics_actions").(*schema.Set).List() + iotAnalyticsActions := d.Get("iot_analytics").(*schema.Set).List() numActions := len(cloudwatchAlarmActions) + len(cloudwatchMetricActions) + len(dynamoDbActions) + len(elasticsearchActions) + len(firehoseActions) + From 899414a08edfd16b91b91ccc6879894247f9bb49 Mon Sep 17 00:00:00 2001 From: Oleksiy Veretiuk Date: Fri, 23 Aug 2019 16:34:04 +0300 Subject: [PATCH 006/475] Add iotEvents action --- aws/resource_aws_iot_topic_rule.go | 41 ++++++++++++++++++++++++- aws/resource_aws_iot_topic_rule_test.go | 36 ++++++++++++++++++++++ aws/structure.go | 20 ++++++++++++ 3 files changed, 96 insertions(+), 1 deletion(-) diff --git a/aws/resource_aws_iot_topic_rule.go b/aws/resource_aws_iot_topic_rule.go index 42cd8900c6b..04d7b0b0f76 100644 --- a/aws/resource_aws_iot_topic_rule.go +++ b/aws/resource_aws_iot_topic_rule.go @@ -318,6 +318,26 @@ func resourceAwsIotTopicRule() *schema.Resource { Type: schema.TypeString, Computed: true, }, + "iot_events": { + Type: schema.TypeSet, + Optional: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "input_name": { + Type: schema.TypeString, + Required: true, + }, + "message_id": { + Type: schema.TypeString, + Optional: true, + }, + "role_arn": { + Type: schema.TypeString, + Required: true, + }, + }, + }, + }, }, } } @@ -334,11 +354,12 @@ func createTopicRulePayload(d *schema.ResourceData) *iot.TopicRulePayload { s3Actions := d.Get("s3").(*schema.Set).List() snsActions := d.Get("sns").(*schema.Set).List() sqsActions := d.Get("sqs").(*schema.Set).List() + iotEventsActions := d.Get("iot_events").(*schema.Set).List() numActions := len(cloudwatchAlarmActions) + len(cloudwatchMetricActions) + len(dynamoDbActions) + len(elasticsearchActions) + len(firehoseActions) + len(kinesisActions) + len(lambdaActions) + len(republishActions) + - len(s3Actions) + len(snsActions) + len(sqsActions) + len(s3Actions) + len(snsActions) + len(sqsActions) + len(iotEventsActions) actions := make([]*iot.Action, numActions) i := 0 @@ -522,6 +543,23 @@ func createTopicRulePayload(d *schema.ResourceData) *iot.TopicRulePayload { i++ } + // Add IoT Events actions + + for _, a := range iotEventsActions { + raw := a.(map[string]interface{}) + act := &iot.Action{ + IotEvents: &iot.IotEventsAction{ + InputName: aws.String(raw["input_name"].(string)), + RoleArn: aws.String(raw["role_arn"].(string)), + }, + } + if v, ok := raw["message_id"].(string); ok && v != "" { + act.IotEvents.MessageId = aws.String(raw["message_id"].(string)) + } + actions[i] = act + i++ + } + return &iot.TopicRulePayload{ Description: aws.String(d.Get("description").(string)), RuleDisabled: aws.Bool(!d.Get("enabled").(bool)), @@ -582,6 +620,7 @@ func resourceAwsIotTopicRuleRead(d *schema.ResourceData, meta interface{}) error d.Set("s3", flattenIoTRuleS3Actions(out.Rule.Actions)) d.Set("sns", flattenIoTRuleSnsActions(out.Rule.Actions)) d.Set("sqs", flattenIoTRuleSqsActions(out.Rule.Actions)) + d.Set("iot_events", flattenIoTRuleIotEventsActions(out.Rule.Actions)) return nil } diff --git a/aws/resource_aws_iot_topic_rule_test.go b/aws/resource_aws_iot_topic_rule_test.go index f43fbfbe6b7..302c96d99b2 100644 --- a/aws/resource_aws_iot_topic_rule_test.go +++ b/aws/resource_aws_iot_topic_rule_test.go @@ -282,6 +282,24 @@ func TestAccAWSIoTTopicRule_sqs(t *testing.T) { }) } +func TestAccAWSIoTTopicRule_iot_events(t *testing.T) { + rName := acctest.RandString(5) + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSIoTTopicRuleDestroy, + Steps: []resource.TestStep{ + { + Config: testAccAWSIoTTopicRule_iot_events(rName), + Check: resource.ComposeTestCheckFunc( + testAccCheckAWSIoTTopicRuleExists_basic("aws_iot_topic_rule.rule"), + ), + }, + }, + }) +} + func testAccCheckAWSIoTTopicRuleDestroy(s *terraform.State) error { conn := testAccProvider.Meta().(*AWSClient).iotconn @@ -612,3 +630,21 @@ resource "aws_iot_topic_rule" "rule" { } `, rName) } + +func testAccAWSIoTTopicRule_iot_events(rName string) string { + return fmt.Sprintf(testAccAWSIoTTopicRuleRole+` +resource "aws_iot_topic_rule" "rule" { + name = "test_rule_%[1]s" + description = "Example rule" + enabled = true + sql = "SELECT * FROM 'topic/test'" + sql_version = "2015-10-08" + + iot_events { + input_name = "fake_input_name" + role_arn = "${aws_iam_role.iot_role.arn}" + message_id = "fake_message_id" + } +} +`, rName) +} diff --git a/aws/structure.go b/aws/structure.go index db19625ed74..1bd2d394968 100644 --- a/aws/structure.go +++ b/aws/structure.go @@ -2985,6 +2985,26 @@ func flattenIoTRuleSqsActions(actions []*iot.Action) []map[string]interface{} { return results } +func flattenIoTRuleIotEventsActions(actions []*iot.Action) []map[string]interface{} { + results := make([]map[string]interface{}, 0) + + for _, a := range actions { + result := make(map[string]interface{}) + v := a.IotEvents + if v != nil { + result["role_arn"] = aws.StringValue(v.RoleArn) + result["input_name"] = aws.StringValue(v.InputName) + if v.MessageId != nil { + result["message_id"] = aws.StringValue(v.MessageId) + } + + results = append(results, result) + } + } + + return results +} + func flattenCognitoUserPoolPasswordPolicy(s *cognitoidentityprovider.PasswordPolicyType) []map[string]interface{} { m := map[string]interface{}{} From 59cff6c437ac2b3e7ce62caf4300da79b80cf103 Mon Sep 17 00:00:00 2001 From: Oleksiy Veretiuk Date: Tue, 27 Aug 2019 12:00:33 +0300 Subject: [PATCH 007/475] Add docs --- website/docs/r/iot_topic_rule.html.markdown | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/website/docs/r/iot_topic_rule.html.markdown b/website/docs/r/iot_topic_rule.html.markdown index 218dfc284db..f9349a70b86 100644 --- a/website/docs/r/iot_topic_rule.html.markdown +++ b/website/docs/r/iot_topic_rule.html.markdown @@ -152,6 +152,12 @@ The `sqs` object takes the following arguments: * `role_arn` - (Required) The ARN of the IAM role that grants access. * `use_base64` - (Required) Specifies whether to use Base64 encoding. +The `iot_events` object takes the following arguments: + +* `input_name` - (Required) The name of the AWS IoT Events input. +* `role_arn` - (Required) The ARN of the IAM role that grants access. +* `message_id` - (Optional) Use this to ensure that only one input (message) with a given messageId is processed by an AWS IoT Events detector. + ## Attributes Reference In addition to all arguments above, the following attributes are exported: From 63213649d47f432f569eaaff75b2e0f7721f0fd9 Mon Sep 17 00:00:00 2001 From: Arata Notsu Date: Mon, 13 Jan 2020 03:29:56 +0900 Subject: [PATCH 008/475] aws_codebuild_project: allow empty value of environment variables --- aws/resource_aws_codebuild_project.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/aws/resource_aws_codebuild_project.go b/aws/resource_aws_codebuild_project.go index 0162c6423e6..7317d82054d 100644 --- a/aws/resource_aws_codebuild_project.go +++ b/aws/resource_aws_codebuild_project.go @@ -836,7 +836,7 @@ func expandProjectEnvironment(d *schema.ResourceData) *codebuild.ProjectEnvironm projectEnvironmentVar.Name = &v } - if v := config["value"].(string); v != "" { + if v, ok := config["value"].(string); ok { projectEnvironmentVar.Value = &v } From 01d384b98470d456722bf9b1deb75d8f8d326fdb Mon Sep 17 00:00:00 2001 From: Kevin Tham Date: Wed, 29 Jan 2020 21:22:10 -0800 Subject: [PATCH 009/475] resource/aws_security_group_rule: Prevent resource replacement when source sg id is specified with account id prefix --- aws/resource_aws_security_group_rule.go | 14 ++++- aws/resource_aws_security_group_rule_test.go | 55 ++++++++++++++++++++ 2 files changed, 68 insertions(+), 1 deletion(-) diff --git a/aws/resource_aws_security_group_rule.go b/aws/resource_aws_security_group_rule.go index b9d4cdf73e6..2f2d5c4f45d 100644 --- a/aws/resource_aws_security_group_rule.go +++ b/aws/resource_aws_security_group_rule.go @@ -759,7 +759,19 @@ func setFromIPPerm(d *schema.ResourceData, sg *ec2.SecurityGroup, rule *ec2.IpPe s := rule.UserIdGroupPairs[0] if isVPC { - d.Set("source_security_group_id", *s.GroupId) + if existingSourceSgId, ok := d.GetOk("source_security_group_id"); ok { + sgIdComponents := strings.Split(existingSourceSgId.(string), "/") + hasAccountIdPrefix := len(sgIdComponents) == 2 + + if hasAccountIdPrefix { + // then ensure on refresh that we prefix the account id + d.Set("source_security_group_id", *s.UserId+"/"+*s.GroupId) + } else { + d.Set("source_security_group_id", *s.GroupId) + } + } else { + d.Set("source_security_group_id", *s.GroupId) + } } else { d.Set("source_security_group_id", *s.GroupName) } diff --git a/aws/resource_aws_security_group_rule_test.go b/aws/resource_aws_security_group_rule_test.go index cb6be2babff..213e7c9d59a 100644 --- a/aws/resource_aws_security_group_rule_test.go +++ b/aws/resource_aws_security_group_rule_test.go @@ -154,6 +154,32 @@ func TestAccAWSSecurityGroupRule_Ingress_VPC(t *testing.T) { }) } +func TestAccAWSSecurityGroupRule_Ingress_Source_With_Account_Id(t *testing.T) { + var group ec2.SecurityGroup + + rInt := acctest.RandInt() + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSSecurityGroupRuleDestroy, + Steps: []resource.TestStep{ + { + Config: testAccAWSSecurityGroupRule_Ingress_Source_with_AccountId(rInt), + Check: resource.ComposeTestCheckFunc( + testAccCheckAWSSecurityGroupRuleExists("aws_security_group.web", &group), + ), + }, + // Ensure plan shows no difference after state is refreshed + { + Config: testAccAWSSecurityGroupRule_Ingress_Source_with_AccountId(rInt), + PlanOnly: true, + ExpectNonEmptyPlan: false, + }, + }, + }) +} + func TestAccAWSSecurityGroupRule_Ingress_Protocol(t *testing.T) { var group ec2.SecurityGroup @@ -2046,6 +2072,35 @@ resource "aws_security_group_rule" "allow_self" { `, rInt) } +func testAccAWSSecurityGroupRule_Ingress_Source_with_AccountId(rInt int) string { + return fmt.Sprintf(` +data "aws_caller_identity" "current" {} + +resource "aws_vpc" "foo" { + cidr_block = "10.1.0.0/16" + + tags = { + Name = "terraform-testacc-security-group-rule-self-ingress" + } +} + +resource "aws_security_group" "web" { + name = "allow_all-%d" + description = "Allow all inbound traffic" + vpc_id = "${aws_vpc.foo.id}" +} + +resource "aws_security_group_rule" "allow_self" { + type = "ingress" + from_port = 0 + to_port = 0 + protocol = "-1" + security_group_id = "${aws_security_group.web.id}" + source_security_group_id = "${data.aws_caller_identity.current.account_id}/${aws_security_group.web.id}" +} +`, rInt) +} + func testAccAWSSecurityGroupRuleExpectInvalidType(rInt int) string { return fmt.Sprintf(` resource "aws_vpc" "foo" { From ab807d6da66610ab3d12d0c2b4320441312a42a9 Mon Sep 17 00:00:00 2001 From: Kevin Tham Date: Wed, 26 Feb 2020 10:11:56 -0800 Subject: [PATCH 010/475] Fix --- aws/resource_aws_security_group_rule.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/aws/resource_aws_security_group_rule.go b/aws/resource_aws_security_group_rule.go index d48c9e142e1..d727c6802b7 100644 --- a/aws/resource_aws_security_group_rule.go +++ b/aws/resource_aws_security_group_rule.go @@ -765,7 +765,7 @@ func setFromIPPerm(d *schema.ResourceData, sg *ec2.SecurityGroup, rule *ec2.IpPe if hasAccountIdPrefix { // then ensure on refresh that we prefix the account id - d.Set("source_security_group_id", s.UserId+"/"+s.GroupId) + d.Set("source_security_group_id", *s.UserId+"/"+*s.GroupId) } else { d.Set("source_security_group_id", s.GroupId) } From 6944aa589a22abd065ef352ef60369d749444804 Mon Sep 17 00:00:00 2001 From: Kristopher Linquist Date: Tue, 7 Apr 2020 12:17:58 -0700 Subject: [PATCH 011/475] IoT Rule DyanmoDB operation action --- aws/resource_aws_iot_topic_rule.go | 8 ++++++++ aws/resource_aws_iot_topic_rule_test.go | 5 +++-- aws/structure.go | 4 ++++ aws/validators.go | 12 ++++++++++++ website/docs/r/iot_topic_rule.html.markdown | 1 + 5 files changed, 28 insertions(+), 2 deletions(-) diff --git a/aws/resource_aws_iot_topic_rule.go b/aws/resource_aws_iot_topic_rule.go index fdfc27bf4b6..e3ffc968ef5 100644 --- a/aws/resource_aws_iot_topic_rule.go +++ b/aws/resource_aws_iot_topic_rule.go @@ -144,6 +144,11 @@ func resourceAwsIotTopicRule() *schema.Resource { Type: schema.TypeString, Required: true, }, + "operation": { + Type: schema.TypeString, + Optional: true, + ValidateFunc: validateIoTRuleDynamoDBOperation, + }, }, }, }, @@ -402,6 +407,9 @@ func createTopicRulePayload(d *schema.ResourceData) *iot.TopicRulePayload { if v, ok := raw["payload_field"].(string); ok && v != "" { act.DynamoDB.PayloadField = aws.String(v) } + if v, ok := raw["operation"].(string); ok && v != "" { + act.DynamoDB.Operation = aws.String(v) + } actions[i] = act i++ } diff --git a/aws/resource_aws_iot_topic_rule_test.go b/aws/resource_aws_iot_topic_rule_test.go index 4ebbed7c95b..75025f75277 100644 --- a/aws/resource_aws_iot_topic_rule_test.go +++ b/aws/resource_aws_iot_topic_rule_test.go @@ -481,7 +481,7 @@ resource "aws_iot_topic_rule" "rule" { hash_key_value = "hash_key_value" payload_field = "payload_field" role_arn = "${aws_iam_role.iot_role.arn}" - table_name = "table_name" + table_name = "table_name" } } `, rName) @@ -504,7 +504,8 @@ resource "aws_iot_topic_rule" "rule" { range_key_value = "range_key_value" range_key_type = "STRING" role_arn = "${aws_iam_role.iot_role.arn}" - table_name = "table_name" + table_name = "table_name" + operation = "INSERT" } } `, rName) diff --git a/aws/structure.go b/aws/structure.go index 7f0dc4fb2f1..f48c4cbae0f 100644 --- a/aws/structure.go +++ b/aws/structure.go @@ -2809,6 +2809,10 @@ func flattenIoTRuleDynamoDbActions(actions []*iot.Action) []map[string]interface m["range_key_value"] = aws.StringValue(v.RangeKeyValue) } + if v.Operation != nil { + m["operation"] = aws.StringValue(v.Operation) + } + items = append(items, m) } } diff --git a/aws/validators.go b/aws/validators.go index 5b1b685d960..b7a439fd67c 100644 --- a/aws/validators.go +++ b/aws/validators.go @@ -754,6 +754,18 @@ func validateHTTPMethod() schema.SchemaValidateFunc { }, false) } +func validateIoTRuleDynamoDBOperation(v interface{}, k string) (ws []string, errors []error) { + value := v.(string) + pattern := `^INSERT|UPDATE|DELETE$` + if !regexp.MustCompile(pattern).MatchString(value) { + errors = append(errors, fmt.Errorf( + "%q isn't a valid operation. Use INSERT, UPDATE, or DELETE", + k)) + } + + return +} + func validateLogMetricFilterName(v interface{}, k string) (ws []string, errors []error) { value := v.(string) diff --git a/website/docs/r/iot_topic_rule.html.markdown b/website/docs/r/iot_topic_rule.html.markdown index 0fd4f6ae5e7..d9d13bac5ae 100644 --- a/website/docs/r/iot_topic_rule.html.markdown +++ b/website/docs/r/iot_topic_rule.html.markdown @@ -102,6 +102,7 @@ The `dynamodb` object takes the following arguments: * `range_key_field` - (Optional) The range key name. * `range_key_type` - (Optional) The range key type. Valid values are "STRING" or "NUMBER". * `range_key_value` - (Optional) The range key value. +* `operation` - (Optional) The operation. Valid values are "INSERT", "UPDATE", or "DELETE". * `role_arn` - (Required) The ARN of the IAM role that grants access to the DynamoDB table. * `table_name` - (Required) The name of the DynamoDB table. From 76ac2691ce6e31f980d94265e25ae498d75302f1 Mon Sep 17 00:00:00 2001 From: drexler Date: Mon, 6 Apr 2020 21:31:45 -0400 Subject: [PATCH 012/475] docs: rename documentation file to match resource name --- website/aws.erb | 2 +- ...markdown => s3_bucket_analytics_configuration.html.markdown} | 0 2 files changed, 1 insertion(+), 1 deletion(-) rename website/docs/r/{s3_bucket_analysis_configuration.html.markdown => s3_bucket_analytics_configuration.html.markdown} (100%) diff --git a/website/aws.erb b/website/aws.erb index 8e1aeebabcb..dc9f62ce650 100644 --- a/website/aws.erb +++ b/website/aws.erb @@ -2689,7 +2689,7 @@ aws_s3_bucket
  • - aws_s3_bucket_analysis_configuration + aws_s3_bucket_analytics_configuration
  • aws_s3_bucket_inventory diff --git a/website/docs/r/s3_bucket_analysis_configuration.html.markdown b/website/docs/r/s3_bucket_analytics_configuration.html.markdown similarity index 100% rename from website/docs/r/s3_bucket_analysis_configuration.html.markdown rename to website/docs/r/s3_bucket_analytics_configuration.html.markdown From 267e71dc04a7143ba9ea50c24f8829edccd7a45d Mon Sep 17 00:00:00 2001 From: Max Marrone Date: Sun, 12 Apr 2020 18:10:22 -0700 Subject: [PATCH 013/475] Docs: aws_lambda_permission clarifications. --- website/docs/r/lambda_permission.html.markdown | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) diff --git a/website/docs/r/lambda_permission.html.markdown b/website/docs/r/lambda_permission.html.markdown index 25e93b409d1..09e9759c8e7 100644 --- a/website/docs/r/lambda_permission.html.markdown +++ b/website/docs/r/lambda_permission.html.markdown @@ -8,8 +8,7 @@ description: |- # Resource: aws_lambda_permission -Creates a Lambda permission to allow external sources invoking the Lambda function -(e.g. CloudWatch Event Rule, SNS or S3). +Gives an external source (like a CloudWatch Event Rule, SNS, or S3) permission to access the Lambda function. ## Example Usage @@ -141,16 +140,16 @@ resource "aws_lambda_permission" "lambda_permission" { The permission will then apply to the specific qualified ARN. e.g. `arn:aws:lambda:aws-region:acct-id:function:function-name:2` * `source_account` - (Optional) This parameter is used for S3 and SES. The AWS account ID (without a hyphen) of the source owner. - * `source_arn` - (Optional) When granting Amazon S3 or CloudWatch Events permission to - invoke your function, you should specify this field with the Amazon Resource Name (ARN) - for the S3 Bucket or CloudWatch Events Rule as its value. This ensures that only events - generated from the specified bucket or rule can invoke the function. - API Gateway ARNs have a unique structure described - [here](http://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-control-access-using-iam-policies-to-invoke-api.html). + * `source_arn` - (Optional) When the principle is an AWS service, the ARN of the specific resource within that service to grant permission to. + Without this, any resource from `principle` will be granted permission – even if that resource is from another account. + For S3, this should be the ARN of the S3 Bucket. + For CloudWatch Events, this should be the ARN of the CloudWatch Events Rule. + For API Gateway, this should be the ARN of the API, as described [here][2]. * `statement_id` - (Optional) A unique statement identifier. By default generated by Terraform. * `statement_id_prefix` - (Optional) A statement identifier prefix. Terraform will generate a unique suffix. Conflicts with `statement_id`. [1]: https://developer.amazon.com/docs/custom-skills/host-a-custom-skill-as-an-aws-lambda-function.html#use-aws-cli +[2]: http://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-control-access-using-iam-policies-to-invoke-api.html. ## Import From c7a1a5cda9456140ee7a60d51de9f9e54c419369 Mon Sep 17 00:00:00 2001 From: Andrew Perry Date: Tue, 14 Apr 2020 15:47:29 +0100 Subject: [PATCH 014/475] docs: Add Federated Principal information to iam_policy_document This data source already supports Federated access. It just isn't documented. This change adds that documentation as well as providing an example of it being used. --- website/docs/d/iam_policy_document.html.markdown | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/website/docs/d/iam_policy_document.html.markdown b/website/docs/d/iam_policy_document.html.markdown index d8be0d66c6c..a6a83b4a9db 100644 --- a/website/docs/d/iam_policy_document.html.markdown +++ b/website/docs/d/iam_policy_document.html.markdown @@ -119,9 +119,11 @@ each accept the following arguments: Each policy may have either zero or more `principals` blocks or zero or more `not_principals` blocks, both of which each accept the following arguments: -* `type` (Required) The type of principal. For AWS ARNs this is "AWS". For AWS services (e.g. Lambda), this is "Service". +* `type` (Required) The type of principal. For AWS ARNs this is "AWS". For AWS services (e.g. Lambda), this is "Service". For Federated access the type is "Federated". * `identifiers` (Required) List of identifiers for principals. When `type` - is "AWS", these are IAM user or role ARNs. When `type` is "Service", these are AWS Service roles e.g. `lambda.amazonaws.com`. + is "AWS", these are IAM user or role ARNs. When `type` is "Service", these are AWS Service roles e.g. `lambda.amazonaws.com`. When `type` is "Federated", these are web identity users or SAML provider ARNs. + +For further examples or information about AWS principals then please refer to the [documentation](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_principal.html). Each policy statement may have zero or more `condition` blocks, which each accept the following arguments: @@ -184,6 +186,10 @@ data "aws_iam_policy_document" "event_stream_bucket_role_assume_role_policy" { type = "AWS" identifiers = ["${var.trusted_role_arn}"] } + principals { + type = "Federated" + identifiers = ["arn:aws:iam::${var.account_id}:saml-provider/${var.provider_name}", "cognito-identity.amazonaws.com"] + } } } ``` From 256558c2c5296fec202e2170ff46f1a9cc977399 Mon Sep 17 00:00:00 2001 From: drexler Date: Thu, 16 Apr 2020 22:38:50 -0400 Subject: [PATCH 015/475] feat: add Qos field to IoT republish action --- aws/resource_aws_iot_topic_rule.go | 8 ++++++++ aws/structure.go | 1 + 2 files changed, 9 insertions(+) diff --git a/aws/resource_aws_iot_topic_rule.go b/aws/resource_aws_iot_topic_rule.go index fdfc27bf4b6..b2e33b8312e 100644 --- a/aws/resource_aws_iot_topic_rule.go +++ b/aws/resource_aws_iot_topic_rule.go @@ -6,6 +6,7 @@ import ( "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/service/iot" "github.com/hashicorp/terraform-plugin-sdk/helper/schema" + "github.com/hashicorp/terraform-plugin-sdk/helper/validation" ) func resourceAwsIotTopicRule() *schema.Resource { @@ -247,6 +248,12 @@ func resourceAwsIotTopicRule() *schema.Resource { Type: schema.TypeString, Required: true, }, + "qos": { + Type: schema.TypeInt, + Optional: true, + Default: 0, + ValidateFunc: validation.IntBetween(0, 1), + }, }, }, }, @@ -476,6 +483,7 @@ func createTopicRulePayload(d *schema.ResourceData) *iot.TopicRulePayload { Republish: &iot.RepublishAction{ RoleArn: aws.String(raw["role_arn"].(string)), Topic: aws.String(raw["topic"].(string)), + Qos: aws.Int64(int64(raw["qos"].(int))), }, } i++ diff --git a/aws/structure.go b/aws/structure.go index a28c06ad0af..52670fba80d 100644 --- a/aws/structure.go +++ b/aws/structure.go @@ -2926,6 +2926,7 @@ func flattenIoTRuleRepublishActions(actions []*iot.Action) []map[string]interfac if v != nil { result["role_arn"] = *v.RoleArn result["topic"] = *v.Topic + result["qos"] = *v.Qos results = append(results, result) } From 31244acb2c55505e5041aa06bf17bb8828efbb33 Mon Sep 17 00:00:00 2001 From: drexler Date: Thu, 16 Apr 2020 22:44:25 -0400 Subject: [PATCH 016/475] test: add cover test for Qos field --- aws/resource_aws_iot_topic_rule_test.go | 42 +++++++++++++++++++++++++ 1 file changed, 42 insertions(+) diff --git a/aws/resource_aws_iot_topic_rule_test.go b/aws/resource_aws_iot_topic_rule_test.go index 4ebbed7c95b..b47e1d38fbb 100644 --- a/aws/resource_aws_iot_topic_rule_test.go +++ b/aws/resource_aws_iot_topic_rule_test.go @@ -267,6 +267,30 @@ func TestAccAWSIoTTopicRule_republish(t *testing.T) { }) } +func TestAccAWSIoTTopicRule_republish_with_qos(t *testing.T) { + rName := acctest.RandString(5) + resourceName := "aws_iot_topic_rule.rule" + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSIoTTopicRuleDestroy, + Steps: []resource.TestStep{ + { + Config: testAccAWSIoTTopicRule_republish_with_qos(rName), + Check: resource.ComposeTestCheckFunc( + testAccCheckAWSIoTTopicRuleExists_basic("aws_iot_topic_rule.rule"), + ), + }, + { + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + }, + }, + }) +} + func TestAccAWSIoTTopicRule_s3(t *testing.T) { rName := acctest.RandString(5) resourceName := "aws_iot_topic_rule.rule" @@ -617,6 +641,24 @@ resource "aws_iot_topic_rule" "rule" { `, rName) } +func testAccAWSIoTTopicRule_republish_with_qos(rName string) string { + return fmt.Sprintf(testAccAWSIoTTopicRuleRole+` +resource "aws_iot_topic_rule" "rule" { + name = "test_rule_%[1]s" + description = "Example rule" + enabled = true + sql = "SELECT * FROM 'topic/test'" + sql_version = "2015-10-08" + + republish { + role_arn = "${aws_iam_role.iot_role.arn}" + topic = "mytopic" + qos = 1 + } +} +`, rName) +} + func testAccAWSIoTTopicRule_s3(rName string) string { return fmt.Sprintf(testAccAWSIoTTopicRuleRole+` resource "aws_iot_topic_rule" "rule" { From 586f2e85cb1187737a700975afa4f30042d89c72 Mon Sep 17 00:00:00 2001 From: drexler Date: Thu, 16 Apr 2020 22:47:50 -0400 Subject: [PATCH 017/475] docs: add documentation for Qos field --- website/docs/r/iot_topic_rule.html.markdown | 1 + 1 file changed, 1 insertion(+) diff --git a/website/docs/r/iot_topic_rule.html.markdown b/website/docs/r/iot_topic_rule.html.markdown index 0fd4f6ae5e7..c4eba6bfd25 100644 --- a/website/docs/r/iot_topic_rule.html.markdown +++ b/website/docs/r/iot_topic_rule.html.markdown @@ -133,6 +133,7 @@ The `republish` object takes the following arguments: * `role_arn` - (Required) The ARN of the IAM role that grants access. * `topic` - (Required) The name of the MQTT topic the message should be republished to. +* `qos` - (Optional) The Quality of Service (QoS) level to use when republishing messages. Valid values are 0 or 1. The default value is 0. The `s3` object takes the following arguments: From f5e09ff79bcef6101f5e9e8ec7ee7183589563c6 Mon Sep 17 00:00:00 2001 From: Kit Ewbank Date: Mon, 20 Apr 2020 17:18:16 -0400 Subject: [PATCH 018/475] r/aws_apigatewayv2_stage: Correctly handle diffs for HTTP API 'default_route_settings.logging_level' attribute, plus the special '$default' stage. --- ...ource_aws_apigatewayv2_api_mapping_test.go | 4 +- aws/resource_aws_apigatewayv2_stage.go | 47 ++++-- aws/resource_aws_apigatewayv2_stage_test.go | 151 ++++++++++++++++-- .../docs/r/apigatewayv2_stage.html.markdown | 2 +- 4 files changed, 175 insertions(+), 29 deletions(-) diff --git a/aws/resource_aws_apigatewayv2_api_mapping_test.go b/aws/resource_aws_apigatewayv2_api_mapping_test.go index c3d64e0e678..8658caea03c 100644 --- a/aws/resource_aws_apigatewayv2_api_mapping_test.go +++ b/aws/resource_aws_apigatewayv2_api_mapping_test.go @@ -264,7 +264,7 @@ resource "aws_apigatewayv2_domain_name" "test" { } func testAccAWSAPIGatewayV2ApiMappingConfig_basic(rName, certificateArn string) string { - return testAccAWSAPIGatewayV2ApiMappingConfig_base(rName, certificateArn) + testAccAWSAPIGatewayV2StageConfig_basic(rName) + fmt.Sprintf(` + return testAccAWSAPIGatewayV2ApiMappingConfig_base(rName, certificateArn) + testAccAWSAPIGatewayV2StageConfig_basicWebSocket(rName) + fmt.Sprintf(` resource "aws_apigatewayv2_api_mapping" "test" { api_id = "${aws_apigatewayv2_api.test.id}" domain_name = "${aws_apigatewayv2_domain_name.test.id}" @@ -274,7 +274,7 @@ resource "aws_apigatewayv2_api_mapping" "test" { } func testAccAWSAPIGatewayV2ApiMappingConfig_apiMappingKey(rName, certificateArn, apiMappingKey string) string { - return testAccAWSAPIGatewayV2ApiMappingConfig_base(rName, certificateArn) + testAccAWSAPIGatewayV2StageConfig_basic(rName) + fmt.Sprintf(` + return testAccAWSAPIGatewayV2ApiMappingConfig_base(rName, certificateArn) + testAccAWSAPIGatewayV2StageConfig_basicWebSocket(rName) + fmt.Sprintf(` resource "aws_apigatewayv2_api_mapping" "test" { api_id = "${aws_apigatewayv2_api.test.id}" domain_name = "${aws_apigatewayv2_domain_name.test.id}" diff --git a/aws/resource_aws_apigatewayv2_stage.go b/aws/resource_aws_apigatewayv2_stage.go index f6387966b05..778d8ee829a 100644 --- a/aws/resource_aws_apigatewayv2_stage.go +++ b/aws/resource_aws_apigatewayv2_stage.go @@ -15,6 +15,10 @@ import ( "github.com/terraform-providers/terraform-provider-aws/aws/internal/keyvaluetags" ) +const ( + apigatewayv2DefaultStageName = "$default" +) + func resourceAwsApiGatewayV2Stage() *schema.Resource { return &schema.Resource{ Create: resourceAwsApiGatewayV2StageCreate, @@ -93,6 +97,13 @@ func resourceAwsApiGatewayV2Stage() *schema.Resource { apigatewayv2.LoggingLevelInfo, apigatewayv2.LoggingLevelOff, }, false), + DiffSuppressFunc: func(k, old, new string, d *schema.ResourceData) bool { + // Not set for HTTP APIs. + if old == "" && new == apigatewayv2.LoggingLevelOff { + return true + } + return false + }, }, "throttling_burst_limit": { Type: schema.TypeInt, @@ -260,15 +271,6 @@ func resourceAwsApiGatewayV2StageRead(d *schema.ResourceData, meta interface{}) } d.Set("deployment_id", resp.DeploymentId) d.Set("description", resp.Description) - executionArn := arn.ARN{ - Partition: meta.(*AWSClient).partition, - Service: "execute-api", - Region: region, - AccountID: meta.(*AWSClient).accountid, - Resource: fmt.Sprintf("%s/%s", apiId, stageName), - }.String() - d.Set("execution_arn", executionArn) - d.Set("invoke_url", fmt.Sprintf("wss://%s.execute-api.%s.amazonaws.com/%s", apiId, region, stageName)) d.Set("name", stageName) err = d.Set("route_settings", flattenApiGatewayV2RouteSettings(resp.RouteSettings)) if err != nil { @@ -282,6 +284,33 @@ func resourceAwsApiGatewayV2StageRead(d *schema.ResourceData, meta interface{}) return fmt.Errorf("error setting tags: %s", err) } + apiOutput, err := conn.GetApi(&apigatewayv2.GetApiInput{ + ApiId: aws.String(apiId), + }) + if err != nil { + return fmt.Errorf("error reading API Gateway v2 API (%s): %s", apiId, err) + } + + switch aws.StringValue(apiOutput.ProtocolType) { + case apigatewayv2.ProtocolTypeWebsocket: + executionArn := arn.ARN{ + Partition: meta.(*AWSClient).partition, + Service: "execute-api", + Region: region, + AccountID: meta.(*AWSClient).accountid, + Resource: fmt.Sprintf("%s/%s", apiId, stageName), + }.String() + d.Set("execution_arn", executionArn) + d.Set("invoke_url", fmt.Sprintf("wss://%s.execute-api.%s.amazonaws.com/%s", apiId, region, stageName)) + case apigatewayv2.ProtocolTypeHttp: + d.Set("execution_arn", "") + if stageName == apigatewayv2DefaultStageName { + d.Set("invoke_url", fmt.Sprintf("https://%s.execute-api.%s.amazonaws.com/", apiId, region)) + } else { + d.Set("invoke_url", fmt.Sprintf("https://%s.execute-api.%s.amazonaws.com/%s", apiId, region, stageName)) + } + } + return nil } diff --git a/aws/resource_aws_apigatewayv2_stage_test.go b/aws/resource_aws_apigatewayv2_stage_test.go index 85190779a37..495e99886c8 100644 --- a/aws/resource_aws_apigatewayv2_stage_test.go +++ b/aws/resource_aws_apigatewayv2_stage_test.go @@ -13,7 +13,7 @@ import ( "github.com/hashicorp/terraform-plugin-sdk/terraform" ) -func TestAccAWSAPIGatewayV2Stage_basic(t *testing.T) { +func TestAccAWSAPIGatewayV2Stage_basicWebSocket(t *testing.T) { var apiId string var v apigatewayv2.GetStageOutput resourceName := "aws_apigatewayv2_stage.test" @@ -25,7 +25,7 @@ func TestAccAWSAPIGatewayV2Stage_basic(t *testing.T) { CheckDestroy: testAccCheckAWSAPIGatewayV2StageDestroy, Steps: []resource.TestStep{ { - Config: testAccAWSAPIGatewayV2StageConfig_basic(rName), + Config: testAccAWSAPIGatewayV2StageConfig_basicWebSocket(rName), Check: resource.ComposeTestCheckFunc( testAccCheckAWSAPIGatewayV2StageExists(resourceName, &apiId, &v), resource.TestCheckResourceAttr(resourceName, "access_log_settings.#", "0"), @@ -58,6 +58,96 @@ func TestAccAWSAPIGatewayV2Stage_basic(t *testing.T) { }) } +func TestAccAWSAPIGatewayV2Stage_basicHttp(t *testing.T) { + var apiId string + var v apigatewayv2.GetStageOutput + resourceName := "aws_apigatewayv2_stage.test" + rName := acctest.RandomWithPrefix("tf-acc-test") + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSAPIGatewayV2StageDestroy, + Steps: []resource.TestStep{ + { + Config: testAccAWSAPIGatewayV2StageConfig_basicHttp(rName), + Check: resource.ComposeTestCheckFunc( + testAccCheckAWSAPIGatewayV2StageExists(resourceName, &apiId, &v), + resource.TestCheckResourceAttr(resourceName, "access_log_settings.#", "0"), + testAccMatchResourceAttrRegionalARNNoAccount(resourceName, "arn", "apigateway", regexp.MustCompile(fmt.Sprintf("/apis/.+/stages/%s", rName))), + resource.TestCheckResourceAttr(resourceName, "auto_deploy", "false"), + resource.TestCheckResourceAttr(resourceName, "client_certificate_id", ""), + resource.TestCheckResourceAttr(resourceName, "default_route_settings.#", "1"), + resource.TestCheckResourceAttr(resourceName, "default_route_settings.0.data_trace_enabled", "false"), + resource.TestCheckResourceAttr(resourceName, "default_route_settings.0.detailed_metrics_enabled", "false"), + resource.TestCheckResourceAttr(resourceName, "default_route_settings.0.logging_level", ""), + resource.TestCheckResourceAttr(resourceName, "default_route_settings.0.throttling_burst_limit", "0"), + resource.TestCheckResourceAttr(resourceName, "default_route_settings.0.throttling_rate_limit", "0"), + resource.TestCheckResourceAttr(resourceName, "deployment_id", ""), + resource.TestCheckResourceAttr(resourceName, "description", ""), + resource.TestCheckResourceAttr(resourceName, "execution_arn", ""), + resource.TestMatchResourceAttr(resourceName, "invoke_url", regexp.MustCompile(fmt.Sprintf("https://.+\\.execute-api\\.%s.amazonaws\\.com/%s", testAccGetRegion(), rName))), + resource.TestCheckResourceAttr(resourceName, "name", rName), + resource.TestCheckResourceAttr(resourceName, "route_settings.#", "0"), + resource.TestCheckResourceAttr(resourceName, "stage_variables.%", "0"), + resource.TestCheckResourceAttr(resourceName, "tags.%", "0"), + ), + }, + { + ResourceName: resourceName, + ImportStateIdFunc: testAccAWSAPIGatewayV2StageImportStateIdFunc(resourceName), + ImportState: true, + ImportStateVerify: true, + }, + }, + }) +} + +func TestAccAWSAPIGatewayV2Stage_defaultHttpStage(t *testing.T) { + var apiId string + var v apigatewayv2.GetStageOutput + resourceName := "aws_apigatewayv2_stage.test" + rName := acctest.RandomWithPrefix("tf-acc-test") + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSAPIGatewayV2StageDestroy, + Steps: []resource.TestStep{ + { + Config: testAccAWSAPIGatewayV2StageConfig_defaultHttpStage(rName), + Check: resource.ComposeTestCheckFunc( + testAccCheckAWSAPIGatewayV2StageExists(resourceName, &apiId, &v), + resource.TestCheckResourceAttr(resourceName, "access_log_settings.#", "0"), + testAccMatchResourceAttrRegionalARNNoAccount(resourceName, "arn", "apigateway", regexp.MustCompile(`/apis/.+/stages/\$default`)), + resource.TestCheckResourceAttr(resourceName, "auto_deploy", "false"), + resource.TestCheckResourceAttr(resourceName, "client_certificate_id", ""), + resource.TestCheckResourceAttr(resourceName, "default_route_settings.#", "1"), + resource.TestCheckResourceAttr(resourceName, "default_route_settings.0.data_trace_enabled", "false"), + resource.TestCheckResourceAttr(resourceName, "default_route_settings.0.detailed_metrics_enabled", "false"), + resource.TestCheckResourceAttr(resourceName, "default_route_settings.0.logging_level", ""), + resource.TestCheckResourceAttr(resourceName, "default_route_settings.0.throttling_burst_limit", "0"), + resource.TestCheckResourceAttr(resourceName, "default_route_settings.0.throttling_rate_limit", "0"), + resource.TestCheckResourceAttr(resourceName, "deployment_id", ""), + resource.TestCheckResourceAttr(resourceName, "description", ""), + resource.TestCheckResourceAttr(resourceName, "execution_arn", ""), + resource.TestMatchResourceAttr(resourceName, "invoke_url", regexp.MustCompile(fmt.Sprintf("https://.+\\.execute-api\\.%s.amazonaws\\.com/", testAccGetRegion()))), + resource.TestCheckResourceAttr(resourceName, "name", "$default"), + resource.TestCheckResourceAttr(resourceName, "route_settings.#", "0"), + resource.TestCheckResourceAttr(resourceName, "stage_variables.%", "0"), + resource.TestCheckResourceAttr(resourceName, "tags.%", "0"), + ), + }, + { + ResourceName: resourceName, + ImportStateIdFunc: testAccAWSAPIGatewayV2StageImportStateIdFunc(resourceName), + ImportState: true, + ImportStateVerify: true, + }, + }, + }) +} + func TestAccAWSAPIGatewayV2Stage_disappears(t *testing.T) { var apiId string var v apigatewayv2.GetStageOutput @@ -70,7 +160,7 @@ func TestAccAWSAPIGatewayV2Stage_disappears(t *testing.T) { CheckDestroy: testAccCheckAWSAPIGatewayV2StageDestroy, Steps: []resource.TestStep{ { - Config: testAccAWSAPIGatewayV2StageConfig_basic(rName), + Config: testAccAWSAPIGatewayV2StageConfig_basicWebSocket(rName), Check: resource.ComposeTestCheckFunc( testAccCheckAWSAPIGatewayV2StageExists(resourceName, &apiId, &v), testAccCheckAWSAPIGatewayV2StageDisappears(&apiId, &v), @@ -264,7 +354,7 @@ func TestAccAWSAPIGatewayV2Stage_DefaultRouteSettings(t *testing.T) { ImportStateVerify: true, }, { - Config: testAccAWSAPIGatewayV2StageConfig_basic(rName), + Config: testAccAWSAPIGatewayV2StageConfig_basicWebSocket(rName), Check: resource.ComposeTestCheckFunc( testAccCheckAWSAPIGatewayV2StageExists(resourceName, &apiId, &v), resource.TestCheckResourceAttr(resourceName, "access_log_settings.#", "0"), @@ -388,7 +478,7 @@ func TestAccAWSAPIGatewayV2Stage_RouteSettings(t *testing.T) { ImportStateVerify: true, }, { - Config: testAccAWSAPIGatewayV2StageConfig_basic(rName), + Config: testAccAWSAPIGatewayV2StageConfig_basicWebSocket(rName), Check: resource.ComposeTestCheckFunc( testAccCheckAWSAPIGatewayV2StageExists(resourceName, &apiId, &v), resource.TestCheckResourceAttr(resourceName, "access_log_settings.#", "0"), @@ -456,7 +546,7 @@ func TestAccAWSAPIGatewayV2Stage_StageVariables(t *testing.T) { ImportStateVerify: true, }, { - Config: testAccAWSAPIGatewayV2StageConfig_basic(rName), + Config: testAccAWSAPIGatewayV2StageConfig_basicWebSocket(rName), Check: resource.ComposeTestCheckFunc( testAccCheckAWSAPIGatewayV2StageExists(resourceName, &apiId, &v), resource.TestCheckResourceAttr(resourceName, "access_log_settings.#", "0"), @@ -524,7 +614,7 @@ func TestAccAWSAPIGatewayV2Stage_Tags(t *testing.T) { ImportStateVerify: true, }, { - Config: testAccAWSAPIGatewayV2StageConfig_basic(rName), + Config: testAccAWSAPIGatewayV2StageConfig_basicWebSocket(rName), Check: resource.ComposeTestCheckFunc( testAccCheckAWSAPIGatewayV2StageExists(resourceName, &apiId, &v), resource.TestCheckResourceAttr(resourceName, "access_log_settings.#", "0"), @@ -641,7 +731,7 @@ func testAccCheckAWSAPIGatewayV2StageAccessLogDestinationArn(resourceName, resou } } -func testAccAWSAPIGatewayV2StageConfig_api(rName string) string { +func testAccAWSAPIGatewayV2StageConfig_apiWebSocket(rName string) string { return fmt.Sprintf(` resource "aws_apigatewayv2_api" "test" { name = %[1]q @@ -651,8 +741,17 @@ resource "aws_apigatewayv2_api" "test" { `, rName) } -func testAccAWSAPIGatewayV2StageConfig_basic(rName string) string { - return testAccAWSAPIGatewayV2StageConfig_api(rName) + fmt.Sprintf(` +func testAccAWSAPIGatewayV2StageConfig_apiHttp(rName string) string { + return fmt.Sprintf(` +resource "aws_apigatewayv2_api" "test" { + name = %[1]q + protocol_type = "HTTP" +} +`, rName) +} + +func testAccAWSAPIGatewayV2StageConfig_basicWebSocket(rName string) string { + return testAccAWSAPIGatewayV2StageConfig_apiWebSocket(rName) + fmt.Sprintf(` resource "aws_apigatewayv2_stage" "test" { api_id = "${aws_apigatewayv2_api.test.id}" name = %[1]q @@ -660,8 +759,26 @@ resource "aws_apigatewayv2_stage" "test" { `, rName) } +func testAccAWSAPIGatewayV2StageConfig_basicHttp(rName string) string { + return testAccAWSAPIGatewayV2StageConfig_apiHttp(rName) + fmt.Sprintf(` +resource "aws_apigatewayv2_stage" "test" { + api_id = "${aws_apigatewayv2_api.test.id}" + name = %[1]q +} +`, rName) +} + +func testAccAWSAPIGatewayV2StageConfig_defaultHttpStage(rName string) string { + return testAccAWSAPIGatewayV2StageConfig_apiHttp(rName) + fmt.Sprintf(` +resource "aws_apigatewayv2_stage" "test" { + api_id = "${aws_apigatewayv2_api.test.id}" + name = "$default" +} +`) +} + func testAccAWSAPIGatewayV2StageConfig_accessLogSettings(rName, format string) string { - return testAccAWSAPIGatewayV2StageConfig_api(rName) + fmt.Sprintf(` + return testAccAWSAPIGatewayV2StageConfig_apiWebSocket(rName) + fmt.Sprintf(` resource "aws_iam_role" "test" { name = %[1]q @@ -724,7 +841,7 @@ resource "aws_apigatewayv2_stage" "test" { } func testAccAWSAPIGatewayV2StageConfig_clientCertificateIdAndDescription(rName string) string { - return testAccAWSAPIGatewayV2StageConfig_api(rName) + fmt.Sprintf(` + return testAccAWSAPIGatewayV2StageConfig_apiWebSocket(rName) + fmt.Sprintf(` resource "aws_api_gateway_client_certificate" "test" { description = %[1]q } @@ -740,7 +857,7 @@ resource "aws_apigatewayv2_stage" "test" { } func testAccAWSAPIGatewayV2StageConfig_clientCertificateIdAndDescriptionUpdated(rName string) string { - return testAccAWSAPIGatewayV2StageConfig_api(rName) + fmt.Sprintf(` + return testAccAWSAPIGatewayV2StageConfig_apiWebSocket(rName) + fmt.Sprintf(` resource "aws_api_gateway_client_certificate" "test" { description = %[1]q } @@ -756,7 +873,7 @@ resource "aws_apigatewayv2_stage" "test" { } func testAccAWSAPIGatewayV2StageConfig_defaultRouteSettings(rName string) string { - return testAccAWSAPIGatewayV2StageConfig_api(rName) + fmt.Sprintf(` + return testAccAWSAPIGatewayV2StageConfig_apiWebSocket(rName) + fmt.Sprintf(` resource "aws_apigatewayv2_stage" "test" { api_id = "${aws_apigatewayv2_api.test.id}" name = %[1]q @@ -784,7 +901,7 @@ resource "aws_apigatewayv2_stage" "test" { } func testAccAWSAPIGatewayV2StageConfig_routeSettings(rName string) string { - return testAccAWSAPIGatewayV2StageConfig_api(rName) + fmt.Sprintf(` + return testAccAWSAPIGatewayV2StageConfig_apiWebSocket(rName) + fmt.Sprintf(` resource "aws_apigatewayv2_stage" "test" { api_id = "${aws_apigatewayv2_api.test.id}" name = %[1]q @@ -807,7 +924,7 @@ resource "aws_apigatewayv2_stage" "test" { } func testAccAWSAPIGatewayV2StageConfig_stageVariables(rName string) string { - return testAccAWSAPIGatewayV2StageConfig_api(rName) + fmt.Sprintf(` + return testAccAWSAPIGatewayV2StageConfig_apiWebSocket(rName) + fmt.Sprintf(` resource "aws_apigatewayv2_stage" "test" { api_id = "${aws_apigatewayv2_api.test.id}" name = %[1]q @@ -821,7 +938,7 @@ resource "aws_apigatewayv2_stage" "test" { } func testAccAWSAPIGatewayV2StageConfig_tags(rName string) string { - return testAccAWSAPIGatewayV2StageConfig_api(rName) + fmt.Sprintf(` + return testAccAWSAPIGatewayV2StageConfig_apiWebSocket(rName) + fmt.Sprintf(` resource "aws_apigatewayv2_stage" "test" { api_id = "${aws_apigatewayv2_api.test.id}" name = %[1]q diff --git a/website/docs/r/apigatewayv2_stage.html.markdown b/website/docs/r/apigatewayv2_stage.html.markdown index 3fa9001331a..b870f9dbabc 100644 --- a/website/docs/r/apigatewayv2_stage.html.markdown +++ b/website/docs/r/apigatewayv2_stage.html.markdown @@ -76,7 +76,7 @@ In addition to all arguments above, the following attributes are exported: or in an [`aws_iam_policy`](/docs/providers/aws/r/iam_policy.html) to authorize access to the [`@connections` API](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-how-to-call-websocket-api-connections.html). See the [Amazon API Gateway Developer Guide](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-control-access-iam.html) for details. * `invoke_url` - The URL to invoke the API pointing to the stage, - e.g. `wss://z4675bid1j.execute-api.eu-west-2.amazonaws.com/example-stage` + e.g. `wss://z4675bid1j.execute-api.eu-west-2.amazonaws.com/example-stage`, or `https://z4675bid1j.execute-api.eu-west-2.amazonaws.com/` ## Import From 99afe7432873a787ff12b33ad37098ca4411e58f Mon Sep 17 00:00:00 2001 From: Micheal Harker Date: Thu, 16 Apr 2020 20:53:03 +0100 Subject: [PATCH 019/475] service/iam: replace custom SchemaValidateFunc with provided ones --- aws/resource_aws_iam_group.go | 13 ++------- aws/resource_aws_iam_group_test.go | 37 ------------------------ aws/resource_aws_iam_instance_profile.go | 29 ++----------------- aws/resource_aws_iam_policy.go | 29 ++----------------- aws/resource_aws_iam_role.go | 28 ++---------------- aws/resource_aws_iam_user.go | 12 +------- aws/resource_aws_iam_user_test.go | 37 ------------------------ 7 files changed, 11 insertions(+), 174 deletions(-) diff --git a/aws/resource_aws_iam_group.go b/aws/resource_aws_iam_group.go index 1e92696e4f3..7bd340b179a 100644 --- a/aws/resource_aws_iam_group.go +++ b/aws/resource_aws_iam_group.go @@ -9,6 +9,7 @@ import ( "github.com/aws/aws-sdk-go/service/iam" "github.com/hashicorp/terraform-plugin-sdk/helper/schema" + "github.com/hashicorp/terraform-plugin-sdk/helper/validation" ) func resourceAwsIamGroup() *schema.Resource { @@ -33,7 +34,7 @@ func resourceAwsIamGroup() *schema.Resource { "name": { Type: schema.TypeString, Required: true, - ValidateFunc: validateAwsIamGroupName, + ValidateFunc: validation.StringMatch(regexp.MustCompile(`^[0-9A-Za-z=,.@\-_+]+$`), fmt.Sprintf("must only contain alphanumeric characters, hyphens, underscores, commas, periods, @ symbols, plus and equals signs")), }, "path": { Type: schema.TypeString, @@ -130,13 +131,3 @@ func resourceAwsIamGroupDelete(d *schema.ResourceData, meta interface{}) error { } return nil } - -func validateAwsIamGroupName(v interface{}, k string) (ws []string, errors []error) { - value := v.(string) - if !regexp.MustCompile(`^[0-9A-Za-z=,.@\-_+]+$`).MatchString(value) { - errors = append(errors, fmt.Errorf( - "only alphanumeric characters, hyphens, underscores, commas, periods, @ symbols, plus and equals signs allowed in %q: %q", - k, value)) - } - return -} diff --git a/aws/resource_aws_iam_group_test.go b/aws/resource_aws_iam_group_test.go index d51efa3effe..bca36220e26 100644 --- a/aws/resource_aws_iam_group_test.go +++ b/aws/resource_aws_iam_group_test.go @@ -13,43 +13,6 @@ import ( "github.com/hashicorp/terraform-plugin-sdk/terraform" ) -func TestValidateIamGroupName(t *testing.T) { - validNames := []string{ - "test-group", - "test_group", - "testgroup123", - "TestGroup", - "Test-Group", - "test.group", - "test.123,group", - "testgroup@hashicorp", - "test+group@hashicorp.com", - } - for _, v := range validNames { - _, errs := validateAwsIamGroupName(v, "name") - if len(errs) != 0 { - t.Fatalf("%q should be a valid IAM Group name: %q", v, errs) - } - } - - invalidNames := []string{ - "!", - "/", - " ", - ":", - ";", - "test name", - "/slash-at-the-beginning", - "slash-at-the-end/", - } - for _, v := range invalidNames { - _, errs := validateAwsIamGroupName(v, "name") - if len(errs) == 0 { - t.Fatalf("%q should be an invalid IAM Group name", v) - } - } -} - func TestAccAWSIAMGroup_basic(t *testing.T) { var conf iam.GetGroupOutput resourceName := "aws_iam_group.test" diff --git a/aws/resource_aws_iam_instance_profile.go b/aws/resource_aws_iam_instance_profile.go index 1dbd2ebe371..2f6e931abb0 100644 --- a/aws/resource_aws_iam_instance_profile.go +++ b/aws/resource_aws_iam_instance_profile.go @@ -11,6 +11,7 @@ import ( "github.com/hashicorp/terraform-plugin-sdk/helper/resource" "github.com/hashicorp/terraform-plugin-sdk/helper/schema" + "github.com/hashicorp/terraform-plugin-sdk/helper/validation" ) func resourceAwsIamInstanceProfile() *schema.Resource { @@ -45,19 +46,7 @@ func resourceAwsIamInstanceProfile() *schema.Resource { Computed: true, ForceNew: true, ConflictsWith: []string{"name_prefix"}, - ValidateFunc: func(v interface{}, k string) (ws []string, errors []error) { - // https://github.com/boto/botocore/blob/2485f5c/botocore/data/iam/2010-05-08/service-2.json#L8196-L8201 - value := v.(string) - if len(value) > 128 { - errors = append(errors, fmt.Errorf( - "%q cannot be longer than 128 characters", k)) - } - if !regexp.MustCompile(`^[\w+=,.@-]+$`).MatchString(value) { - errors = append(errors, fmt.Errorf( - "%q must match [\\w+=,.@-]", k)) - } - return - }, + ValidateFunc: validation.All(validation.StringLenBetween(1, 128), validation.StringMatch(regexp.MustCompile(`^[\w+=,.@-]*$`), "must match [\\w+=,.@-]")), }, "name_prefix": { @@ -65,19 +54,7 @@ func resourceAwsIamInstanceProfile() *schema.Resource { Optional: true, ForceNew: true, ConflictsWith: []string{"name"}, - ValidateFunc: func(v interface{}, k string) (ws []string, errors []error) { - // https://github.com/boto/botocore/blob/2485f5c/botocore/data/iam/2010-05-08/service-2.json#L8196-L8201 - value := v.(string) - if len(value) > 64 { - errors = append(errors, fmt.Errorf( - "%q cannot be longer than 64 characters, name is limited to 128", k)) - } - if !regexp.MustCompile(`^[\w+=,.@-]+$`).MatchString(value) { - errors = append(errors, fmt.Errorf( - "%q must match [\\w+=,.@-]", k)) - } - return - }, + ValidateFunc: validation.All(validation.StringLenBetween(1, 64), validation.StringMatch(regexp.MustCompile(`^[\w+=,.@-]*$`), "must match [\\w+=,.@-]")), }, "path": { diff --git a/aws/resource_aws_iam_policy.go b/aws/resource_aws_iam_policy.go index 79185240f4a..561c82d2841 100644 --- a/aws/resource_aws_iam_policy.go +++ b/aws/resource_aws_iam_policy.go @@ -11,6 +11,7 @@ import ( "github.com/aws/aws-sdk-go/service/iam" "github.com/hashicorp/terraform-plugin-sdk/helper/resource" "github.com/hashicorp/terraform-plugin-sdk/helper/schema" + "github.com/hashicorp/terraform-plugin-sdk/helper/validation" ) func resourceAwsIamPolicy() *schema.Resource { @@ -47,38 +48,14 @@ func resourceAwsIamPolicy() *schema.Resource { Computed: true, ForceNew: true, ConflictsWith: []string{"name_prefix"}, - ValidateFunc: func(v interface{}, k string) (ws []string, errors []error) { - // https://github.com/boto/botocore/blob/2485f5c/botocore/data/iam/2010-05-08/service-2.json#L8329-L8334 - value := v.(string) - if len(value) > 128 { - errors = append(errors, fmt.Errorf( - "%q cannot be longer than 128 characters", k)) - } - if !regexp.MustCompile(`^[\w+=,.@-]*$`).MatchString(value) { - errors = append(errors, fmt.Errorf( - "%q must match [\\w+=,.@-]", k)) - } - return - }, + ValidateFunc: validation.All(validation.StringLenBetween(1, 128), validation.StringMatch(regexp.MustCompile(`^[\w+=,.@-]*$`), "must match [\\w+=,.@-]")), }, "name_prefix": { Type: schema.TypeString, Optional: true, ForceNew: true, ConflictsWith: []string{"name"}, - ValidateFunc: func(v interface{}, k string) (ws []string, errors []error) { - // https://github.com/boto/botocore/blob/2485f5c/botocore/data/iam/2010-05-08/service-2.json#L8329-L8334 - value := v.(string) - if len(value) > 96 { - errors = append(errors, fmt.Errorf( - "%q cannot be longer than 96 characters, name is limited to 128", k)) - } - if !regexp.MustCompile(`^[\w+=,.@-]*$`).MatchString(value) { - errors = append(errors, fmt.Errorf( - "%q must match [\\w+=,.@-]", k)) - } - return - }, + ValidateFunc: validation.All(validation.StringLenBetween(1, 96), validation.StringMatch(regexp.MustCompile(`^[\w+=,.@-]*$`), "must match [\\w+=,.@-]")), }, "arn": { Type: schema.TypeString, diff --git a/aws/resource_aws_iam_role.go b/aws/resource_aws_iam_role.go index 60f03f8dc02..501c7e87380 100644 --- a/aws/resource_aws_iam_role.go +++ b/aws/resource_aws_iam_role.go @@ -43,19 +43,7 @@ func resourceAwsIamRole() *schema.Resource { Computed: true, ForceNew: true, ConflictsWith: []string{"name_prefix"}, - ValidateFunc: func(v interface{}, k string) (ws []string, errors []error) { - // https://github.com/boto/botocore/blob/2485f5c/botocore/data/iam/2010-05-08/service-2.json#L8329-L8334 - value := v.(string) - if len(value) > 64 { - errors = append(errors, fmt.Errorf( - "%q cannot be longer than 64 characters", k)) - } - if !regexp.MustCompile(`^[\w+=,.@-]*$`).MatchString(value) { - errors = append(errors, fmt.Errorf( - "%q must match [\\w+=,.@-]", k)) - } - return - }, + ValidateFunc: validation.All(validation.StringLenBetween(1, 64), validation.StringMatch(regexp.MustCompile(`^[\w+=,.@-]*$`), "must match [\\w+=,.@-]")), }, "name_prefix": { @@ -63,19 +51,7 @@ func resourceAwsIamRole() *schema.Resource { Optional: true, ForceNew: true, ConflictsWith: []string{"name"}, - ValidateFunc: func(v interface{}, k string) (ws []string, errors []error) { - // https://github.com/boto/botocore/blob/2485f5c/botocore/data/iam/2010-05-08/service-2.json#L8329-L8334 - value := v.(string) - if len(value) > 32 { - errors = append(errors, fmt.Errorf( - "%q cannot be longer than 32 characters, name is limited to 64", k)) - } - if !regexp.MustCompile(`^[\w+=,.@-]*$`).MatchString(value) { - errors = append(errors, fmt.Errorf( - "%q must match [\\w+=,.@-]", k)) - } - return - }, + ValidateFunc: validation.All(validation.StringLenBetween(1, 32), validation.StringMatch(regexp.MustCompile(`^[\w+=,.@-]*$`), "must match [\\w+=,.@-]")), }, "path": { diff --git a/aws/resource_aws_iam_user.go b/aws/resource_aws_iam_user.go index 79d0fede53b..fabed2d35b0 100644 --- a/aws/resource_aws_iam_user.go +++ b/aws/resource_aws_iam_user.go @@ -45,7 +45,7 @@ func resourceAwsIamUser() *schema.Resource { "name": { Type: schema.TypeString, Required: true, - ValidateFunc: validateAwsIamUserName, + ValidateFunc: validation.StringMatch(regexp.MustCompile(`^[0-9A-Za-z=,.@\-_+]+$`), fmt.Sprintf("must only contain alphanumeric characters, hyphens, underscores, commas, periods, @ symbols, plus and equals signs")), }, "path": { Type: schema.TypeString, @@ -244,16 +244,6 @@ func resourceAwsIamUserDelete(d *schema.ResourceData, meta interface{}) error { return nil } -func validateAwsIamUserName(v interface{}, k string) (ws []string, errors []error) { - value := v.(string) - if !regexp.MustCompile(`^[0-9A-Za-z=,.@\-_+]+$`).MatchString(value) { - errors = append(errors, fmt.Errorf( - "only alphanumeric characters, hyphens, underscores, commas, periods, @ symbols, plus and equals signs allowed in %q: %q", - k, value)) - } - return -} - func deleteAwsIamUserGroupMemberships(conn *iam.IAM, username string) error { var groups []string listGroups := &iam.ListGroupsForUserInput{ diff --git a/aws/resource_aws_iam_user_test.go b/aws/resource_aws_iam_user_test.go index eb6e2dad797..0a943e7ef0d 100644 --- a/aws/resource_aws_iam_user_test.go +++ b/aws/resource_aws_iam_user_test.go @@ -18,43 +18,6 @@ import ( "github.com/pquerna/otp/totp" ) -func TestValidateIamUserName(t *testing.T) { - validNames := []string{ - "test-user", - "test_user", - "testuser123", - "TestUser", - "Test-User", - "test.user", - "test.123,user", - "testuser@hashicorp", - "test+user@hashicorp.com", - } - for _, v := range validNames { - _, errors := validateAwsIamUserName(v, "name") - if len(errors) != 0 { - t.Fatalf("%q should be a valid IAM User name: %q", v, errors) - } - } - - invalidNames := []string{ - "!", - "/", - " ", - ":", - ";", - "test name", - "/slash-at-the-beginning", - "slash-at-the-end/", - } - for _, v := range invalidNames { - _, errors := validateAwsIamUserName(v, "name") - if len(errors) == 0 { - t.Fatalf("%q should be an invalid IAM User name", v) - } - } -} - func init() { resource.AddTestSweepers("aws_iam_user", &resource.Sweeper{ Name: "aws_iam_user", From a07d85330b059db5147933c69a89c23392bf11e9 Mon Sep 17 00:00:00 2001 From: Micheal Harker Date: Sat, 25 Apr 2020 12:37:17 +0100 Subject: [PATCH 020/475] service/iam: Clean up inlining mess I made. In hindsight, I figured it was better to try and reduce line length the best I can. --- aws/resource_aws_iam_group.go | 9 ++++++--- aws/resource_aws_iam_instance_profile.go | 10 ++++++++-- aws/resource_aws_iam_policy.go | 10 ++++++++-- aws/resource_aws_iam_role.go | 10 ++++++++-- aws/resource_aws_iam_user.go | 9 ++++++--- 5 files changed, 36 insertions(+), 12 deletions(-) diff --git a/aws/resource_aws_iam_group.go b/aws/resource_aws_iam_group.go index 7bd340b179a..f74fadc9dee 100644 --- a/aws/resource_aws_iam_group.go +++ b/aws/resource_aws_iam_group.go @@ -32,9 +32,12 @@ func resourceAwsIamGroup() *schema.Resource { Computed: true, }, "name": { - Type: schema.TypeString, - Required: true, - ValidateFunc: validation.StringMatch(regexp.MustCompile(`^[0-9A-Za-z=,.@\-_+]+$`), fmt.Sprintf("must only contain alphanumeric characters, hyphens, underscores, commas, periods, @ symbols, plus and equals signs")), + Type: schema.TypeString, + Required: true, + ValidateFunc: validation.StringMatch( + regexp.MustCompile(`^[0-9A-Za-z=,.@\-_+]+$`), + fmt.Sprintf("must only contain alphanumeric characters, hyphens, underscores, commas, periods, @ symbols, plus and equals signs"), + ), }, "path": { Type: schema.TypeString, diff --git a/aws/resource_aws_iam_instance_profile.go b/aws/resource_aws_iam_instance_profile.go index 2f6e931abb0..caa7baad311 100644 --- a/aws/resource_aws_iam_instance_profile.go +++ b/aws/resource_aws_iam_instance_profile.go @@ -46,7 +46,10 @@ func resourceAwsIamInstanceProfile() *schema.Resource { Computed: true, ForceNew: true, ConflictsWith: []string{"name_prefix"}, - ValidateFunc: validation.All(validation.StringLenBetween(1, 128), validation.StringMatch(regexp.MustCompile(`^[\w+=,.@-]*$`), "must match [\\w+=,.@-]")), + ValidateFunc: validation.All( + validation.StringLenBetween(1, 128), + validation.StringMatch(regexp.MustCompile(`^[\w+=,.@-]*$`), "must match [\\w+=,.@-]"), + ), }, "name_prefix": { @@ -54,7 +57,10 @@ func resourceAwsIamInstanceProfile() *schema.Resource { Optional: true, ForceNew: true, ConflictsWith: []string{"name"}, - ValidateFunc: validation.All(validation.StringLenBetween(1, 64), validation.StringMatch(regexp.MustCompile(`^[\w+=,.@-]*$`), "must match [\\w+=,.@-]")), + ValidateFunc: validation.All( + validation.StringLenBetween(1, 64), + validation.StringMatch(regexp.MustCompile(`^[\w+=,.@-]*$`), "must match [\\w+=,.@-]"), + ), }, "path": { diff --git a/aws/resource_aws_iam_policy.go b/aws/resource_aws_iam_policy.go index 561c82d2841..6d803375ab1 100644 --- a/aws/resource_aws_iam_policy.go +++ b/aws/resource_aws_iam_policy.go @@ -48,14 +48,20 @@ func resourceAwsIamPolicy() *schema.Resource { Computed: true, ForceNew: true, ConflictsWith: []string{"name_prefix"}, - ValidateFunc: validation.All(validation.StringLenBetween(1, 128), validation.StringMatch(regexp.MustCompile(`^[\w+=,.@-]*$`), "must match [\\w+=,.@-]")), + ValidateFunc: validation.All( + validation.StringLenBetween(1, 128), + validation.StringMatch(regexp.MustCompile(`^[\w+=,.@-]*$`), "must match [\\w+=,.@-]"), + ), }, "name_prefix": { Type: schema.TypeString, Optional: true, ForceNew: true, ConflictsWith: []string{"name"}, - ValidateFunc: validation.All(validation.StringLenBetween(1, 96), validation.StringMatch(regexp.MustCompile(`^[\w+=,.@-]*$`), "must match [\\w+=,.@-]")), + ValidateFunc: validation.All( + validation.StringLenBetween(1, 96), + validation.StringMatch(regexp.MustCompile(`^[\w+=,.@-]*$`), "must match [\\w+=,.@-]"), + ), }, "arn": { Type: schema.TypeString, diff --git a/aws/resource_aws_iam_role.go b/aws/resource_aws_iam_role.go index 501c7e87380..ceb021f8f14 100644 --- a/aws/resource_aws_iam_role.go +++ b/aws/resource_aws_iam_role.go @@ -43,7 +43,10 @@ func resourceAwsIamRole() *schema.Resource { Computed: true, ForceNew: true, ConflictsWith: []string{"name_prefix"}, - ValidateFunc: validation.All(validation.StringLenBetween(1, 64), validation.StringMatch(regexp.MustCompile(`^[\w+=,.@-]*$`), "must match [\\w+=,.@-]")), + ValidateFunc: validation.All( + validation.StringLenBetween(1, 64), + validation.StringMatch(regexp.MustCompile(`^[\w+=,.@-]*$`), "must match [\\w+=,.@-]"), + ), }, "name_prefix": { @@ -51,7 +54,10 @@ func resourceAwsIamRole() *schema.Resource { Optional: true, ForceNew: true, ConflictsWith: []string{"name"}, - ValidateFunc: validation.All(validation.StringLenBetween(1, 32), validation.StringMatch(regexp.MustCompile(`^[\w+=,.@-]*$`), "must match [\\w+=,.@-]")), + ValidateFunc: validation.All( + validation.StringLenBetween(1, 32), + validation.StringMatch(regexp.MustCompile(`^[\w+=,.@-]*$`), "must match [\\w+=,.@-]"), + ), }, "path": { diff --git a/aws/resource_aws_iam_user.go b/aws/resource_aws_iam_user.go index fabed2d35b0..be5ba909ea8 100644 --- a/aws/resource_aws_iam_user.go +++ b/aws/resource_aws_iam_user.go @@ -43,9 +43,12 @@ func resourceAwsIamUser() *schema.Resource { Computed: true, }, "name": { - Type: schema.TypeString, - Required: true, - ValidateFunc: validation.StringMatch(regexp.MustCompile(`^[0-9A-Za-z=,.@\-_+]+$`), fmt.Sprintf("must only contain alphanumeric characters, hyphens, underscores, commas, periods, @ symbols, plus and equals signs")), + Type: schema.TypeString, + Required: true, + ValidateFunc: validation.StringMatch( + regexp.MustCompile(`^[0-9A-Za-z=,.@\-_+]+$`), + fmt.Sprintf("must only contain alphanumeric characters, hyphens, underscores, commas, periods, @ symbols, plus and equals signs"), + ), }, "path": { Type: schema.TypeString, From 2cab2bdccc2e30c049b2341508dfffdcb58f0a9f Mon Sep 17 00:00:00 2001 From: Micheal Harker Date: Sat, 25 Apr 2020 21:07:15 +0100 Subject: [PATCH 021/475] service/vpn: tech debt: replace custom validation functions --- aws/resource_aws_vpn_connection.go | 81 +++++++++---------------- aws/resource_aws_vpn_connection_test.go | 23 +++---- 2 files changed, 39 insertions(+), 65 deletions(-) diff --git a/aws/resource_aws_vpn_connection.go b/aws/resource_aws_vpn_connection.go index 7a4d268284f..80698fe8921 100644 --- a/aws/resource_aws_vpn_connection.go +++ b/aws/resource_aws_vpn_connection.go @@ -5,10 +5,8 @@ import ( "encoding/xml" "fmt" "log" - "net" "regexp" "sort" - "strings" "time" "github.com/aws/aws-sdk-go/aws" @@ -17,6 +15,7 @@ import ( "github.com/hashicorp/terraform-plugin-sdk/helper/hashcode" "github.com/hashicorp/terraform-plugin-sdk/helper/resource" "github.com/hashicorp/terraform-plugin-sdk/helper/schema" + "github.com/hashicorp/terraform-plugin-sdk/helper/validation" "github.com/terraform-providers/terraform-provider-aws/aws/internal/keyvaluetags" ) @@ -114,7 +113,7 @@ func resourceAwsVpnConnection() *schema.Resource { Optional: true, Computed: true, ForceNew: true, - ValidateFunc: validateVpnConnectionTunnelInsideCIDR, + ValidateFunc: validateVpnConnectionTunnelInsideCIDR(), }, "tunnel1_preshared_key": { @@ -123,7 +122,7 @@ func resourceAwsVpnConnection() *schema.Resource { Sensitive: true, Computed: true, ForceNew: true, - ValidateFunc: validateVpnConnectionTunnelPreSharedKey, + ValidateFunc: validateVpnConnectionTunnelPreSharedKey(), }, "tunnel2_inside_cidr": { @@ -131,7 +130,7 @@ func resourceAwsVpnConnection() *schema.Resource { Optional: true, Computed: true, ForceNew: true, - ValidateFunc: validateVpnConnectionTunnelInsideCIDR, + ValidateFunc: validateVpnConnectionTunnelInsideCIDR(), }, "tunnel2_preshared_key": { @@ -140,7 +139,7 @@ func resourceAwsVpnConnection() *schema.Resource { Sensitive: true, Computed: true, ForceNew: true, - ValidateFunc: validateVpnConnectionTunnelPreSharedKey, + ValidateFunc: validateVpnConnectionTunnelPreSharedKey(), }, "tags": tagsSchema(), @@ -618,55 +617,29 @@ func xmlConfigToTunnelInfo(xmlConfig string) (*TunnelInfo, error) { return &tunnelInfo, nil } -func validateVpnConnectionTunnelPreSharedKey(v interface{}, k string) (ws []string, errors []error) { - value := v.(string) - - if (len(value) < 8) || (len(value) > 64) { - errors = append(errors, fmt.Errorf("%q must be between 8 and 64 characters in length", k)) - } - - if strings.HasPrefix(value, "0") { - errors = append(errors, fmt.Errorf("%q cannot start with zero character", k)) - } - - if !regexp.MustCompile(`^[0-9a-zA-Z_.]+$`).MatchString(value) { - errors = append(errors, fmt.Errorf("%q can only contain alphanumeric, period and underscore characters", k)) - } - - return +func validateVpnConnectionTunnelPreSharedKey() schema.SchemaValidateFunc { + return validation.All( + validation.StringLenBetween(8, 64), + validation.StringDoesNotMatch(regexp.MustCompile(`(?i)^0`), "cannot start with zero character"), + validation.StringMatch(regexp.MustCompile(`^[0-9a-zA-Z_.]+$`), "can only contain alphanumeric, period and underscore characters"), + ) } // https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_VpnTunnelOptionsSpecification.html -func validateVpnConnectionTunnelInsideCIDR(v interface{}, k string) (ws []string, errors []error) { - value := v.(string) - _, ipnet, err := net.ParseCIDR(value) - - if err != nil { - errors = append(errors, fmt.Errorf("%q must contain a valid CIDR, got error parsing: %s", k, err)) - return - } - - if !strings.HasSuffix(ipnet.String(), "/30") { - errors = append(errors, fmt.Errorf("%q must be /30 CIDR", k)) - } - - if !strings.HasPrefix(ipnet.String(), "169.254.") { - errors = append(errors, fmt.Errorf("%q must be within 169.254.0.0/16", k)) - } else if ipnet.String() == "169.254.0.0/30" { - errors = append(errors, fmt.Errorf("%q cannot be 169.254.0.0/30", k)) - } else if ipnet.String() == "169.254.1.0/30" { - errors = append(errors, fmt.Errorf("%q cannot be 169.254.1.0/30", k)) - } else if ipnet.String() == "169.254.2.0/30" { - errors = append(errors, fmt.Errorf("%q cannot be 169.254.2.0/30", k)) - } else if ipnet.String() == "169.254.3.0/30" { - errors = append(errors, fmt.Errorf("%q cannot be 169.254.3.0/30", k)) - } else if ipnet.String() == "169.254.4.0/30" { - errors = append(errors, fmt.Errorf("%q cannot be 169.254.4.0/30", k)) - } else if ipnet.String() == "169.254.5.0/30" { - errors = append(errors, fmt.Errorf("%q cannot be 169.254.5.0/30", k)) - } else if ipnet.String() == "169.254.169.252/30" { - errors = append(errors, fmt.Errorf("%q cannot be 169.254.169.252/30", k)) - } - - return +func validateVpnConnectionTunnelInsideCIDR() schema.SchemaValidateFunc { + disallowedCidrs := []string{ + "169.254.0.0/30", + "169.254.1.0/30", + "169.254.2.0/30", + "169.254.3.0/30", + "169.254.4.0/30", + "169.254.5.0/30", + "169.254.169.252/30", + } + + return validation.All( + validation.IsCIDRNetwork(30, 30), + validation.StringMatch(regexp.MustCompile(`^169\.254\.`), "must be within 169.254.0.0/16"), + validation.StringNotInSlice(disallowedCidrs, false), + ) } diff --git a/aws/resource_aws_vpn_connection_test.go b/aws/resource_aws_vpn_connection_test.go index 387b9923fe7..efd8c4d263a 100644 --- a/aws/resource_aws_vpn_connection_test.go +++ b/aws/resource_aws_vpn_connection_test.go @@ -139,6 +139,7 @@ func TestAccAWSVpnConnection_TransitGatewayID(t *testing.T) { } func TestAccAWSVpnConnection_tunnelOptions(t *testing.T) { + badCidrRangeErr := regexp.MustCompile(`expected \w+ to not be any of \[[\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\/30\s?]+\]`) rBgpAsn := acctest.RandIntRange(64512, 65534) resourceName := "aws_vpn_connection.test" var vpn ec2.VpnConnection @@ -153,11 +154,11 @@ func TestAccAWSVpnConnection_tunnelOptions(t *testing.T) { // Checking CIDR blocks { Config: testAccAwsVpnConnectionConfigSingleTunnelOptions(rBgpAsn, "12345678", "not-a-cidr"), - ExpectError: regexp.MustCompile(`must contain a valid CIDR`), + ExpectError: regexp.MustCompile(`invalid CIDR address: not-a-cidr`), }, { Config: testAccAwsVpnConnectionConfigSingleTunnelOptions(rBgpAsn, "12345678", "169.254.254.0/31"), - ExpectError: regexp.MustCompile(`must be /30 CIDR`), + ExpectError: regexp.MustCompile(`expected "\w+" to contain a network Value with between 30 and 30 significant bits`), }, { Config: testAccAwsVpnConnectionConfigSingleTunnelOptions(rBgpAsn, "12345678", "172.16.0.0/30"), @@ -165,41 +166,41 @@ func TestAccAWSVpnConnection_tunnelOptions(t *testing.T) { }, { Config: testAccAwsVpnConnectionConfigSingleTunnelOptions(rBgpAsn, "12345678", "169.254.0.0/30"), - ExpectError: regexp.MustCompile(`cannot be 169.254.0.0/30`), + ExpectError: badCidrRangeErr, }, { Config: testAccAwsVpnConnectionConfigSingleTunnelOptions(rBgpAsn, "12345678", "169.254.1.0/30"), - ExpectError: regexp.MustCompile(`cannot be 169.254.1.0/30`), + ExpectError: badCidrRangeErr, }, { Config: testAccAwsVpnConnectionConfigSingleTunnelOptions(rBgpAsn, "12345678", "169.254.2.0/30"), - ExpectError: regexp.MustCompile(`cannot be 169.254.2.0/30`), + ExpectError: badCidrRangeErr, }, { Config: testAccAwsVpnConnectionConfigSingleTunnelOptions(rBgpAsn, "12345678", "169.254.3.0/30"), - ExpectError: regexp.MustCompile(`cannot be 169.254.3.0/30`), + ExpectError: badCidrRangeErr, }, { Config: testAccAwsVpnConnectionConfigSingleTunnelOptions(rBgpAsn, "12345678", "169.254.4.0/30"), - ExpectError: regexp.MustCompile(`cannot be 169.254.4.0/30`), + ExpectError: badCidrRangeErr, }, { Config: testAccAwsVpnConnectionConfigSingleTunnelOptions(rBgpAsn, "12345678", "169.254.5.0/30"), - ExpectError: regexp.MustCompile(`cannot be 169.254.5.0/30`), + ExpectError: badCidrRangeErr, }, { Config: testAccAwsVpnConnectionConfigSingleTunnelOptions(rBgpAsn, "12345678", "169.254.169.252/30"), - ExpectError: regexp.MustCompile(`cannot be 169.254.169.252/30`), + ExpectError: badCidrRangeErr, }, // Checking PreShared Key { Config: testAccAwsVpnConnectionConfigSingleTunnelOptions(rBgpAsn, "1234567", "169.254.254.0/30"), - ExpectError: regexp.MustCompile(`must be between 8 and 64 characters in length`), + ExpectError: regexp.MustCompile(`expected length of \w+ to be in the range \(8 - 64\)`), }, { Config: testAccAwsVpnConnectionConfigSingleTunnelOptions(rBgpAsn, acctest.RandStringFromCharSet(65, acctest.CharSetAlpha), "169.254.254.0/30"), - ExpectError: regexp.MustCompile(`must be between 8 and 64 characters in length`), + ExpectError: regexp.MustCompile(`expected length of \w+ to be in the range \(8 - 64\)`), }, { Config: testAccAwsVpnConnectionConfigSingleTunnelOptions(rBgpAsn, "01234567", "169.254.254.0/30"), From 114ff7a54f03951b81fb80d7b03f165dc3280cb8 Mon Sep 17 00:00:00 2001 From: Micheal Harker Date: Tue, 28 Apr 2020 18:36:14 +0100 Subject: [PATCH 022/475] Format code --- aws/resource_aws_iam_instance_profile.go | 8 ++++---- aws/resource_aws_iam_policy.go | 4 ++-- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/aws/resource_aws_iam_instance_profile.go b/aws/resource_aws_iam_instance_profile.go index caa7baad311..b5d0ca55e01 100644 --- a/aws/resource_aws_iam_instance_profile.go +++ b/aws/resource_aws_iam_instance_profile.go @@ -46,8 +46,8 @@ func resourceAwsIamInstanceProfile() *schema.Resource { Computed: true, ForceNew: true, ConflictsWith: []string{"name_prefix"}, - ValidateFunc: validation.All( - validation.StringLenBetween(1, 128), + ValidateFunc: validation.All( + validation.StringLenBetween(1, 128), validation.StringMatch(regexp.MustCompile(`^[\w+=,.@-]*$`), "must match [\\w+=,.@-]"), ), }, @@ -57,8 +57,8 @@ func resourceAwsIamInstanceProfile() *schema.Resource { Optional: true, ForceNew: true, ConflictsWith: []string{"name"}, - ValidateFunc: validation.All( - validation.StringLenBetween(1, 64), + ValidateFunc: validation.All( + validation.StringLenBetween(1, 64), validation.StringMatch(regexp.MustCompile(`^[\w+=,.@-]*$`), "must match [\\w+=,.@-]"), ), }, diff --git a/aws/resource_aws_iam_policy.go b/aws/resource_aws_iam_policy.go index 6d803375ab1..f51a2a61524 100644 --- a/aws/resource_aws_iam_policy.go +++ b/aws/resource_aws_iam_policy.go @@ -48,7 +48,7 @@ func resourceAwsIamPolicy() *schema.Resource { Computed: true, ForceNew: true, ConflictsWith: []string{"name_prefix"}, - ValidateFunc: validation.All( + ValidateFunc: validation.All( validation.StringLenBetween(1, 128), validation.StringMatch(regexp.MustCompile(`^[\w+=,.@-]*$`), "must match [\\w+=,.@-]"), ), @@ -58,7 +58,7 @@ func resourceAwsIamPolicy() *schema.Resource { Optional: true, ForceNew: true, ConflictsWith: []string{"name"}, - ValidateFunc: validation.All( + ValidateFunc: validation.All( validation.StringLenBetween(1, 96), validation.StringMatch(regexp.MustCompile(`^[\w+=,.@-]*$`), "must match [\\w+=,.@-]"), ), From 34e16be6612f22ff3d6ec7bc7408cf46f74d2375 Mon Sep 17 00:00:00 2001 From: Mike Dalrymple Date: Tue, 28 Apr 2020 20:48:21 -0600 Subject: [PATCH 023/475] Clarified options for `email_sending_account` and associated `source_arn`. Updated `from_email_address` formatting to properly display in generated pages and replaced smith.com with example.com. --- website/docs/r/cognito_user_pool.markdown | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/website/docs/r/cognito_user_pool.markdown b/website/docs/r/cognito_user_pool.markdown index 63aaa512cf8..0e1d250a212 100644 --- a/website/docs/r/cognito_user_pool.markdown +++ b/website/docs/r/cognito_user_pool.markdown @@ -89,9 +89,9 @@ The following arguments are supported: #### Email Configuration * `reply_to_email_address` (Optional) - The REPLY-TO email address. - * `source_arn` (Optional) - The ARN of the email source. - * `from_email_address` (Optional) - Sender’s email address or sender’s name with their email address (e.g. "john@smith.com" or "John Smith ") - * `email_sending_account` (Optional) - Instruct Cognito to either use its built-in functional or Amazon SES to send out emails. + * `source_arn` (Optional) - The ARN of the SES verified email identity to to use. Required if `email_sending_account` is set to `DEVELOPER`. + * `from_email_address` (Optional) - Sender’s email address or sender’s name with their email address (e.g. "john@example.com" or "John Smith <john@example.com>") + * `email_sending_account` (Optional) - The email delivery method to use. `COGNITO_DEFAULT` for the default email functionality built into Cognito or `DEVELOPER` to use your Amazon SES configuration. #### Lambda Configuration From 69312e357f8b1d81e62deeafa56ee0f0b0711c99 Mon Sep 17 00:00:00 2001 From: Pascal van Buijtene Date: Thu, 16 Jan 2020 11:38:23 +0100 Subject: [PATCH 024/475] Basic functionality --- aws/provider.go | 1 + aws/resource_aws_wafv2_ip_set.go | 191 ++++++++++++++++++++++++++ aws/resource_aws_wafv2_ip_set_test.go | 116 ++++++++++++++++ 3 files changed, 308 insertions(+) create mode 100644 aws/resource_aws_wafv2_ip_set.go create mode 100644 aws/resource_aws_wafv2_ip_set_test.go diff --git a/aws/provider.go b/aws/provider.go index 6a1e1e768bf..6801fabe536 100644 --- a/aws/provider.go +++ b/aws/provider.go @@ -881,6 +881,7 @@ func Provider() terraform.ResourceProvider { "aws_wafregional_xss_match_set": resourceAwsWafRegionalXssMatchSet(), "aws_wafregional_web_acl": resourceAwsWafRegionalWebAcl(), "aws_wafregional_web_acl_association": resourceAwsWafRegionalWebAclAssociation(), + "aws_wafv2_ip_set": resourceAwsWafv2IPSet(), "aws_worklink_fleet": resourceAwsWorkLinkFleet(), "aws_worklink_website_certificate_authority_association": resourceAwsWorkLinkWebsiteCertificateAuthorityAssociation(), "aws_workspaces_directory": resourceAwsWorkspacesDirectory(), diff --git a/aws/resource_aws_wafv2_ip_set.go b/aws/resource_aws_wafv2_ip_set.go new file mode 100644 index 00000000000..a526ce6246e --- /dev/null +++ b/aws/resource_aws_wafv2_ip_set.go @@ -0,0 +1,191 @@ +package aws + +import ( + "fmt" + "github.com/aws/aws-sdk-go/service/wafv2" + "github.com/hashicorp/terraform-plugin-sdk/helper/resource" + "github.com/hashicorp/terraform-plugin-sdk/helper/validation" + "log" + "time" + + "github.com/aws/aws-sdk-go/aws" + "github.com/aws/aws-sdk-go/aws/awserr" + "github.com/hashicorp/terraform-plugin-sdk/helper/schema" +) + +func resourceAwsWafv2IPSet() *schema.Resource { + return &schema.Resource{ + Create: resourceAwsWafv2IPSetCreate, + Read: resourceAwsWafv2IPSetRead, + Update: resourceAwsWafv2IPSetUpdate, + Delete: resourceAwsWafv2IPSetDelete, + + Schema: map[string]*schema.Schema{ + "addresses": { + Type: schema.TypeSet, + Required: true, + Elem: &schema.Schema{Type: schema.TypeString}, + }, + "arn": { + Type: schema.TypeString, + Computed: true, + }, + "description": { + Type: schema.TypeString, + Required: true, + ForceNew: true, + }, + "ip_address_version": { + Type: schema.TypeString, + Required: true, + ForceNew: true, + ValidateFunc: validation.StringInSlice([]string{ + wafv2.IPAddressVersionIpv4, + wafv2.IPAddressVersionIpv6, + }, false), + }, + "name": { + Type: schema.TypeString, + Required: true, + ForceNew: true, + }, + "scope": { + Type: schema.TypeString, + Required: true, + ForceNew: true, + ValidateFunc: validation.StringInSlice([]string{ + wafv2.ScopeCloudfront, + wafv2.ScopeRegional, + }, false), + }, + "tags": tagsSchema(), + }, + } +} + +func resourceAwsWafv2IPSetCreate(d *schema.ResourceData, meta interface{}) error { + conn := meta.(*AWSClient).wafv2conn + var resp *wafv2.CreateIPSetOutput + + params := &wafv2.CreateIPSetInput{ + Addresses: expandStringSet(d.Get("addresses").(*schema.Set)), + Description: aws.String(d.Get("description").(string)), + IPAddressVersion: aws.String(d.Get("ip_address_version").(string)), + Name: aws.String(d.Get("name").(string)), + Scope: aws.String(d.Get("scope").(string)), + } + err := resource.Retry(15*time.Minute, func() *resource.RetryError { + var err error + resp, err = conn.CreateIPSet(params) + if err != nil { + if isAWSErr(err, wafv2.ErrCodeWAFInternalErrorException, "AWS WAF couldn’t perform the operation because of a system problem") { + return resource.RetryableError(err) + } + if isAWSErr(err, wafv2.ErrCodeWAFTagOperationException, "An error occurred during the tagging operation") { + return resource.RetryableError(err) + } + if isAWSErr(err, wafv2.ErrCodeWAFTagOperationInternalErrorException, "AWS WAF couldn’t perform your tagging operation because of an internal error") { + return resource.RetryableError(err) + } + if isAWSErr(err, wafv2.ErrCodeWAFOptimisticLockException, "AWS WAF couldn’t save your changes because you tried to update or delete a resource that has changed since you last retrieved it") { + return resource.RetryableError(err) + } + return resource.NonRetryableError(err) + } + return nil + }) + if isResourceTimeoutError(err) { + _, err = conn.CreateIPSet(params) + } + if err != nil { + return err + } + d.SetId(*resp.Summary.Id) + + return resourceAwsWafv2IPSetRead(d, meta) +} + +func resourceAwsWafv2IPSetRead(d *schema.ResourceData, meta interface{}) error { + conn := meta.(*AWSClient).wafv2conn + + params := &wafv2.GetIPSetInput{ + Id: aws.String(d.Id()), + Name: aws.String(d.Get("name").(string)), + Scope: aws.String(d.Get("scope").(string)), + } + + resp, err := conn.GetIPSet(params) + if err != nil { + if awsErr, ok := err.(awserr.Error); ok && awsErr.Code() == wafv2.ErrCodeWAFNonexistentItemException { + log.Printf("[WARN] WAFV2 IPSet (%s) not found, removing from state", d.Id()) + d.SetId("") + return nil + } + + return err + } + + d.Set("name", resp.IPSet.Name) + d.Set("description", resp.IPSet.Description) + d.Set("ip_address_version", resp.IPSet.IPAddressVersion) + d.Set("addresses", resp.IPSet.Addresses) + d.Set("arn", resp.IPSet.ARN) + + return nil +} + +func resourceAwsWafv2IPSetUpdate(d *schema.ResourceData, meta interface{}) error { + return resourceAwsWafv2IPSetRead(d, meta) +} + +func resourceAwsWafv2IPSetDelete(d *schema.ResourceData, meta interface{}) error { + conn := meta.(*AWSClient).wafv2conn + var resp *wafv2.GetIPSetOutput + params := &wafv2.GetIPSetInput{ + Id: aws.String(d.Id()), + Name: aws.String(d.Get("name").(string)), + Scope: aws.String(d.Get("scope").(string)), + } + log.Printf("[INFO] Deleting WAFV2 IPSet %s", d.Id()) + + err := resource.Retry(15*time.Minute, func() *resource.RetryError { + var err error + resp, err = conn.GetIPSet(params) + if err != nil { + return resource.NonRetryableError(fmt.Errorf("Error getting lock token: %s", err)) + } + + _, err = conn.DeleteIPSet(&wafv2.DeleteIPSetInput{ + Id: aws.String(d.Id()), + Name: aws.String(d.Get("name").(string)), + Scope: aws.String(d.Get("scope").(string)), + LockToken: resp.LockToken, + }) + + if err != nil { + if isAWSErr(err, wafv2.ErrCodeWAFInternalErrorException, "AWS WAF couldn’t perform the operation because of a system problem") { + return resource.RetryableError(err) + } + if isAWSErr(err, wafv2.ErrCodeWAFOptimisticLockException, "AWS WAF couldn’t save your changes because you tried to update or delete a resource that has changed since you last retrieved it") { + return resource.RetryableError(err) + } + return resource.NonRetryableError(err) + } + return nil + }) + + if isResourceTimeoutError(err) { + _, err = conn.DeleteIPSet(&wafv2.DeleteIPSetInput{ + Id: aws.String(d.Id()), + Name: aws.String(d.Get("name").(string)), + Scope: aws.String(d.Get("scope").(string)), + LockToken: resp.LockToken, + }) + } + + if err != nil { + return fmt.Errorf("Error deleting WAFV2 IPSet: %s", err) + } + + return nil +} diff --git a/aws/resource_aws_wafv2_ip_set_test.go b/aws/resource_aws_wafv2_ip_set_test.go new file mode 100644 index 00000000000..01dc52d1ae2 --- /dev/null +++ b/aws/resource_aws_wafv2_ip_set_test.go @@ -0,0 +1,116 @@ +package aws + +import ( + "fmt" + "github.com/aws/aws-sdk-go/aws/awserr" + "github.com/aws/aws-sdk-go/service/wafv2" + "regexp" + "testing" + + "github.com/hashicorp/terraform-plugin-sdk/helper/resource" + "github.com/hashicorp/terraform-plugin-sdk/terraform" + + "github.com/aws/aws-sdk-go/aws" + "github.com/hashicorp/terraform-plugin-sdk/helper/acctest" +) + +func TestAccAwsWafv2IPSet_basic(t *testing.T) { + var v wafv2.IPSet + ipSetName := fmt.Sprintf("ip-set-%s", acctest.RandString(5)) + resourceName := "aws_wafv2_ip_set.ip_set" + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSWafv2IPSetDestroy, + Steps: []resource.TestStep{ + { + Config: testAccAwsWafv2IPSetConfig(ipSetName), + Check: resource.ComposeTestCheckFunc( + testAccCheckAWSWafv2IPSetExists("aws_wafv2_ip_set.ip_set", &v), + testAccMatchResourceAttrRegionalARN(resourceName, "arn", "wafv2", regexp.MustCompile(`regional/ipset/.+$`)), + resource.TestCheckResourceAttr(resourceName, "name", ipSetName), + resource.TestCheckResourceAttr(resourceName, "description", ipSetName), + resource.TestCheckResourceAttr(resourceName, "scope", wafv2.ScopeRegional), + resource.TestCheckResourceAttr(resourceName, "ip_address_version", wafv2.IPAddressVersionIpv4), + ), + }, + }, + }) +} + +func testAccCheckAWSWafv2IPSetDestroy(s *terraform.State) error { + for _, rs := range s.RootModule().Resources { + if rs.Type != "aws_wafv2_ip_set" { + continue + } + + conn := testAccProvider.Meta().(*AWSClient).wafv2conn + resp, err := conn.GetIPSet( + &wafv2.GetIPSetInput{ + Id: aws.String(rs.Primary.ID), + Name: aws.String(rs.Primary.Attributes["name"]), + Scope: aws.String(rs.Primary.Attributes["scope"]), + }) + + if err == nil { + if *resp.IPSet.Id == rs.Primary.ID { + return fmt.Errorf("WAFV2 IPSet %s still exists", rs.Primary.ID) + } + } + + // Return nil if the IPSet is already destroyed + if awsErr, ok := err.(awserr.Error); ok { + if awsErr.Code() == wafv2.ErrCodeWAFNonexistentItemException { + return nil + } + } + + return err + } + + return nil +} + +func testAccCheckAWSWafv2IPSetExists(n string, v *wafv2.IPSet) resource.TestCheckFunc { + return func(s *terraform.State) error { + rs, ok := s.RootModule().Resources[n] + if !ok { + return fmt.Errorf("Not found: %s", n) + } + + if rs.Primary.ID == "" { + return fmt.Errorf("No WAFV2 IPSet ID is set") + } + + conn := testAccProvider.Meta().(*AWSClient).wafv2conn + resp, err := conn.GetIPSet(&wafv2.GetIPSetInput{ + Id: aws.String(rs.Primary.ID), + Name: aws.String(rs.Primary.Attributes["name"]), + Scope: aws.String(rs.Primary.Attributes["scope"]), + }) + + if err != nil { + return err + } + + if *resp.IPSet.Id == rs.Primary.ID { + *v = *resp.IPSet + return nil + } + + return fmt.Errorf("WAFV2 IPSet (%s) not found", rs.Primary.ID) + } +} + +func testAccAwsWafv2IPSetConfig(name string) string { + return fmt.Sprintf(` +resource "aws_wafv2_ip_set" "ip_set" { + name = "%s" + description = "%s" + scope = "REGIONAL" + ip_address_version = "IPV4" + addresses = ["1.2.3.4/32", "5.6.7.8/32"] +} +`, name, name) +} From 5bbb31f61291618a9890e90241ec16bcd4e87bb6 Mon Sep 17 00:00:00 2001 From: Pascal van Buijtene Date: Fri, 17 Jan 2020 17:08:39 +0100 Subject: [PATCH 025/475] Fix addresses --- aws/resource_aws_wafv2_ip_set.go | 9 +++++---- aws/resource_aws_wafv2_ip_set_test.go | 3 +++ 2 files changed, 8 insertions(+), 4 deletions(-) diff --git a/aws/resource_aws_wafv2_ip_set.go b/aws/resource_aws_wafv2_ip_set.go index a526ce6246e..86440355f6d 100644 --- a/aws/resource_aws_wafv2_ip_set.go +++ b/aws/resource_aws_wafv2_ip_set.go @@ -22,8 +22,8 @@ func resourceAwsWafv2IPSet() *schema.Resource { Schema: map[string]*schema.Schema{ "addresses": { - Type: schema.TypeSet, - Required: true, + Type: schema.TypeList, + Optional: true, Elem: &schema.Schema{Type: schema.TypeString}, }, "arn": { @@ -68,12 +68,13 @@ func resourceAwsWafv2IPSetCreate(d *schema.ResourceData, meta interface{}) error var resp *wafv2.CreateIPSetOutput params := &wafv2.CreateIPSetInput{ - Addresses: expandStringSet(d.Get("addresses").(*schema.Set)), + Addresses: expandStringList(d.Get("addresses").([]interface{})), Description: aws.String(d.Get("description").(string)), IPAddressVersion: aws.String(d.Get("ip_address_version").(string)), Name: aws.String(d.Get("name").(string)), Scope: aws.String(d.Get("scope").(string)), } + err := resource.Retry(15*time.Minute, func() *resource.RetryError { var err error resp, err = conn.CreateIPSet(params) @@ -128,8 +129,8 @@ func resourceAwsWafv2IPSetRead(d *schema.ResourceData, meta interface{}) error { d.Set("name", resp.IPSet.Name) d.Set("description", resp.IPSet.Description) d.Set("ip_address_version", resp.IPSet.IPAddressVersion) - d.Set("addresses", resp.IPSet.Addresses) d.Set("arn", resp.IPSet.ARN) + d.Set("addresses", flattenStringList(resp.IPSet.Addresses)) return nil } diff --git a/aws/resource_aws_wafv2_ip_set_test.go b/aws/resource_aws_wafv2_ip_set_test.go index 01dc52d1ae2..82406b35d35 100644 --- a/aws/resource_aws_wafv2_ip_set_test.go +++ b/aws/resource_aws_wafv2_ip_set_test.go @@ -33,6 +33,9 @@ func TestAccAwsWafv2IPSet_basic(t *testing.T) { resource.TestCheckResourceAttr(resourceName, "description", ipSetName), resource.TestCheckResourceAttr(resourceName, "scope", wafv2.ScopeRegional), resource.TestCheckResourceAttr(resourceName, "ip_address_version", wafv2.IPAddressVersionIpv4), + resource.TestCheckResourceAttr(resourceName, "addresses.#", "2"), + resource.TestCheckResourceAttr(resourceName, "addresses.0", "1.2.3.4/32"), + resource.TestCheckResourceAttr(resourceName, "addresses.1", "5.6.7.8/32"), ), }, }, From cfa3efc25faa02cb55efe704d3fdc8e516cdf247 Mon Sep 17 00:00:00 2001 From: Pascal van Buijtene Date: Thu, 23 Jan 2020 17:12:52 +0100 Subject: [PATCH 026/475] Add update --- aws/resource_aws_wafv2_ip_set.go | 93 ++++++++++++++++++++++++--- aws/resource_aws_wafv2_ip_set_test.go | 62 +++++++++++++++++- 2 files changed, 143 insertions(+), 12 deletions(-) diff --git a/aws/resource_aws_wafv2_ip_set.go b/aws/resource_aws_wafv2_ip_set.go index 86440355f6d..6eca7cf99ae 100644 --- a/aws/resource_aws_wafv2_ip_set.go +++ b/aws/resource_aws_wafv2_ip_set.go @@ -22,8 +22,10 @@ func resourceAwsWafv2IPSet() *schema.Resource { Schema: map[string]*schema.Schema{ "addresses": { - Type: schema.TypeList, + Type: schema.TypeSet, Optional: true, + MinItems: 1, + MaxItems: 50, Elem: &schema.Schema{Type: schema.TypeString}, }, "arn": { @@ -31,9 +33,9 @@ func resourceAwsWafv2IPSet() *schema.Resource { Computed: true, }, "description": { - Type: schema.TypeString, - Required: true, - ForceNew: true, + Type: schema.TypeString, + Optional: true, + ValidateFunc: validation.StringLenBetween(1, 256), }, "ip_address_version": { Type: schema.TypeString, @@ -45,9 +47,10 @@ func resourceAwsWafv2IPSet() *schema.Resource { }, false), }, "name": { - Type: schema.TypeString, - Required: true, - ForceNew: true, + Type: schema.TypeString, + Required: true, + ForceNew: true, + ValidateFunc: validation.StringLenBetween(1, 128), }, "scope": { Type: schema.TypeString, @@ -68,13 +71,20 @@ func resourceAwsWafv2IPSetCreate(d *schema.ResourceData, meta interface{}) error var resp *wafv2.CreateIPSetOutput params := &wafv2.CreateIPSetInput{ - Addresses: expandStringList(d.Get("addresses").([]interface{})), - Description: aws.String(d.Get("description").(string)), + Addresses: []*string{}, IPAddressVersion: aws.String(d.Get("ip_address_version").(string)), Name: aws.String(d.Get("name").(string)), Scope: aws.String(d.Get("scope").(string)), } + if v, ok := d.GetOk("addresses"); ok && v.(*schema.Set).Len() > 0 { + params.Addresses = expandStringSet(d.Get("addresses").(*schema.Set)) + } + + if d.HasChange("description") { + params.Description = aws.String(d.Get("description").(string)) + } + err := resource.Retry(15*time.Minute, func() *resource.RetryError { var err error resp, err = conn.CreateIPSet(params) @@ -130,12 +140,75 @@ func resourceAwsWafv2IPSetRead(d *schema.ResourceData, meta interface{}) error { d.Set("description", resp.IPSet.Description) d.Set("ip_address_version", resp.IPSet.IPAddressVersion) d.Set("arn", resp.IPSet.ARN) - d.Set("addresses", flattenStringList(resp.IPSet.Addresses)) + + if err := d.Set("addresses", schema.NewSet(schema.HashString, flattenStringList(resp.IPSet.Addresses))); err != nil { + return fmt.Errorf("Error setting addresses: %s", err) + } return nil } func resourceAwsWafv2IPSetUpdate(d *schema.ResourceData, meta interface{}) error { + conn := meta.(*AWSClient).wafv2conn + var resp *wafv2.GetIPSetOutput + params := &wafv2.GetIPSetInput{ + Id: aws.String(d.Id()), + Name: aws.String(d.Get("name").(string)), + Scope: aws.String(d.Get("scope").(string)), + } + log.Printf("[INFO] Updating WAFV2 IPSet %s", d.Id()) + + err := resource.Retry(15*time.Minute, func() *resource.RetryError { + var err error + resp, err = conn.GetIPSet(params) + if err != nil { + return resource.NonRetryableError(fmt.Errorf("Error getting lock token: %s", err)) + } + + u := &wafv2.UpdateIPSetInput{ + Id: aws.String(d.Id()), + Name: aws.String(d.Get("name").(string)), + Scope: aws.String(d.Get("scope").(string)), + Addresses: []*string{}, + Description: aws.String(d.Get("description").(string)), + LockToken: resp.LockToken, + } + + if v, ok := d.GetOk("addresses"); ok && v.(*schema.Set).Len() > 0 { + u.Addresses = expandStringSet(d.Get("addresses").(*schema.Set)) + } + + if d.HasChange("description") { + u.Description = aws.String(d.Get("description").(string)) + } + + _, err = conn.UpdateIPSet(u) + + if err != nil { + if isAWSErr(err, wafv2.ErrCodeWAFInternalErrorException, "AWS WAF couldn’t perform the operation because of a system problem") { + return resource.RetryableError(err) + } + if isAWSErr(err, wafv2.ErrCodeWAFOptimisticLockException, "AWS WAF couldn’t save your changes because you tried to update or delete a resource that has changed since you last retrieved it") { + return resource.RetryableError(err) + } + return resource.NonRetryableError(err) + } + return nil + }) + + if isResourceTimeoutError(err) { + _, err = conn.DeleteIPSet(&wafv2.DeleteIPSetInput{ + Id: aws.String(d.Id()), + Name: aws.String(d.Get("name").(string)), + Scope: aws.String(d.Get("scope").(string)), + LockToken: resp.LockToken, + }) + } + + if err != nil { + return fmt.Errorf("Error updating WAFV2 IPSet: %s", err) + } + return resourceAwsWafv2IPSetRead(d, meta) } diff --git a/aws/resource_aws_wafv2_ip_set_test.go b/aws/resource_aws_wafv2_ip_set_test.go index 82406b35d35..b395eb79a96 100644 --- a/aws/resource_aws_wafv2_ip_set_test.go +++ b/aws/resource_aws_wafv2_ip_set_test.go @@ -34,8 +34,44 @@ func TestAccAwsWafv2IPSet_basic(t *testing.T) { resource.TestCheckResourceAttr(resourceName, "scope", wafv2.ScopeRegional), resource.TestCheckResourceAttr(resourceName, "ip_address_version", wafv2.IPAddressVersionIpv4), resource.TestCheckResourceAttr(resourceName, "addresses.#", "2"), - resource.TestCheckResourceAttr(resourceName, "addresses.0", "1.2.3.4/32"), - resource.TestCheckResourceAttr(resourceName, "addresses.1", "5.6.7.8/32"), + ), + }, + { + Config: testAccAwsWafv2IPSetConfigUpdate(ipSetName), + Check: resource.ComposeTestCheckFunc( + testAccCheckAWSWafv2IPSetExists("aws_wafv2_ip_set.ip_set", &v), + testAccMatchResourceAttrRegionalARN(resourceName, "arn", "wafv2", regexp.MustCompile(`regional/ipset/.+$`)), + resource.TestCheckResourceAttr(resourceName, "name", ipSetName), + resource.TestCheckResourceAttr(resourceName, "description", "Updated"), + resource.TestCheckResourceAttr(resourceName, "scope", wafv2.ScopeRegional), + resource.TestCheckResourceAttr(resourceName, "ip_address_version", wafv2.IPAddressVersionIpv4), + resource.TestCheckResourceAttr(resourceName, "addresses.#", "3"), + ), + }, + }, + }) +} + +func TestAccAwsWafv2IPSet_minimal(t *testing.T) { + var v wafv2.IPSet + ipSetName := fmt.Sprintf("ip-set-%s", acctest.RandString(5)) + resourceName := "aws_wafv2_ip_set.ip_set" + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSWafv2IPSetDestroy, + Steps: []resource.TestStep{ + { + Config: testAccAwsWafv2IPSetConfigMinimal(ipSetName), + Check: resource.ComposeTestCheckFunc( + testAccCheckAWSWafv2IPSetExists("aws_wafv2_ip_set.ip_set", &v), + testAccMatchResourceAttrRegionalARN(resourceName, "arn", "wafv2", regexp.MustCompile(`regional/ipset/.+$`)), + resource.TestCheckResourceAttr(resourceName, "name", ipSetName), + resource.TestCheckResourceAttr(resourceName, "description", ""), + resource.TestCheckResourceAttr(resourceName, "scope", wafv2.ScopeRegional), + resource.TestCheckResourceAttr(resourceName, "ip_address_version", wafv2.IPAddressVersionIpv4), + resource.TestCheckResourceAttr(resourceName, "addresses.#", "0"), ), }, }, @@ -117,3 +153,25 @@ resource "aws_wafv2_ip_set" "ip_set" { } `, name, name) } + +func testAccAwsWafv2IPSetConfigUpdate(name string) string { + return fmt.Sprintf(` +resource "aws_wafv2_ip_set" "ip_set" { + name = "%s" + description = "Updated" + scope = "REGIONAL" + ip_address_version = "IPV4" + addresses = ["1.1.1.1/32", "2.2.2.2/32", "3.3.3.3/32"] +} +`, name) +} + +func testAccAwsWafv2IPSetConfigMinimal(name string) string { + return fmt.Sprintf(` +resource "aws_wafv2_ip_set" "ip_set" { + name = "%s" + scope = "REGIONAL" + ip_address_version = "IPV4" +} +`, name) +} From 92d36954170b38615487f95370d8829997a15db9 Mon Sep 17 00:00:00 2001 From: Pascal van Buijtene Date: Wed, 12 Feb 2020 16:20:21 +0100 Subject: [PATCH 027/475] Add force new test --- aws/resource_aws_wafv2_ip_set_test.go | 39 +++++++++++++++++++++++++++ 1 file changed, 39 insertions(+) diff --git a/aws/resource_aws_wafv2_ip_set_test.go b/aws/resource_aws_wafv2_ip_set_test.go index b395eb79a96..986ad0c7aa7 100644 --- a/aws/resource_aws_wafv2_ip_set_test.go +++ b/aws/resource_aws_wafv2_ip_set_test.go @@ -78,6 +78,45 @@ func TestAccAwsWafv2IPSet_minimal(t *testing.T) { }) } +func TestAccAwsWafv2IPSet_changeNameForceNew(t *testing.T) { + var before, after wafv2.IPSet + ipSetName := fmt.Sprintf("ip-set-%s", acctest.RandString(5)) + ipSetNewName := fmt.Sprintf("ip-set-%s", acctest.RandString(5)) + resourceName := "aws_wafv2_ip_set.ip_set" + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSWafv2IPSetDestroy, + Steps: []resource.TestStep{ + { + Config: testAccAwsWafv2IPSetConfig(ipSetName), + Check: resource.ComposeTestCheckFunc( + testAccCheckAWSWafv2IPSetExists("aws_wafv2_ip_set.ip_set", &before), + testAccMatchResourceAttrRegionalARN(resourceName, "arn", "wafv2", regexp.MustCompile(`regional/ipset/.+$`)), + resource.TestCheckResourceAttr(resourceName, "name", ipSetName), + resource.TestCheckResourceAttr(resourceName, "description", ipSetName), + resource.TestCheckResourceAttr(resourceName, "scope", wafv2.ScopeRegional), + resource.TestCheckResourceAttr(resourceName, "ip_address_version", wafv2.IPAddressVersionIpv4), + resource.TestCheckResourceAttr(resourceName, "addresses.#", "2"), + ), + }, + { + Config: testAccAwsWafv2IPSetConfig(ipSetNewName), + Check: resource.ComposeTestCheckFunc( + testAccCheckAWSWafv2IPSetExists("aws_wafv2_ip_set.ip_set", &after), + testAccMatchResourceAttrRegionalARN(resourceName, "arn", "wafv2", regexp.MustCompile(`regional/ipset/.+$`)), + resource.TestCheckResourceAttr(resourceName, "name", ipSetNewName), + resource.TestCheckResourceAttr(resourceName, "description", ipSetNewName), + resource.TestCheckResourceAttr(resourceName, "scope", wafv2.ScopeRegional), + resource.TestCheckResourceAttr(resourceName, "ip_address_version", wafv2.IPAddressVersionIpv4), + resource.TestCheckResourceAttr(resourceName, "addresses.#", "2"), + ), + }, + }, + }) +} + func testAccCheckAWSWafv2IPSetDestroy(s *terraform.State) error { for _, rs := range s.RootModule().Resources { if rs.Type != "aws_wafv2_ip_set" { From d6c40b64661862e7cf1da81a2f1deb8fb60701aa Mon Sep 17 00:00:00 2001 From: Pascal van Buijtene Date: Wed, 12 Feb 2020 17:28:20 +0100 Subject: [PATCH 028/475] Add import --- aws/resource_aws_wafv2_ip_set.go | 16 ++++++++++++++++ aws/resource_aws_wafv2_ip_set_test.go | 19 +++++++++++++++++++ 2 files changed, 35 insertions(+) diff --git a/aws/resource_aws_wafv2_ip_set.go b/aws/resource_aws_wafv2_ip_set.go index 6eca7cf99ae..f2a27f4f24c 100644 --- a/aws/resource_aws_wafv2_ip_set.go +++ b/aws/resource_aws_wafv2_ip_set.go @@ -6,6 +6,7 @@ import ( "github.com/hashicorp/terraform-plugin-sdk/helper/resource" "github.com/hashicorp/terraform-plugin-sdk/helper/validation" "log" + "strings" "time" "github.com/aws/aws-sdk-go/aws" @@ -19,6 +20,21 @@ func resourceAwsWafv2IPSet() *schema.Resource { Read: resourceAwsWafv2IPSetRead, Update: resourceAwsWafv2IPSetUpdate, Delete: resourceAwsWafv2IPSetDelete, + Importer: &schema.ResourceImporter{ + State: func(d *schema.ResourceData, meta interface{}) ([]*schema.ResourceData, error) { + idParts := strings.Split(d.Id(), "/") + if len(idParts) != 3 || idParts[0] == "" || idParts[1] == "" || idParts[2] == "" { + return nil, fmt.Errorf("Unexpected format of ID (%q), expected ID/NAME/SCOPE", d.Id()) + } + id := idParts[0] + name := idParts[1] + scope := idParts[2] + d.SetId(id) + d.Set("name", name) + d.Set("scope", scope) + return []*schema.ResourceData{d}, nil + }, + }, Schema: map[string]*schema.Schema{ "addresses": { diff --git a/aws/resource_aws_wafv2_ip_set_test.go b/aws/resource_aws_wafv2_ip_set_test.go index 986ad0c7aa7..8ff911d300f 100644 --- a/aws/resource_aws_wafv2_ip_set_test.go +++ b/aws/resource_aws_wafv2_ip_set_test.go @@ -48,6 +48,12 @@ func TestAccAwsWafv2IPSet_basic(t *testing.T) { resource.TestCheckResourceAttr(resourceName, "addresses.#", "3"), ), }, + { + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateIdFunc: testAccAWSWafv2IPSetImportStateIdFunc(resourceName), + }, }, }) } @@ -117,6 +123,8 @@ func TestAccAwsWafv2IPSet_changeNameForceNew(t *testing.T) { }) } +// TAGS + func testAccCheckAWSWafv2IPSetDestroy(s *terraform.State) error { for _, rs := range s.RootModule().Resources { if rs.Type != "aws_wafv2_ip_set" { @@ -214,3 +222,14 @@ resource "aws_wafv2_ip_set" "ip_set" { } `, name) } + +func testAccAWSWafv2IPSetImportStateIdFunc(resourceName string) resource.ImportStateIdFunc { + return func(s *terraform.State) (string, error) { + rs, ok := s.RootModule().Resources[resourceName] + if !ok { + return "", fmt.Errorf("Not found: %s", resourceName) + } + + return fmt.Sprintf("%s/%s/%s", rs.Primary.ID, rs.Primary.Attributes["name"], rs.Primary.Attributes["scope"]), nil + } +} From e0b7a44d96fef0aedd933c66a1f09518818dcbad Mon Sep 17 00:00:00 2001 From: Pascal van Buijtene Date: Mon, 17 Feb 2020 17:31:03 +0100 Subject: [PATCH 029/475] Add tags support --- aws/resource_aws_wafv2_ip_set.go | 22 +++++++ aws/resource_aws_wafv2_ip_set_test.go | 89 ++++++++++++++++++++++++++- 2 files changed, 110 insertions(+), 1 deletion(-) diff --git a/aws/resource_aws_wafv2_ip_set.go b/aws/resource_aws_wafv2_ip_set.go index f2a27f4f24c..37e5712e832 100644 --- a/aws/resource_aws_wafv2_ip_set.go +++ b/aws/resource_aws_wafv2_ip_set.go @@ -5,6 +5,7 @@ import ( "github.com/aws/aws-sdk-go/service/wafv2" "github.com/hashicorp/terraform-plugin-sdk/helper/resource" "github.com/hashicorp/terraform-plugin-sdk/helper/validation" + "github.com/terraform-providers/terraform-provider-aws/aws/internal/keyvaluetags" "log" "strings" "time" @@ -101,6 +102,10 @@ func resourceAwsWafv2IPSetCreate(d *schema.ResourceData, meta interface{}) error params.Description = aws.String(d.Get("description").(string)) } + if v := d.Get("tags").(map[string]interface{}); len(v) > 0 { + params.Tags = keyvaluetags.New(v).IgnoreAws().Wafv2Tags() + } + err := resource.Retry(15*time.Minute, func() *resource.RetryError { var err error resp, err = conn.CreateIPSet(params) @@ -161,11 +166,21 @@ func resourceAwsWafv2IPSetRead(d *schema.ResourceData, meta interface{}) error { return fmt.Errorf("Error setting addresses: %s", err) } + tags, err := keyvaluetags.Wafv2ListTags(conn, *resp.IPSet.ARN) + if err != nil { + return fmt.Errorf("error listing tags for WAFV2 IpSet (%s): %s", *resp.IPSet.ARN, err) + } + + if err := d.Set("tags", tags.IgnoreAws().Map()); err != nil { + return fmt.Errorf("error setting tags: %s", err) + } + return nil } func resourceAwsWafv2IPSetUpdate(d *schema.ResourceData, meta interface{}) error { conn := meta.(*AWSClient).wafv2conn + //tags := keyvaluetags.New(d.Get("tags").(map[string]interface{})).IgnoreAws().Wafv2Tags() var resp *wafv2.GetIPSetOutput params := &wafv2.GetIPSetInput{ Id: aws.String(d.Id()), @@ -225,6 +240,13 @@ func resourceAwsWafv2IPSetUpdate(d *schema.ResourceData, meta interface{}) error return fmt.Errorf("Error updating WAFV2 IPSet: %s", err) } + if d.HasChange("tags") { + o, n := d.GetChange("tags") + if err := keyvaluetags.Wafv2UpdateTags(conn, d.Get("arn").(string), o, n); err != nil { + return fmt.Errorf("error updating tags: %s", err) + } + } + return resourceAwsWafv2IPSetRead(d, meta) } diff --git a/aws/resource_aws_wafv2_ip_set_test.go b/aws/resource_aws_wafv2_ip_set_test.go index 8ff911d300f..1697922c6cd 100644 --- a/aws/resource_aws_wafv2_ip_set_test.go +++ b/aws/resource_aws_wafv2_ip_set_test.go @@ -34,6 +34,9 @@ func TestAccAwsWafv2IPSet_basic(t *testing.T) { resource.TestCheckResourceAttr(resourceName, "scope", wafv2.ScopeRegional), resource.TestCheckResourceAttr(resourceName, "ip_address_version", wafv2.IPAddressVersionIpv4), resource.TestCheckResourceAttr(resourceName, "addresses.#", "2"), + resource.TestCheckResourceAttr(resourceName, "tags.%", "2"), + resource.TestCheckResourceAttr(resourceName, "tags.Tag1", "Value1"), + resource.TestCheckResourceAttr(resourceName, "tags.Tag2", "Value2"), ), }, { @@ -123,7 +126,53 @@ func TestAccAwsWafv2IPSet_changeNameForceNew(t *testing.T) { }) } -// TAGS +func TestAccAwsWafv2IPSet_tags(t *testing.T) { + var v wafv2.IPSet + ipSetName := fmt.Sprintf("ip-set-%s", acctest.RandString(5)) + resourceName := "aws_wafv2_ip_set.ip_set" + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSWafv2IPSetDestroy, + Steps: []resource.TestStep{ + { + Config: testAccAwsWafv2IPSetConfigOneTag(ipSetName, "Tag1", "Value1"), + Check: resource.ComposeTestCheckFunc( + testAccCheckAWSWafv2IPSetExists("aws_wafv2_ip_set.ip_set", &v), + testAccMatchResourceAttrRegionalARN(resourceName, "arn", "wafv2", regexp.MustCompile(`regional/ipset/.+$`)), + resource.TestCheckResourceAttr(resourceName, "tags.%", "1"), + resource.TestCheckResourceAttr(resourceName, "tags.Tag1", "Value1"), + ), + }, + { + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateIdFunc: testAccAWSWafv2IPSetImportStateIdFunc(resourceName), + }, + { + Config: testAccAwsWafv2IPSetConfigTwoTags(ipSetName, "Tag1", "Value1Updated", "Tag2", "Value2"), + Check: resource.ComposeTestCheckFunc( + testAccCheckAWSWafv2IPSetExists("aws_wafv2_ip_set.ip_set", &v), + testAccMatchResourceAttrRegionalARN(resourceName, "arn", "wafv2", regexp.MustCompile(`regional/ipset/.+$`)), + resource.TestCheckResourceAttr(resourceName, "tags.%", "2"), + resource.TestCheckResourceAttr(resourceName, "tags.Tag1", "Value1Updated"), + resource.TestCheckResourceAttr(resourceName, "tags.Tag2", "Value2"), + ), + }, + { + Config: testAccAwsWafv2IPSetConfigOneTag(ipSetName, "Tag2", "Value2"), + Check: resource.ComposeTestCheckFunc( + testAccCheckAWSWafv2IPSetExists("aws_wafv2_ip_set.ip_set", &v), + testAccMatchResourceAttrRegionalARN(resourceName, "arn", "wafv2", regexp.MustCompile(`regional/ipset/.+$`)), + resource.TestCheckResourceAttr(resourceName, "tags.%", "1"), + resource.TestCheckResourceAttr(resourceName, "tags.Tag2", "Value2"), + ), + }, + }, + }) +} func testAccCheckAWSWafv2IPSetDestroy(s *terraform.State) error { for _, rs := range s.RootModule().Resources { @@ -197,6 +246,11 @@ resource "aws_wafv2_ip_set" "ip_set" { scope = "REGIONAL" ip_address_version = "IPV4" addresses = ["1.2.3.4/32", "5.6.7.8/32"] + + tags = { + Tag1 = "Value1" + Tag2 = "Value2" + } } `, name, name) } @@ -223,6 +277,39 @@ resource "aws_wafv2_ip_set" "ip_set" { `, name) } +func testAccAwsWafv2IPSetConfigOneTag(name, tagKey, tagValue string) string { + return fmt.Sprintf(` +resource "aws_wafv2_ip_set" "ip_set" { + name = "%s" + description = "%s" + scope = "REGIONAL" + ip_address_version = "IPV4" + addresses = ["1.2.3.4/32", "5.6.7.8/32"] + + tags = { + %q = %q + } +} +`, name, name, tagKey, tagValue) +} + +func testAccAwsWafv2IPSetConfigTwoTags(name, tag1Key, tag1Value, tag2Key, tag2Value string) string { + return fmt.Sprintf(` +resource "aws_wafv2_ip_set" "ip_set" { + name = "%s" + description = "%s" + scope = "REGIONAL" + ip_address_version = "IPV4" + addresses = ["1.2.3.4/32", "5.6.7.8/32"] + + tags = { + %q = %q + %q = %q + } +} +`, name, name, tag1Key, tag1Value, tag2Key, tag2Value) +} + func testAccAWSWafv2IPSetImportStateIdFunc(resourceName string) resource.ImportStateIdFunc { return func(s *terraform.State) (string, error) { rs, ok := s.RootModule().Resources[resourceName] From abc188cc29d42f8d710e8603904a4bfa3a28b003 Mon Sep 17 00:00:00 2001 From: Kit Ewbank Date: Mon, 4 May 2020 16:34:35 -0400 Subject: [PATCH 030/475] r/aws_route53_query_log: Add test sweeper. --- aws/resource_aws_cloudwatch_log_group_test.go | 2 +- aws/resource_aws_route53_query_log_test.go | 54 ++++++++++++++++++- 2 files changed, 54 insertions(+), 2 deletions(-) diff --git a/aws/resource_aws_cloudwatch_log_group_test.go b/aws/resource_aws_cloudwatch_log_group_test.go index 76b616b87f8..bf9ccfec0a1 100644 --- a/aws/resource_aws_cloudwatch_log_group_test.go +++ b/aws/resource_aws_cloudwatch_log_group_test.go @@ -36,7 +36,7 @@ func init() { "aws_mq_broker", "aws_msk_cluster", "aws_rds_cluster", - // Not currently implemented: "aws_route53_query_log", + "aws_route53_query_log", "aws_sagemaker_endpoint", "aws_storagegateway_gateway", }, diff --git a/aws/resource_aws_route53_query_log_test.go b/aws/resource_aws_route53_query_log_test.go index c241a2df125..68a21d3d109 100644 --- a/aws/resource_aws_route53_query_log_test.go +++ b/aws/resource_aws_route53_query_log_test.go @@ -2,18 +2,70 @@ package aws import ( "fmt" + "log" "os" "strings" "testing" "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/service/route53" - + "github.com/hashicorp/go-multierror" "github.com/hashicorp/terraform-plugin-sdk/helper/acctest" "github.com/hashicorp/terraform-plugin-sdk/helper/resource" "github.com/hashicorp/terraform-plugin-sdk/terraform" ) +func init() { + resource.AddTestSweepers("aws_route53_query_log", &resource.Sweeper{ + Name: "aws_route53_query_log", + F: testSweepRoute53QueryLogs, + }) +} + +func testSweepRoute53QueryLogs(region string) error { + client, err := sharedClientForRegion(region) + if err != nil { + return fmt.Errorf("error getting client: %w", err) + } + conn := client.(*AWSClient).r53conn + var sweeperErrs *multierror.Error + + err = conn.ListQueryLoggingConfigsPages(&route53.ListQueryLoggingConfigsInput{}, func(page *route53.ListQueryLoggingConfigsOutput, isLast bool) bool { + if page == nil { + return !isLast + } + + for _, queryLoggingConfig := range page.QueryLoggingConfigs { + id := aws.StringValue(queryLoggingConfig.Id) + + log.Printf("[INFO] Deleting Route53 query logging configuration: %s", id) + _, err := conn.DeleteQueryLoggingConfig(&route53.DeleteQueryLoggingConfigInput{ + Id: aws.String(id), + }) + if isAWSErr(err, route53.ErrCodeNoSuchQueryLoggingConfig, "") { + continue + } + if err != nil { + sweeperErr := fmt.Errorf("error deleting Route53 query logging configuration (%s): %w", id, err) + log.Printf("[ERROR] %s", sweeperErr) + sweeperErrs = multierror.Append(sweeperErrs, sweeperErr) + continue + } + } + + return !isLast + }) + if testSweepSkipSweepError(err) { + log.Printf("[WARN] Skipping Route53 query logging configurations sweep for %s: %s", region, err) + return sweeperErrs.ErrorOrNil() // In case we have completed some pages, but had errors + } + if err != nil { + sweeperErrs = multierror.Append(sweeperErrs, fmt.Errorf("error retrieving Route53 query logging configurations: %w", err)) + } + + return sweeperErrs.ErrorOrNil() +} + func TestAccAWSRoute53QueryLog_Basic(t *testing.T) { // The underlying resources are sensitive to where they are located // Use us-east-1 for testing From 8b7b3ce273c686566455f09f9e066e6cc3d6f423 Mon Sep 17 00:00:00 2001 From: Pascal van Buijtene Date: Fri, 21 Feb 2020 15:10:23 +0100 Subject: [PATCH 031/475] Add docs --- website/allowed-subcategories.txt | 1 + website/aws.erb | 13 ++++++ website/docs/r/wafv2_ip_set.html.markdown | 54 +++++++++++++++++++++++ 3 files changed, 68 insertions(+) create mode 100644 website/docs/r/wafv2_ip_set.html.markdown diff --git a/website/allowed-subcategories.txt b/website/allowed-subcategories.txt index 2f7427c5abb..191b7117809 100644 --- a/website/allowed-subcategories.txt +++ b/website/allowed-subcategories.txt @@ -105,6 +105,7 @@ Transfer VPC WAF Regional WAF +WAFv2 WorkLink WorkMail WorkSpaces diff --git a/website/aws.erb b/website/aws.erb index 9c2b258301d..58c7fdf91e1 100644 --- a/website/aws.erb +++ b/website/aws.erb @@ -3553,6 +3553,19 @@
    • +
  • + WAFv2 + +
  • WorkLink
      diff --git a/website/docs/r/wafv2_ip_set.html.markdown b/website/docs/r/wafv2_ip_set.html.markdown new file mode 100644 index 00000000000..7b36423fee2 --- /dev/null +++ b/website/docs/r/wafv2_ip_set.html.markdown @@ -0,0 +1,54 @@ +--- +subcategory: "WAFv2" +layout: "aws" +page_title: "AWS: aws_wafv2_ip_set" +description: |- + Provides an AWS WAFv2 IP Set resource. +--- + +# Resource: aws_wafv2_ip_set + +Provides a WAFv2 IP Set Resource + +## Example Usage + +```hcl +resource "aws_wafv2_ip_set" "example" { + name = "example" + description = "Example IP set" + scope = "REGIONAL" + ip_address_version = "IPV4" + addresses = ["1.2.3.4/32", "5.6.7.8/32"] + + tags = { + Tag1 = "Value1" + Tag2 = "Value2" + } +} +``` + +## Argument Reference + +The following arguments are supported: + +* `name` - (Required) A friendly name of the IP set. +* `description` - (Optional) A friendly description of the IP set. +* `scope` - (Required) Specifies whether this is for an AWS CloudFront distribution or for a regional application. Valid values are `CLOUDFRONT` or `REGIONAL`. To work with CloudFront, you must also specify the Region US East (N. Virginia). +* `ip_address_version` - (Required) Specify IPV4 or IPV6. Valid values are `IPV4` or `IPV6`. +* `addresses` - (Required) Contains an array of strings that specify one or more IP addresses or blocks of IP addresses in Classless Inter-Domain Routing (CIDR) notation. AWS WAF supports all address ranges for IP versions IPv4 and IPv6. +* `tags` - (Optional) An array of key:value pairs to associate with the resource. + +## Attributes Reference + +In addition to all arguments above, the following attributes are exported: + +* `id` - A unique identifier for the set. +* `arn` - The Amazon Resource Name (ARN) that identifies the cluster. + +## Import + +WAFv2 IP Sets can be imported using their ID, Name and Scope e.g. + +``` +$ terraform import aws_wafv2_ip_set.example a1b2c3d4-d5f6-7777-8888-9999aaaabbbbcccc/example/REGIONAL +``` From a3adf86502ee76fd7b5bc7a123d52b9bf8f5aa16 Mon Sep 17 00:00:00 2001 From: Pascal van Buijtene Date: Fri, 21 Feb 2020 15:12:29 +0100 Subject: [PATCH 032/475] Sort imports --- aws/resource_aws_wafv2_ip_set.go | 8 ++++---- aws/resource_aws_wafv2_ip_set_test.go | 9 ++++----- 2 files changed, 8 insertions(+), 9 deletions(-) diff --git a/aws/resource_aws_wafv2_ip_set.go b/aws/resource_aws_wafv2_ip_set.go index 37e5712e832..24ad089af2e 100644 --- a/aws/resource_aws_wafv2_ip_set.go +++ b/aws/resource_aws_wafv2_ip_set.go @@ -2,17 +2,17 @@ package aws import ( "fmt" - "github.com/aws/aws-sdk-go/service/wafv2" - "github.com/hashicorp/terraform-plugin-sdk/helper/resource" - "github.com/hashicorp/terraform-plugin-sdk/helper/validation" - "github.com/terraform-providers/terraform-provider-aws/aws/internal/keyvaluetags" "log" "strings" "time" "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/awserr" + "github.com/aws/aws-sdk-go/service/wafv2" + "github.com/hashicorp/terraform-plugin-sdk/helper/resource" "github.com/hashicorp/terraform-plugin-sdk/helper/schema" + "github.com/hashicorp/terraform-plugin-sdk/helper/validation" + "github.com/terraform-providers/terraform-provider-aws/aws/internal/keyvaluetags" ) func resourceAwsWafv2IPSet() *schema.Resource { diff --git a/aws/resource_aws_wafv2_ip_set_test.go b/aws/resource_aws_wafv2_ip_set_test.go index 1697922c6cd..a4754099af6 100644 --- a/aws/resource_aws_wafv2_ip_set_test.go +++ b/aws/resource_aws_wafv2_ip_set_test.go @@ -2,16 +2,15 @@ package aws import ( "fmt" - "github.com/aws/aws-sdk-go/aws/awserr" - "github.com/aws/aws-sdk-go/service/wafv2" "regexp" "testing" - "github.com/hashicorp/terraform-plugin-sdk/helper/resource" - "github.com/hashicorp/terraform-plugin-sdk/terraform" - "github.com/aws/aws-sdk-go/aws" + "github.com/aws/aws-sdk-go/aws/awserr" + "github.com/aws/aws-sdk-go/service/wafv2" "github.com/hashicorp/terraform-plugin-sdk/helper/acctest" + "github.com/hashicorp/terraform-plugin-sdk/helper/resource" + "github.com/hashicorp/terraform-plugin-sdk/terraform" ) func TestAccAwsWafv2IPSet_basic(t *testing.T) { From 462ffde263198bef605e19504c6ac2fa0242caf6 Mon Sep 17 00:00:00 2001 From: Pascal van Buijtene Date: Fri, 21 Feb 2020 15:37:41 +0100 Subject: [PATCH 033/475] Cleanup --- aws/resource_aws_wafv2_ip_set.go | 1 - 1 file changed, 1 deletion(-) diff --git a/aws/resource_aws_wafv2_ip_set.go b/aws/resource_aws_wafv2_ip_set.go index 24ad089af2e..c5145282a3d 100644 --- a/aws/resource_aws_wafv2_ip_set.go +++ b/aws/resource_aws_wafv2_ip_set.go @@ -180,7 +180,6 @@ func resourceAwsWafv2IPSetRead(d *schema.ResourceData, meta interface{}) error { func resourceAwsWafv2IPSetUpdate(d *schema.ResourceData, meta interface{}) error { conn := meta.(*AWSClient).wafv2conn - //tags := keyvaluetags.New(d.Get("tags").(map[string]interface{})).IgnoreAws().Wafv2Tags() var resp *wafv2.GetIPSetOutput params := &wafv2.GetIPSetInput{ Id: aws.String(d.Id()), From 0d644eaedba14496d36ca1bfaa25501f27025df0 Mon Sep 17 00:00:00 2001 From: Pascal van Buijtene Date: Fri, 27 Mar 2020 23:12:55 +0100 Subject: [PATCH 034/475] Apply review changes --- aws/resource_aws_wafv2_ip_set.go | 61 +++++++++------------------ aws/resource_aws_wafv2_ip_set_test.go | 6 +++ 2 files changed, 27 insertions(+), 40 deletions(-) diff --git a/aws/resource_aws_wafv2_ip_set.go b/aws/resource_aws_wafv2_ip_set.go index c5145282a3d..2f52ee8a20c 100644 --- a/aws/resource_aws_wafv2_ip_set.go +++ b/aws/resource_aws_wafv2_ip_set.go @@ -7,7 +7,6 @@ import ( "time" "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/aws/awserr" "github.com/aws/aws-sdk-go/service/wafv2" "github.com/hashicorp/terraform-plugin-sdk/helper/resource" "github.com/hashicorp/terraform-plugin-sdk/helper/schema" @@ -63,6 +62,10 @@ func resourceAwsWafv2IPSet() *schema.Resource { wafv2.IPAddressVersionIpv6, }, false), }, + "lock_token": { + Type: schema.TypeString, + Computed: true, + }, "name": { Type: schema.TypeString, Required: true, @@ -148,7 +151,7 @@ func resourceAwsWafv2IPSetRead(d *schema.ResourceData, meta interface{}) error { resp, err := conn.GetIPSet(params) if err != nil { - if awsErr, ok := err.(awserr.Error); ok && awsErr.Code() == wafv2.ErrCodeWAFNonexistentItemException { + if isAWSErr(err, wafv2.ErrCodeWAFNonexistentItemException, "AWS WAF couldn’t perform the operation because your resource doesn’t exist") { log.Printf("[WARN] WAFV2 IPSet (%s) not found, removing from state", d.Id()) d.SetId("") return nil @@ -161,8 +164,9 @@ func resourceAwsWafv2IPSetRead(d *schema.ResourceData, meta interface{}) error { d.Set("description", resp.IPSet.Description) d.Set("ip_address_version", resp.IPSet.IPAddressVersion) d.Set("arn", resp.IPSet.ARN) + d.Set("lock_token", resp.LockToken) - if err := d.Set("addresses", schema.NewSet(schema.HashString, flattenStringList(resp.IPSet.Addresses))); err != nil { + if err := d.Set("addresses", flattenStringSet(resp.IPSet.Addresses)); err != nil { return fmt.Errorf("Error setting addresses: %s", err) } @@ -180,39 +184,27 @@ func resourceAwsWafv2IPSetRead(d *schema.ResourceData, meta interface{}) error { func resourceAwsWafv2IPSetUpdate(d *schema.ResourceData, meta interface{}) error { conn := meta.(*AWSClient).wafv2conn - var resp *wafv2.GetIPSetOutput - params := &wafv2.GetIPSetInput{ - Id: aws.String(d.Id()), - Name: aws.String(d.Get("name").(string)), - Scope: aws.String(d.Get("scope").(string)), - } + log.Printf("[INFO] Updating WAFV2 IPSet %s", d.Id()) err := resource.Retry(15*time.Minute, func() *resource.RetryError { - var err error - resp, err = conn.GetIPSet(params) - if err != nil { - return resource.NonRetryableError(fmt.Errorf("Error getting lock token: %s", err)) - } - u := &wafv2.UpdateIPSetInput{ - Id: aws.String(d.Id()), - Name: aws.String(d.Get("name").(string)), - Scope: aws.String(d.Get("scope").(string)), - Addresses: []*string{}, - Description: aws.String(d.Get("description").(string)), - LockToken: resp.LockToken, + Id: aws.String(d.Id()), + Name: aws.String(d.Get("name").(string)), + Scope: aws.String(d.Get("scope").(string)), + Addresses: []*string{}, + LockToken: aws.String(d.Get("lock_token").(string)), } if v, ok := d.GetOk("addresses"); ok && v.(*schema.Set).Len() > 0 { u.Addresses = expandStringSet(d.Get("addresses").(*schema.Set)) } - if d.HasChange("description") { + if v, ok := d.GetOk("description"); ok && len(v.(string)) > 0 { u.Description = aws.String(d.Get("description").(string)) } - _, err = conn.UpdateIPSet(u) + _, err := conn.UpdateIPSet(u) if err != nil { if isAWSErr(err, wafv2.ErrCodeWAFInternalErrorException, "AWS WAF couldn’t perform the operation because of a system problem") { @@ -227,11 +219,11 @@ func resourceAwsWafv2IPSetUpdate(d *schema.ResourceData, meta interface{}) error }) if isResourceTimeoutError(err) { - _, err = conn.DeleteIPSet(&wafv2.DeleteIPSetInput{ + _, err = conn.UpdateIPSet(&wafv2.UpdateIPSetInput{ Id: aws.String(d.Id()), Name: aws.String(d.Get("name").(string)), Scope: aws.String(d.Get("scope").(string)), - LockToken: resp.LockToken, + LockToken: aws.String(d.Get("lock_token").(string)), }) } @@ -251,26 +243,15 @@ func resourceAwsWafv2IPSetUpdate(d *schema.ResourceData, meta interface{}) error func resourceAwsWafv2IPSetDelete(d *schema.ResourceData, meta interface{}) error { conn := meta.(*AWSClient).wafv2conn - var resp *wafv2.GetIPSetOutput - params := &wafv2.GetIPSetInput{ - Id: aws.String(d.Id()), - Name: aws.String(d.Get("name").(string)), - Scope: aws.String(d.Get("scope").(string)), - } + log.Printf("[INFO] Deleting WAFV2 IPSet %s", d.Id()) err := resource.Retry(15*time.Minute, func() *resource.RetryError { - var err error - resp, err = conn.GetIPSet(params) - if err != nil { - return resource.NonRetryableError(fmt.Errorf("Error getting lock token: %s", err)) - } - - _, err = conn.DeleteIPSet(&wafv2.DeleteIPSetInput{ + _, err := conn.DeleteIPSet(&wafv2.DeleteIPSetInput{ Id: aws.String(d.Id()), Name: aws.String(d.Get("name").(string)), Scope: aws.String(d.Get("scope").(string)), - LockToken: resp.LockToken, + LockToken: aws.String(d.Get("lock_token").(string)), }) if err != nil { @@ -290,7 +271,7 @@ func resourceAwsWafv2IPSetDelete(d *schema.ResourceData, meta interface{}) error Id: aws.String(d.Id()), Name: aws.String(d.Get("name").(string)), Scope: aws.String(d.Get("scope").(string)), - LockToken: resp.LockToken, + LockToken: aws.String(d.Get("lock_token").(string)), }) } diff --git a/aws/resource_aws_wafv2_ip_set_test.go b/aws/resource_aws_wafv2_ip_set_test.go index a4754099af6..385e7c11a00 100644 --- a/aws/resource_aws_wafv2_ip_set_test.go +++ b/aws/resource_aws_wafv2_ip_set_test.go @@ -82,6 +82,12 @@ func TestAccAwsWafv2IPSet_minimal(t *testing.T) { resource.TestCheckResourceAttr(resourceName, "addresses.#", "0"), ), }, + { + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateIdFunc: testAccAWSWafv2IPSetImportStateIdFunc(resourceName), + }, }, }) } From fcd90c331d2ab631ad354305996c75f9e332b530 Mon Sep 17 00:00:00 2001 From: Pascal van Buijtene Date: Fri, 27 Mar 2020 23:26:35 +0100 Subject: [PATCH 035/475] Make user aware of optimistick lock exception --- aws/resource_aws_wafv2_ip_set.go | 9 --------- 1 file changed, 9 deletions(-) diff --git a/aws/resource_aws_wafv2_ip_set.go b/aws/resource_aws_wafv2_ip_set.go index 2f52ee8a20c..80b7d2f13b8 100644 --- a/aws/resource_aws_wafv2_ip_set.go +++ b/aws/resource_aws_wafv2_ip_set.go @@ -122,9 +122,6 @@ func resourceAwsWafv2IPSetCreate(d *schema.ResourceData, meta interface{}) error if isAWSErr(err, wafv2.ErrCodeWAFTagOperationInternalErrorException, "AWS WAF couldn’t perform your tagging operation because of an internal error") { return resource.RetryableError(err) } - if isAWSErr(err, wafv2.ErrCodeWAFOptimisticLockException, "AWS WAF couldn’t save your changes because you tried to update or delete a resource that has changed since you last retrieved it") { - return resource.RetryableError(err) - } return resource.NonRetryableError(err) } return nil @@ -210,9 +207,6 @@ func resourceAwsWafv2IPSetUpdate(d *schema.ResourceData, meta interface{}) error if isAWSErr(err, wafv2.ErrCodeWAFInternalErrorException, "AWS WAF couldn’t perform the operation because of a system problem") { return resource.RetryableError(err) } - if isAWSErr(err, wafv2.ErrCodeWAFOptimisticLockException, "AWS WAF couldn’t save your changes because you tried to update or delete a resource that has changed since you last retrieved it") { - return resource.RetryableError(err) - } return resource.NonRetryableError(err) } return nil @@ -258,9 +252,6 @@ func resourceAwsWafv2IPSetDelete(d *schema.ResourceData, meta interface{}) error if isAWSErr(err, wafv2.ErrCodeWAFInternalErrorException, "AWS WAF couldn’t perform the operation because of a system problem") { return resource.RetryableError(err) } - if isAWSErr(err, wafv2.ErrCodeWAFOptimisticLockException, "AWS WAF couldn’t save your changes because you tried to update or delete a resource that has changed since you last retrieved it") { - return resource.RetryableError(err) - } return resource.NonRetryableError(err) } return nil From d6fe40a0f52901bdc113c29cd07632df952fa526 Mon Sep 17 00:00:00 2001 From: Pascal van Buijtene Date: Tue, 31 Mar 2020 13:22:52 +0200 Subject: [PATCH 036/475] Retry in case association is being removed --- aws/resource_aws_wafv2_ip_set.go | 3 +++ 1 file changed, 3 insertions(+) diff --git a/aws/resource_aws_wafv2_ip_set.go b/aws/resource_aws_wafv2_ip_set.go index 80b7d2f13b8..8bafc43bcf6 100644 --- a/aws/resource_aws_wafv2_ip_set.go +++ b/aws/resource_aws_wafv2_ip_set.go @@ -252,6 +252,9 @@ func resourceAwsWafv2IPSetDelete(d *schema.ResourceData, meta interface{}) error if isAWSErr(err, wafv2.ErrCodeWAFInternalErrorException, "AWS WAF couldn’t perform the operation because of a system problem") { return resource.RetryableError(err) } + if isAWSErr(err, wafv2.ErrCodeWAFAssociatedItemException, "AWS WAF couldn’t perform the operation because your resource is being used by another resource or it’s associated with another resource") { + return resource.RetryableError(err) + } return resource.NonRetryableError(err) } return nil From bc7f3ce73b4a011acd7a9495ee5051b78733ab76 Mon Sep 17 00:00:00 2001 From: Pascal van Buijtene Date: Sun, 5 Apr 2020 21:45:11 +0200 Subject: [PATCH 037/475] Format test config --- aws/resource_aws_wafv2_ip_set_test.go | 42 +++++++++++++-------------- 1 file changed, 21 insertions(+), 21 deletions(-) diff --git a/aws/resource_aws_wafv2_ip_set_test.go b/aws/resource_aws_wafv2_ip_set_test.go index 385e7c11a00..6f0add039ec 100644 --- a/aws/resource_aws_wafv2_ip_set_test.go +++ b/aws/resource_aws_wafv2_ip_set_test.go @@ -246,11 +246,11 @@ func testAccCheckAWSWafv2IPSetExists(n string, v *wafv2.IPSet) resource.TestChec func testAccAwsWafv2IPSetConfig(name string) string { return fmt.Sprintf(` resource "aws_wafv2_ip_set" "ip_set" { - name = "%s" - description = "%s" - scope = "REGIONAL" + name = "%s" + description = "%s" + scope = "REGIONAL" ip_address_version = "IPV4" - addresses = ["1.2.3.4/32", "5.6.7.8/32"] + addresses = ["1.2.3.4/32", "5.6.7.8/32"] tags = { Tag1 = "Value1" @@ -263,11 +263,11 @@ resource "aws_wafv2_ip_set" "ip_set" { func testAccAwsWafv2IPSetConfigUpdate(name string) string { return fmt.Sprintf(` resource "aws_wafv2_ip_set" "ip_set" { - name = "%s" - description = "Updated" - scope = "REGIONAL" + name = "%s" + description = "Updated" + scope = "REGIONAL" ip_address_version = "IPV4" - addresses = ["1.1.1.1/32", "2.2.2.2/32", "3.3.3.3/32"] + addresses = ["1.1.1.1/32", "2.2.2.2/32", "3.3.3.3/32"] } `, name) } @@ -275,8 +275,8 @@ resource "aws_wafv2_ip_set" "ip_set" { func testAccAwsWafv2IPSetConfigMinimal(name string) string { return fmt.Sprintf(` resource "aws_wafv2_ip_set" "ip_set" { - name = "%s" - scope = "REGIONAL" + name = "%s" + scope = "REGIONAL" ip_address_version = "IPV4" } `, name) @@ -285,14 +285,14 @@ resource "aws_wafv2_ip_set" "ip_set" { func testAccAwsWafv2IPSetConfigOneTag(name, tagKey, tagValue string) string { return fmt.Sprintf(` resource "aws_wafv2_ip_set" "ip_set" { - name = "%s" - description = "%s" - scope = "REGIONAL" + name = "%s" + description = "%s" + scope = "REGIONAL" ip_address_version = "IPV4" - addresses = ["1.2.3.4/32", "5.6.7.8/32"] + addresses = ["1.2.3.4/32", "5.6.7.8/32"] tags = { - %q = %q + "%s" = "%s" } } `, name, name, tagKey, tagValue) @@ -301,15 +301,15 @@ resource "aws_wafv2_ip_set" "ip_set" { func testAccAwsWafv2IPSetConfigTwoTags(name, tag1Key, tag1Value, tag2Key, tag2Value string) string { return fmt.Sprintf(` resource "aws_wafv2_ip_set" "ip_set" { - name = "%s" - description = "%s" - scope = "REGIONAL" + name = "%s" + description = "%s" + scope = "REGIONAL" ip_address_version = "IPV4" - addresses = ["1.2.3.4/32", "5.6.7.8/32"] + addresses = ["1.2.3.4/32", "5.6.7.8/32"] tags = { - %q = %q - %q = %q + "%s" = "%s" + "%s" = "%s" } } `, name, name, tag1Key, tag1Value, tag2Key, tag2Value) From a73f2458fa1edce738b72b616b26b58502fc9a80 Mon Sep 17 00:00:00 2001 From: Pascal van Buijtene Date: Tue, 5 May 2020 00:16:30 +0200 Subject: [PATCH 038/475] Apply review comments --- aws/config.go | 16 ++++ aws/resource_aws_wafv2_ip_set.go | 128 +++++++++----------------- aws/resource_aws_wafv2_ip_set_test.go | 46 ++++++--- 3 files changed, 92 insertions(+), 98 deletions(-) diff --git a/aws/config.go b/aws/config.go index fda4fafb566..59b93a29a54 100644 --- a/aws/config.go +++ b/aws/config.go @@ -709,6 +709,22 @@ func (c *Config) Client() (interface{}, error) { } }) + client.wafv2conn.Handlers.Retry.PushBack(func(r *request.Request) { + if isAWSErr(r.Error, wafv2.ErrCodeWAFInternalErrorException, "Retry your request") { + r.Retryable = aws.Bool(true) + } + + if r.Operation.Name == "CreateIPSet" { + // WAFv2 supports tag on create which can result in the below error codes according to the documentation + if isAWSErr(r.Error, wafv2.ErrCodeWAFTagOperationException, "Retry your request") { + r.Retryable = aws.Bool(true) + } + if isAWSErr(err, wafv2.ErrCodeWAFTagOperationInternalErrorException, "Retry your request") { + r.Retryable = aws.Bool(true) + } + } + }) + if !c.SkipGetEC2Platforms { supportedPlatforms, err := GetSupportedEC2Platforms(client.ec2conn) if err != nil { diff --git a/aws/resource_aws_wafv2_ip_set.go b/aws/resource_aws_wafv2_ip_set.go index 8bafc43bcf6..317f9f20548 100644 --- a/aws/resource_aws_wafv2_ip_set.go +++ b/aws/resource_aws_wafv2_ip_set.go @@ -40,7 +40,6 @@ func resourceAwsWafv2IPSet() *schema.Resource { "addresses": { Type: schema.TypeSet, Optional: true, - MinItems: 1, MaxItems: 50, Elem: &schema.Schema{Type: schema.TypeString}, }, @@ -88,50 +87,31 @@ func resourceAwsWafv2IPSet() *schema.Resource { func resourceAwsWafv2IPSetCreate(d *schema.ResourceData, meta interface{}) error { conn := meta.(*AWSClient).wafv2conn - var resp *wafv2.CreateIPSetOutput - params := &wafv2.CreateIPSetInput{ - Addresses: []*string{}, + Addresses: aws.StringSlice([]string{}), IPAddressVersion: aws.String(d.Get("ip_address_version").(string)), Name: aws.String(d.Get("name").(string)), Scope: aws.String(d.Get("scope").(string)), } if v, ok := d.GetOk("addresses"); ok && v.(*schema.Set).Len() > 0 { - params.Addresses = expandStringSet(d.Get("addresses").(*schema.Set)) + params.Addresses = expandStringSet(v.(*schema.Set)) } - if d.HasChange("description") { - params.Description = aws.String(d.Get("description").(string)) + if v, ok := d.GetOk("description"); ok { + params.Description = aws.String(v.(string)) } if v := d.Get("tags").(map[string]interface{}); len(v) > 0 { params.Tags = keyvaluetags.New(v).IgnoreAws().Wafv2Tags() } - err := resource.Retry(15*time.Minute, func() *resource.RetryError { - var err error - resp, err = conn.CreateIPSet(params) - if err != nil { - if isAWSErr(err, wafv2.ErrCodeWAFInternalErrorException, "AWS WAF couldn’t perform the operation because of a system problem") { - return resource.RetryableError(err) - } - if isAWSErr(err, wafv2.ErrCodeWAFTagOperationException, "An error occurred during the tagging operation") { - return resource.RetryableError(err) - } - if isAWSErr(err, wafv2.ErrCodeWAFTagOperationInternalErrorException, "AWS WAF couldn’t perform your tagging operation because of an internal error") { - return resource.RetryableError(err) - } - return resource.NonRetryableError(err) - } - return nil - }) - if isResourceTimeoutError(err) { - _, err = conn.CreateIPSet(params) - } + resp, err := conn.CreateIPSet(params) + if err != nil { - return err + return fmt.Errorf("Error creating WAFv2 IPSet: %s", err) } + d.SetId(*resp.Summary.Id) return resourceAwsWafv2IPSetRead(d, meta) @@ -139,6 +119,7 @@ func resourceAwsWafv2IPSetCreate(d *schema.ResourceData, meta interface{}) error func resourceAwsWafv2IPSetRead(d *schema.ResourceData, meta interface{}) error { conn := meta.(*AWSClient).wafv2conn + ignoreTagsConfig := meta.(*AWSClient).IgnoreTagsConfig params := &wafv2.GetIPSetInput{ Id: aws.String(d.Id()), @@ -149,7 +130,7 @@ func resourceAwsWafv2IPSetRead(d *schema.ResourceData, meta interface{}) error { resp, err := conn.GetIPSet(params) if err != nil { if isAWSErr(err, wafv2.ErrCodeWAFNonexistentItemException, "AWS WAF couldn’t perform the operation because your resource doesn’t exist") { - log.Printf("[WARN] WAFV2 IPSet (%s) not found, removing from state", d.Id()) + log.Printf("[WARN] WAFv2 IPSet (%s) not found, removing from state", d.Id()) d.SetId("") return nil } @@ -169,11 +150,11 @@ func resourceAwsWafv2IPSetRead(d *schema.ResourceData, meta interface{}) error { tags, err := keyvaluetags.Wafv2ListTags(conn, *resp.IPSet.ARN) if err != nil { - return fmt.Errorf("error listing tags for WAFV2 IpSet (%s): %s", *resp.IPSet.ARN, err) + return fmt.Errorf("Error listing tags for WAFv2 IpSet (%s): %s", *resp.IPSet.ARN, err) } - if err := d.Set("tags", tags.IgnoreAws().Map()); err != nil { - return fmt.Errorf("error setting tags: %s", err) + if err := d.Set("tags", tags.IgnoreAws().IgnoreConfig(ignoreTagsConfig).Map()); err != nil { + return fmt.Errorf("Error setting tags: %s", err) } return nil @@ -182,53 +163,34 @@ func resourceAwsWafv2IPSetRead(d *schema.ResourceData, meta interface{}) error { func resourceAwsWafv2IPSetUpdate(d *schema.ResourceData, meta interface{}) error { conn := meta.(*AWSClient).wafv2conn - log.Printf("[INFO] Updating WAFV2 IPSet %s", d.Id()) - - err := resource.Retry(15*time.Minute, func() *resource.RetryError { - u := &wafv2.UpdateIPSetInput{ - Id: aws.String(d.Id()), - Name: aws.String(d.Get("name").(string)), - Scope: aws.String(d.Get("scope").(string)), - Addresses: []*string{}, - LockToken: aws.String(d.Get("lock_token").(string)), - } - - if v, ok := d.GetOk("addresses"); ok && v.(*schema.Set).Len() > 0 { - u.Addresses = expandStringSet(d.Get("addresses").(*schema.Set)) - } + log.Printf("[INFO] Updating WAFv2 IPSet %s", d.Id()) - if v, ok := d.GetOk("description"); ok && len(v.(string)) > 0 { - u.Description = aws.String(d.Get("description").(string)) - } - - _, err := conn.UpdateIPSet(u) + params := &wafv2.UpdateIPSetInput{ + Id: aws.String(d.Id()), + Name: aws.String(d.Get("name").(string)), + Scope: aws.String(d.Get("scope").(string)), + Addresses: aws.StringSlice([]string{}), + LockToken: aws.String(d.Get("lock_token").(string)), + } - if err != nil { - if isAWSErr(err, wafv2.ErrCodeWAFInternalErrorException, "AWS WAF couldn’t perform the operation because of a system problem") { - return resource.RetryableError(err) - } - return resource.NonRetryableError(err) - } - return nil - }) + if v, ok := d.GetOk("addresses"); ok && v.(*schema.Set).Len() > 0 { + params.Addresses = expandStringSet(v.(*schema.Set)) + } - if isResourceTimeoutError(err) { - _, err = conn.UpdateIPSet(&wafv2.UpdateIPSetInput{ - Id: aws.String(d.Id()), - Name: aws.String(d.Get("name").(string)), - Scope: aws.String(d.Get("scope").(string)), - LockToken: aws.String(d.Get("lock_token").(string)), - }) + if v, ok := d.GetOk("description"); ok && len(v.(string)) > 0 { + params.Description = aws.String(v.(string)) } + _, err := conn.UpdateIPSet(params) + if err != nil { - return fmt.Errorf("Error updating WAFV2 IPSet: %s", err) + return fmt.Errorf("Error updating WAFv2 IPSet: %s", err) } if d.HasChange("tags") { o, n := d.GetChange("tags") if err := keyvaluetags.Wafv2UpdateTags(conn, d.Get("arn").(string), o, n); err != nil { - return fmt.Errorf("error updating tags: %s", err) + return fmt.Errorf("Error updating tags: %s", err) } } @@ -238,20 +200,19 @@ func resourceAwsWafv2IPSetUpdate(d *schema.ResourceData, meta interface{}) error func resourceAwsWafv2IPSetDelete(d *schema.ResourceData, meta interface{}) error { conn := meta.(*AWSClient).wafv2conn - log.Printf("[INFO] Deleting WAFV2 IPSet %s", d.Id()) + log.Printf("[INFO] Deleting WAFv2 IPSet %s", d.Id()) - err := resource.Retry(15*time.Minute, func() *resource.RetryError { - _, err := conn.DeleteIPSet(&wafv2.DeleteIPSetInput{ - Id: aws.String(d.Id()), - Name: aws.String(d.Get("name").(string)), - Scope: aws.String(d.Get("scope").(string)), - LockToken: aws.String(d.Get("lock_token").(string)), - }) + params := &wafv2.DeleteIPSetInput{ + Id: aws.String(d.Id()), + Name: aws.String(d.Get("name").(string)), + Scope: aws.String(d.Get("scope").(string)), + LockToken: aws.String(d.Get("lock_token").(string)), + } + err := resource.Retry(5*time.Minute, func() *resource.RetryError { + var err error + _, err = conn.DeleteIPSet(params) if err != nil { - if isAWSErr(err, wafv2.ErrCodeWAFInternalErrorException, "AWS WAF couldn’t perform the operation because of a system problem") { - return resource.RetryableError(err) - } if isAWSErr(err, wafv2.ErrCodeWAFAssociatedItemException, "AWS WAF couldn’t perform the operation because your resource is being used by another resource or it’s associated with another resource") { return resource.RetryableError(err) } @@ -261,16 +222,11 @@ func resourceAwsWafv2IPSetDelete(d *schema.ResourceData, meta interface{}) error }) if isResourceTimeoutError(err) { - _, err = conn.DeleteIPSet(&wafv2.DeleteIPSetInput{ - Id: aws.String(d.Id()), - Name: aws.String(d.Get("name").(string)), - Scope: aws.String(d.Get("scope").(string)), - LockToken: aws.String(d.Get("lock_token").(string)), - }) + _, err = conn.DeleteIPSet(params) } if err != nil { - return fmt.Errorf("Error deleting WAFV2 IPSet: %s", err) + return fmt.Errorf("Error deleting WAFv2 IPSet: %s", err) } return nil diff --git a/aws/resource_aws_wafv2_ip_set_test.go b/aws/resource_aws_wafv2_ip_set_test.go index 6f0add039ec..da0ef229f8d 100644 --- a/aws/resource_aws_wafv2_ip_set_test.go +++ b/aws/resource_aws_wafv2_ip_set_test.go @@ -13,7 +13,7 @@ import ( "github.com/hashicorp/terraform-plugin-sdk/terraform" ) -func TestAccAwsWafv2IPSet_basic(t *testing.T) { +func TestAccAwsWafv2IPSet_Basic(t *testing.T) { var v wafv2.IPSet ipSetName := fmt.Sprintf("ip-set-%s", acctest.RandString(5)) resourceName := "aws_wafv2_ip_set.ip_set" @@ -26,7 +26,7 @@ func TestAccAwsWafv2IPSet_basic(t *testing.T) { { Config: testAccAwsWafv2IPSetConfig(ipSetName), Check: resource.ComposeTestCheckFunc( - testAccCheckAWSWafv2IPSetExists("aws_wafv2_ip_set.ip_set", &v), + testAccCheckAWSWafv2IPSetExists(resourceName, &v), testAccMatchResourceAttrRegionalARN(resourceName, "arn", "wafv2", regexp.MustCompile(`regional/ipset/.+$`)), resource.TestCheckResourceAttr(resourceName, "name", ipSetName), resource.TestCheckResourceAttr(resourceName, "description", ipSetName), @@ -41,7 +41,7 @@ func TestAccAwsWafv2IPSet_basic(t *testing.T) { { Config: testAccAwsWafv2IPSetConfigUpdate(ipSetName), Check: resource.ComposeTestCheckFunc( - testAccCheckAWSWafv2IPSetExists("aws_wafv2_ip_set.ip_set", &v), + testAccCheckAWSWafv2IPSetExists(resourceName, &v), testAccMatchResourceAttrRegionalARN(resourceName, "arn", "wafv2", regexp.MustCompile(`regional/ipset/.+$`)), resource.TestCheckResourceAttr(resourceName, "name", ipSetName), resource.TestCheckResourceAttr(resourceName, "description", "Updated"), @@ -60,7 +60,29 @@ func TestAccAwsWafv2IPSet_basic(t *testing.T) { }) } -func TestAccAwsWafv2IPSet_minimal(t *testing.T) { +func TestAccAwsWafv2IPSet_Disappears(t *testing.T) { + var r wafv2.IPSet + ipSetName := fmt.Sprintf("ip-set-%s", acctest.RandString(5)) + resourceName := "aws_wafv2_ip_set.ip_set" + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSWafv2IPSetDestroy, + Steps: []resource.TestStep{ + { + Config: testAccAwsWafv2IPSetConfig(ipSetName), + Check: resource.ComposeTestCheckFunc( + testAccCheckAWSWafv2IPSetExists(resourceName, &r), + testAccCheckResourceDisappears(testAccProvider, resourceAwsWafv2IPSet(), resourceName), + ), + ExpectNonEmptyPlan: true, + }, + }, + }) +} + +func TestAccAwsWafv2IPSet_Minimal(t *testing.T) { var v wafv2.IPSet ipSetName := fmt.Sprintf("ip-set-%s", acctest.RandString(5)) resourceName := "aws_wafv2_ip_set.ip_set" @@ -73,7 +95,7 @@ func TestAccAwsWafv2IPSet_minimal(t *testing.T) { { Config: testAccAwsWafv2IPSetConfigMinimal(ipSetName), Check: resource.ComposeTestCheckFunc( - testAccCheckAWSWafv2IPSetExists("aws_wafv2_ip_set.ip_set", &v), + testAccCheckAWSWafv2IPSetExists(resourceName, &v), testAccMatchResourceAttrRegionalARN(resourceName, "arn", "wafv2", regexp.MustCompile(`regional/ipset/.+$`)), resource.TestCheckResourceAttr(resourceName, "name", ipSetName), resource.TestCheckResourceAttr(resourceName, "description", ""), @@ -92,7 +114,7 @@ func TestAccAwsWafv2IPSet_minimal(t *testing.T) { }) } -func TestAccAwsWafv2IPSet_changeNameForceNew(t *testing.T) { +func TestAccAwsWafv2IPSet_ChangeNameForceNew(t *testing.T) { var before, after wafv2.IPSet ipSetName := fmt.Sprintf("ip-set-%s", acctest.RandString(5)) ipSetNewName := fmt.Sprintf("ip-set-%s", acctest.RandString(5)) @@ -106,7 +128,7 @@ func TestAccAwsWafv2IPSet_changeNameForceNew(t *testing.T) { { Config: testAccAwsWafv2IPSetConfig(ipSetName), Check: resource.ComposeTestCheckFunc( - testAccCheckAWSWafv2IPSetExists("aws_wafv2_ip_set.ip_set", &before), + testAccCheckAWSWafv2IPSetExists(resourceName, &before), testAccMatchResourceAttrRegionalARN(resourceName, "arn", "wafv2", regexp.MustCompile(`regional/ipset/.+$`)), resource.TestCheckResourceAttr(resourceName, "name", ipSetName), resource.TestCheckResourceAttr(resourceName, "description", ipSetName), @@ -118,7 +140,7 @@ func TestAccAwsWafv2IPSet_changeNameForceNew(t *testing.T) { { Config: testAccAwsWafv2IPSetConfig(ipSetNewName), Check: resource.ComposeTestCheckFunc( - testAccCheckAWSWafv2IPSetExists("aws_wafv2_ip_set.ip_set", &after), + testAccCheckAWSWafv2IPSetExists(resourceName, &after), testAccMatchResourceAttrRegionalARN(resourceName, "arn", "wafv2", regexp.MustCompile(`regional/ipset/.+$`)), resource.TestCheckResourceAttr(resourceName, "name", ipSetNewName), resource.TestCheckResourceAttr(resourceName, "description", ipSetNewName), @@ -131,7 +153,7 @@ func TestAccAwsWafv2IPSet_changeNameForceNew(t *testing.T) { }) } -func TestAccAwsWafv2IPSet_tags(t *testing.T) { +func TestAccAwsWafv2IPSet_Tags(t *testing.T) { var v wafv2.IPSet ipSetName := fmt.Sprintf("ip-set-%s", acctest.RandString(5)) resourceName := "aws_wafv2_ip_set.ip_set" @@ -144,7 +166,7 @@ func TestAccAwsWafv2IPSet_tags(t *testing.T) { { Config: testAccAwsWafv2IPSetConfigOneTag(ipSetName, "Tag1", "Value1"), Check: resource.ComposeTestCheckFunc( - testAccCheckAWSWafv2IPSetExists("aws_wafv2_ip_set.ip_set", &v), + testAccCheckAWSWafv2IPSetExists(resourceName, &v), testAccMatchResourceAttrRegionalARN(resourceName, "arn", "wafv2", regexp.MustCompile(`regional/ipset/.+$`)), resource.TestCheckResourceAttr(resourceName, "tags.%", "1"), resource.TestCheckResourceAttr(resourceName, "tags.Tag1", "Value1"), @@ -159,7 +181,7 @@ func TestAccAwsWafv2IPSet_tags(t *testing.T) { { Config: testAccAwsWafv2IPSetConfigTwoTags(ipSetName, "Tag1", "Value1Updated", "Tag2", "Value2"), Check: resource.ComposeTestCheckFunc( - testAccCheckAWSWafv2IPSetExists("aws_wafv2_ip_set.ip_set", &v), + testAccCheckAWSWafv2IPSetExists(resourceName, &v), testAccMatchResourceAttrRegionalARN(resourceName, "arn", "wafv2", regexp.MustCompile(`regional/ipset/.+$`)), resource.TestCheckResourceAttr(resourceName, "tags.%", "2"), resource.TestCheckResourceAttr(resourceName, "tags.Tag1", "Value1Updated"), @@ -169,7 +191,7 @@ func TestAccAwsWafv2IPSet_tags(t *testing.T) { { Config: testAccAwsWafv2IPSetConfigOneTag(ipSetName, "Tag2", "Value2"), Check: resource.ComposeTestCheckFunc( - testAccCheckAWSWafv2IPSetExists("aws_wafv2_ip_set.ip_set", &v), + testAccCheckAWSWafv2IPSetExists(resourceName, &v), testAccMatchResourceAttrRegionalARN(resourceName, "arn", "wafv2", regexp.MustCompile(`regional/ipset/.+$`)), resource.TestCheckResourceAttr(resourceName, "tags.%", "1"), resource.TestCheckResourceAttr(resourceName, "tags.Tag2", "Value2"), From 37c5e2c8954a1fb18310058ff103e48fc1b4d24c Mon Sep 17 00:00:00 2001 From: Graham Davison Date: Tue, 5 May 2020 14:46:29 -0700 Subject: [PATCH 039/475] Updates Lambda acceptance tests to use ARN testing check functions --- aws/provider_test.go | 14 + aws/resource_aws_lambda_alias_test.go | 68 +++-- ...ce_aws_lambda_event_source_mapping_test.go | 40 ++- aws/resource_aws_lambda_function_test.go | 118 ++++---- aws/resource_aws_lambda_permission.go | 3 +- aws/resource_aws_lambda_permission_test.go | 264 ++++++++++-------- 6 files changed, 282 insertions(+), 225 deletions(-) diff --git a/aws/provider_test.go b/aws/provider_test.go index 5c76f99e72e..c59e7a202e8 100644 --- a/aws/provider_test.go +++ b/aws/provider_test.go @@ -125,6 +125,20 @@ func testAccCheckResourceAttrRegionalARNNoAccount(resourceName, attributeName, a } } +// testAccCheckResourceAttrRegionalARNAccountID ensures the Terraform state exactly matches a formatted ARN with region and specific account ID +func testAccCheckResourceAttrRegionalARNAccountID(resourceName, attributeName, accountID, arnService, arnResource string) resource.TestCheckFunc { + return func(s *terraform.State) error { + attributeValue := arn.ARN{ + AccountID: accountID, + Partition: testAccGetPartition(), + Region: testAccGetRegion(), + Resource: arnResource, + Service: arnService, + }.String() + return resource.TestCheckResourceAttr(resourceName, attributeName, attributeValue)(s) + } +} + // testAccMatchResourceAttrRegionalARN ensures the Terraform state regexp matches a formatted ARN with region func testAccMatchResourceAttrRegionalARN(resourceName, attributeName, arnService string, arnResourceRegexp *regexp.Regexp) resource.TestCheckFunc { return func(s *terraform.State) error { diff --git a/aws/resource_aws_lambda_alias_test.go b/aws/resource_aws_lambda_alias_test.go index 5b857c5b2bc..32e4602587a 100644 --- a/aws/resource_aws_lambda_alias_test.go +++ b/aws/resource_aws_lambda_alias_test.go @@ -2,7 +2,6 @@ package aws import ( "fmt" - "regexp" "testing" "github.com/aws/aws-sdk-go/aws" @@ -14,7 +13,7 @@ import ( func TestAccAWSLambdaAlias_basic(t *testing.T) { var conf lambda.AliasConfiguration - resourceName := "aws_lambda_alias.lambda_alias_test" + resourceName := "aws_lambda_alias.test" rString := acctest.RandString(8) roleName := fmt.Sprintf("tf_acc_role_lambda_alias_basic_%s", rString) @@ -23,6 +22,8 @@ func TestAccAWSLambdaAlias_basic(t *testing.T) { funcName := fmt.Sprintf("tf_acc_lambda_func_alias_basic_%s", rString) aliasName := fmt.Sprintf("tf_acc_lambda_alias_basic_%s", rString) + functionArnResourcePart := fmt.Sprintf("function:%s:%s", funcName, aliasName) + resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, Providers: testAccProviders, @@ -32,10 +33,10 @@ func TestAccAWSLambdaAlias_basic(t *testing.T) { Config: testAccAwsLambdaAliasConfig(roleName, policyName, attachmentName, funcName, aliasName), Check: resource.ComposeTestCheckFunc( testAccCheckAwsLambdaAliasExists(resourceName, &conf), - testAccCheckAwsLambdaAttributes(&conf), + testAccCheckAwsLambdaAliasAttributes(&conf), testAccCheckAwsLambdaAliasRoutingConfigDoesNotExist(&conf), - testAccCheckResourceAttrRegionalARN(resourceName, "arn", "lambda", fmt.Sprintf("function:%s:%s", funcName, aliasName)), - resource.TestMatchResourceAttr(resourceName, "invoke_arn", regexp.MustCompile(fmt.Sprintf("^arn:[^:]+:apigateway:[^:]+:lambda:path/2015-03-31/functions/arn:[^:]+:lambda:[^:]+:[^:]+:function:%s:%s/invocations$", funcName, aliasName))), + testAccCheckResourceAttrRegionalARN(resourceName, "arn", "lambda", functionArnResourcePart), + testAccCheckAwsLambdaAliasInvokeArn(resourceName, &conf), ), }, { @@ -54,7 +55,7 @@ func TestAccAWSLambdaAlias_basic(t *testing.T) { func TestAccAWSLambdaAlias_nameupdate(t *testing.T) { var conf lambda.AliasConfiguration - resourceName := "aws_lambda_alias.lambda_alias_test" + resourceName := "aws_lambda_alias.test" rString := acctest.RandString(8) roleName := fmt.Sprintf("tf_acc_role_lambda_alias_basic_%s", rString) @@ -64,6 +65,9 @@ func TestAccAWSLambdaAlias_nameupdate(t *testing.T) { aliasName := fmt.Sprintf("tf_acc_lambda_alias_basic_%s", rString) aliasNameUpdate := fmt.Sprintf("tf_acc_lambda_alias_basic_%s", acctest.RandString(8)) + functionArnResourcePart := fmt.Sprintf("function:%s:%s", funcName, aliasName) + functionArnResourcePartUpdate := fmt.Sprintf("function:%s:%s", funcName, aliasNameUpdate) + resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, Providers: testAccProviders, @@ -73,16 +77,16 @@ func TestAccAWSLambdaAlias_nameupdate(t *testing.T) { Config: testAccAwsLambdaAliasConfig(roleName, policyName, attachmentName, funcName, aliasName), Check: resource.ComposeTestCheckFunc( testAccCheckAwsLambdaAliasExists(resourceName, &conf), - testAccCheckAwsLambdaAttributes(&conf), - testAccCheckResourceAttrRegionalARN(resourceName, "arn", "lambda", fmt.Sprintf("function:%s:%s", funcName, aliasName)), + testAccCheckAwsLambdaAliasAttributes(&conf), + testAccCheckResourceAttrRegionalARN(resourceName, "arn", "lambda", functionArnResourcePart), ), }, { Config: testAccAwsLambdaAliasConfig(roleName, policyName, attachmentName, funcName, aliasNameUpdate), Check: resource.ComposeTestCheckFunc( testAccCheckAwsLambdaAliasExists(resourceName, &conf), - testAccCheckAwsLambdaAttributes(&conf), - testAccCheckResourceAttrRegionalARN(resourceName, "arn", "lambda", fmt.Sprintf("function:%s:%s", funcName, aliasNameUpdate)), + testAccCheckAwsLambdaAliasAttributes(&conf), + testAccCheckResourceAttrRegionalARN(resourceName, "arn", "lambda", functionArnResourcePartUpdate), ), }, }, @@ -91,7 +95,7 @@ func TestAccAWSLambdaAlias_nameupdate(t *testing.T) { func TestAccAWSLambdaAlias_routingconfig(t *testing.T) { var conf lambda.AliasConfiguration - resourceName := "aws_lambda_alias.lambda_alias_test" + resourceName := "aws_lambda_alias.test" rString := acctest.RandString(8) roleName := fmt.Sprintf("tf_acc_role_lambda_alias_basic_%s", rString) @@ -100,6 +104,8 @@ func TestAccAWSLambdaAlias_routingconfig(t *testing.T) { funcName := fmt.Sprintf("tf_acc_lambda_func_alias_basic_%s", rString) aliasName := fmt.Sprintf("tf_acc_lambda_alias_basic_%s", rString) + functionArnResourcePart := fmt.Sprintf("function:%s:%s", funcName, aliasName) + resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, Providers: testAccProviders, @@ -109,26 +115,26 @@ func TestAccAWSLambdaAlias_routingconfig(t *testing.T) { Config: testAccAwsLambdaAliasConfig(roleName, policyName, attachmentName, funcName, aliasName), Check: resource.ComposeTestCheckFunc( testAccCheckAwsLambdaAliasExists(resourceName, &conf), - testAccCheckAwsLambdaAttributes(&conf), - testAccCheckResourceAttrRegionalARN(resourceName, "arn", "lambda", fmt.Sprintf("function:%s:%s", funcName, aliasName)), + testAccCheckAwsLambdaAliasAttributes(&conf), + testAccCheckResourceAttrRegionalARN(resourceName, "arn", "lambda", functionArnResourcePart), ), }, { Config: testAccAwsLambdaAliasConfigWithRoutingConfig(roleName, policyName, attachmentName, funcName, aliasName), Check: resource.ComposeTestCheckFunc( testAccCheckAwsLambdaAliasExists(resourceName, &conf), - testAccCheckAwsLambdaAttributes(&conf), + testAccCheckAwsLambdaAliasAttributes(&conf), testAccCheckAwsLambdaAliasRoutingConfigExists(&conf), - testAccCheckResourceAttrRegionalARN(resourceName, "arn", "lambda", fmt.Sprintf("function:%s:%s", funcName, aliasName)), + testAccCheckResourceAttrRegionalARN(resourceName, "arn", "lambda", functionArnResourcePart), ), }, { Config: testAccAwsLambdaAliasConfig(roleName, policyName, attachmentName, funcName, aliasName), Check: resource.ComposeTestCheckFunc( testAccCheckAwsLambdaAliasExists(resourceName, &conf), - testAccCheckAwsLambdaAttributes(&conf), + testAccCheckAwsLambdaAliasAttributes(&conf), testAccCheckAwsLambdaAliasRoutingConfigDoesNotExist(&conf), - testAccCheckResourceAttrRegionalARN(resourceName, "arn", "lambda", fmt.Sprintf("function:%s:%s", funcName, aliasName)), + testAccCheckResourceAttrRegionalARN(resourceName, "arn", "lambda", functionArnResourcePart), ), }, }, @@ -185,7 +191,7 @@ func testAccCheckAwsLambdaAliasExists(n string, mapping *lambda.AliasConfigurati } } -func testAccCheckAwsLambdaAttributes(mapping *lambda.AliasConfiguration) resource.TestCheckFunc { +func testAccCheckAwsLambdaAliasAttributes(mapping *lambda.AliasConfiguration) resource.TestCheckFunc { return func(s *terraform.State) error { name := *mapping.Name arn := *mapping.AliasArn @@ -199,6 +205,13 @@ func testAccCheckAwsLambdaAttributes(mapping *lambda.AliasConfiguration) resourc } } +func testAccCheckAwsLambdaAliasInvokeArn(name string, mapping *lambda.AliasConfiguration) resource.TestCheckFunc { + return func(s *terraform.State) error { + arn := aws.StringValue(mapping.AliasArn) + return testAccCheckResourceAttrRegionalARNAccountID(name, "invoke_arn", "lambda", "apigateway", fmt.Sprintf("path/2015-03-31/functions/%s/invocations", arn))(s) + } +} + func testAccCheckAwsLambdaAliasRoutingConfigExists(mapping *lambda.AliasConfiguration) resource.TestCheckFunc { return func(s *terraform.State) error { routingConfig := mapping.RoutingConfig @@ -223,6 +236,7 @@ func testAccCheckAwsLambdaAliasRoutingConfigDoesNotExist(mapping *lambda.AliasCo return nil } } + func testAccAwsLambdaAliasBaseConfig(roleName, policyName, attachmentName string) string { return fmt.Sprintf(` resource "aws_iam_role" "iam_for_lambda" { @@ -278,7 +292,7 @@ func testAccAwsLambdaAliasConfig(roleName, policyName, attachmentName, funcName, return composeConfig( testAccAwsLambdaAliasBaseConfig(roleName, policyName, attachmentName), fmt.Sprintf(` -resource "aws_lambda_function" "lambda_function_test_create" { +resource "aws_lambda_function" "test" { filename = "test-fixtures/lambdatest.zip" function_name = "%s" role = "${aws_iam_role.iam_for_lambda.arn}" @@ -288,10 +302,10 @@ resource "aws_lambda_function" "lambda_function_test_create" { publish = "true" } -resource "aws_lambda_alias" "lambda_alias_test" { +resource "aws_lambda_alias" "test" { name = "%s" description = "a sample description" - function_name = "${aws_lambda_function.lambda_function_test_create.arn}" + function_name = "${aws_lambda_function.test.arn}" function_version = "1" } `, funcName, aliasName)) @@ -301,7 +315,7 @@ func testAccAwsLambdaAliasConfigUsingFunctionName(roleName, policyName, attachme return composeConfig( testAccAwsLambdaAliasBaseConfig(roleName, policyName, attachmentName), fmt.Sprintf(` -resource "aws_lambda_function" "lambda_function_test_create" { +resource "aws_lambda_function" "test" { filename = "test-fixtures/lambdatest.zip" function_name = "%s" role = "${aws_iam_role.iam_for_lambda.arn}" @@ -311,10 +325,10 @@ resource "aws_lambda_function" "lambda_function_test_create" { publish = "true" } -resource "aws_lambda_alias" "lambda_alias_test" { +resource "aws_lambda_alias" "test" { name = "%s" description = "a sample description" - function_name = "${aws_lambda_function.lambda_function_test_create.function_name}" + function_name = "${aws_lambda_function.test.function_name}" function_version = "1" } `, funcName, aliasName)) @@ -324,7 +338,7 @@ func testAccAwsLambdaAliasConfigWithRoutingConfig(roleName, policyName, attachme return composeConfig( testAccAwsLambdaAliasBaseConfig(roleName, policyName, attachmentName), fmt.Sprintf(` -resource "aws_lambda_function" "lambda_function_test_create" { +resource "aws_lambda_function" "test" { filename = "test-fixtures/lambdatest_modified.zip" function_name = "%s" role = "${aws_iam_role.iam_for_lambda.arn}" @@ -334,10 +348,10 @@ resource "aws_lambda_function" "lambda_function_test_create" { publish = "true" } -resource "aws_lambda_alias" "lambda_alias_test" { +resource "aws_lambda_alias" "test" { name = "%s" description = "a sample description" - function_name = "${aws_lambda_function.lambda_function_test_create.arn}" + function_name = "${aws_lambda_function.test.arn}" function_version = "1" routing_config { diff --git a/aws/resource_aws_lambda_event_source_mapping_test.go b/aws/resource_aws_lambda_event_source_mapping_test.go index 3d5fa27e330..b598e98d92a 100644 --- a/aws/resource_aws_lambda_event_source_mapping_test.go +++ b/aws/resource_aws_lambda_event_source_mapping_test.go @@ -2,7 +2,6 @@ package aws import ( "fmt" - "regexp" "strconv" "testing" "time" @@ -19,6 +18,9 @@ func TestAccAWSLambdaEventSourceMapping_kinesis_basic(t *testing.T) { var conf lambda.EventSourceMappingConfiguration resourceName := "aws_lambda_event_source_mapping.lambda_event_source_mapping_test" + functionResourceName := "aws_lambda_function.lambda_function_test_create" + functionResourceNameUpdated := "aws_lambda_function.lambda_function_test_update" + eventSourceResourceName := "aws_kinesis_stream.kinesis_stream_test" rString := acctest.RandString(8) roleName := fmt.Sprintf("tf_acc_role_lambda_esm_basic_%s", rString) @@ -27,7 +29,6 @@ func TestAccAWSLambdaEventSourceMapping_kinesis_basic(t *testing.T) { streamName := fmt.Sprintf("tf_acc_stream_lambda_esm_basic_%s", rString) funcName := fmt.Sprintf("tf_acc_lambda_esm_basic_%s", rString) uFuncName := fmt.Sprintf("tf_acc_lambda_esm_basic_updated_%s", rString) - uFuncArnRe := regexp.MustCompile(":" + uFuncName + "$") resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, @@ -40,6 +41,9 @@ func TestAccAWSLambdaEventSourceMapping_kinesis_basic(t *testing.T) { testAccCheckAwsLambdaEventSourceMappingExists(resourceName, &conf), testAccCheckAWSLambdaEventSourceMappingAttributes(&conf), testAccCheckResourceAttrRfc3339(resourceName, "last_modified"), + resource.TestCheckResourceAttrPair(resourceName, "function_name", functionResourceName, "arn"), + resource.TestCheckResourceAttrPair(resourceName, "function_arn", functionResourceName, "arn"), + resource.TestCheckResourceAttrPair(resourceName, "event_source_arn", eventSourceResourceName, "arn"), ), }, { @@ -54,7 +58,9 @@ func TestAccAWSLambdaEventSourceMapping_kinesis_basic(t *testing.T) { testAccCheckAwsLambdaEventSourceMappingExists(resourceName, &conf), resource.TestCheckResourceAttr(resourceName, "batch_size", strconv.Itoa(200)), resource.TestCheckResourceAttr(resourceName, "enabled", strconv.FormatBool(false)), - resource.TestMatchResourceAttr(resourceName, "function_arn", uFuncArnRe), + resource.TestCheckResourceAttrPair(resourceName, "function_name", functionResourceNameUpdated, "arn"), + resource.TestCheckResourceAttrPair(resourceName, "function_arn", functionResourceNameUpdated, "arn"), + resource.TestCheckResourceAttrPair(resourceName, "event_source_arn", eventSourceResourceName, "arn"), resource.TestCheckResourceAttr(resourceName, "starting_position", "TRIM_HORIZON"), ), }, @@ -114,6 +120,9 @@ func TestAccAWSLambdaEventSourceMapping_sqs_basic(t *testing.T) { var conf lambda.EventSourceMappingConfiguration resourceName := "aws_lambda_event_source_mapping.lambda_event_source_mapping_test" + functionResourceName := "aws_lambda_function.lambda_function_test_create" + functionResourceNameUpdated := "aws_lambda_function.lambda_function_test_update" + eventSourceResourceName := "aws_sqs_queue.sqs_queue_test" rString := acctest.RandString(8) roleName := fmt.Sprintf("tf_acc_role_lambda_sqs_basic_%s", rString) @@ -122,7 +131,6 @@ func TestAccAWSLambdaEventSourceMapping_sqs_basic(t *testing.T) { streamName := fmt.Sprintf("tf_acc_stream_lambda_sqs_basic_%s", rString) funcName := fmt.Sprintf("tf_acc_lambda_sqs_basic_%s", rString) uFuncName := fmt.Sprintf("tf_acc_lambda_sqs_basic_updated_%s", rString) - uFuncArnRe := regexp.MustCompile(":" + uFuncName + "$") resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, @@ -134,9 +142,11 @@ func TestAccAWSLambdaEventSourceMapping_sqs_basic(t *testing.T) { Check: resource.ComposeTestCheckFunc( testAccCheckAwsLambdaEventSourceMappingExists(resourceName, &conf), testAccCheckAWSLambdaEventSourceMappingAttributes(&conf), + resource.TestCheckResourceAttrPair(resourceName, "function_name", functionResourceName, "arn"), + resource.TestCheckResourceAttrPair(resourceName, "function_arn", functionResourceName, "arn"), + resource.TestCheckResourceAttrPair(resourceName, "event_source_arn", eventSourceResourceName, "arn"), testAccCheckResourceAttrRfc3339(resourceName, "last_modified"), - resource.TestCheckNoResourceAttr(resourceName, - "starting_position"), + resource.TestCheckNoResourceAttr(resourceName, "starting_position"), ), }, { @@ -151,7 +161,9 @@ func TestAccAWSLambdaEventSourceMapping_sqs_basic(t *testing.T) { testAccCheckAwsLambdaEventSourceMappingExists(resourceName, &conf), resource.TestCheckResourceAttr(resourceName, "batch_size", strconv.Itoa(5)), resource.TestCheckResourceAttr(resourceName, "enabled", strconv.FormatBool(false)), - resource.TestMatchResourceAttr(resourceName, "function_arn", uFuncArnRe), + resource.TestCheckResourceAttrPair(resourceName, "function_name", functionResourceNameUpdated, "arn"), + resource.TestCheckResourceAttrPair(resourceName, "function_arn", functionResourceNameUpdated, "arn"), + resource.TestCheckResourceAttrPair(resourceName, "event_source_arn", eventSourceResourceName, "arn"), resource.TestCheckNoResourceAttr(resourceName, "starting_position"), ), }, @@ -163,6 +175,7 @@ func TestAccAWSLambdaEventSourceMapping_sqs_withFunctionName(t *testing.T) { var conf lambda.EventSourceMappingConfiguration resourceName := "aws_lambda_event_source_mapping.lambda_event_source_mapping_test" + functionResourceName := "aws_lambda_function.lambda_function_test_create" rString := acctest.RandString(8) roleName := fmt.Sprintf("tf_acc_role_lambda_sqs_basic_%s", rString) @@ -170,7 +183,6 @@ func TestAccAWSLambdaEventSourceMapping_sqs_withFunctionName(t *testing.T) { attName := fmt.Sprintf("tf_acc_att_lambda_sqs_basic_%s", rString) streamName := fmt.Sprintf("tf_acc_stream_lambda_sqs_basic_%s", rString) funcName := fmt.Sprintf("tf_acc_lambda_sqs_basic_%s", rString) - funcArnRe := regexp.MustCompile(":" + funcName + "$") resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, @@ -182,8 +194,8 @@ func TestAccAWSLambdaEventSourceMapping_sqs_withFunctionName(t *testing.T) { Check: resource.ComposeTestCheckFunc( testAccCheckAwsLambdaEventSourceMappingExists(resourceName, &conf), testAccCheckAWSLambdaEventSourceMappingAttributes(&conf), - resource.TestMatchResourceAttr(resourceName, "function_arn", funcArnRe), - resource.TestMatchResourceAttr(resourceName, "function_name", funcArnRe), + resource.TestCheckResourceAttrPair(resourceName, "function_name", functionResourceName, "arn"), + resource.TestCheckResourceAttrPair(resourceName, "function_arn", functionResourceName, "arn"), resource.TestCheckNoResourceAttr(resourceName, "starting_position"), ), }, @@ -512,10 +524,12 @@ func TestAccAWSLambdaEventSourceMapping_KinesisDestinationConfig(t *testing.T) { var conf lambda.EventSourceMappingConfiguration rName := acctest.RandomWithPrefix("tf-acc-test") rString := acctest.RandString(8) - resourceName := "aws_lambda_event_source_mapping.test" streamName := fmt.Sprintf("tf_acc_stream_dest_config_%s", rString) streamNameUpdated := fmt.Sprintf("tf_acc_stream_dest_config_updated_%s", rString) + resourceName := "aws_lambda_event_source_mapping.test" + sqsResourceName := "aws_sqs_queue.sqs_queue_test" + resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, Providers: testAccProviders, @@ -527,7 +541,7 @@ func TestAccAWSLambdaEventSourceMapping_KinesisDestinationConfig(t *testing.T) { testAccCheckAwsLambdaEventSourceMappingExists(resourceName, &conf), resource.TestCheckResourceAttr(resourceName, "destination_config.#", "1"), resource.TestCheckResourceAttr(resourceName, "destination_config.0.on_failure.#", "1"), - resource.TestCheckResourceAttrPair(resourceName, "destination_config.0.on_failure.0.destination_arn", "aws_sqs_queue.sqs_queue_test", "arn"), + resource.TestCheckResourceAttrPair(resourceName, "destination_config.0.on_failure.0.destination_arn", sqsResourceName, "arn"), ), }, { @@ -545,7 +559,7 @@ func TestAccAWSLambdaEventSourceMapping_KinesisDestinationConfig(t *testing.T) { testAccCheckAwsLambdaEventSourceMappingExists(resourceName, &conf), resource.TestCheckResourceAttr(resourceName, "destination_config.#", "1"), resource.TestCheckResourceAttr(resourceName, "destination_config.0.on_failure.#", "1"), - resource.TestCheckResourceAttrPair(resourceName, "destination_config.0.on_failure.0.destination_arn", "aws_sqs_queue.sqs_queue_test", "arn"), + resource.TestCheckResourceAttrPair(resourceName, "destination_config.0.on_failure.0.destination_arn", sqsResourceName, "arn"), ), }, }, diff --git a/aws/resource_aws_lambda_function_test.go b/aws/resource_aws_lambda_function_test.go index 7c65022548c..1b681973696 100644 --- a/aws/resource_aws_lambda_function_test.go +++ b/aws/resource_aws_lambda_function_test.go @@ -81,9 +81,8 @@ func TestAccAWSLambdaFunction_basic(t *testing.T) { Check: resource.ComposeTestCheckFunc( testAccCheckAwsLambdaFunctionExists(resourceName, funcName, &conf), testAccCheckAwsLambdaFunctionName(&conf, funcName), - testAccCheckAwsLambdaFunctionArnHasSuffix(&conf, ":"+funcName), - testAccMatchResourceAttrRegionalARN(resourceName, "arn", "lambda", regexp.MustCompile(`function.+`)), - resource.TestMatchResourceAttr(resourceName, "invoke_arn", regexp.MustCompile(fmt.Sprintf("^arn:[^:]+:apigateway:[^:]+:lambda:path/2015-03-31/functions/arn:[^:]+:lambda:[^:]+:[^:]+:function:%s/invocations$", funcName))), + testAccCheckResourceAttrRegionalARN(resourceName, "arn", "lambda", fmt.Sprintf("function:%s", funcName)), + testAccCheckAwsLambdaFunctionInvokeArn(resourceName, &conf), resource.TestCheckResourceAttr(resourceName, "reserved_concurrent_executions", "-1"), ), }, @@ -140,7 +139,7 @@ func TestAccAWSLambdaFunction_concurrency(t *testing.T) { Check: resource.ComposeTestCheckFunc( testAccCheckAwsLambdaFunctionExists(resourceName, funcName, &conf), testAccCheckAwsLambdaFunctionName(&conf, funcName), - testAccCheckAwsLambdaFunctionArnHasSuffix(&conf, ":"+funcName), + testAccCheckResourceAttrRegionalARN(resourceName, "arn", "lambda", fmt.Sprintf("function:%s", funcName)), resource.TestCheckResourceAttr(resourceName, "reserved_concurrent_executions", "111"), ), }, @@ -155,7 +154,7 @@ func TestAccAWSLambdaFunction_concurrency(t *testing.T) { Check: resource.ComposeTestCheckFunc( testAccCheckAwsLambdaFunctionExists(resourceName, funcName, &conf), testAccCheckAwsLambdaFunctionName(&conf, funcName), - testAccCheckAwsLambdaFunctionArnHasSuffix(&conf, ":"+funcName), + testAccCheckResourceAttrRegionalARN(resourceName, "arn", "lambda", fmt.Sprintf("function:%s", funcName)), resource.TestCheckResourceAttr(resourceName, "reserved_concurrent_executions", "222"), ), }, @@ -183,7 +182,7 @@ func TestAccAWSLambdaFunction_concurrencyCycle(t *testing.T) { Check: resource.ComposeTestCheckFunc( testAccCheckAwsLambdaFunctionExists(resourceName, funcName, &conf), testAccCheckAwsLambdaFunctionName(&conf, funcName), - testAccCheckAwsLambdaFunctionArnHasSuffix(&conf, ":"+funcName), + testAccCheckResourceAttrRegionalARN(resourceName, "arn", "lambda", fmt.Sprintf("function:%s", funcName)), resource.TestCheckResourceAttr(resourceName, "reserved_concurrent_executions", "-1"), ), }, @@ -198,7 +197,7 @@ func TestAccAWSLambdaFunction_concurrencyCycle(t *testing.T) { Check: resource.ComposeTestCheckFunc( testAccCheckAwsLambdaFunctionExists(resourceName, funcName, &conf), testAccCheckAwsLambdaFunctionName(&conf, funcName), - testAccCheckAwsLambdaFunctionArnHasSuffix(&conf, ":"+funcName), + testAccCheckResourceAttrRegionalARN(resourceName, "arn", "lambda", fmt.Sprintf("function:%s", funcName)), resource.TestCheckResourceAttr(resourceName, "reserved_concurrent_executions", "222"), ), }, @@ -207,7 +206,7 @@ func TestAccAWSLambdaFunction_concurrencyCycle(t *testing.T) { Check: resource.ComposeTestCheckFunc( testAccCheckAwsLambdaFunctionExists(resourceName, funcName, &conf), testAccCheckAwsLambdaFunctionName(&conf, funcName), - testAccCheckAwsLambdaFunctionArnHasSuffix(&conf, ":"+funcName), + testAccCheckResourceAttrRegionalARN(resourceName, "arn", "lambda", fmt.Sprintf("function:%s", funcName)), resource.TestCheckResourceAttr(resourceName, "reserved_concurrent_executions", "-1"), ), }, @@ -294,7 +293,7 @@ func TestAccAWSLambdaFunction_envVariables(t *testing.T) { Check: resource.ComposeTestCheckFunc( testAccCheckAwsLambdaFunctionExists(resourceName, funcName, &conf), testAccCheckAwsLambdaFunctionName(&conf, funcName), - testAccCheckAwsLambdaFunctionArnHasSuffix(&conf, ":"+funcName), + testAccCheckResourceAttrRegionalARN(resourceName, "arn", "lambda", fmt.Sprintf("function:%s", funcName)), resource.TestCheckNoResourceAttr(resourceName, "environment"), ), }, @@ -309,7 +308,7 @@ func TestAccAWSLambdaFunction_envVariables(t *testing.T) { Check: resource.ComposeTestCheckFunc( testAccCheckAwsLambdaFunctionExists(resourceName, funcName, &conf), testAccCheckAwsLambdaFunctionName(&conf, funcName), - testAccCheckAwsLambdaFunctionArnHasSuffix(&conf, ":"+funcName), + testAccCheckResourceAttrRegionalARN(resourceName, "arn", "lambda", fmt.Sprintf("function:%s", funcName)), resource.TestCheckResourceAttr(resourceName, "environment.0.variables.foo", "bar"), ), }, @@ -318,7 +317,7 @@ func TestAccAWSLambdaFunction_envVariables(t *testing.T) { Check: resource.ComposeTestCheckFunc( testAccCheckAwsLambdaFunctionExists(resourceName, funcName, &conf), testAccCheckAwsLambdaFunctionName(&conf, funcName), - testAccCheckAwsLambdaFunctionArnHasSuffix(&conf, ":"+funcName), + testAccCheckResourceAttrRegionalARN(resourceName, "arn", "lambda", fmt.Sprintf("function:%s", funcName)), resource.TestCheckResourceAttr(resourceName, "environment.0.variables.foo", "baz"), resource.TestCheckResourceAttr(resourceName, "environment.0.variables.foo1", "bar1"), ), @@ -328,7 +327,7 @@ func TestAccAWSLambdaFunction_envVariables(t *testing.T) { Check: resource.ComposeTestCheckFunc( testAccCheckAwsLambdaFunctionExists(resourceName, funcName, &conf), testAccCheckAwsLambdaFunctionName(&conf, funcName), - testAccCheckAwsLambdaFunctionArnHasSuffix(&conf, ":"+funcName), + testAccCheckResourceAttrRegionalARN(resourceName, "arn", "lambda", fmt.Sprintf("function:%s", funcName)), resource.TestCheckNoResourceAttr(resourceName, "environment"), ), }, @@ -357,7 +356,7 @@ func TestAccAWSLambdaFunction_encryptedEnvVariables(t *testing.T) { Check: resource.ComposeTestCheckFunc( testAccCheckAwsLambdaFunctionExists(resourceName, funcName, &conf), testAccCheckAwsLambdaFunctionName(&conf, funcName), - testAccCheckAwsLambdaFunctionArnHasSuffix(&conf, ":"+funcName), + testAccCheckResourceAttrRegionalARN(resourceName, "arn", "lambda", fmt.Sprintf("function:%s", funcName)), resource.TestCheckResourceAttr(resourceName, "environment.0.variables.foo", "bar"), testAccMatchResourceAttrRegionalARN(resourceName, "kms_key_arn", "kms", regexp.MustCompile(`key/.+`)), ), @@ -373,7 +372,7 @@ func TestAccAWSLambdaFunction_encryptedEnvVariables(t *testing.T) { Check: resource.ComposeTestCheckFunc( testAccCheckAwsLambdaFunctionExists(resourceName, funcName, &conf), testAccCheckAwsLambdaFunctionName(&conf, funcName), - testAccCheckAwsLambdaFunctionArnHasSuffix(&conf, ":"+funcName), + testAccCheckResourceAttrRegionalARN(resourceName, "arn", "lambda", fmt.Sprintf("function:%s", funcName)), resource.TestCheckResourceAttr(resourceName, "environment.0.variables.foo", "bar"), resource.TestCheckResourceAttr(resourceName, "kms_key_arn", ""), ), @@ -392,6 +391,8 @@ func TestAccAWSLambdaFunction_versioned(t *testing.T) { sgName := fmt.Sprintf("tf_acc_sg_lambda_func_versioned_%s", rString) resourceName := "aws_lambda_function.test" + version := "1" + resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, Providers: testAccProviders, @@ -402,11 +403,11 @@ func TestAccAWSLambdaFunction_versioned(t *testing.T) { Check: resource.ComposeTestCheckFunc( testAccCheckAwsLambdaFunctionExists(resourceName, funcName, &conf), testAccCheckAwsLambdaFunctionName(&conf, funcName), - testAccCheckAwsLambdaFunctionArnHasSuffix(&conf, ":"+funcName), - resource.TestMatchResourceAttr(resourceName, "version", - regexp.MustCompile("^[0-9]+$")), - resource.TestMatchResourceAttr(resourceName, "qualified_arn", - regexp.MustCompile(":"+funcName+":[0-9]+$")), + testAccCheckResourceAttrRegionalARN(resourceName, "arn", "lambda", fmt.Sprintf("function:%s", funcName)), + resource.TestMatchResourceAttr(resourceName, "version", regexp.MustCompile("^[0-9]+$")), + resource.TestCheckResourceAttr(resourceName, "version", version), + testAccMatchResourceAttrRegionalARN(resourceName, "qualified_arn", "lambda", regexp.MustCompile(fmt.Sprintf("function:%s:[0-9]+$", funcName))), + testAccCheckResourceAttrRegionalARN(resourceName, "qualified_arn", "lambda", fmt.Sprintf("function:%s:%s", funcName, version)), ), }, { @@ -437,6 +438,9 @@ func TestAccAWSLambdaFunction_versionedUpdate(t *testing.T) { var timeBeforeUpdate time.Time + version := "2" + versionUpdated := "3" + resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, Providers: testAccProviders, @@ -456,11 +460,9 @@ func TestAccAWSLambdaFunction_versionedUpdate(t *testing.T) { Check: resource.ComposeTestCheckFunc( testAccCheckAwsLambdaFunctionExists(resourceName, funcName, &conf), testAccCheckAwsLambdaFunctionName(&conf, funcName), - testAccCheckAwsLambdaFunctionArnHasSuffix(&conf, ":"+funcName), - resource.TestMatchResourceAttr(resourceName, "version", - regexp.MustCompile("^2$")), - resource.TestMatchResourceAttr(resourceName, "qualified_arn", - regexp.MustCompile(":"+funcName+":[0-9]+$")), + testAccCheckResourceAttrRegionalARN(resourceName, "arn", "lambda", fmt.Sprintf("function:%s", funcName)), + resource.TestCheckResourceAttr(resourceName, "version", "2"), + testAccCheckResourceAttrRegionalARN(resourceName, "qualified_arn", "lambda", fmt.Sprintf("function:%s:%s", funcName, version)), func(s *terraform.State) error { return testAccCheckAttributeIsDateAfter(s, resourceName, "last_modified", timeBeforeUpdate) }, @@ -474,11 +476,9 @@ func TestAccAWSLambdaFunction_versionedUpdate(t *testing.T) { Check: resource.ComposeTestCheckFunc( testAccCheckAwsLambdaFunctionExists(resourceName, funcName, &conf), testAccCheckAwsLambdaFunctionName(&conf, funcName), - testAccCheckAwsLambdaFunctionArnHasSuffix(&conf, ":"+funcName), - resource.TestMatchResourceAttr(resourceName, "version", - regexp.MustCompile("^3$")), - resource.TestMatchResourceAttr(resourceName, "qualified_arn", - regexp.MustCompile(":"+funcName+":[0-9]+$")), + testAccCheckResourceAttrRegionalARN(resourceName, "arn", "lambda", fmt.Sprintf("function:%s", funcName)), + resource.TestMatchResourceAttr(resourceName, "version", regexp.MustCompile("^3$")), + testAccCheckResourceAttrRegionalARN(resourceName, "qualified_arn", "lambda", fmt.Sprintf("function:%s:%s", funcName, versionUpdated)), resource.TestCheckResourceAttr(resourceName, "runtime", lambda.RuntimeNodejs10X), func(s *terraform.State) error { return testAccCheckAttributeIsDateAfter(s, resourceName, "last_modified", timeBeforeUpdate) @@ -516,7 +516,7 @@ func TestAccAWSLambdaFunction_DeadLetterConfig(t *testing.T) { Check: resource.ComposeTestCheckFunc( testAccCheckAwsLambdaFunctionExists(resourceName, funcName, &conf), testAccCheckAwsLambdaFunctionName(&conf, funcName), - testAccCheckAwsLambdaFunctionArnHasSuffix(&conf, ":"+funcName), + testAccCheckResourceAttrRegionalARN(resourceName, "arn", "lambda", fmt.Sprintf("function:%s", funcName)), func(s *terraform.State) error { if !strings.HasSuffix(*conf.Configuration.DeadLetterConfig.TargetArn, ":"+topicName) { return fmt.Errorf( @@ -635,7 +635,7 @@ func TestAccAWSLambdaFunction_tracingConfig(t *testing.T) { Check: resource.ComposeTestCheckFunc( testAccCheckAwsLambdaFunctionExists(resourceName, funcName, &conf), testAccCheckAwsLambdaFunctionName(&conf, funcName), - testAccCheckAwsLambdaFunctionArnHasSuffix(&conf, ":"+funcName), + testAccCheckResourceAttrRegionalARN(resourceName, "arn", "lambda", fmt.Sprintf("function:%s", funcName)), resource.TestCheckResourceAttr(resourceName, "tracing_config.0.mode", "Active"), ), }, @@ -650,7 +650,7 @@ func TestAccAWSLambdaFunction_tracingConfig(t *testing.T) { Check: resource.ComposeTestCheckFunc( testAccCheckAwsLambdaFunctionExists(resourceName, funcName, &conf), testAccCheckAwsLambdaFunctionName(&conf, funcName), - testAccCheckAwsLambdaFunctionArnHasSuffix(&conf, ":"+funcName), + testAccCheckResourceAttrRegionalARN(resourceName, "arn", "lambda", fmt.Sprintf("function:%s", funcName)), resource.TestCheckResourceAttr(resourceName, "tracing_config.0.mode", "PassThrough"), ), }, @@ -712,7 +712,7 @@ func TestAccAWSLambdaFunction_Layers(t *testing.T) { Check: resource.ComposeTestCheckFunc( testAccCheckAwsLambdaFunctionExists(resourceName, funcName, &conf), testAccCheckAwsLambdaFunctionName(&conf, funcName), - testAccCheckAwsLambdaFunctionArnHasSuffix(&conf, ":"+funcName), + testAccCheckResourceAttrRegionalARN(resourceName, "arn", "lambda", fmt.Sprintf("function:%s", funcName)), testAccCheckAWSLambdaFunctionVersion(&conf, "$LATEST"), resource.TestCheckResourceAttr(resourceName, "layers.#", "1"), ), @@ -749,7 +749,7 @@ func TestAccAWSLambdaFunction_LayersUpdate(t *testing.T) { Check: resource.ComposeTestCheckFunc( testAccCheckAwsLambdaFunctionExists(resourceName, funcName, &conf), testAccCheckAwsLambdaFunctionName(&conf, funcName), - testAccCheckAwsLambdaFunctionArnHasSuffix(&conf, ":"+funcName), + testAccCheckResourceAttrRegionalARN(resourceName, "arn", "lambda", fmt.Sprintf("function:%s", funcName)), testAccCheckAWSLambdaFunctionVersion(&conf, "$LATEST"), resource.TestCheckResourceAttr(resourceName, "layers.#", "1"), ), @@ -765,7 +765,7 @@ func TestAccAWSLambdaFunction_LayersUpdate(t *testing.T) { Check: resource.ComposeTestCheckFunc( testAccCheckAwsLambdaFunctionExists(resourceName, funcName, &conf), testAccCheckAwsLambdaFunctionName(&conf, funcName), - testAccCheckAwsLambdaFunctionArnHasSuffix(&conf, ":"+funcName), + testAccCheckResourceAttrRegionalARN(resourceName, "arn", "lambda", fmt.Sprintf("function:%s", funcName)), testAccCheckAWSLambdaFunctionVersion(&conf, "$LATEST"), resource.TestCheckResourceAttr(resourceName, "layers.#", "2"), ), @@ -794,7 +794,7 @@ func TestAccAWSLambdaFunction_VPC(t *testing.T) { Check: resource.ComposeTestCheckFunc( testAccCheckAwsLambdaFunctionExists(resourceName, funcName, &conf), testAccCheckAwsLambdaFunctionName(&conf, funcName), - testAccCheckAwsLambdaFunctionArnHasSuffix(&conf, ":"+funcName), + testAccCheckResourceAttrRegionalARN(resourceName, "arn", "lambda", fmt.Sprintf("function:%s", funcName)), testAccCheckAWSLambdaFunctionVersion(&conf, "$LATEST"), resource.TestCheckResourceAttr(resourceName, "vpc_config.#", "1"), resource.TestCheckResourceAttr(resourceName, "vpc_config.0.subnet_ids.#", "1"), @@ -868,7 +868,7 @@ func TestAccAWSLambdaFunction_VPCUpdate(t *testing.T) { Check: resource.ComposeTestCheckFunc( testAccCheckAwsLambdaFunctionExists(resourceName, funcName, &conf), testAccCheckAwsLambdaFunctionName(&conf, funcName), - testAccCheckAwsLambdaFunctionArnHasSuffix(&conf, ":"+funcName), + testAccCheckResourceAttrRegionalARN(resourceName, "arn", "lambda", fmt.Sprintf("function:%s", funcName)), testAccCheckAWSLambdaFunctionVersion(&conf, "$LATEST"), resource.TestCheckResourceAttr(resourceName, "vpc_config.#", "1"), resource.TestCheckResourceAttr(resourceName, "vpc_config.0.subnet_ids.#", "1"), @@ -886,7 +886,7 @@ func TestAccAWSLambdaFunction_VPCUpdate(t *testing.T) { Check: resource.ComposeTestCheckFunc( testAccCheckAwsLambdaFunctionExists(resourceName, funcName, &conf), testAccCheckAwsLambdaFunctionName(&conf, funcName), - testAccCheckAwsLambdaFunctionArnHasSuffix(&conf, ":"+funcName), + testAccCheckResourceAttrRegionalARN(resourceName, "arn", "lambda", fmt.Sprintf("function:%s", funcName)), testAccCheckAWSLambdaFunctionVersion(&conf, "$LATEST"), resource.TestCheckResourceAttr(resourceName, "vpc_config.#", "1"), resource.TestCheckResourceAttr(resourceName, "vpc_config.0.subnet_ids.#", "2"), @@ -1009,7 +1009,7 @@ func TestAccAWSLambdaFunction_s3(t *testing.T) { Check: resource.ComposeTestCheckFunc( testAccCheckAwsLambdaFunctionExists(resourceName, funcName, &conf), testAccCheckAwsLambdaFunctionName(&conf, funcName), - testAccCheckAwsLambdaFunctionArnHasSuffix(&conf, ":"+funcName), + testAccCheckResourceAttrRegionalARN(resourceName, "arn", "lambda", fmt.Sprintf("function:%s", funcName)), testAccCheckAWSLambdaFunctionVersion(&conf, "$LATEST"), ), }, @@ -1054,7 +1054,7 @@ func TestAccAWSLambdaFunction_localUpdate(t *testing.T) { Check: resource.ComposeTestCheckFunc( testAccCheckAwsLambdaFunctionExists(resourceName, funcName, &conf), testAccCheckAwsLambdaFunctionName(&conf, funcName), - testAccCheckAwsLambdaFunctionArnHasSuffix(&conf, funcName), + testAccCheckResourceAttrRegionalARN(resourceName, "arn", "lambda", fmt.Sprintf("function:%s", funcName)), testAccCheckAwsLambdaSourceCodeHash(&conf, "8DPiX+G1l2LQ8hjBkwRchQFf1TSCEvPrYGRKlM9UoyY="), ), }, @@ -1075,7 +1075,7 @@ func TestAccAWSLambdaFunction_localUpdate(t *testing.T) { Check: resource.ComposeTestCheckFunc( testAccCheckAwsLambdaFunctionExists(resourceName, funcName, &conf), testAccCheckAwsLambdaFunctionName(&conf, funcName), - testAccCheckAwsLambdaFunctionArnHasSuffix(&conf, funcName), + testAccCheckResourceAttrRegionalARN(resourceName, "arn", "lambda", fmt.Sprintf("function:%s", funcName)), testAccCheckAwsLambdaSourceCodeHash(&conf, "0tdaP9H9hsk9c2CycSwOG/sa/x5JyAmSYunA/ce99Pg="), func(s *terraform.State) error { return testAccCheckAttributeIsDateAfter(s, resourceName, "last_modified", timeBeforeUpdate) @@ -1121,7 +1121,7 @@ func TestAccAWSLambdaFunction_localUpdate_nameOnly(t *testing.T) { Check: resource.ComposeTestCheckFunc( testAccCheckAwsLambdaFunctionExists(resourceName, funcName, &conf), testAccCheckAwsLambdaFunctionName(&conf, funcName), - testAccCheckAwsLambdaFunctionArnHasSuffix(&conf, funcName), + testAccCheckResourceAttrRegionalARN(resourceName, "arn", "lambda", fmt.Sprintf("function:%s", funcName)), testAccCheckAwsLambdaSourceCodeHash(&conf, "8DPiX+G1l2LQ8hjBkwRchQFf1TSCEvPrYGRKlM9UoyY="), ), }, @@ -1141,7 +1141,7 @@ func TestAccAWSLambdaFunction_localUpdate_nameOnly(t *testing.T) { Check: resource.ComposeTestCheckFunc( testAccCheckAwsLambdaFunctionExists(resourceName, funcName, &conf), testAccCheckAwsLambdaFunctionName(&conf, funcName), - testAccCheckAwsLambdaFunctionArnHasSuffix(&conf, funcName), + testAccCheckResourceAttrRegionalARN(resourceName, "arn", "lambda", fmt.Sprintf("function:%s", funcName)), testAccCheckAwsLambdaSourceCodeHash(&conf, "0tdaP9H9hsk9c2CycSwOG/sa/x5JyAmSYunA/ce99Pg="), ), }, @@ -1182,7 +1182,7 @@ func TestAccAWSLambdaFunction_s3Update_basic(t *testing.T) { Check: resource.ComposeTestCheckFunc( testAccCheckAwsLambdaFunctionExists(resourceName, funcName, &conf), testAccCheckAwsLambdaFunctionName(&conf, funcName), - testAccCheckAwsLambdaFunctionArnHasSuffix(&conf, funcName), + testAccCheckResourceAttrRegionalARN(resourceName, "arn", "lambda", fmt.Sprintf("function:%s", funcName)), testAccCheckAwsLambdaSourceCodeHash(&conf, "8DPiX+G1l2LQ8hjBkwRchQFf1TSCEvPrYGRKlM9UoyY="), ), }, @@ -1203,7 +1203,7 @@ func TestAccAWSLambdaFunction_s3Update_basic(t *testing.T) { Check: resource.ComposeTestCheckFunc( testAccCheckAwsLambdaFunctionExists(resourceName, funcName, &conf), testAccCheckAwsLambdaFunctionName(&conf, funcName), - testAccCheckAwsLambdaFunctionArnHasSuffix(&conf, funcName), + testAccCheckResourceAttrRegionalARN(resourceName, "arn", "lambda", fmt.Sprintf("function:%s", funcName)), testAccCheckAwsLambdaSourceCodeHash(&conf, "0tdaP9H9hsk9c2CycSwOG/sa/x5JyAmSYunA/ce99Pg="), ), }, @@ -1244,7 +1244,7 @@ func TestAccAWSLambdaFunction_s3Update_unversioned(t *testing.T) { Check: resource.ComposeTestCheckFunc( testAccCheckAwsLambdaFunctionExists(resourceName, funcName, &conf), testAccCheckAwsLambdaFunctionName(&conf, funcName), - testAccCheckAwsLambdaFunctionArnHasSuffix(&conf, funcName), + testAccCheckResourceAttrRegionalARN(resourceName, "arn", "lambda", fmt.Sprintf("function:%s", funcName)), testAccCheckAwsLambdaSourceCodeHash(&conf, "8DPiX+G1l2LQ8hjBkwRchQFf1TSCEvPrYGRKlM9UoyY="), ), }, @@ -1265,7 +1265,7 @@ func TestAccAWSLambdaFunction_s3Update_unversioned(t *testing.T) { Check: resource.ComposeTestCheckFunc( testAccCheckAwsLambdaFunctionExists(resourceName, funcName, &conf), testAccCheckAwsLambdaFunctionName(&conf, funcName), - testAccCheckAwsLambdaFunctionArnHasSuffix(&conf, funcName), + testAccCheckResourceAttrRegionalARN(resourceName, "arn", "lambda", fmt.Sprintf("function:%s", funcName)), testAccCheckAwsLambdaSourceCodeHash(&conf, "0tdaP9H9hsk9c2CycSwOG/sa/x5JyAmSYunA/ce99Pg="), ), }, @@ -1473,7 +1473,7 @@ func TestAccAWSLambdaFunction_tags(t *testing.T) { Check: resource.ComposeTestCheckFunc( testAccCheckAwsLambdaFunctionExists(resourceName, funcName, &conf), testAccCheckAwsLambdaFunctionName(&conf, funcName), - testAccCheckAwsLambdaFunctionArnHasSuffix(&conf, ":"+funcName), + testAccCheckResourceAttrRegionalARN(resourceName, "arn", "lambda", fmt.Sprintf("function:%s", funcName)), resource.TestCheckNoResourceAttr(resourceName, "tags"), ), }, @@ -1488,7 +1488,7 @@ func TestAccAWSLambdaFunction_tags(t *testing.T) { Check: resource.ComposeTestCheckFunc( testAccCheckAwsLambdaFunctionExists(resourceName, funcName, &conf), testAccCheckAwsLambdaFunctionName(&conf, funcName), - testAccCheckAwsLambdaFunctionArnHasSuffix(&conf, ":"+funcName), + testAccCheckResourceAttrRegionalARN(resourceName, "arn", "lambda", fmt.Sprintf("function:%s", funcName)), resource.TestCheckResourceAttr(resourceName, "tags.%", "2"), resource.TestCheckResourceAttr(resourceName, "tags.Key1", "Value One"), resource.TestCheckResourceAttr(resourceName, "tags.Description", "Very interesting"), @@ -1499,7 +1499,7 @@ func TestAccAWSLambdaFunction_tags(t *testing.T) { Check: resource.ComposeTestCheckFunc( testAccCheckAwsLambdaFunctionExists(resourceName, funcName, &conf), testAccCheckAwsLambdaFunctionName(&conf, funcName), - testAccCheckAwsLambdaFunctionArnHasSuffix(&conf, ":"+funcName), + testAccCheckResourceAttrRegionalARN(resourceName, "arn", "lambda", fmt.Sprintf("function:%s", funcName)), resource.TestCheckResourceAttr(resourceName, "tags.%", "3"), resource.TestCheckResourceAttr(resourceName, "tags.Key1", "Value One Changed"), resource.TestCheckResourceAttr(resourceName, "tags.Key2", "Value Two"), @@ -1793,6 +1793,13 @@ func testAccCheckAwsLambdaFunctionExists(res, funcName string, function *lambda. } } +func testAccCheckAwsLambdaFunctionInvokeArn(name string, function *lambda.GetFunctionOutput) resource.TestCheckFunc { + return func(s *terraform.State) error { + arn := aws.StringValue(function.Configuration.FunctionArn) + return testAccCheckResourceAttrRegionalARNAccountID(name, "invoke_arn", "lambda", "apigateway", fmt.Sprintf("path/2015-03-31/functions/%s/invocations", arn))(s) + } +} + func testAccAwsInvokeLambdaFunction(function *lambda.GetFunctionOutput) resource.TestCheckFunc { return func(s *terraform.State) error { f := function.Configuration @@ -1828,17 +1835,6 @@ func testAccCheckAWSLambdaFunctionVersion(function *lambda.GetFunctionOutput, ex } } -func testAccCheckAwsLambdaFunctionArnHasSuffix(function *lambda.GetFunctionOutput, arnSuffix string) resource.TestCheckFunc { - return func(s *terraform.State) error { - c := function.Configuration - if !strings.HasSuffix(*c.FunctionArn, arnSuffix) { - return fmt.Errorf("Expected function ARN %s to have suffix %s", *c.FunctionArn, arnSuffix) - } - - return nil - } -} - func testAccCheckAwsLambdaSourceCodeHash(function *lambda.GetFunctionOutput, expectedHash string) resource.TestCheckFunc { return func(s *terraform.State) error { c := function.Configuration diff --git a/aws/resource_aws_lambda_permission.go b/aws/resource_aws_lambda_permission.go index 13432902100..e1914f9ddd0 100644 --- a/aws/resource_aws_lambda_permission.go +++ b/aws/resource_aws_lambda_permission.go @@ -385,8 +385,7 @@ func getLambdaPolicyStatement(out *lambda.GetPolicyOutput, statemendId string) ( return findLambdaPolicyStatementById(&policy, statemendId) } -func findLambdaPolicyStatementById(policy *LambdaPolicy, id string) ( - *LambdaPolicyStatement, error) { +func findLambdaPolicyStatementById(policy *LambdaPolicy, id string) (*LambdaPolicyStatement, error) { log.Printf("[DEBUG] Received %d statements in Lambda policy: %s", len(policy.Statement), policy.Statement) for _, statement := range policy.Statement { diff --git a/aws/resource_aws_lambda_permission_test.go b/aws/resource_aws_lambda_permission_test.go index 12f651111e5..9848ae98fd3 100644 --- a/aws/resource_aws_lambda_permission_test.go +++ b/aws/resource_aws_lambda_permission_test.go @@ -170,7 +170,9 @@ func TestAccAWSLambdaPermission_basic(t *testing.T) { rString := acctest.RandString(8) funcName := fmt.Sprintf("tf_acc_lambda_perm_basic_%s", rString) roleName := fmt.Sprintf("tf_acc_role_lambda_perm_basic_%s", rString) - funcArnRe := regexp.MustCompile(":function:" + funcName + "$") + + resourceName := "aws_lambda_permission.allow_cloudwatch" + functionResourceName := "aws_lambda_function.test" resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, @@ -180,19 +182,19 @@ func TestAccAWSLambdaPermission_basic(t *testing.T) { { Config: testAccAWSLambdaPermissionConfig(funcName, roleName), Check: resource.ComposeTestCheckFunc( - testAccCheckLambdaPermissionExists("aws_lambda_permission.allow_cloudwatch", &statement), - resource.TestCheckResourceAttr("aws_lambda_permission.allow_cloudwatch", "action", "lambda:InvokeFunction"), - resource.TestCheckResourceAttr("aws_lambda_permission.allow_cloudwatch", "principal", "events.amazonaws.com"), - resource.TestCheckResourceAttr("aws_lambda_permission.allow_cloudwatch", "statement_id", "AllowExecutionFromCloudWatch"), - resource.TestCheckResourceAttr("aws_lambda_permission.allow_cloudwatch", "qualifier", ""), - resource.TestMatchResourceAttr("aws_lambda_permission.allow_cloudwatch", "function_name", funcArnRe), - resource.TestCheckResourceAttr("aws_lambda_permission.allow_cloudwatch", "event_source_token", "test-event-source-token"), + testAccCheckLambdaPermissionExists(resourceName, &statement), + resource.TestCheckResourceAttr(resourceName, "action", "lambda:InvokeFunction"), + resource.TestCheckResourceAttr(resourceName, "principal", "events.amazonaws.com"), + resource.TestCheckResourceAttr(resourceName, "statement_id", "AllowExecutionFromCloudWatch"), + resource.TestCheckResourceAttr(resourceName, "qualifier", ""), + resource.TestCheckResourceAttrPair(resourceName, "function_name", functionResourceName, "arn"), + resource.TestCheckResourceAttr(resourceName, "event_source_token", "test-event-source-token"), ), }, { - ResourceName: "aws_lambda_permission.allow_cloudwatch", + ResourceName: resourceName, ImportState: true, - ImportStateIdFunc: testAccAWSCLambdaPermissionImportStateIdFunc("aws_lambda_permission.allow_cloudwatch"), + ImportStateIdFunc: testAccAWSCLambdaPermissionImportStateIdFunc(resourceName), ImportStateVerify: true, }, }, @@ -221,7 +223,9 @@ func TestAccAWSLambdaPermission_withRawFunctionName(t *testing.T) { rString := acctest.RandString(8) funcName := fmt.Sprintf("tf_acc_lambda_perm_w_raw_fname_%s", rString) roleName := fmt.Sprintf("tf_acc_role_lambda_perm_w_raw_fname_%s", rString) - funcArnRe := regexp.MustCompile(":function:" + funcName + "$") + + resourceName := "aws_lambda_permission.with_raw_func_name" + functionResourceName := "aws_lambda_function.test" resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, @@ -231,17 +235,17 @@ func TestAccAWSLambdaPermission_withRawFunctionName(t *testing.T) { { Config: testAccAWSLambdaPermissionConfig_withRawFunctionName(funcName, roleName), Check: resource.ComposeTestCheckFunc( - testAccCheckLambdaPermissionExists("aws_lambda_permission.with_raw_func_name", &statement), - resource.TestCheckResourceAttr("aws_lambda_permission.with_raw_func_name", "action", "lambda:InvokeFunction"), - resource.TestCheckResourceAttr("aws_lambda_permission.with_raw_func_name", "principal", "events.amazonaws.com"), - resource.TestCheckResourceAttr("aws_lambda_permission.with_raw_func_name", "statement_id", "AllowExecutionWithRawFuncName"), - resource.TestMatchResourceAttr("aws_lambda_permission.with_raw_func_name", "function_name", funcArnRe), + testAccCheckLambdaPermissionExists(resourceName, &statement), + resource.TestCheckResourceAttr(resourceName, "action", "lambda:InvokeFunction"), + resource.TestCheckResourceAttr(resourceName, "principal", "events.amazonaws.com"), + resource.TestCheckResourceAttr(resourceName, "statement_id", "AllowExecutionWithRawFuncName"), + resource.TestCheckResourceAttrPair(resourceName, "function_name", functionResourceName, "arn"), ), }, { - ResourceName: "aws_lambda_permission.with_raw_func_name", + ResourceName: resourceName, ImportState: true, - ImportStateIdFunc: testAccAWSCLambdaPermissionImportStateIdFunc("aws_lambda_permission.with_raw_func_name"), + ImportStateIdFunc: testAccAWSCLambdaPermissionImportStateIdFunc(resourceName), ImportStateVerify: true, }, }, @@ -252,9 +256,11 @@ func TestAccAWSLambdaPermission_withStatementIdPrefix(t *testing.T) { var statement LambdaPolicyStatement rName := acctest.RandomWithPrefix("tf-acc-test") - endsWithFuncName := regexp.MustCompile(":function:lambda_function_name_perm$") startsWithPrefix := regexp.MustCompile("^AllowExecutionWithStatementIdPrefix-") + resourceName := "aws_lambda_permission.with_statement_id_prefix" + functionResourceName := "aws_lambda_function.test" + resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, Providers: testAccProviders, @@ -263,17 +269,17 @@ func TestAccAWSLambdaPermission_withStatementIdPrefix(t *testing.T) { { Config: testAccAWSLambdaPermissionConfig_withStatementIdPrefix(rName), Check: resource.ComposeTestCheckFunc( - testAccCheckLambdaPermissionExists("aws_lambda_permission.with_statement_id_prefix", &statement), - resource.TestCheckResourceAttr("aws_lambda_permission.with_statement_id_prefix", "action", "lambda:InvokeFunction"), - resource.TestCheckResourceAttr("aws_lambda_permission.with_statement_id_prefix", "principal", "events.amazonaws.com"), - resource.TestMatchResourceAttr("aws_lambda_permission.with_statement_id_prefix", "statement_id", startsWithPrefix), - resource.TestMatchResourceAttr("aws_lambda_permission.with_statement_id_prefix", "function_name", endsWithFuncName), + testAccCheckLambdaPermissionExists(resourceName, &statement), + resource.TestCheckResourceAttr(resourceName, "action", "lambda:InvokeFunction"), + resource.TestCheckResourceAttr(resourceName, "principal", "events.amazonaws.com"), + resource.TestMatchResourceAttr(resourceName, "statement_id", startsWithPrefix), + resource.TestCheckResourceAttrPair(resourceName, "function_name", functionResourceName, "arn"), ), }, { - ResourceName: "aws_lambda_permission.with_statement_id_prefix", + ResourceName: resourceName, ImportState: true, - ImportStateIdFunc: testAccAWSCLambdaPermissionImportStateIdFunc("aws_lambda_permission.with_statement_id_prefix"), + ImportStateIdFunc: testAccAWSCLambdaPermissionImportStateIdFunc(resourceName), ImportStateVerify: true, ImportStateVerifyIgnore: []string{"statement_id_prefix"}, }, @@ -288,7 +294,9 @@ func TestAccAWSLambdaPermission_withQualifier(t *testing.T) { aliasName := fmt.Sprintf("tf_acc_lambda_perm_alias_w_qualifier_%s", rString) funcName := fmt.Sprintf("tf_acc_lambda_perm_w_qualifier_%s", rString) roleName := fmt.Sprintf("tf_acc_role_lambda_perm_w_qualifier_%s", rString) - funcArnRe := regexp.MustCompile(":function:" + funcName + "$") + + resourceName := "aws_lambda_permission.with_qualifier" + functionResourceName := "aws_lambda_function.test" resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, @@ -298,18 +306,18 @@ func TestAccAWSLambdaPermission_withQualifier(t *testing.T) { { Config: testAccAWSLambdaPermissionConfig_withQualifier(aliasName, funcName, roleName), Check: resource.ComposeTestCheckFunc( - testAccCheckLambdaPermissionExists("aws_lambda_permission.with_qualifier", &statement), - resource.TestCheckResourceAttr("aws_lambda_permission.with_qualifier", "action", "lambda:InvokeFunction"), - resource.TestCheckResourceAttr("aws_lambda_permission.with_qualifier", "principal", "events.amazonaws.com"), - resource.TestCheckResourceAttr("aws_lambda_permission.with_qualifier", "statement_id", "AllowExecutionWithQualifier"), - resource.TestMatchResourceAttr("aws_lambda_permission.with_qualifier", "function_name", funcArnRe), - resource.TestCheckResourceAttr("aws_lambda_permission.with_qualifier", "qualifier", aliasName), + testAccCheckLambdaPermissionExists(resourceName, &statement), + resource.TestCheckResourceAttr(resourceName, "action", "lambda:InvokeFunction"), + resource.TestCheckResourceAttr(resourceName, "principal", "events.amazonaws.com"), + resource.TestCheckResourceAttr(resourceName, "statement_id", "AllowExecutionWithQualifier"), + resource.TestCheckResourceAttrPair(resourceName, "function_name", functionResourceName, "arn"), + resource.TestCheckResourceAttr(resourceName, "qualifier", aliasName), ), }, { - ResourceName: "aws_lambda_permission.with_qualifier", + ResourceName: resourceName, ImportState: true, - ImportStateIdFunc: testAccAWSCLambdaPermissionImportStateIdFunc("aws_lambda_permission.with_qualifier"), + ImportStateIdFunc: testAccAWSCLambdaPermissionImportStateIdFunc(resourceName), ImportStateVerify: true, }, }, @@ -323,6 +331,8 @@ func TestAccAWSLambdaPermission_disappears(t *testing.T) { funcName := fmt.Sprintf("tf_acc_lambda_perm_multi_%s", rString) roleName := fmt.Sprintf("tf_acc_role_lambda_perm_multi_%s", rString) + resourceName := "aws_lambda_permission.first" + resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, Providers: testAccProviders, @@ -333,7 +343,7 @@ func TestAccAWSLambdaPermission_disappears(t *testing.T) { { Config: testAccAWSLambdaPermissionConfig_multiplePerms(funcName, roleName), Check: resource.ComposeTestCheckFunc( - testAccAWSLambdaPermissionDisappears("aws_lambda_permission.first", &statement), + testAccAWSLambdaPermissionDisappears(resourceName, &statement), ), ExpectNonEmptyPlan: true, }, @@ -351,7 +361,12 @@ func TestAccAWSLambdaPermission_multiplePerms(t *testing.T) { rString := acctest.RandString(8) funcName := fmt.Sprintf("tf_acc_lambda_perm_multi_%s", rString) roleName := fmt.Sprintf("tf_acc_role_lambda_perm_multi_%s", rString) - funcArnRe := regexp.MustCompile(":function:" + funcName + "$") + + resourceNameFirst := "aws_lambda_permission.first" + resourceNameSecond := "aws_lambda_permission.second" + resourceNameSecondModified := "aws_lambda_permission.sec0nd" + resourceNameThird := "aws_lambda_permission.third" + functionResourceName := "aws_lambda_function.test" resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, @@ -362,52 +377,52 @@ func TestAccAWSLambdaPermission_multiplePerms(t *testing.T) { Config: testAccAWSLambdaPermissionConfig_multiplePerms(funcName, roleName), Check: resource.ComposeTestCheckFunc( // 1st - testAccCheckLambdaPermissionExists("aws_lambda_permission.first", &firstStatement), - resource.TestCheckResourceAttr("aws_lambda_permission.first", "action", "lambda:InvokeFunction"), - resource.TestCheckResourceAttr("aws_lambda_permission.first", "principal", "events.amazonaws.com"), - resource.TestCheckResourceAttr("aws_lambda_permission.first", "statement_id", "AllowExecutionFirst"), - resource.TestMatchResourceAttr("aws_lambda_permission.first", "function_name", funcArnRe), + testAccCheckLambdaPermissionExists(resourceNameFirst, &firstStatement), + resource.TestCheckResourceAttr(resourceNameFirst, "action", "lambda:InvokeFunction"), + resource.TestCheckResourceAttr(resourceNameFirst, "principal", "events.amazonaws.com"), + resource.TestCheckResourceAttr(resourceNameFirst, "statement_id", "AllowExecutionFirst"), + resource.TestCheckResourceAttrPair(resourceNameFirst, "function_name", functionResourceName, "arn"), // 2nd - testAccCheckLambdaPermissionExists("aws_lambda_permission.second", &firstStatementModified), - resource.TestCheckResourceAttr("aws_lambda_permission.second", "action", "lambda:*"), - resource.TestCheckResourceAttr("aws_lambda_permission.second", "principal", "events.amazonaws.com"), - resource.TestCheckResourceAttr("aws_lambda_permission.second", "statement_id", "AllowExecutionSecond"), - resource.TestMatchResourceAttr("aws_lambda_permission.second", "function_name", funcArnRe), + testAccCheckLambdaPermissionExists(resourceNameSecond, &firstStatementModified), + resource.TestCheckResourceAttr(resourceNameSecond, "action", "lambda:*"), + resource.TestCheckResourceAttr(resourceNameSecond, "principal", "events.amazonaws.com"), + resource.TestCheckResourceAttr(resourceNameSecond, "statement_id", "AllowExecutionSecond"), + resource.TestCheckResourceAttrPair(resourceNameSecond, "function_name", functionResourceName, "arn"), ), }, { Config: testAccAWSLambdaPermissionConfig_multiplePermsModified(funcName, roleName), Check: resource.ComposeTestCheckFunc( // 1st - testAccCheckLambdaPermissionExists("aws_lambda_permission.first", &secondStatement), - resource.TestCheckResourceAttr("aws_lambda_permission.first", "action", "lambda:InvokeFunction"), - resource.TestCheckResourceAttr("aws_lambda_permission.first", "principal", "events.amazonaws.com"), - resource.TestCheckResourceAttr("aws_lambda_permission.first", "statement_id", "AllowExecutionFirst"), - resource.TestMatchResourceAttr("aws_lambda_permission.first", "function_name", funcArnRe), + testAccCheckLambdaPermissionExists(resourceNameFirst, &secondStatement), + resource.TestCheckResourceAttr(resourceNameFirst, "action", "lambda:InvokeFunction"), + resource.TestCheckResourceAttr(resourceNameFirst, "principal", "events.amazonaws.com"), + resource.TestCheckResourceAttr(resourceNameFirst, "statement_id", "AllowExecutionFirst"), + resource.TestCheckResourceAttrPair(resourceNameFirst, "function_name", functionResourceName, "arn"), // 2nd - testAccCheckLambdaPermissionExists("aws_lambda_permission.sec0nd", &secondStatementModified), - resource.TestCheckResourceAttr("aws_lambda_permission.sec0nd", "action", "lambda:*"), - resource.TestCheckResourceAttr("aws_lambda_permission.sec0nd", "principal", "events.amazonaws.com"), - resource.TestCheckResourceAttr("aws_lambda_permission.sec0nd", "statement_id", "AllowExecutionSec0nd"), - resource.TestMatchResourceAttr("aws_lambda_permission.sec0nd", "function_name", funcArnRe), + testAccCheckLambdaPermissionExists(resourceNameSecondModified, &secondStatementModified), + resource.TestCheckResourceAttr(resourceNameSecondModified, "action", "lambda:*"), + resource.TestCheckResourceAttr(resourceNameSecondModified, "principal", "events.amazonaws.com"), + resource.TestCheckResourceAttr(resourceNameSecondModified, "statement_id", "AllowExecutionSec0nd"), + resource.TestCheckResourceAttrPair(resourceNameSecondModified, "function_name", functionResourceName, "arn"), // 3rd - testAccCheckLambdaPermissionExists("aws_lambda_permission.third", &thirdStatement), - resource.TestCheckResourceAttr("aws_lambda_permission.third", "action", "lambda:*"), - resource.TestCheckResourceAttr("aws_lambda_permission.third", "principal", "events.amazonaws.com"), - resource.TestCheckResourceAttr("aws_lambda_permission.third", "statement_id", "AllowExecutionThird"), - resource.TestMatchResourceAttr("aws_lambda_permission.third", "function_name", funcArnRe), + testAccCheckLambdaPermissionExists(resourceNameThird, &thirdStatement), + resource.TestCheckResourceAttr(resourceNameThird, "action", "lambda:*"), + resource.TestCheckResourceAttr(resourceNameThird, "principal", "events.amazonaws.com"), + resource.TestCheckResourceAttr(resourceNameThird, "statement_id", "AllowExecutionThird"), + resource.TestCheckResourceAttrPair(resourceNameThird, "function_name", functionResourceName, "arn"), ), }, { - ResourceName: "aws_lambda_permission.first", + ResourceName: resourceNameFirst, ImportState: true, - ImportStateIdFunc: testAccAWSCLambdaPermissionImportStateIdFunc("aws_lambda_permission.first"), + ImportStateIdFunc: testAccAWSCLambdaPermissionImportStateIdFunc(resourceNameFirst), ImportStateVerify: true, }, { - ResourceName: "aws_lambda_permission.sec0nd", + ResourceName: resourceNameSecondModified, ImportState: true, - ImportStateIdFunc: testAccAWSCLambdaPermissionImportStateIdFunc("aws_lambda_permission.sec0nd"), + ImportStateIdFunc: testAccAWSCLambdaPermissionImportStateIdFunc(resourceNameSecondModified), ImportStateVerify: true, }, }, @@ -421,7 +436,10 @@ func TestAccAWSLambdaPermission_withS3(t *testing.T) { bucketName := fmt.Sprintf("tf-acc-bucket-lambda-perm-w-s3-%s", rString) funcName := fmt.Sprintf("tf_acc_lambda_perm_w_s3_%s", rString) roleName := fmt.Sprintf("tf_acc_role_lambda_perm_w_s3_%s", rString) - funcArnRe := regexp.MustCompile(":function:" + funcName + "$") + + resourceName := "aws_lambda_permission.with_s3" + functionResourceName := "aws_lambda_function.test" + bucketResourceName := "aws_s3_bucket.default" resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, @@ -431,19 +449,18 @@ func TestAccAWSLambdaPermission_withS3(t *testing.T) { { Config: testAccAWSLambdaPermissionConfig_withS3(bucketName, funcName, roleName), Check: resource.ComposeTestCheckFunc( - testAccCheckLambdaPermissionExists("aws_lambda_permission.with_s3", &statement), - resource.TestCheckResourceAttr("aws_lambda_permission.with_s3", "action", "lambda:InvokeFunction"), - resource.TestCheckResourceAttr("aws_lambda_permission.with_s3", "principal", "s3.amazonaws.com"), - resource.TestCheckResourceAttr("aws_lambda_permission.with_s3", "statement_id", "AllowExecutionFromS3"), - resource.TestMatchResourceAttr("aws_lambda_permission.with_s3", "function_name", funcArnRe), - resource.TestCheckResourceAttr("aws_lambda_permission.with_s3", "source_arn", - fmt.Sprintf("arn:aws:s3:::%s", bucketName)), + testAccCheckLambdaPermissionExists(resourceName, &statement), + resource.TestCheckResourceAttr(resourceName, "action", "lambda:InvokeFunction"), + resource.TestCheckResourceAttr(resourceName, "principal", "s3.amazonaws.com"), + resource.TestCheckResourceAttr(resourceName, "statement_id", "AllowExecutionFromS3"), + resource.TestCheckResourceAttrPair(resourceName, "function_name", functionResourceName, "arn"), + resource.TestCheckResourceAttrPair(resourceName, "source_arn", bucketResourceName, "arn"), ), }, { - ResourceName: "aws_lambda_permission.with_s3", + ResourceName: resourceName, ImportState: true, - ImportStateIdFunc: testAccAWSCLambdaPermissionImportStateIdFunc("aws_lambda_permission.with_s3"), + ImportStateIdFunc: testAccAWSCLambdaPermissionImportStateIdFunc(resourceName), ImportStateVerify: true, }, }, @@ -458,8 +475,9 @@ func TestAccAWSLambdaPermission_withSNS(t *testing.T) { funcName := fmt.Sprintf("tf_acc_lambda_perm_w_sns_%s", rString) roleName := fmt.Sprintf("tf_acc_role_lambda_perm_w_sns_%s", rString) - funcArnRe := regexp.MustCompile(":function:" + funcName + "$") - topicArnRe := regexp.MustCompile(":" + topicName + "$") + resourceName := "aws_lambda_permission.with_sns" + functionResourceName := "aws_lambda_function.test" + snsTopicResourceName := "aws_sns_topic.default" resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, @@ -469,18 +487,18 @@ func TestAccAWSLambdaPermission_withSNS(t *testing.T) { { Config: testAccAWSLambdaPermissionConfig_withSNS(topicName, funcName, roleName), Check: resource.ComposeTestCheckFunc( - testAccCheckLambdaPermissionExists("aws_lambda_permission.with_sns", &statement), - resource.TestCheckResourceAttr("aws_lambda_permission.with_sns", "action", "lambda:InvokeFunction"), - resource.TestCheckResourceAttr("aws_lambda_permission.with_sns", "principal", "sns.amazonaws.com"), - resource.TestCheckResourceAttr("aws_lambda_permission.with_sns", "statement_id", "AllowExecutionFromSNS"), - resource.TestMatchResourceAttr("aws_lambda_permission.with_sns", "function_name", funcArnRe), - resource.TestMatchResourceAttr("aws_lambda_permission.with_sns", "source_arn", topicArnRe), + testAccCheckLambdaPermissionExists(resourceName, &statement), + resource.TestCheckResourceAttr(resourceName, "action", "lambda:InvokeFunction"), + resource.TestCheckResourceAttr(resourceName, "principal", "sns.amazonaws.com"), + resource.TestCheckResourceAttr(resourceName, "statement_id", "AllowExecutionFromSNS"), + resource.TestCheckResourceAttrPair(resourceName, "function_name", functionResourceName, "arn"), + resource.TestCheckResourceAttrPair(resourceName, "source_arn", snsTopicResourceName, "arn"), ), }, { - ResourceName: "aws_lambda_permission.with_sns", + ResourceName: resourceName, ImportState: true, - ImportStateIdFunc: testAccAWSCLambdaPermissionImportStateIdFunc("aws_lambda_permission.with_sns"), + ImportStateIdFunc: testAccAWSCLambdaPermissionImportStateIdFunc(resourceName), ImportStateVerify: true, }, }, @@ -493,8 +511,10 @@ func TestAccAWSLambdaPermission_withIAMRole(t *testing.T) { rString := acctest.RandString(8) funcName := fmt.Sprintf("tf_acc_lambda_perm_w_iam_%s", rString) roleName := fmt.Sprintf("tf_acc_role_lambda_perm_w_iam_%s", rString) - funcArnRe := regexp.MustCompile(":function:" + funcName + "$") - roleArnRe := regexp.MustCompile("/" + roleName + "$") + + resourceName := "aws_lambda_permission.iam_role" + iamRoleResourceName := "aws_iam_role.test" + functionResourceName := "aws_lambda_function.test" resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, @@ -504,17 +524,17 @@ func TestAccAWSLambdaPermission_withIAMRole(t *testing.T) { { Config: testAccAWSLambdaPermissionConfig_withIAMRole(funcName, roleName), Check: resource.ComposeTestCheckFunc( - testAccCheckLambdaPermissionExists("aws_lambda_permission.iam_role", &statement), - resource.TestCheckResourceAttr("aws_lambda_permission.iam_role", "action", "lambda:InvokeFunction"), - resource.TestMatchResourceAttr("aws_lambda_permission.iam_role", "principal", roleArnRe), - resource.TestCheckResourceAttr("aws_lambda_permission.iam_role", "statement_id", "AllowExecutionFromIAMRole"), - resource.TestMatchResourceAttr("aws_lambda_permission.iam_role", "function_name", funcArnRe), + testAccCheckLambdaPermissionExists(resourceName, &statement), + resource.TestCheckResourceAttr(resourceName, "action", "lambda:InvokeFunction"), + resource.TestCheckResourceAttrPair(resourceName, "principal", iamRoleResourceName, "arn"), + resource.TestCheckResourceAttr(resourceName, "statement_id", "AllowExecutionFromIAMRole"), + resource.TestCheckResourceAttrPair(resourceName, "function_name", functionResourceName, "arn"), ), }, { - ResourceName: "aws_lambda_permission.iam_role", + ResourceName: resourceName, ImportState: true, - ImportStateIdFunc: testAccAWSCLambdaPermissionImportStateIdFunc("aws_lambda_permission.iam_role"), + ImportStateIdFunc: testAccAWSCLambdaPermissionImportStateIdFunc(resourceName), ImportStateVerify: true, }, }, @@ -704,12 +724,12 @@ func testAccAWSLambdaPermissionConfig(funcName, roleName string) string { resource "aws_lambda_permission" "allow_cloudwatch" { statement_id = "AllowExecutionFromCloudWatch" action = "lambda:InvokeFunction" - function_name = aws_lambda_function.test_lambda.arn + function_name = aws_lambda_function.test.arn principal = "events.amazonaws.com" event_source_token = "test-event-source-token" } -resource "aws_lambda_function" "test_lambda" { +resource "aws_lambda_function" "test" { filename = "test-fixtures/lambdatest.zip" function_name = "%s" role = aws_iam_role.iam_for_lambda.arn @@ -792,11 +812,11 @@ func testAccAWSLambdaPermissionConfig_withRawFunctionName(funcName, roleName str resource "aws_lambda_permission" "with_raw_func_name" { statement_id = "AllowExecutionWithRawFuncName" action = "lambda:InvokeFunction" - function_name = aws_lambda_function.test_lambda.arn + function_name = aws_lambda_function.test.arn principal = "events.amazonaws.com" } -resource "aws_lambda_function" "test_lambda" { +resource "aws_lambda_function" "test" { filename = "test-fixtures/lambdatest.zip" function_name = "%s" role = aws_iam_role.iam_for_lambda.arn @@ -831,11 +851,11 @@ func testAccAWSLambdaPermissionConfig_withStatementIdPrefix(rName string) string resource "aws_lambda_permission" "with_statement_id_prefix" { statement_id_prefix = "AllowExecutionWithStatementIdPrefix-" action = "lambda:InvokeFunction" - function_name = aws_lambda_function.test_lambda.arn + function_name = aws_lambda_function.test.arn principal = "events.amazonaws.com" } -resource "aws_lambda_function" "test_lambda" { +resource "aws_lambda_function" "test" { filename = "test-fixtures/lambdatest.zip" function_name = "lambda_function_name_perm" role = aws_iam_role.iam_for_lambda.arn @@ -870,7 +890,7 @@ func testAccAWSLambdaPermissionConfig_withQualifier(aliasName, funcName, roleNam resource "aws_lambda_permission" "with_qualifier" { statement_id = "AllowExecutionWithQualifier" action = "lambda:InvokeFunction" - function_name = aws_lambda_function.test_lambda.arn + function_name = aws_lambda_function.test.arn principal = "events.amazonaws.com" source_account = "111122223333" source_arn = "arn:aws:events:eu-west-1:111122223333:rule/RunDaily" @@ -880,11 +900,11 @@ resource "aws_lambda_permission" "with_qualifier" { resource "aws_lambda_alias" "test_alias" { name = "%s" description = "a sample description" - function_name = aws_lambda_function.test_lambda.arn + function_name = aws_lambda_function.test.arn function_version = "$LATEST" } -resource "aws_lambda_function" "test_lambda" { +resource "aws_lambda_function" "test" { filename = "test-fixtures/lambdatest.zip" function_name = "%s" role = aws_iam_role.iam_for_lambda.arn @@ -918,19 +938,19 @@ var testAccAWSLambdaPermissionConfig_multiplePerms_tpl = ` resource "aws_lambda_permission" "first" { statement_id = "AllowExecutionFirst" action = "lambda:InvokeFunction" - function_name = aws_lambda_function.test_lambda.arn + function_name = aws_lambda_function.test.arn principal = "events.amazonaws.com" } resource "aws_lambda_permission" "%s" { statement_id = "%s" action = "lambda:*" - function_name = aws_lambda_function.test_lambda.arn + function_name = aws_lambda_function.test.arn principal = "events.amazonaws.com" } %s -resource "aws_lambda_function" "test_lambda" { +resource "aws_lambda_function" "test" { filename = "test-fixtures/lambdatest.zip" function_name = "%s" role = aws_iam_role.iam_for_lambda.arn @@ -969,7 +989,7 @@ func testAccAWSLambdaPermissionConfig_multiplePermsModified(funcName, roleName s resource "aws_lambda_permission" "third" { statement_id = "AllowExecutionThird" action = "lambda:*" - function_name = aws_lambda_function.test_lambda.arn + function_name = aws_lambda_function.test.arn principal = "events.amazonaws.com" } `, funcName, roleName) @@ -980,7 +1000,7 @@ func testAccAWSLambdaPermissionConfig_withS3(bucketName, funcName, roleName stri resource "aws_lambda_permission" "with_s3" { statement_id = "AllowExecutionFromS3" action = "lambda:InvokeFunction" - function_name = aws_lambda_function.my-func.arn + function_name = aws_lambda_function.test.arn principal = "s3.amazonaws.com" source_arn = aws_s3_bucket.default.arn } @@ -990,15 +1010,15 @@ resource "aws_s3_bucket" "default" { acl = "private" } -resource "aws_lambda_function" "my-func" { +resource "aws_lambda_function" "test" { filename = "test-fixtures/lambdatest.zip" function_name = "%s" - role = aws_iam_role.police.arn + role = aws_iam_role.test.arn handler = "exports.handler" runtime = "nodejs12.x" } -resource "aws_iam_role" "police" { +resource "aws_iam_role" "test" { name = "%s" assume_role_policy = < Date: Fri, 1 May 2020 13:41:46 -0700 Subject: [PATCH 040/475] Updates SNS acceptance tests to use ARN testing check functions Addresses: aws/resource_aws_sns_platform_application_test.go:186:8: AWSAT001: prefer resource.TestCheckResourceAttrPair() or ARN check functions (e.g. testAccMatchResourceAttrRegionalARN) aws/resource_aws_sns_sms_preferences_test.go:101:6: AWSAT001: prefer resource.TestCheckResourceAttrPair() or ARN check functions (e.g. testAccMatchResourceAttrRegionalARN) aws/resource_aws_sns_topic_test.go:220:6: AWSAT001: prefer resource.TestCheckResourceAttrPair() or ARN check functions (e.g. testAccMatchResourceAttrRegionalARN) aws/resource_aws_sns_topic_test.go:222:6: AWSAT001: prefer resource.TestCheckResourceAttrPair() or ARN check functions (e.g. testAccMatchResourceAttrRegionalARN) aws/resource_aws_sns_topic_test.go:223:6: AWSAT001: prefer resource.TestCheckResourceAttrPair() or ARN check functions (e.g. testAccMatchResourceAttrRegionalARN) aws/resource_aws_sns_topic_test.go:225:6: AWSAT001: prefer resource.TestCheckResourceAttrPair() or ARN check functions (e.g. testAccMatchResourceAttrRegionalARN) aws/resource_aws_sns_topic_test.go:226:6: AWSAT001: prefer resource.TestCheckResourceAttrPair() or ARN check functions (e.g. testAccMatchResourceAttrRegionalARN) aws/resource_aws_sns_topic_test.go:228:6: AWSAT001: prefer resource.TestCheckResourceAttrPair() or ARN check functions (e.g. testAccMatchResourceAttrRegionalARN) aws/resource_aws_sns_topic_test.go:229:6: AWSAT001: prefer resource.TestCheckResourceAttrPair() or ARN check functions (e.g. testAccMatchResourceAttrRegionalARN) aws/resource_aws_sns_topic_test.go:231:6: AWSAT001: prefer resource.TestCheckResourceAttrPair() or ARN check functions (e.g. testAccMatchResourceAttrRegionalARN) --- ...ource_aws_sns_platform_application_test.go | 2 +- aws/resource_aws_sns_topic_test.go | 58 +++++-------------- 2 files changed, 16 insertions(+), 44 deletions(-) diff --git a/aws/resource_aws_sns_platform_application_test.go b/aws/resource_aws_sns_platform_application_test.go index 7fc9ed4cce8..322e5e6ad92 100644 --- a/aws/resource_aws_sns_platform_application_test.go +++ b/aws/resource_aws_sns_platform_application_test.go @@ -183,7 +183,7 @@ func TestAccAWSSnsPlatformApplication_basic(t *testing.T) { Config: testAccAwsSnsPlatformApplicationConfig_basic(name, platform), Check: resource.ComposeTestCheckFunc( testAccCheckAwsSnsPlatformApplicationExists(resourceName), - resource.TestMatchResourceAttr(resourceName, "arn", regexp.MustCompile(fmt.Sprintf("^arn:[^:]+:sns:[^:]+:[^:]+:app/%s/%s$", platform.Name, name))), + testAccMatchResourceAttrRegionalARN(resourceName, "arn", "sns", regexp.MustCompile(fmt.Sprintf("app/%s/%s$", platform.Name, name))), resource.TestCheckResourceAttr(resourceName, "name", name), resource.TestCheckResourceAttr(resourceName, "platform", platform.Name), resource.TestCheckResourceAttrSet(resourceName, "platform_credential"), diff --git a/aws/resource_aws_sns_topic_test.go b/aws/resource_aws_sns_topic_test.go index 229b1125335..7165669b51a 100644 --- a/aws/resource_aws_sns_topic_test.go +++ b/aws/resource_aws_sns_topic_test.go @@ -7,7 +7,6 @@ import ( "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/service/sns" - multierror "github.com/hashicorp/go-multierror" "github.com/hashicorp/terraform-plugin-sdk/helper/acctest" "github.com/hashicorp/terraform-plugin-sdk/helper/resource" "github.com/hashicorp/terraform-plugin-sdk/terraform" @@ -189,22 +188,9 @@ func TestAccAWSSNSTopic_withDeliveryPolicy(t *testing.T) { func TestAccAWSSNSTopic_deliveryStatus(t *testing.T) { attributes := make(map[string]string) resourceName := "aws_sns_topic.test" + iamRoleResourceName := "aws_iam_role.example" + rName := acctest.RandString(10) - arnRegex := regexp.MustCompile("^arn:aws:iam::[0-9]{12}:role/sns-delivery-status-role-") - expectedAttributes := map[string]*regexp.Regexp{ - "ApplicationFailureFeedbackRoleArn": arnRegex, - "ApplicationSuccessFeedbackRoleArn": arnRegex, - "ApplicationSuccessFeedbackSampleRate": regexp.MustCompile(`^100$`), - "HTTPFailureFeedbackRoleArn": arnRegex, - "HTTPSuccessFeedbackRoleArn": arnRegex, - "HTTPSuccessFeedbackSampleRate": regexp.MustCompile(`^80$`), - "LambdaFailureFeedbackRoleArn": arnRegex, - "LambdaSuccessFeedbackRoleArn": arnRegex, - "LambdaSuccessFeedbackSampleRate": regexp.MustCompile(`^90$`), - "SQSFailureFeedbackRoleArn": arnRegex, - "SQSSuccessFeedbackRoleArn": arnRegex, - "SQSSuccessFeedbackSampleRate": regexp.MustCompile(`^70$`), - } resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, @@ -216,19 +202,18 @@ func TestAccAWSSNSTopic_deliveryStatus(t *testing.T) { Config: testAccAWSSNSTopicConfig_deliveryStatus(rName), Check: resource.ComposeTestCheckFunc( testAccCheckAWSSNSTopicExists(resourceName, attributes), - testAccCheckAWSSNSTopicAttributes(attributes, expectedAttributes), - resource.TestMatchResourceAttr(resourceName, "application_success_feedback_role_arn", arnRegex), + resource.TestCheckResourceAttrPair(resourceName, "application_success_feedback_role_arn", iamRoleResourceName, "arn"), resource.TestCheckResourceAttr(resourceName, "application_success_feedback_sample_rate", "100"), - resource.TestMatchResourceAttr(resourceName, "application_failure_feedback_role_arn", arnRegex), - resource.TestMatchResourceAttr(resourceName, "lambda_success_feedback_role_arn", arnRegex), + resource.TestCheckResourceAttrPair(resourceName, "application_failure_feedback_role_arn", iamRoleResourceName, "arn"), + resource.TestCheckResourceAttrPair(resourceName, "lambda_success_feedback_role_arn", iamRoleResourceName, "arn"), resource.TestCheckResourceAttr(resourceName, "lambda_success_feedback_sample_rate", "90"), - resource.TestMatchResourceAttr(resourceName, "lambda_failure_feedback_role_arn", arnRegex), - resource.TestMatchResourceAttr(resourceName, "http_success_feedback_role_arn", arnRegex), + resource.TestCheckResourceAttrPair(resourceName, "lambda_failure_feedback_role_arn", iamRoleResourceName, "arn"), + resource.TestCheckResourceAttrPair(resourceName, "http_success_feedback_role_arn", iamRoleResourceName, "arn"), resource.TestCheckResourceAttr(resourceName, "http_success_feedback_sample_rate", "80"), - resource.TestMatchResourceAttr(resourceName, "http_failure_feedback_role_arn", arnRegex), - resource.TestMatchResourceAttr(resourceName, "sqs_success_feedback_role_arn", arnRegex), + resource.TestCheckResourceAttrPair(resourceName, "http_failure_feedback_role_arn", iamRoleResourceName, "arn"), + resource.TestCheckResourceAttrPair(resourceName, "sqs_success_feedback_role_arn", iamRoleResourceName, "arn"), resource.TestCheckResourceAttr(resourceName, "sqs_success_feedback_sample_rate", "70"), - resource.TestMatchResourceAttr(resourceName, "sqs_failure_feedback_role_arn", arnRegex), + resource.TestCheckResourceAttrPair(resourceName, "sqs_failure_feedback_role_arn", iamRoleResourceName, "arn"), ), }, }, @@ -322,7 +307,7 @@ func testAccCheckAWSNSTopicHasPolicy(n string, expectedPolicyText string) resour } if rs.Primary.ID == "" { - return fmt.Errorf("No Queue URL specified!") + return fmt.Errorf("no Queue URL specified") } if !ok { @@ -356,7 +341,7 @@ func testAccCheckAWSNSTopicHasPolicy(n string, expectedPolicyText string) resour return fmt.Errorf("Error testing policy equivalence: %s", err) } if !equivalent { - return fmt.Errorf("Non-equivalent policy error:\n\nexpected: %s\n\n got: %s\n", + return fmt.Errorf("Non-equivalent policy error:\n\nexpected: %s\n\n got: %s", expectedPolicyText, actualPolicyText) } @@ -372,7 +357,7 @@ func testAccCheckAWSNSTopicHasDeliveryPolicy(n string, expectedPolicyText string } if rs.Primary.ID == "" { - return fmt.Errorf("No Queue URL specified!") + return fmt.Errorf("no Queue URL specified") } conn := testAccProvider.Meta().(*AWSClient).snsconn @@ -396,7 +381,7 @@ func testAccCheckAWSNSTopicHasDeliveryPolicy(n string, expectedPolicyText string equivalent := suppressEquivalentJsonDiffs("", actualPolicyText, expectedPolicyText, nil) if !equivalent { - return fmt.Errorf("Non-equivalent delivery policy error:\n\nexpected: %s\n\n got: %s\n", + return fmt.Errorf("Non-equivalent delivery policy error:\n\nexpected: %s\n\n got: %s", expectedPolicyText, actualPolicyText) } @@ -423,25 +408,12 @@ func testAccCheckAWSSNSTopicDestroy(s *terraform.State) error { } return err } - return fmt.Errorf("Topic exists when it should be destroyed!") + return fmt.Errorf("SNS topic (%s) exists when it should be destroyed", rs.Primary.ID) } return nil } -func testAccCheckAWSSNSTopicAttributes(attributes map[string]string, expectedAttributes map[string]*regexp.Regexp) resource.TestCheckFunc { - return func(s *terraform.State) error { - var errors error - for k, expectedR := range expectedAttributes { - if v, ok := attributes[k]; !ok || !expectedR.MatchString(v) { - err := fmt.Errorf("expected SNS topic attribute %q to match %q, received: %q", k, expectedR.String(), v) - errors = multierror.Append(errors, err) - } - } - return errors - } -} - func testAccCheckAWSSNSTopicExists(n string, attributes map[string]string) resource.TestCheckFunc { return func(s *terraform.State) error { rs, ok := s.RootModule().Resources[n] From b6d00a2a886db7f73798ff59c95d384a1339b3a2 Mon Sep 17 00:00:00 2001 From: Andrew Babichev Date: Wed, 6 May 2020 10:39:56 +0300 Subject: [PATCH 041/475] New resource: aws_workspaces_workspace --- aws/provider.go | 1 + aws/resource_aws_workspaces_workspace.go | 469 ++++++++++++++ aws/resource_aws_workspaces_workspace_test.go | 578 ++++++++++++++++++ examples/workspaces/main.tf | 26 + website/aws.erb | 11 +- .../docs/r/workspaces_workspace.html.markdown | 84 +++ 6 files changed, 1161 insertions(+), 8 deletions(-) create mode 100644 aws/resource_aws_workspaces_workspace.go create mode 100644 aws/resource_aws_workspaces_workspace_test.go create mode 100644 website/docs/r/workspaces_workspace.html.markdown diff --git a/aws/provider.go b/aws/provider.go index 6a1e1e768bf..061067f3692 100644 --- a/aws/provider.go +++ b/aws/provider.go @@ -884,6 +884,7 @@ func Provider() terraform.ResourceProvider { "aws_worklink_fleet": resourceAwsWorkLinkFleet(), "aws_worklink_website_certificate_authority_association": resourceAwsWorkLinkWebsiteCertificateAuthorityAssociation(), "aws_workspaces_directory": resourceAwsWorkspacesDirectory(), + "aws_workspaces_workspace": resourceAwsWorkspacesWorkspace(), "aws_batch_compute_environment": resourceAwsBatchComputeEnvironment(), "aws_batch_job_definition": resourceAwsBatchJobDefinition(), "aws_batch_job_queue": resourceAwsBatchJobQueue(), diff --git a/aws/resource_aws_workspaces_workspace.go b/aws/resource_aws_workspaces_workspace.go new file mode 100644 index 00000000000..0be6179f204 --- /dev/null +++ b/aws/resource_aws_workspaces_workspace.go @@ -0,0 +1,469 @@ +package aws + +import ( + "fmt" + "log" + "time" + + "github.com/aws/aws-sdk-go/aws" + "github.com/aws/aws-sdk-go/service/workspaces" + "github.com/hashicorp/terraform-plugin-sdk/helper/resource" + "github.com/hashicorp/terraform-plugin-sdk/helper/schema" + "github.com/hashicorp/terraform-plugin-sdk/helper/validation" + + "github.com/terraform-providers/terraform-provider-aws/aws/internal/keyvaluetags" +) + +func resourceAwsWorkspacesWorkspace() *schema.Resource { + return &schema.Resource{ + Create: resourceAwsWorkspacesWorkspaceCreate, + Read: resourceAwsWorkspacesWorkspaceRead, + Update: resourceAwsWorkspacesWorkspaceUpdate, + Delete: resourceAwsWorkspacesWorkspaceDelete, + Importer: &schema.ResourceImporter{ + State: schema.ImportStatePassthrough, + }, + Schema: map[string]*schema.Schema{ + "bundle_id": { + Type: schema.TypeString, + Required: true, + ForceNew: true, + }, + "directory_id": { + Type: schema.TypeString, + Required: true, + ForceNew: true, + }, + "ip_address": { + Type: schema.TypeString, + Computed: true, + }, + "computer_name": { + Type: schema.TypeString, + Computed: true, + }, + "state": { + Type: schema.TypeString, + Computed: true, + }, + "root_volume_encryption_enabled": { + Type: schema.TypeBool, + Optional: true, + ForceNew: true, + Default: false, + }, + "user_name": { + Type: schema.TypeString, + Required: true, + ForceNew: true, + }, + "user_volume_encryption_enabled": { + Type: schema.TypeBool, + Optional: true, + ForceNew: true, + Default: false, + }, + "volume_encryption_key": { + Type: schema.TypeString, + Optional: true, + ForceNew: true, + }, + "workspace_properties": { + Type: schema.TypeList, + MaxItems: 1, + Optional: true, + Computed: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "compute_type_name": { + Type: schema.TypeString, + Optional: true, + Default: workspaces.ComputeValue, + ValidateFunc: validation.StringInSlice([]string{ + workspaces.ComputeValue, + workspaces.ComputeStandard, + workspaces.ComputePerformance, + workspaces.ComputePower, + workspaces.ComputePowerpro, + workspaces.ComputeGraphics, + workspaces.ComputeGraphicspro, + }, false), + }, + "root_volume_size_gib": { + Type: schema.TypeInt, + Optional: true, + Default: 80, + ValidateFunc: validation.Any( + validation.IntInSlice([]int{80}), + validation.IntBetween(175, 2000), + ), + }, + "running_mode": { + Type: schema.TypeString, + Optional: true, + Default: workspaces.RunningModeAlwaysOn, + ValidateFunc: validation.StringInSlice([]string{ + workspaces.RunningModeAlwaysOn, + workspaces.RunningModeAutoStop, + }, false), + }, + "running_mode_auto_stop_timeout_in_minutes": { + Type: schema.TypeInt, + Optional: true, + Computed: true, + ValidateFunc: func(v interface{}, k string) (ws []string, errors []error) { + val := v.(int) + if val%60 != 0 { + errors = append(errors, fmt.Errorf( + "%q should be configured in 60-minute intervals, got: %d", k, val)) + } + return + }, + }, + "user_volume_size_gib": { + Type: schema.TypeInt, + Optional: true, + Default: 10, + ValidateFunc: validation.Any( + validation.IntInSlice([]int{10, 50}), + validation.IntBetween(100, 2000), + ), + }, + }, + }, + }, + "tags": tagsSchema(), + }, + } +} + +func resourceAwsWorkspacesWorkspaceCreate(d *schema.ResourceData, meta interface{}) error { + conn := meta.(*AWSClient).workspacesconn + + tags := keyvaluetags.New(d.Get("tags").(map[string]interface{})).IgnoreAws().WorkspacesTags() + + input := &workspaces.WorkspaceRequest{ + BundleId: aws.String(d.Get("bundle_id").(string)), + DirectoryId: aws.String(d.Get("directory_id").(string)), + UserName: aws.String(d.Get("user_name").(string)), + RootVolumeEncryptionEnabled: aws.Bool(d.Get("root_volume_encryption_enabled").(bool)), + UserVolumeEncryptionEnabled: aws.Bool(d.Get("user_volume_encryption_enabled").(bool)), + Tags: tags, + } + + if v, ok := d.GetOk("volume_encryption_key"); ok { + input.VolumeEncryptionKey = aws.String(v.(string)) + } + + input.WorkspaceProperties = expandWorkspaceProperties(d.Get("workspace_properties").([]interface{})) + + log.Printf("[DEBUG] Creating workspace...\n%#v\n", *input) + resp, err := conn.CreateWorkspaces(&workspaces.CreateWorkspacesInput{ + Workspaces: []*workspaces.WorkspaceRequest{input}, + }) + if err != nil { + return err + } + + wsFail := resp.FailedRequests + + if len(wsFail) > 0 { + return fmt.Errorf("workspace creation failed: %s", *wsFail[0].ErrorMessage) + } + + wsPendingID := aws.StringValue(resp.PendingRequests[0].WorkspaceId) + + log.Printf("[DEBUG] Waiting for workspace to be available...") + stateConf := &resource.StateChangeConf{ + Pending: []string{ + workspaces.WorkspaceStatePending, + workspaces.WorkspaceStateStarting, + }, + Target: []string{workspaces.WorkspaceStateAvailable}, + Refresh: workspaceRefreshStateFunc(conn, wsPendingID), + PollInterval: 30 * time.Second, + Timeout: 25 * time.Minute, + } + + _, err = stateConf.WaitForState() + if err != nil { + return fmt.Errorf("workspace %q is not available: %s", wsPendingID, err) + } + + wsAvailableID := wsPendingID + + d.SetId(wsAvailableID) + log.Printf("[DEBUG] Workspace %q is available", d.Id()) + + return resourceAwsWorkspacesWorkspaceRead(d, meta) +} + +func resourceAwsWorkspacesWorkspaceRead(d *schema.ResourceData, meta interface{}) error { + conn := meta.(*AWSClient).workspacesconn + ignoreTagsConfig := meta.(*AWSClient).IgnoreTagsConfig + + workspace, state, err := workspaceRefreshStateFunc(conn, d.Id())() + if err != nil { + return fmt.Errorf("error reading workspace (%s): %s", d.Id(), err) + } + if state == workspaces.WorkspaceStateTerminated { + log.Printf("[WARN] workspace (%s) is not found, removing from state", d.Id()) + d.SetId("") + return nil + } + + ws := workspace.(*workspaces.Workspace) + d.Set("bundle_id", ws.BundleId) + d.Set("directory_id", ws.DirectoryId) + d.Set("ip_address", ws.IpAddress) + d.Set("computer_name", ws.ComputerName) + d.Set("state", ws.State) + d.Set("root_volume_encryption_enabled", ws.RootVolumeEncryptionEnabled) + d.Set("user_name", ws.UserName) + d.Set("user_volume_encryption_enabled", ws.UserVolumeEncryptionEnabled) + d.Set("volume_encryption_key", ws.VolumeEncryptionKey) + if err := d.Set("workspace_properties", flattenWorkspaceProperties(ws.WorkspaceProperties)); err != nil { + return fmt.Errorf("error setting workspace properties: %s", err) + } + + tags, err := keyvaluetags.WorkspacesListTags(conn, d.Id()) + if err != nil { + return fmt.Errorf("error listing tags: %s", err) + } + + if err := d.Set("tags", tags.IgnoreAws().IgnoreConfig(ignoreTagsConfig).Map()); err != nil { + return fmt.Errorf("error setting tags: %s", err) + } + + return nil +} + +func resourceAwsWorkspacesWorkspaceUpdate(d *schema.ResourceData, meta interface{}) error { + conn := meta.(*AWSClient).workspacesconn + + // IMPORTANT: Only one workspace property could be changed in a time. + // I've create AWS Support feature request to allow multiple properties modification in a time. + // https://docs.aws.amazon.com/workspaces/latest/adminguide/modify-workspaces.html + + if d.HasChange("workspace_properties.0.compute_type_name") { + if err := workspacePropertyUpdate("compute_type_name", conn, d); err != nil { + return err + } + } + + if d.HasChange("workspace_properties.0.root_volume_size_gib") { + if err := workspacePropertyUpdate("root_volume_size_gib", conn, d); err != nil { + return err + } + } + + if d.HasChange("workspace_properties.0.running_mode") { + if err := workspacePropertyUpdate("running_mode", conn, d); err != nil { + return err + } + } + + if d.HasChange("workspace_properties.0.running_mode_auto_stop_timeout_in_minutes") { + if err := workspacePropertyUpdate("running_mode_auto_stop_timeout_in_minutes", conn, d); err != nil { + return err + } + } + + if d.HasChange("workspace_properties.0.user_volume_size_gib") { + if err := workspacePropertyUpdate("user_volume_size_gib", conn, d); err != nil { + return err + } + } + + if d.HasChange("tags") { + o, n := d.GetChange("tags") + if err := keyvaluetags.WorkspacesUpdateTags(conn, d.Id(), o, n); err != nil { + return fmt.Errorf("error updating tags: %s", err) + } + } + + return resourceAwsWorkspacesWorkspaceRead(d, meta) +} + +func resourceAwsWorkspacesWorkspaceDelete(d *schema.ResourceData, meta interface{}) error { + conn := meta.(*AWSClient).workspacesconn + + err := workspaceDelete(d.Id(), conn) + if err != nil { + return err + } + + return nil +} + +func workspaceDelete(id string, conn *workspaces.WorkSpaces) error { + log.Printf("[DEBUG] Terminating workspace %q", id) + _, err := conn.TerminateWorkspaces(&workspaces.TerminateWorkspacesInput{ + TerminateWorkspaceRequests: []*workspaces.TerminateRequest{ + { + WorkspaceId: aws.String(id), + }, + }, + }) + if err != nil { + return err + } + + log.Printf("[DEBUG] Waiting for workspace %q to be terminated", id) + stateConf := &resource.StateChangeConf{ + Pending: []string{ + workspaces.WorkspaceStatePending, + workspaces.WorkspaceStateAvailable, + workspaces.WorkspaceStateImpaired, + workspaces.WorkspaceStateUnhealthy, + workspaces.WorkspaceStateRebooting, + workspaces.WorkspaceStateStarting, + workspaces.WorkspaceStateRebuilding, + workspaces.WorkspaceStateRestoring, + workspaces.WorkspaceStateMaintenance, + workspaces.WorkspaceStateAdminMaintenance, + workspaces.WorkspaceStateSuspended, + workspaces.WorkspaceStateUpdating, + workspaces.WorkspaceStateStopping, + workspaces.WorkspaceStateStopped, + workspaces.WorkspaceStateError, + }, + Target: []string{ + workspaces.WorkspaceStateTerminating, + workspaces.WorkspaceStateTerminated, + }, + Refresh: workspaceRefreshStateFunc(conn, id), + PollInterval: 15 * time.Second, + Timeout: 10 * time.Minute, + } + + _, err = stateConf.WaitForState() + if err != nil { + return fmt.Errorf("workspace %q was not terminated: %s", id, err) + } + log.Printf("[DEBUG] Workspace %q is terminated", id) + + return nil +} + +func workspacePropertyUpdate(p string, conn *workspaces.WorkSpaces, d *schema.ResourceData) error { + id := d.Id() + + log.Printf("[DEBUG] Modifying workspace %q %s property...", id, p) + + var wsp *workspaces.WorkspaceProperties + + switch p { + case "compute_type_name": + wsp = &workspaces.WorkspaceProperties{ + ComputeTypeName: aws.String(d.Get("workspace_properties.0.compute_type_name").(string)), + } + case "root_volume_size_gib": + wsp = &workspaces.WorkspaceProperties{ + RootVolumeSizeGib: aws.Int64(int64(d.Get("workspace_properties.0.root_volume_size_gib").(int))), + } + case "running_mode": + wsp = &workspaces.WorkspaceProperties{ + RunningMode: aws.String(d.Get("workspace_properties.0.running_mode").(string)), + } + case "running_mode_auto_stop_timeout_in_minutes": + if d.Get("workspace_properties.0.running_mode") != workspaces.RunningModeAutoStop { + log.Printf("[DEBUG] Property running_mode_auto_stop_timeout_in_minutes makes sense only for AUTO_STOP running mode") + return nil + } + + wsp = &workspaces.WorkspaceProperties{ + RunningModeAutoStopTimeoutInMinutes: aws.Int64(int64(d.Get("workspace_properties.0.running_mode_auto_stop_timeout_in_minutes").(int))), + } + case "user_volume_size_gib": + wsp = &workspaces.WorkspaceProperties{ + UserVolumeSizeGib: aws.Int64(int64(d.Get("workspace_properties.0.user_volume_size_gib").(int))), + } + } + + _, err := conn.ModifyWorkspaceProperties(&workspaces.ModifyWorkspacePropertiesInput{ + WorkspaceId: aws.String(id), + WorkspaceProperties: wsp, + }) + if err != nil { + return fmt.Errorf("workspace %q %s property was not modified: %s", d.Id(), p, err) + } + + log.Printf("[DEBUG] Waiting for workspace %q %s property to be modified...", d.Id(), p) + // OperationInProgressException: The properties of this WorkSpace are currently under modification. Please try again in a moment. + // AWS Workspaces service doesn't change instance status to "Updating" during property modification. Respective AWS Support feature request has been created. Meanwhile, artificial delay is placed here as a workaround. + time.Sleep(1 * time.Minute) + + stateConf := &resource.StateChangeConf{ + Pending: []string{ + workspaces.WorkspaceStateUpdating, + }, + Target: []string{ + workspaces.WorkspaceStateAvailable, + workspaces.WorkspaceStateStopped, + }, + Refresh: workspaceRefreshStateFunc(conn, d.Id()), + PollInterval: 30 * time.Second, + Timeout: 10 * time.Minute, + } + + _, err = stateConf.WaitForState() + if err != nil { + return fmt.Errorf("workspace %q %s property was not modified: %s", d.Id(), p, err) + } + log.Printf("[DEBUG] Workspace %q %s property is modified", d.Id(), p) + + return nil +} + +func workspaceRefreshStateFunc(conn *workspaces.WorkSpaces, workspaceID string) resource.StateRefreshFunc { + return func() (interface{}, string, error) { + resp, err := conn.DescribeWorkspaces(&workspaces.DescribeWorkspacesInput{ + WorkspaceIds: []*string{aws.String(workspaceID)}, + }) + if err != nil { + return nil, workspaces.WorkspaceStateError, err + } + if len(resp.Workspaces) == 0 { + return resp, workspaces.WorkspaceStateTerminated, nil + } + workspace := resp.Workspaces[0] + return workspace, aws.StringValue(workspace.State), nil + } +} + +func expandWorkspaceProperties(properties []interface{}) *workspaces.WorkspaceProperties { + log.Printf("[DEBUG] Expand Workspace properties: %+v ", properties) + + if len(properties) == 0 || properties[0] == nil { + return nil + } + + p := properties[0].(map[string]interface{}) + + return &workspaces.WorkspaceProperties{ + ComputeTypeName: aws.String(p["compute_type_name"].(string)), + RootVolumeSizeGib: aws.Int64(int64(p["root_volume_size_gib"].(int))), + RunningMode: aws.String(p["running_mode"].(string)), + RunningModeAutoStopTimeoutInMinutes: aws.Int64(int64(p["running_mode_auto_stop_timeout_in_minutes"].(int))), + UserVolumeSizeGib: aws.Int64(int64(p["user_volume_size_gib"].(int))), + } +} + +func flattenWorkspaceProperties(properties *workspaces.WorkspaceProperties) []map[string]interface{} { + log.Printf("[DEBUG] Flatten workspace properties: %+v ", properties) + + if properties == nil { + return []map[string]interface{}{} + } + + return []map[string]interface{}{ + { + "compute_type_name": aws.StringValue(properties.ComputeTypeName), + "root_volume_size_gib": int(aws.Int64Value(properties.RootVolumeSizeGib)), + "running_mode": aws.StringValue(properties.RunningMode), + "running_mode_auto_stop_timeout_in_minutes": int(aws.Int64Value(properties.RunningModeAutoStopTimeoutInMinutes)), + "user_volume_size_gib": int(aws.Int64Value(properties.UserVolumeSizeGib)), + }, + } +} diff --git a/aws/resource_aws_workspaces_workspace_test.go b/aws/resource_aws_workspaces_workspace_test.go new file mode 100644 index 00000000000..c11862e8810 --- /dev/null +++ b/aws/resource_aws_workspaces_workspace_test.go @@ -0,0 +1,578 @@ +package aws + +import ( + "fmt" + "log" + "reflect" + "regexp" + "testing" + + "github.com/aws/aws-sdk-go/aws" + "github.com/aws/aws-sdk-go/service/workspaces" + multierror "github.com/hashicorp/go-multierror" + "github.com/hashicorp/terraform-plugin-sdk/helper/resource" + "github.com/hashicorp/terraform-plugin-sdk/terraform" +) + +func init() { + resource.AddTestSweepers("aws_workspace", &resource.Sweeper{ + Name: "aws_workspace", + F: testSweepWorkspaces, + }) +} + +func testSweepWorkspaces(region string) error { + client, err := sharedClientForRegion(region) + if err != nil { + return fmt.Errorf("error getting client: %w", err) + } + conn := client.(*AWSClient).workspacesconn + + var errors error + input := &workspaces.DescribeWorkspacesInput{} + err = conn.DescribeWorkspacesPages(input, func(resp *workspaces.DescribeWorkspacesOutput, _ bool) bool { + for _, workspace := range resp.Workspaces { + err := workspaceDelete(aws.StringValue(workspace.WorkspaceId), conn) + if err != nil { + errors = multierror.Append(errors, err) + } + + } + return true + }) + if testSweepSkipSweepError(err) { + log.Printf("[WARN] Skipping workspaces sweep for %s: %s", region, err) + return errors // In case we have completed some pages, but had errors + } + if err != nil { + errors = multierror.Append(errors, fmt.Errorf("error listing workspaces: %s", err)) + } + + return errors +} + +func TestAccAwsWorkspacesWorkspace_basic(t *testing.T) { + directoryResourceName := "aws_workspaces_directory.test" + bundleDataSourceName := "data.aws_workspaces_bundle.test" + resourceName := "aws_workspaces_workspace.test" + + resource.Test(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAwsWorkspacesWorkspaceDestroy, + Steps: []resource.TestStep{ + { + Destroy: false, + Config: testAccWorkspacesWorkspaceConfig(), + Check: resource.ComposeAggregateTestCheckFunc( + testAccCheckAwsWorkspacesWorkspaceExists(resourceName), + resource.TestCheckResourceAttrPair(resourceName, "directory_id", directoryResourceName, "id"), + resource.TestCheckResourceAttrPair(resourceName, "bundle_id", bundleDataSourceName, "id"), + resource.TestMatchResourceAttr(resourceName, "ip_address", regexp.MustCompile(`\d+\.\d+\.\d+\.\d+`)), + resource.TestCheckResourceAttr(resourceName, "state", workspaces.WorkspaceStateAvailable), + resource.TestCheckResourceAttr(resourceName, "root_volume_encryption_enabled", "false"), + resource.TestCheckResourceAttr(resourceName, "user_name", "Administrator"), + resource.TestCheckResourceAttr(resourceName, "volume_encryption_key", ""), + resource.TestCheckResourceAttr(resourceName, "workspace_properties.#", "1"), + resource.TestCheckResourceAttr(resourceName, "workspace_properties.0.compute_type_name", workspaces.ComputeValue), + resource.TestCheckResourceAttr(resourceName, "workspace_properties.0.root_volume_size_gib", "80"), + resource.TestCheckResourceAttr(resourceName, "workspace_properties.0.running_mode", workspaces.RunningModeAlwaysOn), + resource.TestCheckResourceAttr(resourceName, "workspace_properties.0.running_mode_auto_stop_timeout_in_minutes", "0"), + resource.TestCheckResourceAttr(resourceName, "workspace_properties.0.user_volume_size_gib", "10"), + resource.TestCheckResourceAttr(resourceName, "tags.%", "0"), + ), + }, + { + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + }, + }, + }) +} + +func TestAccAwsWorkspacesWorkspace_Tags(t *testing.T) { + resourceName := "aws_workspaces_workspace.test" + + resource.Test(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAwsWorkspacesWorkspaceDestroy, + Steps: []resource.TestStep{ + { + Config: testAccWorkspacesWorkspaceConfig_TagsA(), + Check: resource.ComposeAggregateTestCheckFunc( + testAccCheckAwsWorkspacesWorkspaceExists(resourceName), + resource.TestCheckResourceAttr(resourceName, "tags.%", "2"), + resource.TestCheckResourceAttr(resourceName, "tags.TerraformProviderAwsTest", "true"), + resource.TestCheckResourceAttr(resourceName, "tags.Alpha", "1"), + ), + }, + { + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + }, + { + Config: testAccWorkspacesWorkspaceConfig_TagsB(), + Check: resource.ComposeAggregateTestCheckFunc( + testAccCheckAwsWorkspacesWorkspaceExists(resourceName), + resource.TestCheckResourceAttr(resourceName, "tags.%", "2"), + resource.TestCheckResourceAttr(resourceName, "tags.TerraformProviderAwsTest", "true"), + resource.TestCheckResourceAttr(resourceName, "tags.Beta", "2"), + ), + }, + { + Config: testAccWorkspacesWorkspaceConfig_TagsC(), + Check: resource.ComposeAggregateTestCheckFunc( + testAccCheckAwsWorkspacesWorkspaceExists(resourceName), + resource.TestCheckResourceAttr(resourceName, "tags.%", "1"), + resource.TestCheckResourceAttr(resourceName, "tags.TerraformProviderAwsTest", "true"), + ), + }, + }, + }) +} + +func TestAccAwsWorkspacesWorkspace_WorkspaceProperties(t *testing.T) { + resourceName := "aws_workspaces_workspace.test" + + resource.Test(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAwsWorkspacesWorkspaceDestroy, + Steps: []resource.TestStep{ + { + Destroy: false, + Config: testAccWorkspacesWorkspaceConfig_WorkspacePropertiesA(), + Check: resource.ComposeAggregateTestCheckFunc( + testAccCheckAwsWorkspacesWorkspaceExists(resourceName), + resource.TestCheckResourceAttr(resourceName, "workspace_properties.#", "1"), + resource.TestCheckResourceAttr(resourceName, "workspace_properties.0.compute_type_name", workspaces.ComputeValue), + resource.TestCheckResourceAttr(resourceName, "workspace_properties.0.root_volume_size_gib", "80"), + resource.TestCheckResourceAttr(resourceName, "workspace_properties.0.running_mode", workspaces.RunningModeAutoStop), + resource.TestCheckResourceAttr(resourceName, "workspace_properties.0.running_mode_auto_stop_timeout_in_minutes", "120"), + resource.TestCheckResourceAttr(resourceName, "workspace_properties.0.user_volume_size_gib", "10"), + ), + }, + { + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + }, + { + Config: testAccWorkspacesWorkspaceConfig_WorkspacePropertiesB(), + Check: resource.ComposeAggregateTestCheckFunc( + testAccCheckAwsWorkspacesWorkspaceExists(resourceName), + resource.TestCheckResourceAttr(resourceName, "workspace_properties.#", "1"), + resource.TestCheckResourceAttr(resourceName, "workspace_properties.0.compute_type_name", workspaces.ComputeValue), + resource.TestCheckResourceAttr(resourceName, "workspace_properties.0.root_volume_size_gib", "80"), + resource.TestCheckResourceAttr(resourceName, "workspace_properties.0.running_mode", workspaces.RunningModeAlwaysOn), + resource.TestCheckResourceAttr(resourceName, "workspace_properties.0.running_mode_auto_stop_timeout_in_minutes", "0"), + resource.TestCheckResourceAttr(resourceName, "workspace_properties.0.user_volume_size_gib", "10"), + ), + }, + { + Config: testAccWorkspacesWorkspaceConfig_WorkspacePropertiesC(), + Check: resource.ComposeAggregateTestCheckFunc( + testAccCheckAwsWorkspacesWorkspaceExists(resourceName), + resource.TestCheckResourceAttr(resourceName, "workspace_properties.#", "1"), + resource.TestCheckResourceAttr(resourceName, "workspace_properties.0.compute_type_name", workspaces.ComputeValue), + resource.TestCheckResourceAttr(resourceName, "workspace_properties.0.root_volume_size_gib", "80"), + resource.TestCheckResourceAttr(resourceName, "workspace_properties.0.running_mode", workspaces.RunningModeAlwaysOn), + resource.TestCheckResourceAttr(resourceName, "workspace_properties.0.running_mode_auto_stop_timeout_in_minutes", "0"), + resource.TestCheckResourceAttr(resourceName, "workspace_properties.0.user_volume_size_gib", "10"), + ), + }, + }, + }) +} + +func TestAccAwsWorkspacesWorkspace_validateRootVolumeSize(t *testing.T) { + resource.Test(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAwsWorkspacesWorkspaceDestroy, + Steps: []resource.TestStep{ + { + Config: testAccWorkspacesWorkspaceConfig_validateRootVolumeSize(), + ExpectError: regexp.MustCompile(regexp.QuoteMeta("expected workspace_properties.0.root_volume_size_gib to be one of [80], got 90")), + }, + }, + }) +} + +func TestAccAwsWorkspacesWorkspace_validateUserVolumeSize(t *testing.T) { + resource.Test(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAwsWorkspacesWorkspaceDestroy, + Steps: []resource.TestStep{ + { + Config: testAccWorkspacesWorkspaceConfig_validateUserVolumeSize(), + ExpectError: regexp.MustCompile(regexp.QuoteMeta("workspace_properties.0.user_volume_size_gib to be one of [10 50], got 60")), + }, + }, + }) +} + +func testAccCheckAwsWorkspacesWorkspaceDestroy(s *terraform.State) error { + conn := testAccProvider.Meta().(*AWSClient).workspacesconn + + for _, rs := range s.RootModule().Resources { + if rs.Type != "aws_workspace" { + continue + } + + resp, err := conn.DescribeWorkspaces(&workspaces.DescribeWorkspacesInput{ + WorkspaceIds: []*string{aws.String(rs.Primary.ID)}, + }) + if err != nil { + return err + } + + if len(resp.Workspaces) == 0 { + return fmt.Errorf("workspace %q was not terminated", rs.Primary.ID) + } + ws := resp.Workspaces[0] + + if *ws.State != workspaces.WorkspaceStateTerminating && *ws.State != workspaces.WorkspaceStateTerminated { + return fmt.Errorf("workspace %q was not terminated", rs.Primary.ID) + } + } + + return nil +} + +func testAccCheckAwsWorkspacesWorkspaceExists(n string) resource.TestCheckFunc { + return func(s *terraform.State) error { + rs, ok := s.RootModule().Resources[n] + if !ok { + return fmt.Errorf("Not found: %s", n) + } + + conn := testAccProvider.Meta().(*AWSClient).workspacesconn + + _, err := conn.DescribeWorkspaces(&workspaces.DescribeWorkspacesInput{ + WorkspaceIds: []*string{aws.String(rs.Primary.ID)}, + }) + if err != nil { + return err + } + + return nil + } +} + +func testAccAwsWorkspacesWorkspaceConfig_Prerequisites() string { + return fmt.Sprintf(` +data "aws_region" "current" {} + +data "aws_availability_zones" "available" { + state = "available" +} + +locals { + region_workspaces_az_ids = { + "us-east-1" = formatlist("use1-az%%d", [2, 4, 6]) + } + + workspaces_az_ids = lookup(local.region_workspaces_az_ids, data.aws_region.current.name, data.aws_availability_zones.available.zone_ids) +} + +data "aws_vpc" "default" { + default = true +} + +data "aws_subnet" "default" { + count = length(local.workspaces_az_ids) + availability_zone_id = "${local.workspaces_az_ids[count.index]}" + default_for_az = true +} + +resource "aws_directory_service_directory" "test" { + size = "Small" + name = "tf-acctest.neverland.com" + password = "#S1ncerely" + + vpc_settings { + vpc_id = "${data.aws_vpc.default.id}" + subnet_ids = ["${data.aws_subnet.default.*.id[0]}", "${data.aws_subnet.default.*.id[1]}"] + } +} + +data "aws_iam_policy_document" "workspaces" { + statement { + actions = ["sts:AssumeRole"] + + principals { + type = "Service" + identifiers = ["workspaces.amazonaws.com"] + } + } +} + +resource "aws_iam_role" "workspaces-default" { + name = "workspaces_DefaultRole" + assume_role_policy = data.aws_iam_policy_document.workspaces.json +} + +resource "aws_iam_role_policy_attachment" "workspaces-default-skylight-service-access" { + role = aws_iam_role.workspaces-default.name + policy_arn = "arn:aws:iam::aws:policy/SkyLightServiceAccess" +} + +resource "aws_iam_role_policy_attachment" "workspaces-default-skylight-self-service-access" { + role = aws_iam_role.workspaces-default.name + policy_arn = "arn:aws:iam::aws:policy/SkyLightSelfServiceAccess" +} + +data "aws_workspaces_bundle" "test" { + bundle_id = "wsb-bh8rsxt14" # Value with Windows 10 (English) +} + +resource "aws_workspaces_directory" "test" { + directory_id = "${aws_directory_service_directory.test.id}" +} +`) +} + +func testAccWorkspacesWorkspaceConfig() string { + return testAccAwsWorkspacesWorkspaceConfig_Prerequisites() + fmt.Sprintf(` +resource "aws_workspaces_workspace" "test" { + bundle_id = "${data.aws_workspaces_bundle.test.id}" + directory_id = "${aws_workspaces_directory.test.id}" + # NOTE: WorkSpaces API doesn't allow creating users in the directory. + # However, "Administrator"" user is always present in a bare directory. + user_name = "Administrator" +} +`) +} + +func testAccWorkspacesWorkspaceConfig_TagsA() string { + return testAccAwsWorkspacesWorkspaceConfig_Prerequisites() + fmt.Sprintf(` +resource "aws_workspaces_workspace" "test" { + bundle_id = "${data.aws_workspaces_bundle.test.id}" + directory_id = "${aws_workspaces_directory.test.id}" + # NOTE: WorkSpaces API doesn't allow creating users in the directory. + # However, "Administrator"" user is always present in a bare directory. + user_name = "Administrator" + + tags = { + TerraformProviderAwsTest = true + Alpha = 1 + } +} +`) +} + +func testAccWorkspacesWorkspaceConfig_TagsB() string { + return testAccAwsWorkspacesWorkspaceConfig_Prerequisites() + fmt.Sprintf(` +resource "aws_workspaces_workspace" "test" { + bundle_id = "${data.aws_workspaces_bundle.test.id}" + directory_id = "${aws_workspaces_directory.test.id}" + # NOTE: WorkSpaces API doesn't allow creating users in the directory. + # However, "Administrator"" user is always present in a bare directory. + user_name = "Administrator" + + tags = { + TerraformProviderAwsTest = true + Beta = 2 + } +} +`) +} + +func testAccWorkspacesWorkspaceConfig_TagsC() string { + return testAccAwsWorkspacesWorkspaceConfig_Prerequisites() + fmt.Sprintf(` +resource "aws_workspaces_workspace" "test" { + bundle_id = "${data.aws_workspaces_bundle.test.id}" + directory_id = "${aws_workspaces_directory.test.id}" + # NOTE: WorkSpaces API doesn't allow creating users in the directory. + # However, "Administrator"" user is always present in a bare directory. + user_name = "Administrator" + + tags = { + TerraformProviderAwsTest = true + } +} +`) +} + +func testAccWorkspacesWorkspaceConfig_WorkspacePropertiesA() string { + return testAccAwsWorkspacesWorkspaceConfig_Prerequisites() + fmt.Sprintf(` +resource "aws_workspaces_workspace" "test" { + bundle_id = "${data.aws_workspaces_bundle.test.id}" + directory_id = "${aws_workspaces_directory.test.id}" + # NOTE: WorkSpaces API doesn't allow creating users in the directory. + # However, "Administrator"" user is always present in a bare directory. + user_name = "Administrator" + + workspace_properties { + # NOTE: Compute type and volume size update not allowed within 6 hours after creation. + running_mode = "AUTO_STOP" + running_mode_auto_stop_timeout_in_minutes = 120 + } + + tags = { + TerraformProviderAwsTest = true + } +} +`) +} + +func testAccWorkspacesWorkspaceConfig_WorkspacePropertiesB() string { + return testAccAwsWorkspacesWorkspaceConfig_Prerequisites() + fmt.Sprintf(` +resource "aws_workspaces_workspace" "test" { + bundle_id = "${data.aws_workspaces_bundle.test.id}" + directory_id = "${aws_workspaces_directory.test.id}" + # NOTE: WorkSpaces API doesn't allow creating users in the directory. + # However, "Administrator"" user is always present in a bare directory. + user_name = "Administrator" + + workspace_properties { + # NOTE: Compute type and volume size update not allowed within 6 hours after creation. + running_mode = "ALWAYS_ON" + } + + tags = { + TerraformProviderAwsTest = true + } +} +`) +} + +func testAccWorkspacesWorkspaceConfig_WorkspacePropertiesC() string { + return testAccAwsWorkspacesWorkspaceConfig_Prerequisites() + fmt.Sprintf(` +resource "aws_workspaces_workspace" "test" { + bundle_id = "${data.aws_workspaces_bundle.test.id}" + directory_id = "${aws_workspaces_directory.test.id}" + # NOTE: WorkSpaces API doesn't allow creating users in the directory. + # However, "Administrator"" user is always present in a bare directory. + user_name = "Administrator" + + workspace_properties { + } +} +`) +} + +func testAccWorkspacesWorkspaceConfig_validateRootVolumeSize() string { + return testAccAwsWorkspacesWorkspaceConfig_Prerequisites() + fmt.Sprintf(` +resource "aws_workspaces_workspace" "test" { + bundle_id = "${data.aws_workspaces_bundle.test.id}" + directory_id = "${aws_workspaces_directory.test.id}" + # NOTE: WorkSpaces API doesn't allow creating users in the directory. + # However, "Administrator"" user is always present in a bare directory. + user_name = "Administrator" + + workspace_properties { + root_volume_size_gib = 90 + user_volume_size_gib = 50 + } + + tags = { + TerraformProviderAwsTest = true + } +} +`) +} + +func testAccWorkspacesWorkspaceConfig_validateUserVolumeSize() string { + return testAccAwsWorkspacesWorkspaceConfig_Prerequisites() + fmt.Sprintf(` +resource "aws_workspaces_workspace" "test" { + bundle_id = "${data.aws_workspaces_bundle.test.id}" + directory_id = "${aws_workspaces_directory.test.id}" + # NOTE: WorkSpaces API doesn't allow creating users in the directory. + # However, "Administrator"" user is always present in a bare directory. + user_name = "Administrator" + + workspace_properties { + root_volume_size_gib = 80 + user_volume_size_gib = 60 + } + + tags = { + TerraformProviderAwsTest = true + } +} +`) +} + +func TestExpandWorkspaceProperties(t *testing.T) { + cases := []struct { + input []interface{} + expected *workspaces.WorkspaceProperties + }{ + // Empty + { + input: []interface{}{}, + expected: nil, + }, + // Full + { + input: []interface{}{ + map[string]interface{}{ + "compute_type_name": workspaces.ComputeValue, + "root_volume_size_gib": 80, + "running_mode": workspaces.RunningModeAutoStop, + "running_mode_auto_stop_timeout_in_minutes": 60, + "user_volume_size_gib": 10, + }, + }, + expected: &workspaces.WorkspaceProperties{ + ComputeTypeName: aws.String(workspaces.ComputeValue), + RootVolumeSizeGib: aws.Int64(80), + RunningMode: aws.String(workspaces.RunningModeAutoStop), + RunningModeAutoStopTimeoutInMinutes: aws.Int64(60), + UserVolumeSizeGib: aws.Int64(10), + }, + }, + } + + for _, c := range cases { + actual := expandWorkspaceProperties(c.input) + if !reflect.DeepEqual(actual, c.expected) { + t.Fatalf("expected\n\n%#+v\n\ngot\n\n%#+v", c.expected, actual) + } + } +} + +func TestFlattenWorkspaceProperties(t *testing.T) { + cases := []struct { + input *workspaces.WorkspaceProperties + expected []map[string]interface{} + }{ + // Empty + { + input: nil, + expected: []map[string]interface{}{}, + }, + // Full + { + input: &workspaces.WorkspaceProperties{ + ComputeTypeName: aws.String(workspaces.ComputeValue), + RootVolumeSizeGib: aws.Int64(80), + RunningMode: aws.String(workspaces.RunningModeAutoStop), + RunningModeAutoStopTimeoutInMinutes: aws.Int64(60), + UserVolumeSizeGib: aws.Int64(10), + }, + expected: []map[string]interface{}{ + { + "compute_type_name": workspaces.ComputeValue, + "root_volume_size_gib": 80, + "running_mode": workspaces.RunningModeAutoStop, + "running_mode_auto_stop_timeout_in_minutes": 60, + "user_volume_size_gib": 10, + }, + }, + }, + } + + for _, c := range cases { + actual := flattenWorkspaceProperties(c.input) + if !reflect.DeepEqual(actual, c.expected) { + t.Fatalf("expected\n\n%#+v\n\ngot\n\n%#+v", c.expected, actual) + } + } +} diff --git a/examples/workspaces/main.tf b/examples/workspaces/main.tf index cda2e0ed538..f552833303a 100644 --- a/examples/workspaces/main.tf +++ b/examples/workspaces/main.tf @@ -33,6 +33,32 @@ resource "aws_workspaces_directory" "main" { subnet_ids = ["${aws_subnet.private-a.id}", "${aws_subnet.private-b.id}"] } +data "aws_workspaces_bundle" "value_windows" { + bundle_id = "wsb-bh8rsxt14" # Value with Windows 10 (English) +} + +resource "aws_workspaces_workspace" "jhon.doe" { + directory_id = "${aws_workspaces_directory.main.id}" + bundle_id = "${data.aws_workspaces_bundle.value_windows.id}" + user_name = "jhon.doe" + + root_volume_encryption_enabled = true + user_volume_encryption_enabled = true + volume_encryption_key = "aws/workspaces" + + workspace_properties { + compute_type_name = "VALUE" + user_volume_size_gib = 10 + root_volume_size_gib = 80 + running_mode = "AUTO_STOP" + running_mode_auto_stop_timeout_in_minutes = 60 + } + + tags = { + Department = "IT" + } +} + resource "aws_workspaces_ip_group" "main" { name = "main" description = "Main IP access control group" diff --git a/website/aws.erb b/website/aws.erb index 9c2b258301d..22ceaf66377 100644 --- a/website/aws.erb +++ b/website/aws.erb @@ -3543,14 +3543,6 @@
    • -
  • - Resources - -
  • @@ -3589,6 +3581,9 @@
  • aws_workspaces_ip_group
    • +
  • + aws_workspaces_workspace +
    • diff --git a/website/docs/r/workspaces_workspace.html.markdown b/website/docs/r/workspaces_workspace.html.markdown new file mode 100644 index 00000000000..c1563a7db95 --- /dev/null +++ b/website/docs/r/workspaces_workspace.html.markdown @@ -0,0 +1,84 @@ +--- +subcategory: "WorkSpaces" +layout: "aws" +page_title: "AWS: aws_workspaces_workspace" +description: |- + Provides a workspaces in AWS Workspaces Service. +--- + +# Resource: aws_workspace + +Provides a workspace in [AWS Workspaces](https://docs.aws.amazon.com/workspaces/latest/adminguide/amazon-workspaces.html) Service + +## Example Usage + +```hcl +data "aws_workspaces_directory" "main" { + directory_id = "d-ten5h0y19" +} + +data "aws_workspaces_bundle" "value_windows_10" { + bundle_id = "wsb-bh8rsxt14" # Value with Windows 10 (English) +} + +resource "aws_workspaces_workspace" "jhon.doe" { + directory_id = "${data.aws_workspaces_directory.main.id}" + bundle_id = "${data.aws_workspaces_bundle.value_windows_10.id}" + user_name = "jhon.doe" + + root_volume_encryption_enabled = true + user_volume_encryption_enabled = true + volume_encryption_key = "aws/workspaces" + + workspace_properties { + compute_type_name = "VALUE" + user_volume_size_gib = 10 + root_volume_size_gib = 80 + running_mode = "AUTO_STOP" + running_mode_auto_stop_timeout_in_minutes = 60 + } + + tags = { + Department = "IT" + } +} +``` + +## Argument Reference + +The following arguments are supported: + +* `directory_id` - (Required) The ID of the directory for the WorkSpace. +* `bundle_id` - (Required) The ID of the bundle for the WorkSpace. +* `user_name` – (Required) The user name of the user for the WorkSpace. This user name must exist in the directory for the WorkSpace. +* `root_volume_encryption_enabled` - (Optional) Indicates whether the data stored on the root volume is encrypted. +* `user_volume_encryption_enabled` – (Optional) Indicates whether the data stored on the user volume is encrypted. +* `volume_encryption_key` – (Optional) The symmetric AWS KMS customer master key (CMK) used to encrypt data stored on your WorkSpace. Amazon WorkSpaces does not support asymmetric CMKs. +* `tags` - (Optional) The tags for the WorkSpace. +* `workspace_properties` – (Optional) The WorkSpace properties. + +`workspace_properties` supports the following: + +* `compute_type_name` – (Optional) The compute type. For more information, see [Amazon WorkSpaces Bundles](http://aws.amazon.com/workspaces/details/#Amazon_WorkSpaces_Bundles). Valid values are `VALUE`, `STANDARD`, `PERFORMANCE`, `POWER`, `GRAPHICS`, `POWERPRO` and `GRAPHICSPRO`. +* `root_volume_size_gib` – (Optional) The size of the root volume. +* `running_mode` – (Optional) The size of the root volume. The running mode. For more information, see [Manage the WorkSpace Running Mode](https://docs.aws.amazon.com/workspaces/latest/adminguide/running-mode.html). Valid values are `AUTO_STOP` and `ALWAYS_ON`. +* `running_mode_auto_stop_timeout_in_minutes` – (Optional) The time after a user logs off when WorkSpaces are automatically stopped. Configured in 60-minute intervals. +* `user_volume_size_gib` – (Optional) The size of the user storage. + +## Attributes Reference + +In addition to all arguments above, the following attributes are exported: + +* `id` - The workspaces ID. +* `ip_address` - The IP address of the WorkSpace. +* `computer_name` - The name of the WorkSpace, as seen by the operating system. +* `state` - The operational state of the WorkSpace. + +## Import + +Workspaces can be imported using their ID, e.g. + +``` +$ terraform import aws_workspaces_workspace.example ws-9z9zmbkhv +``` + From 0762d2b9ea67677317ab4b1f0f795e38c14a9a87 Mon Sep 17 00:00:00 2001 From: Andrew Babichev Date: Wed, 6 May 2020 10:40:22 +0300 Subject: [PATCH 042/475] Add workspaces_directory sweeper dependency on workspaces_workspace --- aws/resource_aws_workspaces_directory.go | 12 ++++++------ aws/resource_aws_workspaces_directory_test.go | 5 +++-- 2 files changed, 9 insertions(+), 8 deletions(-) diff --git a/aws/resource_aws_workspaces_directory.go b/aws/resource_aws_workspaces_directory.go index 81e90d4188c..b98a3f0404f 100644 --- a/aws/resource_aws_workspaces_directory.go +++ b/aws/resource_aws_workspaces_directory.go @@ -9,6 +9,7 @@ import ( "github.com/aws/aws-sdk-go/service/workspaces" "github.com/hashicorp/terraform-plugin-sdk/helper/resource" "github.com/hashicorp/terraform-plugin-sdk/helper/schema" + "github.com/terraform-providers/terraform-provider-aws/aws/internal/keyvaluetags" ) @@ -252,18 +253,15 @@ func resourceAwsWorkspacesDirectoryDelete(d *schema.ResourceData, meta interface if err != nil { return fmt.Errorf("error deleting workspaces directory (%s): %s", d.Id(), err) } - log.Printf("[DEBUG] Workspaces directory %q is deregistered", d.Id()) return nil } func workspacesDirectoryDelete(id string, conn *workspaces.WorkSpaces) error { - input := &workspaces.DeregisterWorkspaceDirectoryInput{ - DirectoryId: aws.String(id), - } - log.Printf("[DEBUG] Deregistering Workspace Directory %q", id) - _, err := conn.DeregisterWorkspaceDirectory(input) + _, err := conn.DeregisterWorkspaceDirectory(&workspaces.DeregisterWorkspaceDirectoryInput{ + DirectoryId: aws.String(id), + }) if err != nil { return fmt.Errorf("error deregistering Workspace Directory %q: %w", id, err) } @@ -286,6 +284,8 @@ func workspacesDirectoryDelete(id string, conn *workspaces.WorkSpaces) error { if err != nil { return fmt.Errorf("error waiting for Workspace Directory %q to be deregistered: %w", id, err) } + log.Printf("[DEBUG] Workspaces Directory %q is deregistered", id) + return nil } diff --git a/aws/resource_aws_workspaces_directory_test.go b/aws/resource_aws_workspaces_directory_test.go index 1947b0c58b4..1ddc73e588f 100644 --- a/aws/resource_aws_workspaces_directory_test.go +++ b/aws/resource_aws_workspaces_directory_test.go @@ -16,8 +16,9 @@ import ( func init() { resource.AddTestSweepers("aws_workspaces_directory", &resource.Sweeper{ - Name: "aws_workspaces_directory", - F: testSweepWorkspacesDirectories, + Name: "aws_workspaces_directory", + F: testSweepWorkspacesDirectories, + Dependencies: []string{"aws_workspaces_workspace"}, }) } From 264edcce4c96364c59f8e722656ffbff08f2296a Mon Sep 17 00:00:00 2001 From: Andrew Babichev Date: Wed, 6 May 2020 10:59:40 +0300 Subject: [PATCH 043/475] Fix workspaces default role --- aws/resource_aws_workspaces_workspace_test.go | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/aws/resource_aws_workspaces_workspace_test.go b/aws/resource_aws_workspaces_workspace_test.go index c11862e8810..a90d9236026 100644 --- a/aws/resource_aws_workspaces_workspace_test.go +++ b/aws/resource_aws_workspaces_workspace_test.go @@ -317,14 +317,14 @@ resource "aws_iam_role" "workspaces-default" { assume_role_policy = data.aws_iam_policy_document.workspaces.json } -resource "aws_iam_role_policy_attachment" "workspaces-default-skylight-service-access" { +resource "aws_iam_role_policy_attachment" "workspaces-default-service-access" { role = aws_iam_role.workspaces-default.name - policy_arn = "arn:aws:iam::aws:policy/SkyLightServiceAccess" + policy_arn = "arn:aws:iam::aws:policy/AmazonWorkSpacesServiceAccess" } -resource "aws_iam_role_policy_attachment" "workspaces-default-skylight-self-service-access" { +resource "aws_iam_role_policy_attachment" "workspaces-default-self-service-access" { role = aws_iam_role.workspaces-default.name - policy_arn = "arn:aws:iam::aws:policy/SkyLightSelfServiceAccess" + policy_arn = "arn:aws:iam::aws:policy/AmazonWorkSpacesSelfServiceAccess" } data "aws_workspaces_bundle" "test" { From 802c1109b3f3321c0a51e7ac4f2d4891fdc79c67 Mon Sep 17 00:00:00 2001 From: DrFaust92 Date: Wed, 6 May 2020 12:17:25 +0300 Subject: [PATCH 044/475] add plan time validation to `rules.source` add tags test fix state removal when does not exist --- aws/resource_aws_workspaces_ip_group.go | 22 ++- aws/resource_aws_workspaces_ip_group_test.go | 135 ++++++++++++++++--- 2 files changed, 131 insertions(+), 26 deletions(-) diff --git a/aws/resource_aws_workspaces_ip_group.go b/aws/resource_aws_workspaces_ip_group.go index c0781a38e95..ec92c8f11e7 100644 --- a/aws/resource_aws_workspaces_ip_group.go +++ b/aws/resource_aws_workspaces_ip_group.go @@ -7,6 +7,7 @@ import ( "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/service/workspaces" "github.com/hashicorp/terraform-plugin-sdk/helper/schema" + "github.com/hashicorp/terraform-plugin-sdk/helper/validation" "github.com/terraform-providers/terraform-provider-aws/aws/internal/keyvaluetags" ) @@ -37,8 +38,9 @@ func resourceAwsWorkspacesIpGroup() *schema.Resource { Elem: &schema.Resource{ Schema: map[string]*schema.Schema{ "source": { - Type: schema.TypeString, - Required: true, + Type: schema.TypeString, + Required: true, + ValidateFunc: validation.IsCIDR, }, "description": { Type: schema.TypeString, @@ -91,9 +93,19 @@ func resourceAwsWorkspacesIpGroupRead(d *schema.ResourceData, meta interface{}) return err } - d.Set("name", resp.Result[0].GroupName) - d.Set("description", resp.Result[0].GroupDesc) - d.Set("rules", flattenIpGroupRules(resp.Result[0].UserRules)) + ipGroups := resp.Result + + if len(ipGroups) == 0 { + log.Printf("[WARN] Workspaces Ip Group (%s) not found, removing from state", d.Id()) + d.SetId("") + return nil + } + + ipGroup := ipGroups[0] + + d.Set("name", ipGroup.GroupName) + d.Set("description", ipGroup.GroupDesc) + d.Set("rules", flattenIpGroupRules(ipGroup.UserRules)) tags, err := keyvaluetags.WorkspacesListTags(conn, d.Id()) if err != nil { diff --git a/aws/resource_aws_workspaces_ip_group_test.go b/aws/resource_aws_workspaces_ip_group_test.go index 8dd52a09a45..0bc23485499 100644 --- a/aws/resource_aws_workspaces_ip_group_test.go +++ b/aws/resource_aws_workspaces_ip_group_test.go @@ -14,8 +14,8 @@ import ( func TestAccAwsWorkspacesIpGroup_basic(t *testing.T) { var v workspaces.IpGroup - ipGroupName := fmt.Sprintf("terraform-acctest-%s", acctest.RandString(10)) - ipGroupNewName := fmt.Sprintf("terraform-acctest-new-%s", acctest.RandString(10)) + ipGroupName := acctest.RandomWithPrefix("tf-acc-test") + ipGroupNewName := acctest.RandomWithPrefix("tf-acc-test-upd") ipGroupDescription := fmt.Sprintf("Terraform Acceptance Test %s", strings.Title(acctest.RandString(20))) resourceName := "aws_workspaces_ip_group.test" @@ -31,10 +31,7 @@ func TestAccAwsWorkspacesIpGroup_basic(t *testing.T) { resource.TestCheckResourceAttr(resourceName, "name", ipGroupName), resource.TestCheckResourceAttr(resourceName, "description", ipGroupDescription), resource.TestCheckResourceAttr(resourceName, "rules.#", "2"), - resource.TestCheckResourceAttr(resourceName, "tags.%", "3"), - resource.TestCheckResourceAttr(resourceName, "tags.Name", "test"), - resource.TestCheckResourceAttr(resourceName, "tags.Terraform", "true"), - resource.TestCheckResourceAttr(resourceName, "tags.IPGroup", "Home"), + resource.TestCheckResourceAttr(resourceName, "tags.%", "0"), ), }, { @@ -49,9 +46,6 @@ func TestAccAwsWorkspacesIpGroup_basic(t *testing.T) { resource.TestCheckResourceAttr(resourceName, "name", ipGroupNewName), resource.TestCheckResourceAttr(resourceName, "description", ipGroupDescription), resource.TestCheckResourceAttr(resourceName, "rules.#", "1"), - resource.TestCheckResourceAttr(resourceName, "tags.%", "2"), - resource.TestCheckResourceAttr(resourceName, "tags.IPGroup", "Home"), - resource.TestCheckResourceAttr(resourceName, "tags.Purpose", "test"), ), }, { @@ -63,6 +57,73 @@ func TestAccAwsWorkspacesIpGroup_basic(t *testing.T) { }) } +func TestAccAwsWorkspacesIpGroup_tags(t *testing.T) { + var v workspaces.IpGroup + resourceName := "aws_workspaces_ip_group.test" + rName := acctest.RandomWithPrefix("tf-acc-test") + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAwsWorkspacesIpGroupDestroy, + Steps: []resource.TestStep{ + { + Config: testAccAwsWorkspacesIpGroupConfigTags1(rName, "key1", "value1"), + Check: resource.ComposeAggregateTestCheckFunc( + testAccCheckAwsWorkspacesIpGroupExists(resourceName, &v), + resource.TestCheckResourceAttr(resourceName, "tags.%", "1"), + resource.TestCheckResourceAttr(resourceName, "tags.key1", "value1"), + ), + }, + { + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + }, + { + Config: testAccAwsWorkspacesIpGroupConfigTags2(rName, "key1", "value1updated", "key2", "value2"), + Check: resource.ComposeAggregateTestCheckFunc( + testAccCheckAwsWorkspacesIpGroupExists(resourceName, &v), + resource.TestCheckResourceAttr(resourceName, "tags.%", "2"), + resource.TestCheckResourceAttr(resourceName, "tags.key1", "value1updated"), + resource.TestCheckResourceAttr(resourceName, "tags.key2", "value2"), + ), + }, + { + Config: testAccAwsWorkspacesIpGroupConfigTags1(rName, "key2", "value2"), + Check: resource.ComposeAggregateTestCheckFunc( + testAccCheckAwsWorkspacesIpGroupExists(resourceName, &v), + resource.TestCheckResourceAttr(resourceName, "tags.%", "1"), + resource.TestCheckResourceAttr(resourceName, "tags.key2", "value2"), + ), + }, + }, + }) +} + +func TestAccAwsWorkspacesIpGroup_disappears(t *testing.T) { + var v workspaces.IpGroup + ipGroupName := acctest.RandomWithPrefix("tf-acc-test") + ipGroupDescription := fmt.Sprintf("Terraform Acceptance Test %s", strings.Title(acctest.RandString(20))) + resourceName := "aws_workspaces_ip_group.test" + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAwsWorkspacesIpGroupDestroy, + Steps: []resource.TestStep{ + { + Config: testAccAwsWorkspacesIpGroupConfigA(ipGroupName, ipGroupDescription), + Check: resource.ComposeAggregateTestCheckFunc( + testAccCheckAwsWorkspacesIpGroupExists(resourceName, &v), + testAccCheckResourceDisappears(testAccProvider, resourceAwsWorkspacesIpGroup(), resourceName), + ), + ExpectNonEmptyPlan: true, + }, + }, + }) +} + func testAccCheckAwsWorkspacesIpGroupDestroy(s *terraform.State) error { for _, rs := range s.RootModule().Resources { if rs.Type != "aws_workspaces_ip_group" { @@ -122,8 +183,8 @@ func testAccCheckAwsWorkspacesIpGroupExists(n string, v *workspaces.IpGroup) res func testAccAwsWorkspacesIpGroupConfigA(name, description string) string { return fmt.Sprintf(` resource "aws_workspaces_ip_group" "test" { - name = "%s" - description = "%s" + name = %[1]q + description = %[2]q rules { source = "10.0.0.0/16" @@ -133,21 +194,32 @@ resource "aws_workspaces_ip_group" "test" { source = "10.0.0.1/16" description = "Home" } +} +`, name, description) +} - tags = { - Name = "test" - Terraform = true - IPGroup = "Home" +func testAccAwsWorkspacesIpGroupConfigB(name, description string) string { + return fmt.Sprintf(` +resource "aws_workspaces_ip_group" "test" { + name = %[1]q + description = %[2]q + + rules { + source = "10.0.0.1/16" + description = "Home" } } `, name, description) } -func testAccAwsWorkspacesIpGroupConfigB(name, description string) string { +func testAccAwsWorkspacesIpGroupConfigTags1(name, tagKey1, tagValue1 string) string { return fmt.Sprintf(` resource "aws_workspaces_ip_group" "test" { - name = "%s" - description = "%s" + name = %[1]q + + rules { + source = "10.0.0.0/16" + } rules { source = "10.0.0.1/16" @@ -155,9 +227,30 @@ resource "aws_workspaces_ip_group" "test" { } tags = { - Purpose = "test" - IPGroup = "Home" + %[2]q = %[3]q } } -`, name, description) +`, name, tagKey1, tagValue1) +} + +func testAccAwsWorkspacesIpGroupConfigTags2(name, tagKey1, tagValue1, tagKey2, tagValue2 string) string { + return fmt.Sprintf(` +resource "aws_workspaces_ip_group" "test" { + name = %[1]q + + rules { + source = "10.0.0.0/16" + } + + rules { + source = "10.0.0.1/16" + description = "Home" + } + + tags = { + %[2]q = %[3]q + %[4]q = %[5]q + } +} +`, name, tagKey1, tagValue1, tagKey2, tagValue2) } From 691e2de181c5e12db1288842a142054c5a8a56cc Mon Sep 17 00:00:00 2001 From: Micheal Harker Date: Wed, 6 May 2020 17:00:24 +0100 Subject: [PATCH 045/475] r/vpn_connection: Remove case-insensitive mode parameter --- aws/resource_aws_vpn_connection.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/aws/resource_aws_vpn_connection.go b/aws/resource_aws_vpn_connection.go index 80698fe8921..7e5a1576204 100644 --- a/aws/resource_aws_vpn_connection.go +++ b/aws/resource_aws_vpn_connection.go @@ -620,7 +620,7 @@ func xmlConfigToTunnelInfo(xmlConfig string) (*TunnelInfo, error) { func validateVpnConnectionTunnelPreSharedKey() schema.SchemaValidateFunc { return validation.All( validation.StringLenBetween(8, 64), - validation.StringDoesNotMatch(regexp.MustCompile(`(?i)^0`), "cannot start with zero character"), + validation.StringDoesNotMatch(regexp.MustCompile(`^0`), "cannot start with zero character"), validation.StringMatch(regexp.MustCompile(`^[0-9a-zA-Z_.]+$`), "can only contain alphanumeric, period and underscore characters"), ) } From f848f090d2f2aba8fccd57ff5d882af34411845c Mon Sep 17 00:00:00 2001 From: Pascal van Buijtene Date: Wed, 6 May 2020 23:09:43 +0200 Subject: [PATCH 046/475] Suppress IPv6 state diffs --- aws/resource_aws_wafv2_ip_set.go | 22 ++++++++++++ aws/resource_aws_wafv2_ip_set_test.go | 51 +++++++++++++++++++++++++++ 2 files changed, 73 insertions(+) diff --git a/aws/resource_aws_wafv2_ip_set.go b/aws/resource_aws_wafv2_ip_set.go index 317f9f20548..6c95d656642 100644 --- a/aws/resource_aws_wafv2_ip_set.go +++ b/aws/resource_aws_wafv2_ip_set.go @@ -42,6 +42,28 @@ func resourceAwsWafv2IPSet() *schema.Resource { Optional: true, MaxItems: 50, Elem: &schema.Schema{Type: schema.TypeString}, + DiffSuppressFunc: func(k, old, new string, d *schema.ResourceData) bool { + o, n := d.GetChange("addresses") + oldAddresses := o.(*schema.Set).List() + newAddresses := n.(*schema.Set).List() + if len(oldAddresses) == len(newAddresses) { + for _, ov := range oldAddresses { + hasAddress := false + for _, nv := range newAddresses { + // isIpv6CidrsEquals works for both IPv4 and IPv6 + if isIpv6CidrsEquals(ov.(string), nv.(string)) { + hasAddress = true + break + } + } + if !hasAddress { + return false + } + } + return true + } + return false + }, }, "arn": { Type: schema.TypeString, diff --git a/aws/resource_aws_wafv2_ip_set_test.go b/aws/resource_aws_wafv2_ip_set_test.go index da0ef229f8d..4d12fb832f3 100644 --- a/aws/resource_aws_wafv2_ip_set_test.go +++ b/aws/resource_aws_wafv2_ip_set_test.go @@ -82,6 +82,41 @@ func TestAccAwsWafv2IPSet_Disappears(t *testing.T) { }) } +func TestAccAwsWafv2IPSet_IPv6(t *testing.T) { + var v wafv2.IPSet + ipSetName := fmt.Sprintf("ip-set-%s", acctest.RandString(5)) + resourceName := "aws_wafv2_ip_set.ip_set" + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSWafv2IPSetDestroy, + Steps: []resource.TestStep{ + { + Config: testAccAwsWafv2IPSetConfigIPv6(ipSetName), + Check: resource.ComposeTestCheckFunc( + testAccCheckAWSWafv2IPSetExists(resourceName, &v), + testAccMatchResourceAttrRegionalARN(resourceName, "arn", "wafv2", regexp.MustCompile(`regional/ipset/.+$`)), + resource.TestCheckResourceAttr(resourceName, "name", ipSetName), + resource.TestCheckResourceAttr(resourceName, "description", ipSetName), + resource.TestCheckResourceAttr(resourceName, "scope", wafv2.ScopeRegional), + resource.TestCheckResourceAttr(resourceName, "ip_address_version", wafv2.IPAddressVersionIpv6), + resource.TestCheckResourceAttr(resourceName, "addresses.#", "3"), + resource.TestCheckResourceAttr(resourceName, "addresses.1676510651", "1234:5678:9abc:6811:0000:0000:0000:0000/64"), + resource.TestCheckResourceAttr(resourceName, "addresses.3671909787", "2001:db8::/32"), + resource.TestCheckResourceAttr(resourceName, "addresses.4089736081", "0:0:0:0:0:ffff:7f00:1/64"), + ), + }, + { + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateIdFunc: testAccAWSWafv2IPSetImportStateIdFunc(resourceName), + }, + }, + }) +} + func TestAccAwsWafv2IPSet_Minimal(t *testing.T) { var v wafv2.IPSet ipSetName := fmt.Sprintf("ip-set-%s", acctest.RandString(5)) @@ -294,6 +329,22 @@ resource "aws_wafv2_ip_set" "ip_set" { `, name) } +func testAccAwsWafv2IPSetConfigIPv6(name string) string { + return fmt.Sprintf(` +resource "aws_wafv2_ip_set" "ip_set" { + name = "%s" + description = "%s" + scope = "REGIONAL" + ip_address_version = "IPV6" + addresses = [ + "0:0:0:0:0:ffff:7f00:1/64", + "1234:5678:9abc:6811:0000:0000:0000:0000/64", + "2001:db8::/32" + ] +} +`, name, name) +} + func testAccAwsWafv2IPSetConfigMinimal(name string) string { return fmt.Sprintf(` resource "aws_wafv2_ip_set" "ip_set" { From 7c0a5daf2730e6069816bc9ec295ea5561dcae86 Mon Sep 17 00:00:00 2001 From: Graham Davison Date: Wed, 6 May 2020 18:35:48 -0700 Subject: [PATCH 047/475] Updates Neptune acceptance tests to use ARN testing check functions Addresses: aws/resource_aws_neptune_cluster_instance_test.go:30:6: AWSAT001: prefer resource.TestCheckResourceAttrPair() or ARN check functions (e.g. testAccMatchResourceAttrRegionalARN) aws/resource_aws_neptune_cluster_instance_test.go:163:6: AWSAT001: prefer resource.TestCheckResourceAttrPair() or ARN check functions (e.g. testAccMatchResourceAttrRegionalARN) aws/resource_aws_neptune_cluster_parameter_group_test.go:31:6: AWSAT001: prefer resource.TestCheckResourceAttrPair() or ARN check functions (e.g. testAccMatchResourceAttrRegionalARN) aws/resource_aws_neptune_cluster_snapshot_test.go:31:6: AWSAT001: prefer resource.TestCheckResourceAttrPair() or ARN check functions (e.g. testAccMatchResourceAttrRegionalARN) aws/resource_aws_neptune_event_subscription_test.go:30:6: AWSAT001: prefer resource.TestCheckResourceAttrPair() or ARN check functions (e.g. testAccMatchResourceAttrRegionalARN) aws/resource_aws_neptune_parameter_group_test.go:30:6: AWSAT001: prefer resource.TestCheckResourceAttrPair() or ARN check functions (e.g. testAccMatchResourceAttrRegionalARN) --- aws/resource_aws_neptune_cluster.go | 4 +- aws/resource_aws_neptune_cluster_instance.go | 2 +- ...ource_aws_neptune_cluster_instance_test.go | 289 ++++++++++-------- ...ws_neptune_cluster_parameter_group_test.go | 107 ++++--- ...ource_aws_neptune_cluster_snapshot_test.go | 8 +- aws/resource_aws_neptune_cluster_test.go | 36 ++- ...rce_aws_neptune_event_subscription_test.go | 150 ++++----- ...source_aws_neptune_parameter_group_test.go | 2 +- 8 files changed, 328 insertions(+), 270 deletions(-) diff --git a/aws/resource_aws_neptune_cluster.go b/aws/resource_aws_neptune_cluster.go index 9b26405ab12..974f42ed00b 100644 --- a/aws/resource_aws_neptune_cluster.go +++ b/aws/resource_aws_neptune_cluster.go @@ -21,6 +21,8 @@ const ( // is not currently available in the AWS sdk-for-go // https://docs.aws.amazon.com/sdk-for-go/api/service/neptune/#pkg-constants CloudwatchLogsExportsAudit = "audit" + + neptuneDefaultPort = 8182 ) func resourceAwsNeptuneCluster() *schema.Resource { @@ -194,7 +196,7 @@ func resourceAwsNeptuneCluster() *schema.Resource { "port": { Type: schema.TypeInt, Optional: true, - Default: 8182, + Default: neptuneDefaultPort, ForceNew: true, }, diff --git a/aws/resource_aws_neptune_cluster_instance.go b/aws/resource_aws_neptune_cluster_instance.go index 87d7738974a..3ae7e12a258 100644 --- a/aws/resource_aws_neptune_cluster_instance.go +++ b/aws/resource_aws_neptune_cluster_instance.go @@ -134,7 +134,7 @@ func resourceAwsNeptuneClusterInstance() *schema.Resource { "port": { Type: schema.TypeInt, Optional: true, - Default: 8182, + Default: neptuneDefaultPort, ForceNew: true, }, diff --git a/aws/resource_aws_neptune_cluster_instance_test.go b/aws/resource_aws_neptune_cluster_instance_test.go index 0e913a1ce31..0fcd6bc3d41 100644 --- a/aws/resource_aws_neptune_cluster_instance_test.go +++ b/aws/resource_aws_neptune_cluster_instance_test.go @@ -3,6 +3,7 @@ package aws import ( "fmt" "regexp" + "strconv" "strings" "testing" @@ -15,6 +16,13 @@ import ( func TestAccAWSNeptuneClusterInstance_basic(t *testing.T) { var v neptune.DBInstance + rInt := acctest.RandInt() + + resourceName := "aws_neptune_cluster_instance.cluster_instances" + clusterResourceName := "aws_neptune_cluster.default" + parameterGroupResourceName := "aws_neptune_parameter_group.test" + + clusterInstanceName := fmt.Sprintf("tf-cluster-instance-%d", rInt) resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, @@ -22,40 +30,38 @@ func TestAccAWSNeptuneClusterInstance_basic(t *testing.T) { CheckDestroy: testAccCheckAWSNeptuneClusterDestroy, Steps: []resource.TestStep{ { - Config: testAccAWSNeptuneClusterInstanceConfig(acctest.RandInt()), + Config: testAccAWSNeptuneClusterInstanceConfig(clusterInstanceName, rInt), Check: resource.ComposeTestCheckFunc( - testAccCheckAWSNeptuneClusterInstanceExists("aws_neptune_cluster_instance.cluster_instances", &v), + testAccCheckAWSNeptuneClusterInstanceExists(resourceName, &v), testAccCheckAWSNeptuneClusterInstanceAttributes(&v), - resource.TestCheckResourceAttrSet("aws_neptune_cluster_instance.cluster_instances", "address"), - resource.TestMatchResourceAttr("aws_neptune_cluster_instance.cluster_instances", "arn", regexp.MustCompile(`^arn:[^:]+:rds:[^:]+:[^:]+:db:.+`)), - resource.TestCheckResourceAttr("aws_neptune_cluster_instance.cluster_instances", "auto_minor_version_upgrade", "true"), - resource.TestMatchResourceAttr("aws_neptune_cluster_instance.cluster_instances", "availability_zone", regexp.MustCompile(fmt.Sprintf("^%s", testAccGetRegion()))), - resource.TestCheckResourceAttrSet("aws_neptune_cluster_instance.cluster_instances", "cluster_identifier"), - resource.TestCheckResourceAttrSet("aws_neptune_cluster_instance.cluster_instances", "dbi_resource_id"), - resource.TestMatchResourceAttr("aws_neptune_cluster_instance.cluster_instances", "endpoint", regexp.MustCompile(`:8182$`)), - resource.TestCheckResourceAttr("aws_neptune_cluster_instance.cluster_instances", "engine", "neptune"), - resource.TestCheckResourceAttrSet("aws_neptune_cluster_instance.cluster_instances", "engine_version"), - resource.TestCheckResourceAttrSet("aws_neptune_cluster_instance.cluster_instances", "identifier"), - resource.TestCheckResourceAttr("aws_neptune_cluster_instance.cluster_instances", "instance_class", "db.r4.large"), - resource.TestCheckResourceAttr("aws_neptune_cluster_instance.cluster_instances", "kms_key_arn", ""), - resource.TestMatchResourceAttr("aws_neptune_cluster_instance.cluster_instances", "neptune_parameter_group_name", regexp.MustCompile(`^tf-cluster-test-group-`)), - resource.TestCheckResourceAttr("aws_neptune_cluster_instance.cluster_instances", "neptune_subnet_group_name", "default"), - resource.TestCheckResourceAttr("aws_neptune_cluster_instance.cluster_instances", "port", "8182"), - resource.TestCheckResourceAttrSet("aws_neptune_cluster_instance.cluster_instances", "preferred_backup_window"), - resource.TestCheckResourceAttrSet("aws_neptune_cluster_instance.cluster_instances", "preferred_maintenance_window"), - resource.TestCheckResourceAttr("aws_neptune_cluster_instance.cluster_instances", "promotion_tier", "3"), - resource.TestCheckResourceAttr("aws_neptune_cluster_instance.cluster_instances", "publicly_accessible", "false"), - resource.TestCheckResourceAttr("aws_neptune_cluster_instance.cluster_instances", "storage_encrypted", "false"), - resource.TestCheckResourceAttr("aws_neptune_cluster_instance.cluster_instances", "tags.%", "0"), - resource.TestCheckResourceAttr("aws_neptune_cluster_instance.cluster_instances", "writer", "true"), + testAccCheckNeptuneClusterAddress(&v, resourceName, neptuneDefaultPort), + testAccCheckResourceAttrRegionalARN(resourceName, "arn", "rds", fmt.Sprintf("db:%s", clusterInstanceName)), + resource.TestCheckResourceAttr(resourceName, "auto_minor_version_upgrade", "true"), + resource.TestMatchResourceAttr(resourceName, "availability_zone", regexp.MustCompile(fmt.Sprintf("^%s[a-z]{1}$", testAccGetRegion()))), + resource.TestCheckResourceAttrPair(resourceName, "cluster_identifier", clusterResourceName, "id"), + resource.TestCheckResourceAttrSet(resourceName, "dbi_resource_id"), + resource.TestCheckResourceAttr(resourceName, "engine", "neptune"), + resource.TestCheckResourceAttrSet(resourceName, "engine_version"), + resource.TestCheckResourceAttr(resourceName, "identifier", clusterInstanceName), + resource.TestCheckResourceAttr(resourceName, "instance_class", "db.r4.large"), + resource.TestCheckResourceAttr(resourceName, "kms_key_arn", ""), + resource.TestCheckResourceAttrPair(resourceName, "neptune_parameter_group_name", parameterGroupResourceName, "name"), + resource.TestCheckResourceAttr(resourceName, "neptune_subnet_group_name", "default"), + resource.TestCheckResourceAttrSet(resourceName, "preferred_backup_window"), + resource.TestCheckResourceAttrSet(resourceName, "preferred_maintenance_window"), + resource.TestCheckResourceAttr(resourceName, "promotion_tier", "3"), + resource.TestCheckResourceAttr(resourceName, "publicly_accessible", "false"), + resource.TestCheckResourceAttr(resourceName, "storage_encrypted", "false"), + resource.TestCheckResourceAttr(resourceName, "tags.%", "0"), + resource.TestCheckResourceAttr(resourceName, "writer", "true"), ), }, { - Config: testAccAWSNeptuneClusterInstanceConfigModified(acctest.RandInt()), + Config: testAccAWSNeptuneClusterInstanceConfigModified(clusterInstanceName, rInt), Check: resource.ComposeTestCheckFunc( - testAccCheckAWSNeptuneClusterInstanceExists("aws_neptune_cluster_instance.cluster_instances", &v), + testAccCheckAWSNeptuneClusterInstanceExists(resourceName, &v), testAccCheckAWSNeptuneClusterInstanceAttributes(&v), - resource.TestCheckResourceAttr("aws_neptune_cluster_instance.cluster_instances", "auto_minor_version_upgrade", "false"), + resource.TestCheckResourceAttr(resourceName, "auto_minor_version_upgrade", "false"), ), }, }, @@ -64,6 +70,10 @@ func TestAccAWSNeptuneClusterInstance_basic(t *testing.T) { func TestAccAWSNeptuneClusterInstance_withaz(t *testing.T) { var v neptune.DBInstance + rInt := acctest.RandInt() + + resourceName := "aws_neptune_cluster_instance.cluster_instances" + availabiltyZonesDataSourceName := "data.aws_availability_zones.available" resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, @@ -71,11 +81,12 @@ func TestAccAWSNeptuneClusterInstance_withaz(t *testing.T) { CheckDestroy: testAccCheckAWSNeptuneClusterDestroy, Steps: []resource.TestStep{ { - Config: testAccAWSNeptuneClusterInstanceConfig_az(acctest.RandInt()), + Config: testAccAWSNeptuneClusterInstanceConfig_az(rInt), Check: resource.ComposeTestCheckFunc( - testAccCheckAWSNeptuneClusterInstanceExists("aws_neptune_cluster_instance.cluster_instances", &v), + testAccCheckAWSNeptuneClusterInstanceExists(resourceName, &v), testAccCheckAWSNeptuneClusterInstanceAttributes(&v), - resource.TestMatchResourceAttr("aws_neptune_cluster_instance.cluster_instances", "availability_zone", regexp.MustCompile("^us-west-2[a-z]{1}$")), + resource.TestMatchResourceAttr(resourceName, "availability_zone", regexp.MustCompile(fmt.Sprintf("^%s[a-z]{1}$", testAccGetRegion()))), // NOPE + resource.TestCheckResourceAttrPair(resourceName, "availability_zone", availabiltyZonesDataSourceName, "names.0"), ), }, }, @@ -86,18 +97,21 @@ func TestAccAWSNeptuneClusterInstance_namePrefix(t *testing.T) { var v neptune.DBInstance rInt := acctest.RandInt() + resourceName := "aws_neptune_cluster_instance.test" + + namePrefix := "tf-cluster-instance-" + resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, Providers: testAccProviders, CheckDestroy: testAccCheckAWSNeptuneClusterDestroy, Steps: []resource.TestStep{ { - Config: testAccAWSNeptuneClusterInstanceConfig_namePrefix(rInt), + Config: testAccAWSNeptuneClusterInstanceConfig_namePrefix(namePrefix, rInt), Check: resource.ComposeTestCheckFunc( - testAccCheckAWSNeptuneClusterInstanceExists("aws_neptune_cluster_instance.test", &v), + testAccCheckAWSNeptuneClusterInstanceExists(resourceName, &v), testAccCheckAWSNeptuneClusterInstanceAttributes(&v), - resource.TestMatchResourceAttr( - "aws_neptune_cluster_instance.test", "identifier", regexp.MustCompile("^tf-cluster-instance-")), + resource.TestMatchResourceAttr(resourceName, "identifier", regexp.MustCompile(fmt.Sprintf("^%s", namePrefix))), ), }, }, @@ -108,6 +122,9 @@ func TestAccAWSNeptuneClusterInstance_withSubnetGroup(t *testing.T) { var v neptune.DBInstance rInt := acctest.RandInt() + resourceName := "aws_neptune_cluster_instance.test" + subnetGroupResourceName := "aws_neptune_subnet_group.test" + resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, Providers: testAccProviders, @@ -116,10 +133,9 @@ func TestAccAWSNeptuneClusterInstance_withSubnetGroup(t *testing.T) { { Config: testAccAWSNeptuneClusterInstanceConfig_withSubnetGroup(rInt), Check: resource.ComposeTestCheckFunc( - testAccCheckAWSNeptuneClusterInstanceExists("aws_neptune_cluster_instance.test", &v), + testAccCheckAWSNeptuneClusterInstanceExists(resourceName, &v), testAccCheckAWSNeptuneClusterInstanceAttributes(&v), - resource.TestCheckResourceAttr( - "aws_neptune_cluster_instance.test", "neptune_subnet_group_name", fmt.Sprintf("tf-test-%d", rInt)), + resource.TestCheckResourceAttrPair(resourceName, "neptune_subnet_group_name", subnetGroupResourceName, "name"), ), }, }, @@ -128,6 +144,9 @@ func TestAccAWSNeptuneClusterInstance_withSubnetGroup(t *testing.T) { func TestAccAWSNeptuneClusterInstance_generatedName(t *testing.T) { var v neptune.DBInstance + rInt := acctest.RandInt() + + resourceName := "aws_neptune_cluster_instance.test" resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, @@ -135,12 +154,11 @@ func TestAccAWSNeptuneClusterInstance_generatedName(t *testing.T) { CheckDestroy: testAccCheckAWSNeptuneClusterDestroy, Steps: []resource.TestStep{ { - Config: testAccAWSNeptuneClusterInstanceConfig_generatedName(acctest.RandInt()), + Config: testAccAWSNeptuneClusterInstanceConfig_generatedName(rInt), Check: resource.ComposeTestCheckFunc( - testAccCheckAWSNeptuneClusterInstanceExists("aws_neptune_cluster_instance.test", &v), + testAccCheckAWSNeptuneClusterInstanceExists(resourceName, &v), testAccCheckAWSNeptuneClusterInstanceAttributes(&v), - resource.TestMatchResourceAttr( - "aws_neptune_cluster_instance.test", "identifier", regexp.MustCompile("^tf-")), + resource.TestMatchResourceAttr(resourceName, "identifier", regexp.MustCompile("^tf-")), ), }, }, @@ -149,7 +167,10 @@ func TestAccAWSNeptuneClusterInstance_generatedName(t *testing.T) { func TestAccAWSNeptuneClusterInstance_kmsKey(t *testing.T) { var v neptune.DBInstance - keyRegex := regexp.MustCompile("^arn:aws:kms:") + rInt := acctest.RandInt() + + resourceName := "aws_neptune_cluster_instance.cluster_instances" + kmsKeyResourceName := "aws_kms_key.test" resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, @@ -157,11 +178,10 @@ func TestAccAWSNeptuneClusterInstance_kmsKey(t *testing.T) { CheckDestroy: testAccCheckAWSNeptuneClusterDestroy, Steps: []resource.TestStep{ { - Config: testAccAWSNeptuneClusterInstanceConfigKmsKey(acctest.RandInt()), + Config: testAccAWSNeptuneClusterInstanceConfigKmsKey(rInt), Check: resource.ComposeTestCheckFunc( - testAccCheckAWSNeptuneClusterInstanceExists("aws_neptune_cluster_instance.cluster_instances", &v), - resource.TestMatchResourceAttr( - "aws_neptune_cluster_instance.cluster_instances", "kms_key_arn", keyRegex), + testAccCheckAWSNeptuneClusterInstanceExists(resourceName, &v), + resource.TestCheckResourceAttrPair(resourceName, "kms_key_arn", kmsKeyResourceName, "arn"), ), }, }, @@ -214,24 +234,46 @@ func testAccCheckAWSNeptuneClusterInstanceAttributes(v *neptune.DBInstance) reso } } -func testAccAWSNeptuneClusterInstanceConfig(n int) string { - return fmt.Sprintf(` -resource "aws_neptune_cluster" "default" { - cluster_identifier = "tf-neptune-cluster-test-%d" - availability_zones = ["us-west-2a", "us-west-2b", "us-west-2c"] - skip_final_snapshot = true +func testAccCheckNeptuneClusterAddress(v *neptune.DBInstance, resourceName string, portNumber int) resource.TestCheckFunc { + return func(s *terraform.State) error { + address := aws.StringValue(v.Endpoint.Address) + if err := resource.TestCheckResourceAttr(resourceName, "address", address)(s); err != nil { + return err + } + + port := strconv.Itoa(portNumber) + if err := resource.TestCheckResourceAttr(resourceName, "port", port)(s); err != nil { + return err + } + + if err := resource.TestCheckResourceAttr(resourceName, "endpoint", fmt.Sprintf("%s:%s", address, port))(s); err != nil { + return err + } + + return nil + } } +func testAccAWSNeptuneClusterInstanceConfig(instanceName string, n int) string { + return composeConfig( + testAccAWSNeptuneClusterConfigBase, + fmt.Sprintf(` resource "aws_neptune_cluster_instance" "cluster_instances" { - identifier = "tf-cluster-instance-%d" + identifier = %[1]q cluster_identifier = "${aws_neptune_cluster.default.id}" instance_class = "db.r4.large" - neptune_parameter_group_name = "${aws_neptune_parameter_group.bar.name}" + neptune_parameter_group_name = "${aws_neptune_parameter_group.test.name}" promotion_tier = "3" } -resource "aws_neptune_parameter_group" "bar" { - name = "tf-cluster-test-group-%d" +resource "aws_neptune_cluster" "default" { + cluster_identifier = "tf-neptune-cluster-test-%[2]d" + availability_zones = local.availability_zone_names + skip_final_snapshot = true +} + +resource "aws_neptune_parameter_group" "test" { + name = "tf-cluster-test-group-%[2]d" family = "neptune1" parameter { @@ -240,31 +282,33 @@ resource "aws_neptune_parameter_group" "bar" { } tags = { - foo = "bar" + Name = "test" } } -`, n, n, n) -} - -func testAccAWSNeptuneClusterInstanceConfigModified(n int) string { - return fmt.Sprintf(` -resource "aws_neptune_cluster" "default" { - cluster_identifier = "tf-neptune-cluster-test-%d" - availability_zones = ["us-west-2a", "us-west-2b", "us-west-2c"] - skip_final_snapshot = true +`, instanceName, n)) } +func testAccAWSNeptuneClusterInstanceConfigModified(instanceName string, n int) string { + return composeConfig( + testAccAWSNeptuneClusterConfigBase, + fmt.Sprintf(` resource "aws_neptune_cluster_instance" "cluster_instances" { - identifier = "tf-cluster-instance-%d" + identifier = %[1]q cluster_identifier = "${aws_neptune_cluster.default.id}" instance_class = "db.r4.large" - neptune_parameter_group_name = "${aws_neptune_parameter_group.bar.name}" + neptune_parameter_group_name = "${aws_neptune_parameter_group.test.name}" auto_minor_version_upgrade = false promotion_tier = "3" } -resource "aws_neptune_parameter_group" "bar" { - name = "tf-cluster-test-group-%d" +resource "aws_neptune_cluster" "default" { + cluster_identifier = "tf-neptune-cluster-test-%[2]d" + availability_zones = local.availability_zone_names + skip_final_snapshot = true +} + +resource "aws_neptune_parameter_group" "test" { + name = "tf-cluster-test-group-%[2]d" family = "neptune1" parameter { @@ -273,40 +317,33 @@ resource "aws_neptune_parameter_group" "bar" { } tags = { - foo = "bar" + Name = "test" } } -`, n, n, n) +`, instanceName, n)) } func testAccAWSNeptuneClusterInstanceConfig_az(n int) string { - return fmt.Sprintf(` -data "aws_availability_zones" "available" { - state = "available" - - filter { - name = "opt-in-status" - values = ["opt-in-not-required"] - } -} - -resource "aws_neptune_cluster" "default" { - cluster_identifier = "tf-neptune-cluster-test-%d" - availability_zones = ["${data.aws_availability_zones.available.names[0]}", "${data.aws_availability_zones.available.names[1]}", "${data.aws_availability_zones.available.names[2]}"] - skip_final_snapshot = true -} - + return composeConfig( + testAccAWSNeptuneClusterConfigBase, + fmt.Sprintf(` resource "aws_neptune_cluster_instance" "cluster_instances" { - identifier = "tf-cluster-instance-%d" + identifier = "tf-cluster-instance-%[1]d" cluster_identifier = "${aws_neptune_cluster.default.id}" instance_class = "db.r4.large" - neptune_parameter_group_name = "${aws_neptune_parameter_group.bar.name}" + neptune_parameter_group_name = "${aws_neptune_parameter_group.test.name}" promotion_tier = "3" - availability_zone = "${data.aws_availability_zones.available.names[0]}" + availability_zone = data.aws_availability_zones.available.names[0] +} + +resource "aws_neptune_cluster" "default" { + cluster_identifier = "tf-neptune-cluster-test-%[1]d" + availability_zones = local.availability_zone_names + skip_final_snapshot = true } -resource "aws_neptune_parameter_group" "bar" { - name = "tf-cluster-test-group-%d" +resource "aws_neptune_parameter_group" "test" { + name = "tf-cluster-test-group-%[1]d" family = "neptune1" parameter { @@ -315,22 +352,24 @@ resource "aws_neptune_parameter_group" "bar" { } tags = { - foo = "bar" + Name = "test" } } -`, n, n, n) +`, n)) } func testAccAWSNeptuneClusterInstanceConfig_withSubnetGroup(n int) string { - return fmt.Sprintf(` + return composeConfig( + testAccAWSNeptuneClusterConfigBase, + fmt.Sprintf(` resource "aws_neptune_cluster_instance" "test" { - identifier = "tf-cluster-instance-%d" + identifier = "tf-cluster-instance-%[1]d" cluster_identifier = "${aws_neptune_cluster.test.id}" instance_class = "db.r4.large" } resource "aws_neptune_cluster" "test" { - cluster_identifier = "tf-neptune-cluster-%d" + cluster_identifier = "tf-neptune-cluster-%[1]d" neptune_subnet_group_name = "${aws_neptune_subnet_group.test.name}" skip_final_snapshot = true } @@ -364,22 +403,24 @@ resource "aws_subnet" "b" { } resource "aws_neptune_subnet_group" "test" { - name = "tf-test-%d" + name = "tf-test-%[1]d" subnet_ids = ["${aws_subnet.a.id}", "${aws_subnet.b.id}"] } -`, n, n, n) +`, n)) } -func testAccAWSNeptuneClusterInstanceConfig_namePrefix(n int) string { - return fmt.Sprintf(` +func testAccAWSNeptuneClusterInstanceConfig_namePrefix(namePrefix string, n int) string { + return composeConfig( + testAccAWSNeptuneClusterConfigBase, + fmt.Sprintf(` resource "aws_neptune_cluster_instance" "test" { - identifier_prefix = "tf-cluster-instance-" + identifier_prefix = %[1]q cluster_identifier = "${aws_neptune_cluster.test.id}" instance_class = "db.r4.large" } resource "aws_neptune_cluster" "test" { - cluster_identifier = "tf-neptune-cluster-%d" + cluster_identifier = "tf-neptune-cluster-%[2]d" neptune_subnet_group_name = "${aws_neptune_subnet_group.test.name}" skip_final_snapshot = true } @@ -413,21 +454,23 @@ resource "aws_subnet" "b" { } resource "aws_neptune_subnet_group" "test" { - name = "tf-test-%d" + name = "tf-test-%[2]d" subnet_ids = ["${aws_subnet.a.id}", "${aws_subnet.b.id}"] } -`, n, n) +`, namePrefix, n)) } func testAccAWSNeptuneClusterInstanceConfig_generatedName(n int) string { - return fmt.Sprintf(` + return composeConfig( + testAccAWSNeptuneClusterConfigBase, + fmt.Sprintf(` resource "aws_neptune_cluster_instance" "test" { cluster_identifier = "${aws_neptune_cluster.test.id}" instance_class = "db.r4.large" } resource "aws_neptune_cluster" "test" { - cluster_identifier = "tf-neptune-cluster-%d" + cluster_identifier = "tf-neptune-cluster-%[1]d" neptune_subnet_group_name = "${aws_neptune_subnet_group.test.name}" skip_final_snapshot = true } @@ -461,16 +504,18 @@ resource "aws_subnet" "b" { } resource "aws_neptune_subnet_group" "test" { - name = "tf-test-%d" + name = "tf-test-%[1]d" subnet_ids = ["${aws_subnet.a.id}", "${aws_subnet.b.id}"] } -`, n, n) +`, n)) } func testAccAWSNeptuneClusterInstanceConfigKmsKey(n int) string { - return fmt.Sprintf(` -resource "aws_kms_key" "foo" { - description = "Terraform acc test %d" + return composeConfig( + testAccAWSNeptuneClusterConfigBase, + fmt.Sprintf(` +resource "aws_kms_key" "test" { + description = "Terraform acc test %[1]d" policy = < Date: Fri, 10 Apr 2020 17:47:33 +0300 Subject: [PATCH 048/475] use enums + refactor tests --- aws/resource_aws_volume_attachment.go | 21 +- aws/resource_aws_volume_attachment_test.go | 259 ++++++++++++++------- 2 files changed, 179 insertions(+), 101 deletions(-) diff --git a/aws/resource_aws_volume_attachment.go b/aws/resource_aws_volume_attachment.go index 228b97e0d15..ee9ac728ba4 100644 --- a/aws/resource_aws_volume_attachment.go +++ b/aws/resource_aws_volume_attachment.go @@ -97,9 +97,9 @@ func resourceAwsVolumeAttachmentCreate(d *schema.ResourceData, meta interface{}) // a spot request and whilst the request has been fulfilled the // instance is not running yet stateConf := &resource.StateChangeConf{ - Pending: []string{"pending", "stopping"}, - Target: []string{"running", "stopped"}, - Refresh: InstanceStateRefreshFunc(conn, iID, []string{"terminated"}), + Pending: []string{ec2.InstanceStateNamePending, ec2.InstanceStateNameStopping}, + Target: []string{ec2.InstanceStateNameRunning, ec2.InstanceStateNameStopped}, + Refresh: InstanceStateRefreshFunc(conn, iID, []string{ec2.InstanceStateNameTerminated}), Timeout: 10 * time.Minute, Delay: 10 * time.Second, MinTimeout: 3 * time.Second, @@ -126,13 +126,12 @@ func resourceAwsVolumeAttachmentCreate(d *schema.ResourceData, meta interface{}) return fmt.Errorf("Error attaching volume (%s) to instance (%s), message: \"%s\", code: \"%s\"", vID, iID, awsErr.Message(), awsErr.Code()) } - return err } } stateConf := &resource.StateChangeConf{ - Pending: []string{"attaching"}, - Target: []string{"attached"}, + Pending: []string{ec2.VolumeAttachmentStateAttaching}, + Target: []string{ec2.VolumeAttachmentStateAttached}, Refresh: volumeAttachmentStateRefreshFunc(conn, name, vID, iID), Timeout: 5 * time.Minute, Delay: 10 * time.Second, @@ -183,7 +182,7 @@ func volumeAttachmentStateRefreshFunc(conn *ec2.EC2, name, volumeID, instanceID } } // assume detached if volume count is 0 - return 42, "detached", nil + return 42, ec2.VolumeAttachmentStateDetached, nil } } @@ -206,14 +205,14 @@ func resourceAwsVolumeAttachmentRead(d *schema.ResourceData, meta interface{}) e vols, err := conn.DescribeVolumes(request) if err != nil { - if ec2err, ok := err.(awserr.Error); ok && ec2err.Code() == "InvalidVolume.NotFound" { + if isAWSErr(err, "InvalidVolume.NotFound", "") { d.SetId("") return nil } return fmt.Errorf("Error reading EC2 volume %s for instance: %s: %#v", d.Get("volume_id").(string), d.Get("instance_id").(string), err) } - if len(vols.Volumes) == 0 || *vols.Volumes[0].State == "available" { + if len(vols.Volumes) == 0 || *vols.Volumes[0].State == ec2.VolumeStateAvailable { log.Printf("[DEBUG] Volume Attachment (%s) not found, removing from state", d.Id()) d.SetId("") } @@ -250,8 +249,8 @@ func resourceAwsVolumeAttachmentDelete(d *schema.ResourceData, meta interface{}) vID, iID, err) } stateConf := &resource.StateChangeConf{ - Pending: []string{"detaching"}, - Target: []string{"detached"}, + Pending: []string{ec2.VolumeAttachmentStateDetaching}, + Target: []string{ec2.VolumeAttachmentStateDetached}, Refresh: volumeAttachmentStateRefreshFunc(conn, name, vID, iID), Timeout: 5 * time.Minute, Delay: 10 * time.Second, diff --git a/aws/resource_aws_volume_attachment_test.go b/aws/resource_aws_volume_attachment_test.go index db85ebfd1c2..f8d761f9ffe 100644 --- a/aws/resource_aws_volume_attachment_test.go +++ b/aws/resource_aws_volume_attachment_test.go @@ -15,6 +15,7 @@ import ( func TestAccAWSVolumeAttachment_basic(t *testing.T) { var i ec2.Instance var v ec2.Volume + resourceName := "aws_volume_attachment.test" resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, @@ -24,14 +25,10 @@ func TestAccAWSVolumeAttachment_basic(t *testing.T) { { Config: testAccVolumeAttachmentConfig, Check: resource.ComposeTestCheckFunc( - resource.TestCheckResourceAttr( - "aws_volume_attachment.ebs_att", "device_name", "/dev/sdh"), - testAccCheckInstanceExists( - "aws_instance.web", &i), - testAccCheckVolumeExists( - "aws_ebs_volume.example", &v), - testAccCheckVolumeAttachmentExists( - "aws_volume_attachment.ebs_att", &i, &v), + resource.TestCheckResourceAttr(resourceName, "device_name", "/dev/sdh"), + testAccCheckInstanceExists("aws_instance.test", &i), + testAccCheckVolumeExists("aws_ebs_volume.test", &v), + testAccCheckVolumeAttachmentExists(resourceName, &i, &v), ), }, { @@ -47,6 +44,7 @@ func TestAccAWSVolumeAttachment_basic(t *testing.T) { func TestAccAWSVolumeAttachment_skipDestroy(t *testing.T) { var i ec2.Instance var v ec2.Volume + resourceName := "aws_volume_attachment.test" resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, @@ -56,14 +54,10 @@ func TestAccAWSVolumeAttachment_skipDestroy(t *testing.T) { { Config: testAccVolumeAttachmentConfigSkipDestroy, Check: resource.ComposeTestCheckFunc( - resource.TestCheckResourceAttr( - "aws_volume_attachment.ebs_att", "device_name", "/dev/sdh"), - testAccCheckInstanceExists( - "aws_instance.web", &i), - testAccCheckVolumeExists( - "aws_ebs_volume.example", &v), - testAccCheckVolumeAttachmentExists( - "aws_volume_attachment.ebs_att", &i, &v), + resource.TestCheckResourceAttr(resourceName, "device_name", "/dev/sdh"), + testAccCheckInstanceExists("aws_instance.test", &i), + testAccCheckVolumeExists("aws_ebs_volume.test", &v), + testAccCheckVolumeAttachmentExists(resourceName, &i, &v), ), }, { @@ -82,6 +76,7 @@ func TestAccAWSVolumeAttachment_skipDestroy(t *testing.T) { func TestAccAWSVolumeAttachment_attachStopped(t *testing.T) { var i ec2.Instance var v ec2.Volume + resourceName := "aws_volume_attachment.test" stopInstance := func() { conn := testAccProvider.Meta().(*AWSClient).ec2conn @@ -94,8 +89,8 @@ func TestAccAWSVolumeAttachment_attachStopped(t *testing.T) { } stateConf := &resource.StateChangeConf{ - Pending: []string{"pending", "running", "stopping"}, - Target: []string{"stopped"}, + Pending: []string{ec2.InstanceStateNamePending, ec2.InstanceStateNameRunning, ec2.InstanceStateNameStopping}, + Target: []string{ec2.InstanceStateNameStopped}, Refresh: InstanceStateRefreshFunc(conn, *i.InstanceId, []string{}), Timeout: 10 * time.Minute, Delay: 10 * time.Second, @@ -116,22 +111,17 @@ func TestAccAWSVolumeAttachment_attachStopped(t *testing.T) { { Config: testAccVolumeAttachmentConfigInstanceOnly, Check: resource.ComposeTestCheckFunc( - testAccCheckInstanceExists( - "aws_instance.web", &i), + testAccCheckInstanceExists("aws_instance.test", &i), ), }, { PreConfig: stopInstance, Config: testAccVolumeAttachmentConfig, Check: resource.ComposeTestCheckFunc( - resource.TestCheckResourceAttr( - "aws_volume_attachment.ebs_att", "device_name", "/dev/sdh"), - testAccCheckInstanceExists( - "aws_instance.web", &i), - testAccCheckVolumeExists( - "aws_ebs_volume.example", &v), - testAccCheckVolumeAttachmentExists( - "aws_volume_attachment.ebs_att", &i, &v), + resource.TestCheckResourceAttr(resourceName, "device_name", "/dev/sdh"), + testAccCheckInstanceExists("aws_instance.test", &i), + testAccCheckVolumeExists("aws_ebs_volume.test", &v), + testAccCheckVolumeAttachmentExists(resourceName, &i, &v), ), }, { @@ -145,6 +135,8 @@ func TestAccAWSVolumeAttachment_attachStopped(t *testing.T) { } func TestAccAWSVolumeAttachment_update(t *testing.T) { + resourceName := "aws_volume_attachment.test" + resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, Providers: testAccProviders, @@ -153,10 +145,8 @@ func TestAccAWSVolumeAttachment_update(t *testing.T) { { Config: testAccVolumeAttachmentConfig_update(false), Check: resource.ComposeTestCheckFunc( - resource.TestCheckResourceAttr( - "aws_volume_attachment.ebs_att", "force_detach", "false"), - resource.TestCheckResourceAttr( - "aws_volume_attachment.ebs_att", "skip_destroy", "false"), + resource.TestCheckResourceAttr(resourceName, "force_detach", "false"), + resource.TestCheckResourceAttr(resourceName, "skip_destroy", "false"), ), }, { @@ -172,10 +162,8 @@ func TestAccAWSVolumeAttachment_update(t *testing.T) { { Config: testAccVolumeAttachmentConfig_update(true), Check: resource.ComposeTestCheckFunc( - resource.TestCheckResourceAttr( - "aws_volume_attachment.ebs_att", "force_detach", "true"), - resource.TestCheckResourceAttr( - "aws_volume_attachment.ebs_att", "skip_destroy", "true"), + resource.TestCheckResourceAttr(resourceName, "force_detach", "true"), + resource.TestCheckResourceAttr(resourceName, "skip_destroy", "true"), ), }, { @@ -192,6 +180,28 @@ func TestAccAWSVolumeAttachment_update(t *testing.T) { }) } +func TestAccAWSVolumeAttachment_disappears(t *testing.T) { + var i ec2.Instance + var v ec2.Volume + resourceName := "aws_volume_attachment.test" + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckVolumeAttachmentDestroy, + Steps: []resource.TestStep{ + { + Config: testAccVolumeAttachmentConfig, + Check: resource.ComposeTestCheckFunc( + testAccCheckVolumeAttachmentExists(resourceName, &i, &v), + testAccCheckVolumeAttachmentDisappears(resourceName, &i, &v), + ), + ExpectNonEmptyPlan: true, + }, + }, + }) +} + func testAccCheckVolumeAttachmentExists(n string, i *ec2.Instance, v *ec2.Volume) resource.TestCheckFunc { return func(s *terraform.State) error { rs, ok := s.RootModule().Resources[n] @@ -205,7 +215,9 @@ func testAccCheckVolumeAttachmentExists(n string, i *ec2.Instance, v *ec2.Volume for _, b := range i.BlockDeviceMappings { if rs.Primary.Attributes["device_name"] == *b.DeviceName { - if b.Ebs.VolumeId != nil && rs.Primary.Attributes["volume_id"] == *b.Ebs.VolumeId { + if b.Ebs.VolumeId != nil && + rs.Primary.Attributes["volume_id"] == *b.Ebs.VolumeId && + rs.Primary.Attributes["volume_id"] == *v.VolumeId { // pass return nil } @@ -216,107 +228,174 @@ func testAccCheckVolumeAttachmentExists(n string, i *ec2.Instance, v *ec2.Volume } } +func testAccCheckVolumeAttachmentDisappears(n string, i *ec2.Instance, v *ec2.Volume) resource.TestCheckFunc { + return func(s *terraform.State) error { + rs, ok := s.RootModule().Resources[n] + if !ok { + return fmt.Errorf("Not found: %s", n) + } + + if rs.Primary.ID == "" { + return fmt.Errorf("No ID is set") + } + + conn := testAccProvider.Meta().(*AWSClient).ec2conn + + opts := &ec2.DetachVolumeInput{ + Device: aws.String(rs.Primary.Attributes["device_name"]), + InstanceId: i.InstanceId, + VolumeId: v.VolumeId, + Force: aws.Bool(true), + } + + _, err := conn.DetachVolume(opts) + if err != nil { + return err + } + + vId := aws.StringValue(v.VolumeId) + iId := aws.StringValue(i.InstanceId) + + stateConf := &resource.StateChangeConf{ + Pending: []string{ec2.VolumeAttachmentStateDetaching}, + Target: []string{ec2.VolumeAttachmentStateDetached}, + Refresh: volumeAttachmentStateRefreshFunc(conn, rs.Primary.Attributes["device_name"], vId, iId), + Timeout: 5 * time.Minute, + Delay: 10 * time.Second, + MinTimeout: 3 * time.Second, + } + + log.Printf("[DEBUG] Detaching Volume (%s) from Instance (%s)", vId, iId) + _, err = stateConf.WaitForState() + if err != nil { + return fmt.Errorf( + "Error waiting for Volume (%s) to detach from Instance (%s): %s", + vId, iId, err) + } + + return err + } +} + func testAccCheckVolumeAttachmentDestroy(s *terraform.State) error { + conn := testAccProvider.Meta().(*AWSClient).ec2conn + for _, rs := range s.RootModule().Resources { - log.Printf("\n\n----- This is never called") if rs.Type != "aws_volume_attachment" { continue } + + request := &ec2.DescribeVolumesInput{ + VolumeIds: []*string{aws.String(rs.Primary.Attributes["volume_id"])}, + Filters: []*ec2.Filter{ + { + Name: aws.String("attachment.device"), + Values: []*string{aws.String(rs.Primary.Attributes["device_name"])}, + }, + { + Name: aws.String("attachment.instance-id"), + Values: []*string{aws.String(rs.Primary.Attributes["instance_id"])}, + }, + }, + } + + _, err := conn.DescribeVolumes(request) + if err != nil { + if isAWSErr(err, "InvalidVolume.NotFound", "") { + return nil + } + return fmt.Errorf("error describing volumes (%s): %s", rs.Primary.ID, err) + } } return nil } const testAccVolumeAttachmentConfigInstanceOnly = ` -resource "aws_instance" "web" { - ami = "ami-21f78e11" - availability_zone = "us-west-2a" - instance_type = "t1.micro" - tags = { - Name = "HelloWorld" +data "aws_availability_zones" "available" { + state = "available" + + filter { + name = "opt-in-status" + values = ["opt-in-not-required"] } } -` -const testAccVolumeAttachmentConfig = ` -resource "aws_instance" "web" { - ami = "ami-21f78e11" - availability_zone = "us-west-2a" - instance_type = "t1.micro" +resource "aws_instance" "test" { + ami = "ami-21f78e11" + availability_zone = "${data.aws_availability_zones.available.names[0]}" + instance_type = "t1.micro" + tags = { - Name = "HelloWorld" + Name = "tf-acc-test-volume-attachment" } } +` + +const testAccVolumeAttachmentConfig = testAccVolumeAttachmentConfigInstanceOnly + ` +resource "aws_ebs_volume" "test" { + availability_zone = "${data.aws_availability_zones.available.names[0]}" + size = 1 -resource "aws_ebs_volume" "example" { - availability_zone = "us-west-2a" - size = 1 + tags = { + Name = "tf-acc-test-volume-attachment" + } } -resource "aws_volume_attachment" "ebs_att" { +resource "aws_volume_attachment" "test" { device_name = "/dev/sdh" - volume_id = "${aws_ebs_volume.example.id}" - instance_id = "${aws_instance.web.id}" + volume_id = "${aws_ebs_volume.test.id}" + instance_id = "${aws_instance.test.id}" } ` -const testAccVolumeAttachmentConfigSkipDestroy = ` -resource "aws_instance" "web" { - ami = "ami-21f78e11" - availability_zone = "us-west-2a" - instance_type = "t1.micro" - tags = { - Name = "HelloWorld" - } -} +const testAccVolumeAttachmentConfigSkipDestroy = testAccVolumeAttachmentConfigInstanceOnly + ` +resource "aws_ebs_volume" "test" { + availability_zone = "${data.aws_availability_zones.available.names[0]}" + size = 1 -resource "aws_ebs_volume" "example" { - availability_zone = "us-west-2a" - size = 1 tags = { - Name = "TestVolume" + Name = "tf-acc-test-volume-attachment" } } -data "aws_ebs_volume" "ebs_volume" { +data "aws_ebs_volume" "test" { filter { name = "size" - values = ["${aws_ebs_volume.example.size}"] + values = ["${aws_ebs_volume.test.size}"] } filter { name = "availability-zone" - values = ["${aws_ebs_volume.example.availability_zone}"] + values = ["${aws_ebs_volume.test.availability_zone}"] } filter { name = "tag:Name" - values = ["TestVolume"] + values = ["tf-acc-test-volume-attachment"] } } -resource "aws_volume_attachment" "ebs_att" { - device_name = "/dev/sdh" - volume_id = "${data.aws_ebs_volume.ebs_volume.id}" - instance_id = "${aws_instance.web.id}" +resource "aws_volume_attachment" "test" { + device_name = "/dev/sdh" + volume_id = "${data.aws_ebs_volume.test.id}" + instance_id = "${aws_instance.test.id}" skip_destroy = true } ` func testAccVolumeAttachmentConfig_update(detach bool) string { - return fmt.Sprintf(` -resource "aws_instance" "web" { - ami = "ami-21f78e11" - availability_zone = "us-west-2a" - instance_type = "t1.micro" -} - -resource "aws_ebs_volume" "example" { - availability_zone = "us-west-2a" + return testAccVolumeAttachmentConfigInstanceOnly + fmt.Sprintf(` +resource "aws_ebs_volume" "test" { + availability_zone = "${data.aws_availability_zones.available.names[0]}" size = 1 + + tags = { + Name = "tf-acc-test-volume-attachment" + } } -resource "aws_volume_attachment" "ebs_att" { +resource "aws_volume_attachment" "test" { device_name = "/dev/sdh" - volume_id = "${aws_ebs_volume.example.id}" - instance_id = "${aws_instance.web.id}" + volume_id = "${aws_ebs_volume.test.id}" + instance_id = "${aws_instance.test.id}" force_detach = %t skip_destroy = %t } From ac28a4e29a2d4bd7e4c2417adcc1db6c83491077 Mon Sep 17 00:00:00 2001 From: DrFaust92 Date: Fri, 10 Apr 2020 17:51:56 +0300 Subject: [PATCH 049/475] fix missing test --- aws/resource_aws_volume_attachment_test.go | 2 ++ 1 file changed, 2 insertions(+) diff --git a/aws/resource_aws_volume_attachment_test.go b/aws/resource_aws_volume_attachment_test.go index f8d761f9ffe..f03c3237474 100644 --- a/aws/resource_aws_volume_attachment_test.go +++ b/aws/resource_aws_volume_attachment_test.go @@ -193,6 +193,8 @@ func TestAccAWSVolumeAttachment_disappears(t *testing.T) { { Config: testAccVolumeAttachmentConfig, Check: resource.ComposeTestCheckFunc( + testAccCheckInstanceExists("aws_instance.test", &i), + testAccCheckVolumeExists("aws_ebs_volume.test", &v), testAccCheckVolumeAttachmentExists(resourceName, &i, &v), testAccCheckVolumeAttachmentDisappears(resourceName, &i, &v), ), From dfd902bd1bf1f3d303e5774ccfb2c4a1ccced374 Mon Sep 17 00:00:00 2001 From: DrFaust92 Date: Fri, 10 Apr 2020 18:50:01 +0300 Subject: [PATCH 050/475] randomize resource names --- aws/resource_aws_volume_attachment_test.go | 90 ++++++++++++---------- 1 file changed, 49 insertions(+), 41 deletions(-) diff --git a/aws/resource_aws_volume_attachment_test.go b/aws/resource_aws_volume_attachment_test.go index f03c3237474..1c56a7157a8 100644 --- a/aws/resource_aws_volume_attachment_test.go +++ b/aws/resource_aws_volume_attachment_test.go @@ -8,6 +8,7 @@ import ( "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/service/ec2" + "github.com/hashicorp/terraform-plugin-sdk/helper/acctest" "github.com/hashicorp/terraform-plugin-sdk/helper/resource" "github.com/hashicorp/terraform-plugin-sdk/terraform" ) @@ -16,6 +17,7 @@ func TestAccAWSVolumeAttachment_basic(t *testing.T) { var i ec2.Instance var v ec2.Volume resourceName := "aws_volume_attachment.test" + rName := acctest.RandomWithPrefix("tf-acc-test") resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, @@ -23,7 +25,7 @@ func TestAccAWSVolumeAttachment_basic(t *testing.T) { CheckDestroy: testAccCheckVolumeAttachmentDestroy, Steps: []resource.TestStep{ { - Config: testAccVolumeAttachmentConfig, + Config: testAccVolumeAttachmentConfig(rName), Check: resource.ComposeTestCheckFunc( resource.TestCheckResourceAttr(resourceName, "device_name", "/dev/sdh"), testAccCheckInstanceExists("aws_instance.test", &i), @@ -45,6 +47,7 @@ func TestAccAWSVolumeAttachment_skipDestroy(t *testing.T) { var i ec2.Instance var v ec2.Volume resourceName := "aws_volume_attachment.test" + rName := acctest.RandomWithPrefix("tf-acc-test") resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, @@ -52,7 +55,7 @@ func TestAccAWSVolumeAttachment_skipDestroy(t *testing.T) { CheckDestroy: testAccCheckVolumeAttachmentDestroy, Steps: []resource.TestStep{ { - Config: testAccVolumeAttachmentConfigSkipDestroy, + Config: testAccVolumeAttachmentConfigSkipDestroy(rName), Check: resource.ComposeTestCheckFunc( resource.TestCheckResourceAttr(resourceName, "device_name", "/dev/sdh"), testAccCheckInstanceExists("aws_instance.test", &i), @@ -77,6 +80,7 @@ func TestAccAWSVolumeAttachment_attachStopped(t *testing.T) { var i ec2.Instance var v ec2.Volume resourceName := "aws_volume_attachment.test" + rName := acctest.RandomWithPrefix("tf-acc-test") stopInstance := func() { conn := testAccProvider.Meta().(*AWSClient).ec2conn @@ -109,14 +113,14 @@ func TestAccAWSVolumeAttachment_attachStopped(t *testing.T) { CheckDestroy: testAccCheckVolumeAttachmentDestroy, Steps: []resource.TestStep{ { - Config: testAccVolumeAttachmentConfigInstanceOnly, + Config: testAccVolumeAttachmentConfigBase(rName), Check: resource.ComposeTestCheckFunc( testAccCheckInstanceExists("aws_instance.test", &i), ), }, { PreConfig: stopInstance, - Config: testAccVolumeAttachmentConfig, + Config: testAccVolumeAttachmentConfig(rName), Check: resource.ComposeTestCheckFunc( resource.TestCheckResourceAttr(resourceName, "device_name", "/dev/sdh"), testAccCheckInstanceExists("aws_instance.test", &i), @@ -136,6 +140,7 @@ func TestAccAWSVolumeAttachment_attachStopped(t *testing.T) { func TestAccAWSVolumeAttachment_update(t *testing.T) { resourceName := "aws_volume_attachment.test" + rName := acctest.RandomWithPrefix("tf-acc-test") resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, @@ -143,7 +148,7 @@ func TestAccAWSVolumeAttachment_update(t *testing.T) { CheckDestroy: testAccCheckVolumeAttachmentDestroy, Steps: []resource.TestStep{ { - Config: testAccVolumeAttachmentConfig_update(false), + Config: testAccVolumeAttachmentUpdateConfig(rName, false), Check: resource.ComposeTestCheckFunc( resource.TestCheckResourceAttr(resourceName, "force_detach", "false"), resource.TestCheckResourceAttr(resourceName, "skip_destroy", "false"), @@ -160,7 +165,7 @@ func TestAccAWSVolumeAttachment_update(t *testing.T) { }, }, { - Config: testAccVolumeAttachmentConfig_update(true), + Config: testAccVolumeAttachmentUpdateConfig(rName, true), Check: resource.ComposeTestCheckFunc( resource.TestCheckResourceAttr(resourceName, "force_detach", "true"), resource.TestCheckResourceAttr(resourceName, "skip_destroy", "true"), @@ -184,6 +189,7 @@ func TestAccAWSVolumeAttachment_disappears(t *testing.T) { var i ec2.Instance var v ec2.Volume resourceName := "aws_volume_attachment.test" + rName := acctest.RandomWithPrefix("tf-acc-test") resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, @@ -191,7 +197,7 @@ func TestAccAWSVolumeAttachment_disappears(t *testing.T) { CheckDestroy: testAccCheckVolumeAttachmentDestroy, Steps: []resource.TestStep{ { - Config: testAccVolumeAttachmentConfig, + Config: testAccVolumeAttachmentConfig(rName), Check: resource.ComposeTestCheckFunc( testAccCheckInstanceExists("aws_instance.test", &i), testAccCheckVolumeExists("aws_ebs_volume.test", &v), @@ -312,7 +318,8 @@ func testAccCheckVolumeAttachmentDestroy(s *terraform.State) error { return nil } -const testAccVolumeAttachmentConfigInstanceOnly = ` +func testAccVolumeAttachmentInstanceOnlyConfigBase(rName string) string { + return fmt.Sprintf(` data "aws_availability_zones" "available" { state = "available" @@ -328,49 +335,58 @@ resource "aws_instance" "test" { instance_type = "t1.micro" tags = { - Name = "tf-acc-test-volume-attachment" + Name = %[1]q + } +} +`, rName) +} + +func testAccVolumeAttachmentConfigBase(rName string) string { + return testAccVolumeAttachmentInstanceOnlyConfigBase(rName) + fmt.Sprintf(` +data "aws_availability_zones" "available" { + state = "available" + + filter { + name = "opt-in-status" + values = ["opt-in-not-required"] } } -` -const testAccVolumeAttachmentConfig = testAccVolumeAttachmentConfigInstanceOnly + ` -resource "aws_ebs_volume" "test" { +resource "aws_instance" "test" { + ami = "ami-21f78e11" availability_zone = "${data.aws_availability_zones.available.names[0]}" - size = 1 + instance_type = "t1.micro" tags = { - Name = "tf-acc-test-volume-attachment" + Name = %[1]q } } +`, rName) +} +func testAccVolumeAttachmentConfig(rName string) string { + return testAccVolumeAttachmentConfigBase(rName) + fmt.Sprintf(` resource "aws_volume_attachment" "test" { device_name = "/dev/sdh" volume_id = "${aws_ebs_volume.test.id}" instance_id = "${aws_instance.test.id}" } -` - -const testAccVolumeAttachmentConfigSkipDestroy = testAccVolumeAttachmentConfigInstanceOnly + ` -resource "aws_ebs_volume" "test" { - availability_zone = "${data.aws_availability_zones.available.names[0]}" - size = 1 - - tags = { - Name = "tf-acc-test-volume-attachment" - } +`) } +func testAccVolumeAttachmentConfigSkipDestroy(rName string) string { + return testAccVolumeAttachmentConfigBase(rName) + fmt.Sprintf(` data "aws_ebs_volume" "test" { filter { - name = "size" + name = "size" values = ["${aws_ebs_volume.test.size}"] } filter { - name = "availability-zone" + name = "availability-zone" values = ["${aws_ebs_volume.test.availability_zone}"] } filter { - name = "tag:Name" + name = "tag:Name" values = ["tf-acc-test-volume-attachment"] } } @@ -381,27 +397,19 @@ resource "aws_volume_attachment" "test" { instance_id = "${aws_instance.test.id}" skip_destroy = true } -` - -func testAccVolumeAttachmentConfig_update(detach bool) string { - return testAccVolumeAttachmentConfigInstanceOnly + fmt.Sprintf(` -resource "aws_ebs_volume" "test" { - availability_zone = "${data.aws_availability_zones.available.names[0]}" - size = 1 - - tags = { - Name = "tf-acc-test-volume-attachment" - } +`) } +func testAccVolumeAttachmentUpdateConfig(rName string, detach bool) string { + return testAccVolumeAttachmentConfigBase(rName) + fmt.Sprintf(` resource "aws_volume_attachment" "test" { device_name = "/dev/sdh" volume_id = "${aws_ebs_volume.test.id}" instance_id = "${aws_instance.test.id}" - force_detach = %t - skip_destroy = %t + force_detach = %[1]t + skip_destroy = %[1]t } -`, detach, detach) +`, detach) } func testAccAWSVolumeAttachmentImportStateIDFunc(resourceName string) resource.ImportStateIdFunc { From d141274040ebaa1a40ea500b739c95c01552459e Mon Sep 17 00:00:00 2001 From: DrFaust92 Date: Fri, 10 Apr 2020 18:55:41 +0300 Subject: [PATCH 051/475] randomize resource names - fix oops --- aws/resource_aws_volume_attachment_test.go | 14 ++------------ 1 file changed, 2 insertions(+), 12 deletions(-) diff --git a/aws/resource_aws_volume_attachment_test.go b/aws/resource_aws_volume_attachment_test.go index 1c56a7157a8..9f1a0b6dffd 100644 --- a/aws/resource_aws_volume_attachment_test.go +++ b/aws/resource_aws_volume_attachment_test.go @@ -343,19 +343,9 @@ resource "aws_instance" "test" { func testAccVolumeAttachmentConfigBase(rName string) string { return testAccVolumeAttachmentInstanceOnlyConfigBase(rName) + fmt.Sprintf(` -data "aws_availability_zones" "available" { - state = "available" - - filter { - name = "opt-in-status" - values = ["opt-in-not-required"] - } -} - -resource "aws_instance" "test" { - ami = "ami-21f78e11" +resource "aws_ebs_volume" "test" { availability_zone = "${data.aws_availability_zones.available.names[0]}" - instance_type = "t1.micro" + size = 1 tags = { Name = %[1]q From dd406bc93983852f25676fcf4bd177438870c3e7 Mon Sep 17 00:00:00 2001 From: DrFaust92 Date: Fri, 10 Apr 2020 19:02:11 +0300 Subject: [PATCH 052/475] fix skip test data source filter --- aws/resource_aws_volume_attachment_test.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/aws/resource_aws_volume_attachment_test.go b/aws/resource_aws_volume_attachment_test.go index 9f1a0b6dffd..d63b0c50152 100644 --- a/aws/resource_aws_volume_attachment_test.go +++ b/aws/resource_aws_volume_attachment_test.go @@ -377,7 +377,7 @@ data "aws_ebs_volume" "test" { } filter { name = "tag:Name" - values = ["tf-acc-test-volume-attachment"] + values = ["%[1]s"] } } @@ -387,7 +387,7 @@ resource "aws_volume_attachment" "test" { instance_id = "${aws_instance.test.id}" skip_destroy = true } -`) +`, rName) } func testAccVolumeAttachmentUpdateConfig(rName string, detach bool) string { From bbf81793c46b6e73a5b8d719c4405b8658e3f672 Mon Sep 17 00:00:00 2001 From: DrFaust92 Date: Fri, 10 Apr 2020 19:09:54 +0300 Subject: [PATCH 053/475] add missing hashibot labeler --- .hashibot.hcl | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/.hashibot.hcl b/.hashibot.hcl index f8334a4bb71..f78aa3f79d0 100644 --- a/.hashibot.hcl +++ b/.hashibot.hcl @@ -232,6 +232,7 @@ behavior "regexp_issue_labeler_v2" "service_labels" { "aws_spot", "aws_route(\"|`|$)", "aws_vpn_", + "aws_volume_attachment", ], "service/ecr" = [ "aws_ecr_", @@ -805,6 +806,7 @@ behavior "pull_request_path_labeler" "service_labels" { "aws/*_aws_subnet*", "aws/*_aws_vpc*", "aws/*_aws_vpn*", + "aws/*_aws_volume_attachment*", "website/**/availability_zone*", "website/**/customer_gateway*", "website/**/default_network_acl*", @@ -833,7 +835,8 @@ behavior "pull_request_path_labeler" "service_labels" { "website/**/spot_*", "website/**/subnet*", "website/**/vpc*", - "website/**/vpn*" + "website/**/vpn*", + "website/**/volume_attachment*" ] "service/ecr" = [ "**/*_ecr_*", From f4d6fae855ad98a853bc3e584f27f4f43da48696 Mon Sep 17 00:00:00 2001 From: DrFaust92 Date: Sat, 25 Apr 2020 22:33:04 +0300 Subject: [PATCH 054/475] use resource name variable --- aws/resource_aws_volume_attachment_test.go | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/aws/resource_aws_volume_attachment_test.go b/aws/resource_aws_volume_attachment_test.go index d63b0c50152..8f9fca65892 100644 --- a/aws/resource_aws_volume_attachment_test.go +++ b/aws/resource_aws_volume_attachment_test.go @@ -34,9 +34,9 @@ func TestAccAWSVolumeAttachment_basic(t *testing.T) { ), }, { - ResourceName: "aws_volume_attachment.ebs_att", + ResourceName: resourceName, ImportState: true, - ImportStateIdFunc: testAccAWSVolumeAttachmentImportStateIDFunc("aws_volume_attachment.ebs_att"), + ImportStateIdFunc: testAccAWSVolumeAttachmentImportStateIDFunc(resourceName), ImportStateVerify: true, }, }, @@ -64,9 +64,9 @@ func TestAccAWSVolumeAttachment_skipDestroy(t *testing.T) { ), }, { - ResourceName: "aws_volume_attachment.ebs_att", + ResourceName: resourceName, ImportState: true, - ImportStateIdFunc: testAccAWSVolumeAttachmentImportStateIDFunc("aws_volume_attachment.ebs_att"), + ImportStateIdFunc: testAccAWSVolumeAttachmentImportStateIDFunc(resourceName), ImportStateVerify: true, ImportStateVerifyIgnore: []string{ "skip_destroy", // attribute only used on resource deletion @@ -129,9 +129,9 @@ func TestAccAWSVolumeAttachment_attachStopped(t *testing.T) { ), }, { - ResourceName: "aws_volume_attachment.ebs_att", + ResourceName: resourceName, ImportState: true, - ImportStateIdFunc: testAccAWSVolumeAttachmentImportStateIDFunc("aws_volume_attachment.ebs_att"), + ImportStateIdFunc: testAccAWSVolumeAttachmentImportStateIDFunc(resourceName), ImportStateVerify: true, }, }, @@ -155,9 +155,9 @@ func TestAccAWSVolumeAttachment_update(t *testing.T) { ), }, { - ResourceName: "aws_volume_attachment.ebs_att", + ResourceName: resourceName, ImportState: true, - ImportStateIdFunc: testAccAWSVolumeAttachmentImportStateIDFunc("aws_volume_attachment.ebs_att"), + ImportStateIdFunc: testAccAWSVolumeAttachmentImportStateIDFunc(resourceName), ImportStateVerify: true, ImportStateVerifyIgnore: []string{ "force_detach", // attribute only used on resource deletion @@ -172,9 +172,9 @@ func TestAccAWSVolumeAttachment_update(t *testing.T) { ), }, { - ResourceName: "aws_volume_attachment.ebs_att", + ResourceName: resourceName, ImportState: true, - ImportStateIdFunc: testAccAWSVolumeAttachmentImportStateIDFunc("aws_volume_attachment.ebs_att"), + ImportStateIdFunc: testAccAWSVolumeAttachmentImportStateIDFunc(resourceName), ImportStateVerify: true, ImportStateVerifyIgnore: []string{ "force_detach", // attribute only used on resource deletion From 0e416b9b5b5ac09f3c3099e129fae61c63dbc36d Mon Sep 17 00:00:00 2001 From: DrFaust92 Date: Sat, 25 Apr 2020 22:39:10 +0300 Subject: [PATCH 055/475] remove hardcoded ami id and instance type --- aws/resource_aws_volume_attachment_test.go | 40 +++++++++++++++++++--- 1 file changed, 35 insertions(+), 5 deletions(-) diff --git a/aws/resource_aws_volume_attachment_test.go b/aws/resource_aws_volume_attachment_test.go index 8f9fca65892..9aa75b4f373 100644 --- a/aws/resource_aws_volume_attachment_test.go +++ b/aws/resource_aws_volume_attachment_test.go @@ -222,10 +222,10 @@ func testAccCheckVolumeAttachmentExists(n string, i *ec2.Instance, v *ec2.Volume } for _, b := range i.BlockDeviceMappings { - if rs.Primary.Attributes["device_name"] == *b.DeviceName { + if rs.Primary.Attributes["device_name"] == aws.StringValue(b.DeviceName) { if b.Ebs.VolumeId != nil && - rs.Primary.Attributes["volume_id"] == *b.Ebs.VolumeId && - rs.Primary.Attributes["volume_id"] == *v.VolumeId { + rs.Primary.Attributes["volume_id"] == aws.StringValue(b.Ebs.VolumeId) && + rs.Primary.Attributes["volume_id"] == aws.StringValue(v.VolumeId) { // pass return nil } @@ -329,10 +329,40 @@ data "aws_availability_zones" "available" { } } +data "aws_ami" "amzn-ami-minimal-hvm-ebs" { + most_recent = true + owners = ["amazon"] + + filter { + name = "name" + values = ["amzn-ami-minimal-hvm-*"] + } + + filter { + name = "root-device-type" + values = ["ebs"] + } +} + +data "aws_ec2_instance_type_offering" "available" { + filter { + name = "instance-type" + values = ["t3.micro", "t2.micro"] + } + + filter { + name = "location" + values = [aws_subnet.test.availability_zone] + } + + location_type = "availability-zone" + preferred_instance_types = ["t3.micro", "t2.micro"] +} + resource "aws_instance" "test" { - ami = "ami-21f78e11" + ami = "${data.aws_ami.amzn-ami-minimal-hvm-ebs.id}" availability_zone = "${data.aws_availability_zones.available.names[0]}" - instance_type = "t1.micro" + instance_type = "${data.aws_ec2_instance_type_offering.available.instance_type}" tags = { Name = %[1]q From bee91066022a65ef602ec06b38a7d199b3de11cf Mon Sep 17 00:00:00 2001 From: DrFaust92 Date: Sat, 25 Apr 2020 22:40:26 +0300 Subject: [PATCH 056/475] remove hardcoded ami id and instance type --- aws/resource_aws_volume_attachment_test.go | 5 ----- 1 file changed, 5 deletions(-) diff --git a/aws/resource_aws_volume_attachment_test.go b/aws/resource_aws_volume_attachment_test.go index 9aa75b4f373..1c6ec3e18bb 100644 --- a/aws/resource_aws_volume_attachment_test.go +++ b/aws/resource_aws_volume_attachment_test.go @@ -350,11 +350,6 @@ data "aws_ec2_instance_type_offering" "available" { values = ["t3.micro", "t2.micro"] } - filter { - name = "location" - values = [aws_subnet.test.availability_zone] - } - location_type = "availability-zone" preferred_instance_types = ["t3.micro", "t2.micro"] } From f22b06e69ccbb3db2023fbba28e22264c44a534c Mon Sep 17 00:00:00 2001 From: DrFaust92 Date: Sun, 26 Apr 2020 09:52:48 +0300 Subject: [PATCH 057/475] reuse --- aws/resource_aws_volume_attachment_test.go | 17 +---------------- 1 file changed, 1 insertion(+), 16 deletions(-) diff --git a/aws/resource_aws_volume_attachment_test.go b/aws/resource_aws_volume_attachment_test.go index 1c6ec3e18bb..9153de6a2be 100644 --- a/aws/resource_aws_volume_attachment_test.go +++ b/aws/resource_aws_volume_attachment_test.go @@ -319,7 +319,7 @@ func testAccCheckVolumeAttachmentDestroy(s *terraform.State) error { } func testAccVolumeAttachmentInstanceOnlyConfigBase(rName string) string { - return fmt.Sprintf(` + return testAccLatestAmazonLinuxHvmEbsAmiConfig() + fmt.Sprintf(` data "aws_availability_zones" "available" { state = "available" @@ -329,21 +329,6 @@ data "aws_availability_zones" "available" { } } -data "aws_ami" "amzn-ami-minimal-hvm-ebs" { - most_recent = true - owners = ["amazon"] - - filter { - name = "name" - values = ["amzn-ami-minimal-hvm-*"] - } - - filter { - name = "root-device-type" - values = ["ebs"] - } -} - data "aws_ec2_instance_type_offering" "available" { filter { name = "instance-type" From a37093b183436b2e0c7c85495a1799e210837e13 Mon Sep 17 00:00:00 2001 From: DrFaust92 Date: Thu, 7 May 2020 21:29:26 +0300 Subject: [PATCH 058/475] refactor disappears func --- aws/resource_aws_volume_attachment_test.go | 52 +--------------------- 1 file changed, 1 insertion(+), 51 deletions(-) diff --git a/aws/resource_aws_volume_attachment_test.go b/aws/resource_aws_volume_attachment_test.go index 9153de6a2be..a00fe8db942 100644 --- a/aws/resource_aws_volume_attachment_test.go +++ b/aws/resource_aws_volume_attachment_test.go @@ -2,7 +2,6 @@ package aws import ( "fmt" - "log" "testing" "time" @@ -202,7 +201,7 @@ func TestAccAWSVolumeAttachment_disappears(t *testing.T) { testAccCheckInstanceExists("aws_instance.test", &i), testAccCheckVolumeExists("aws_ebs_volume.test", &v), testAccCheckVolumeAttachmentExists(resourceName, &i, &v), - testAccCheckVolumeAttachmentDisappears(resourceName, &i, &v), + testAccCheckResourceDisappears(testAccProvider, resourceAwsVolumeAttachment(), resourceName), ), ExpectNonEmptyPlan: true, }, @@ -236,55 +235,6 @@ func testAccCheckVolumeAttachmentExists(n string, i *ec2.Instance, v *ec2.Volume } } -func testAccCheckVolumeAttachmentDisappears(n string, i *ec2.Instance, v *ec2.Volume) resource.TestCheckFunc { - return func(s *terraform.State) error { - rs, ok := s.RootModule().Resources[n] - if !ok { - return fmt.Errorf("Not found: %s", n) - } - - if rs.Primary.ID == "" { - return fmt.Errorf("No ID is set") - } - - conn := testAccProvider.Meta().(*AWSClient).ec2conn - - opts := &ec2.DetachVolumeInput{ - Device: aws.String(rs.Primary.Attributes["device_name"]), - InstanceId: i.InstanceId, - VolumeId: v.VolumeId, - Force: aws.Bool(true), - } - - _, err := conn.DetachVolume(opts) - if err != nil { - return err - } - - vId := aws.StringValue(v.VolumeId) - iId := aws.StringValue(i.InstanceId) - - stateConf := &resource.StateChangeConf{ - Pending: []string{ec2.VolumeAttachmentStateDetaching}, - Target: []string{ec2.VolumeAttachmentStateDetached}, - Refresh: volumeAttachmentStateRefreshFunc(conn, rs.Primary.Attributes["device_name"], vId, iId), - Timeout: 5 * time.Minute, - Delay: 10 * time.Second, - MinTimeout: 3 * time.Second, - } - - log.Printf("[DEBUG] Detaching Volume (%s) from Instance (%s)", vId, iId) - _, err = stateConf.WaitForState() - if err != nil { - return fmt.Errorf( - "Error waiting for Volume (%s) to detach from Instance (%s): %s", - vId, iId, err) - } - - return err - } -} - func testAccCheckVolumeAttachmentDestroy(s *terraform.State) error { conn := testAccProvider.Meta().(*AWSClient).ec2conn From e5e5adbd26c143d5a83f775659d5aa9f4c984c8b Mon Sep 17 00:00:00 2001 From: DrFaust92 Date: Sat, 25 Apr 2020 21:54:56 +0300 Subject: [PATCH 059/475] refactor iam saml provider to use arn package instead of custom logic + add tests --- aws/resource_aws_iam_saml_provider.go | 40 ++++++++--------- aws/resource_aws_iam_saml_provider_test.go | 51 ++++++++++++++++++++-- 2 files changed, 67 insertions(+), 24 deletions(-) diff --git a/aws/resource_aws_iam_saml_provider.go b/aws/resource_aws_iam_saml_provider.go index d114c881c00..41f8213ad42 100644 --- a/aws/resource_aws_iam_saml_provider.go +++ b/aws/resource_aws_iam_saml_provider.go @@ -3,13 +3,12 @@ package aws import ( "fmt" "log" - "regexp" + "strings" "time" "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/aws/awserr" + "github.com/aws/aws-sdk-go/aws/arn" "github.com/aws/aws-sdk-go/service/iam" - "github.com/hashicorp/terraform-plugin-sdk/helper/schema" ) @@ -47,14 +46,14 @@ func resourceAwsIamSamlProvider() *schema.Resource { } func resourceAwsIamSamlProviderCreate(d *schema.ResourceData, meta interface{}) error { - iamconn := meta.(*AWSClient).iamconn + conn := meta.(*AWSClient).iamconn input := &iam.CreateSAMLProviderInput{ Name: aws.String(d.Get("name").(string)), SAMLMetadataDocument: aws.String(d.Get("saml_metadata_document").(string)), } - out, err := iamconn.CreateSAMLProvider(input) + out, err := conn.CreateSAMLProvider(input) if err != nil { return err } @@ -65,14 +64,14 @@ func resourceAwsIamSamlProviderCreate(d *schema.ResourceData, meta interface{}) } func resourceAwsIamSamlProviderRead(d *schema.ResourceData, meta interface{}) error { - iamconn := meta.(*AWSClient).iamconn + conn := meta.(*AWSClient).iamconn input := &iam.GetSAMLProviderInput{ SAMLProviderArn: aws.String(d.Id()), } - out, err := iamconn.GetSAMLProvider(input) + out, err := conn.GetSAMLProvider(input) if err != nil { - if iamerr, ok := err.(awserr.Error); ok && iamerr.Code() == "NoSuchEntity" { + if isAWSErr(err, iam.ErrCodeNoSuchEntityException, "") { log.Printf("[WARN] IAM SAML Provider %q not found.", d.Id()) d.SetId("") return nil @@ -81,7 +80,7 @@ func resourceAwsIamSamlProviderRead(d *schema.ResourceData, meta interface{}) er } d.Set("arn", d.Id()) - name, err := extractNameFromIAMSamlProviderArn(d.Id(), meta.(*AWSClient).partition) + name, err := extractNameFromIAMSamlProviderArn(d.Id()) if err != nil { return err } @@ -93,13 +92,13 @@ func resourceAwsIamSamlProviderRead(d *schema.ResourceData, meta interface{}) er } func resourceAwsIamSamlProviderUpdate(d *schema.ResourceData, meta interface{}) error { - iamconn := meta.(*AWSClient).iamconn + conn := meta.(*AWSClient).iamconn input := &iam.UpdateSAMLProviderInput{ SAMLProviderArn: aws.String(d.Id()), SAMLMetadataDocument: aws.String(d.Get("saml_metadata_document").(string)), } - _, err := iamconn.UpdateSAMLProvider(input) + _, err := conn.UpdateSAMLProvider(input) if err != nil { return err } @@ -108,22 +107,23 @@ func resourceAwsIamSamlProviderUpdate(d *schema.ResourceData, meta interface{}) } func resourceAwsIamSamlProviderDelete(d *schema.ResourceData, meta interface{}) error { - iamconn := meta.(*AWSClient).iamconn + conn := meta.(*AWSClient).iamconn input := &iam.DeleteSAMLProviderInput{ SAMLProviderArn: aws.String(d.Id()), } - _, err := iamconn.DeleteSAMLProvider(input) + _, err := conn.DeleteSAMLProvider(input) return err } -func extractNameFromIAMSamlProviderArn(arn, partition string) (string, error) { - // arn:aws:iam::123456789012:saml-provider/tf-salesforce-test - r := regexp.MustCompile(fmt.Sprintf("^arn:%s:iam::[0-9]{12}:saml-provider/(.+)$", partition)) - submatches := r.FindStringSubmatch(arn) - if len(submatches) != 2 { - return "", fmt.Errorf("Unable to extract name from a given ARN: %q", arn) +func extractNameFromIAMSamlProviderArn(samlArn string) (string, error) { + parsedArn, err := arn.Parse(samlArn) + if err != nil { + return "", fmt.Errorf("Unable to extract name from a given ARN: %q", parsedArn) } - return submatches[1], nil + + name := strings.TrimPrefix(parsedArn.Resource, "saml-provider/") + + return name, nil } diff --git a/aws/resource_aws_iam_saml_provider_test.go b/aws/resource_aws_iam_saml_provider_test.go index 28b60b6f8ab..d5c6a24738d 100644 --- a/aws/resource_aws_iam_saml_provider_test.go +++ b/aws/resource_aws_iam_saml_provider_test.go @@ -2,6 +2,7 @@ package aws import ( "fmt" + "regexp" "testing" "github.com/aws/aws-sdk-go/aws" @@ -24,6 +25,7 @@ func TestAccAWSIAMSamlProvider_basic(t *testing.T) { Config: testAccIAMSamlProviderConfig(rName), Check: resource.ComposeTestCheckFunc( testAccCheckIAMSamlProviderExists(resourceName), + testAccMatchResourceAttrGlobalARN(resourceName, "arn", "iam", regexp.MustCompile(`saml-provider/.+`)), resource.TestCheckResourceAttr(resourceName, "name", rName), resource.TestCheckResourceAttrSet(resourceName, "saml_metadata_document"), ), @@ -45,8 +47,29 @@ func TestAccAWSIAMSamlProvider_basic(t *testing.T) { }) } +func TestAccAWSIAMSamlProvider_disappears(t *testing.T) { + rName := acctest.RandomWithPrefix("tf-acc-test") + resourceName := "aws_iam_saml_provider.test" + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckIAMSamlProviderDestroy, + Steps: []resource.TestStep{ + { + Config: testAccIAMSamlProviderConfig(rName), + Check: resource.ComposeTestCheckFunc( + testAccCheckIAMSamlProviderExists(resourceName), + testAccCheckIAMSamlProviderDisappears(resourceName), + ), + ExpectNonEmptyPlan: true, + }, + }, + }) +} + func testAccCheckIAMSamlProviderDestroy(s *terraform.State) error { - iamconn := testAccProvider.Meta().(*AWSClient).iamconn + conn := testAccProvider.Meta().(*AWSClient).iamconn for _, rs := range s.RootModule().Resources { if rs.Type != "aws_iam_saml_provider" { @@ -56,7 +79,7 @@ func testAccCheckIAMSamlProviderDestroy(s *terraform.State) error { input := &iam.GetSAMLProviderInput{ SAMLProviderArn: aws.String(rs.Primary.ID), } - out, err := iamconn.GetSAMLProvider(input) + out, err := conn.GetSAMLProvider(input) if isAWSErr(err, iam.ErrCodeNoSuchEntityException, "") { continue @@ -85,8 +108,28 @@ func testAccCheckIAMSamlProviderExists(id string) resource.TestCheckFunc { return fmt.Errorf("No ID is set") } - iamconn := testAccProvider.Meta().(*AWSClient).iamconn - _, err := iamconn.GetSAMLProvider(&iam.GetSAMLProviderInput{ + conn := testAccProvider.Meta().(*AWSClient).iamconn + _, err := conn.GetSAMLProvider(&iam.GetSAMLProviderInput{ + SAMLProviderArn: aws.String(rs.Primary.ID), + }) + + return err + } +} + +func testAccCheckIAMSamlProviderDisappears(id string) resource.TestCheckFunc { + return func(s *terraform.State) error { + rs, ok := s.RootModule().Resources[id] + if !ok { + return fmt.Errorf("Not Found: %s", id) + } + + if rs.Primary.ID == "" { + return fmt.Errorf("No ID is set") + } + + conn := testAccProvider.Meta().(*AWSClient).iamconn + _, err := conn.DeleteSAMLProvider(&iam.DeleteSAMLProviderInput{ SAMLProviderArn: aws.String(rs.Primary.ID), }) From 2198d5c017cff25fc54e9fd07b4dc45369360a27 Mon Sep 17 00:00:00 2001 From: DrFaust92 Date: Thu, 7 May 2020 22:08:39 +0300 Subject: [PATCH 060/475] use disappears test func --- aws/resource_aws_iam_saml_provider_test.go | 22 +--------------------- 1 file changed, 1 insertion(+), 21 deletions(-) diff --git a/aws/resource_aws_iam_saml_provider_test.go b/aws/resource_aws_iam_saml_provider_test.go index d5c6a24738d..fe6aadf2b64 100644 --- a/aws/resource_aws_iam_saml_provider_test.go +++ b/aws/resource_aws_iam_saml_provider_test.go @@ -60,7 +60,7 @@ func TestAccAWSIAMSamlProvider_disappears(t *testing.T) { Config: testAccIAMSamlProviderConfig(rName), Check: resource.ComposeTestCheckFunc( testAccCheckIAMSamlProviderExists(resourceName), - testAccCheckIAMSamlProviderDisappears(resourceName), + testAccCheckResourceDisappears(testAccProvider, resourceAwsIamSamlProvider(), resourceName), ), ExpectNonEmptyPlan: true, }, @@ -117,26 +117,6 @@ func testAccCheckIAMSamlProviderExists(id string) resource.TestCheckFunc { } } -func testAccCheckIAMSamlProviderDisappears(id string) resource.TestCheckFunc { - return func(s *terraform.State) error { - rs, ok := s.RootModule().Resources[id] - if !ok { - return fmt.Errorf("Not Found: %s", id) - } - - if rs.Primary.ID == "" { - return fmt.Errorf("No ID is set") - } - - conn := testAccProvider.Meta().(*AWSClient).iamconn - _, err := conn.DeleteSAMLProvider(&iam.DeleteSAMLProviderInput{ - SAMLProviderArn: aws.String(rs.Primary.ID), - }) - - return err - } -} - func testAccIAMSamlProviderConfig(rName string) string { return fmt.Sprintf(` resource "aws_iam_saml_provider" "test" { From 4d8b6d477bed5757d8d5ef5fee2b56fd323a8971 Mon Sep 17 00:00:00 2001 From: tf-release-bot Date: Fri, 8 May 2020 01:10:35 +0000 Subject: [PATCH 061/475] Cleanup after v2.61.0 release --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 6ec0361f141..689ded43ef6 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,4 @@ +## 2.62.0 (Unreleased) ## 2.61.0 (May 08, 2020) FEATURES: From fc36c9893c54393e68a50143bfd8b5608a1043bf Mon Sep 17 00:00:00 2001 From: Simon Davis Date: Mon, 4 May 2020 17:16:29 -0700 Subject: [PATCH 062/475] refactor docs and add FAQ (+36 squashed commits) Squashed commits: [5a63f2c16] docs rename to info [c5f59c350] added automation column [1eb8f8bb5] refactor table [69e916147] made team deets look a little prettier [d8a17e4c6] remove triage WIP for now [1bc508703] all the labels [16d6057f4] all the labels [17e00f086] more labels [61abf2892] css hascks [2baaba82e] labels [29ebff847] label dictionary [f836f5d02] heading fix [e4bcd5c3b] heading fix [3cc15d6fd] heading fix [76b566921] heading fix [90fac88ea] heading fix [ab54df13e] more acc test split [3cad5f885] rename dev title [1226dfb32] CAPS [b8f4431fa] heading fun [7812068a2] another round of splitting [2a062002d] move roadmap, some other layout [fb923e216] first attempt at splitting [83d09b69e] remove trailing forum id [cecb06227] copy over FAQ [d56e2dd0a] lowercase the d [544db33f7] remove md from link names [d02cecf32] using link [a2e521ddf] reorder links to be consistent [3db9d4484] development > developing [8be60b508] fix requirements link [d0fa12fcc] create docs folder [f958d0ace] remove community source section [85c962931] punctuation [bacfd0a36] fix terrform.io link [8c066dcdb] fix some links (+1 squashed commit) Squashed commits: [56a3e58ba] slimmed down readme --- .github/CONTRIBUTING.md | 1222 ----------------- README.md | 97 +- info/CONTRIBUTING.md | 18 + info/DEVELOPMENT.md | 53 + info/FAQ.md | 65 + {.github => info}/MAINTAINING.md | 108 +- info/contributing/contribution-checklists.md | 567 ++++++++ .../issue-reporting-and-lifecycle.md | 77 ++ .../pullrequest-submission-and-lifecycle.md | 128 ++ .../running-and-writing-acceptance-tests.md | 439 ++++++ 10 files changed, 1477 insertions(+), 1297 deletions(-) delete mode 100644 .github/CONTRIBUTING.md create mode 100644 info/CONTRIBUTING.md create mode 100644 info/DEVELOPMENT.md create mode 100644 info/FAQ.md rename {.github => info}/MAINTAINING.md (60%) create mode 100644 info/contributing/contribution-checklists.md create mode 100644 info/contributing/issue-reporting-and-lifecycle.md create mode 100644 info/contributing/pullrequest-submission-and-lifecycle.md create mode 100644 info/contributing/running-and-writing-acceptance-tests.md diff --git a/.github/CONTRIBUTING.md b/.github/CONTRIBUTING.md deleted file mode 100644 index e8548f92086..00000000000 --- a/.github/CONTRIBUTING.md +++ /dev/null @@ -1,1222 +0,0 @@ -# Contributing to Terraform - AWS Provider - -**First:** if you're unsure or afraid of _anything_, ask for help! You can -submit a work in progress (WIP) pull request, or file an issue with the parts -you know. We'll do our best to guide you in the right direction, and let you -know if there are guidelines we will need to follow. We want people to be able -to participate without fear of doing the wrong thing. - -Below are our expectations for contributors. Following these guidelines gives us -the best opportunity to work with you, by making sure we have the things we need -in order to make it happen. Doing your best to follow it will speed up our -ability to merge PRs and respond to issues. - - - -- [Issues](#issues) - - [Issue Reporting Checklists](#issue-reporting-checklists) - - [Bug Reports](#bug-reports) - - [Feature Requests](#feature-requests) - - [Questions](#questions) - - [Issue Lifecycle](#issue-lifecycle) -- [Pull Requests](#pull-requests) - - [Pull Request Lifecycle](#pull-request-lifecycle) - - [Checklists for Contribution](#checklists-for-contribution) - - [Documentation Update](#documentation-update) - - [Enhancement/Bugfix to a Resource](#enhancementbugfix-to-a-resource) - - [Adding Resource Import Support](#adding-resource-import-support) - - [Adding Resource Name Generation Support](#adding-resource-name-generation-support) - - [Adding Resource Tagging Support](#adding-resource-tagging-support) - - [New Resource](#new-resource) - - [New Service](#new-service) - - [New Region](#new-region) - - [Common Review Items](#common-review-items) - - [Go Coding Style](#go-coding-style) - - [Resource Contribution Guidelines](#resource-contribution-guidelines) - - [Acceptance Testing Guidelines](#acceptance-testing-guidelines) - - [Writing Acceptance Tests](#writing-acceptance-tests) - - [Acceptance Tests Often Cost Money to Run](#acceptance-tests-often-cost-money-to-run) - - [Running an Acceptance Test](#running-an-acceptance-test) - - [Writing an Acceptance Test](#writing-an-acceptance-test) - - [Writing and running Cross-Account Acceptance Tests](#writing-and-running-cross-account-acceptance-tests) - - [Writing and running Cross-Region Acceptance Tests](#writing-and-running-cross-region-acceptance-tests) - - - -## Issues - -### Issue Reporting Checklists - -We welcome issues of all kinds including feature requests, bug reports, and -general questions. Below you'll find checklists with guidelines for well-formed -issues of each type. - -#### [Bug Reports](https://github.com/terraform-providers/terraform-provider-aws/issues/new?template=Bug_Report.md) - - - [ ] __Test against latest release__: Make sure you test against the latest - released version. It is possible we already fixed the bug you're experiencing. - - - [ ] __Search for possible duplicate reports__: It's helpful to keep bug - reports consolidated to one thread, so do a quick search on existing bug - reports to check if anybody else has reported the same thing. You can [scope - searches by the label "bug"](https://github.com/terraform-providers/terraform-provider-aws/issues?q=is%3Aopen+is%3Aissue+label%3Abug) to help narrow things down. - - - [ ] __Include steps to reproduce__: Provide steps to reproduce the issue, - along with your `.tf` files, with secrets removed, so we can try to - reproduce it. Without this, it makes it much harder to fix the issue. - - - [ ] __For panics, include `crash.log`__: If you experienced a panic, please - create a [gist](https://gist.github.com) of the *entire* generated crash log - for us to look at. Double check no sensitive items were in the log. - -#### [Feature Requests](https://github.com/terraform-providers/terraform-provider-aws/issues/new?labels=enhancement&template=Feature_Request.md) - - - [ ] __Search for possible duplicate requests__: It's helpful to keep requests - consolidated to one thread, so do a quick search on existing requests to - check if anybody else has reported the same thing. You can [scope searches by - the label "enhancement"](https://github.com/terraform-providers/terraform-provider-aws/issues?q=is%3Aopen+is%3Aissue+label%3Aenhancement) to help narrow things down. - - - [ ] __Include a use case description__: In addition to describing the - behavior of the feature you'd like to see added, it's helpful to also lay - out the reason why the feature would be important and how it would benefit - Terraform users. - -#### [Questions](https://github.com/terraform-providers/terraform-provider-aws/issues/new?labels=question&template=Question.md) - - - [ ] __Search for answers in Terraform documentation__: We're happy to answer - questions in GitHub Issues, but it helps reduce issue churn and maintainer - workload if you work to [find answers to common questions in the - documentation](https://www.terraform.io/docs/providers/aws/index.html). Oftentimes Question issues result in documentation updates - to help future users, so if you don't find an answer, you can give us - pointers for where you'd expect to see it in the docs. - -### Issue Lifecycle - -1. The issue is reported. - -2. The issue is verified and categorized by a Terraform collaborator. - Categorization is done via GitHub labels. We generally use a two-label - system of (1) issue/PR type, and (2) section of the codebase. Type is - one of "bug", "enhancement", "documentation", or "question", and section - is usually the AWS service name. - -3. An initial triage process determines whether the issue is critical and must - be addressed immediately, or can be left open for community discussion. - -4. The issue is addressed in a pull request or commit. The issue number will be - referenced in the commit message so that the code that fixes it is clearly - linked. - -5. The issue is closed. Sometimes, valid issues will be closed because they are - tracked elsewhere or non-actionable. The issue is still indexed and - available for future viewers, or can be re-opened if necessary. - -## Pull Requests - -We appreciate direct contributions to the provider codebase. Here's what to -expect: - - * For pull requests that follow the guidelines, we will proceed to reviewing - and merging, following the provider team's review schedule. There may be some - internal or community discussion needed before we can complete this. - * Pull requests that don't follow the guidelines will be commented with what - they're missing. The person who submits the pull request or another community - member will need to address those requests before they move forward. - -### Pull Request Lifecycle - -1. [Fork the GitHub repository](https://help.github.com/en/articles/fork-a-repo), - modify the code, and [create a pull request](https://help.github.com/en/articles/creating-a-pull-request-from-a-fork). - You are welcome to submit your pull request for commentary or review before - it is fully completed by creating a [draft pull request](https://help.github.com/en/articles/about-pull-requests#draft-pull-requests) - or adding `[WIP]` to the beginning of the pull request title. - Please include specific questions or items you'd like feedback on. - -1. Once you believe your pull request is ready to be reviewed, ensure the - pull request is not a draft pull request by [marking it ready for review](https://help.github.com/en/articles/changing-the-stage-of-a-pull-request) - or removing `[WIP]` from the pull request title if necessary, and a - maintainer will review it. Follow [the checklists below](#checklists-for-contribution) - to help ensure that your contribution can be easily reviewed and potentially - merged. - -1. One of Terraform's provider team members will look over your contribution and - either approve it or provide comments letting you know if there is anything - left to do. We do our best to keep up with the volume of PRs waiting for - review, but it may take some time depending on the complexity of the work. - -1. Once all outstanding comments and checklist items have been addressed, your - contribution will be merged! Merged PRs will be included in the next - Terraform release. The provider team takes care of updating the CHANGELOG as - they merge. - -1. In some cases, we might decide that a PR should be closed without merging. - We'll make sure to provide clear reasoning when this happens. - -### Checklists for Contribution - -There are several different kinds of contribution, each of which has its own -standards for a speedy review. The following sections describe guidelines for -each type of contribution. - -#### Documentation Update - -The [Terraform AWS Provider's website source][website] is in this repository -along with the code and tests. Below are some common items that will get -flagged during documentation reviews: - -- [ ] __Reasoning for Change__: Documentation updates should include an explanation for why the update is needed. -- [ ] __Prefer AWS Documentation__: Documentation about AWS service features and valid argument values that are likely to update over time should link to AWS service user guides and API references where possible. -- [ ] __Large Example Configurations__: Example Terraform configuration that includes multiple resource definitions should be added to the repository `examples` directory instead of an individual resource documentation page. Each directory under `examples` should be self-contained to call `terraform apply` without special configuration. -- [ ] __Terraform Configuration Language Features__: Individual resource documentation pages and examples should refrain from highlighting particular Terraform configuration language syntax workarounds or features such as `variable`, `local`, `count`, and built-in functions. - -#### Enhancement/Bugfix to a Resource - -Working on existing resources is a great way to get started as a Terraform -contributor because you can work within existing code and tests to get a feel -for what to do. - -In addition to the below checklist, please see the [Common Review -Items](#common-review-items) sections for more specific coding and testing -guidelines. - - - [ ] __Acceptance test coverage of new behavior__: Existing resources each - have a set of [acceptance tests][acctests] covering their functionality. - These tests should exercise all the behavior of the resource. Whether you are - adding something or fixing a bug, the idea is to have an acceptance test that - fails if your code were to be removed. Sometimes it is sufficient to - "enhance" an existing test by adding an assertion or tweaking the config - that is used, but it's often better to add a new test. You can copy/paste an - existing test and follow the conventions you see there, modifying the test - to exercise the behavior of your code. - - [ ] __Documentation updates__: If your code makes any changes that need to - be documented, you should include those doc updates in the same PR. This - includes things like new resource attributes or changes in default values. - The [Terraform website][website] source is in this repo and includes - instructions for getting a local copy of the site up and running if you'd - like to preview your changes. - - [ ] __Well-formed Code__: Do your best to follow existing conventions you - see in the codebase, and ensure your code is formatted with `go fmt`. (The - Travis CI build will fail if `go fmt` has not been run on incoming code.) - The PR reviewers can help out on this front, and may provide comments with - suggestions on how to improve the code. - - [ ] __Vendor additions__: Create a separate PR if you are updating the vendor - folder. This is to avoid conflicts as the vendor versions tend to be fast- - moving targets. We will plan to merge the PR with this change first. - -#### Adding Resource Import Support - -Adding import support for Terraform resources will allow existing infrastructure to be managed within Terraform. This type of enhancement generally requires a small to moderate amount of code changes. - -Comprehensive code examples and information about resource import support can be found in the [Extending Terraform documentation](https://www.terraform.io/docs/extend/resources/import.html). - -In addition to the below checklist and the items noted in the Extending Terraform documentation, please see the [Common Review Items](#common-review-items) sections for more specific coding and testing guidelines. - -- [ ] _Resource Code Implementation_: In the resource code (e.g. `aws/resource_aws_service_thing.go`), implementation of `Importer` `State` function -- [ ] _Resource Acceptance Testing Implementation_: In the resource acceptance testing (e.g. `aws/resource_aws_service_thing_test.go`), implementation of `TestStep`s with `ImportState: true` -- [ ] _Resource Documentation Implementation_: In the resource documentation (e.g. `website/docs/r/service_thing.html.markdown`), addition of `Import` documentation section at the bottom of the page - -#### Adding Resource Name Generation Support - -Terraform AWS Provider resources can use shared logic to support and test name generation, where the operator can choose between an expected naming value, a generated naming value with a prefix, or a fully generated name. - -Implementing name generation support for Terraform AWS Provider resources requires the following, each with its own section below: - -- [ ] _Resource Name Generation Code Implementation_: In the resource code (e.g. `aws/resource_aws_service_thing.go`), implementation of `name_prefix` attribute, along with handling in `Create` function. -- [ ] _Resource Name Generation Testing Implementation_: In the resource acceptance testing (e.g. `aws/resource_aws_service_thing_test.go`), implementation of new acceptance test functions and configurations to exercise new naming logic. -- [ ] _Resource Name Generation Documentation Implementation_: In the resource documentation (e.g. `website/docs/r/service_thing.html.markdown`), addition of `name_prefix` argument and update of `name` argument description. - -##### Resource Name Generation Code Implementation - -- In the resource Go file (e.g. `aws/resource_aws_service_thing.go`), add the following Go import: `"github.com/terraform-providers/terraform-provider-aws/aws/internal/naming"` -- In the resource schema, add the new `name_prefix` attribute and adjust the `name` attribute to be `Optional`, `Computed`, and `ConflictsWith` the `name_prefix` attribute. Ensure to keep any existing schema fields on `name` such as `ValidateFunc`. e.g. - -```go -"name": { - Type: schema.TypeString, - Optional: true, - Computed: true, - ForceNew: true, - ConflictsWith: []string{"name_prefix"}, -}, -"name_prefix": { - Type: schema.TypeString, - Optional: true, - ForceNew: true, - ConflictsWith: []string{"name"}, -}, -``` - -- In the resource `Create` function, switch any calls from `d.Get("name").(string)` to instead use the `naming.Generate()` function, e.g. - -```go -name := naming.Generate(d.Get("name").(string), d.Get("name_prefix").(string)) - -// ... in AWS Go SDK Input types, etc. use aws.String(name) -``` - -##### Resource Name Generation Testing Implementation - -- In the resource testing (e.g. `aws/resource_aws_service_thing_test.go`), add the following Go import: `"github.com/terraform-providers/terraform-provider-aws/aws/internal/naming"` -- In the resource testing, implement two new tests named `_Name_Generated` and `_NamePrefix` with associated configurations, that verifies creating the resource without `name` and `name_prefix` arguments (for the former) and with only the `name_prefix` argument (for the latter). e.g. - -```go -func TestAccAWSServiceThing_Name_Generated(t *testing.T) { - var thing service.ServiceThing - resourceName := "aws_service_thing.test" - - resource.ParallelTest(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t) }, - Providers: testAccProviders, - CheckDestroy: testAccCheckAWSServiceThingDestroy, - Steps: []resource.TestStep{ - { - Config: testAccAWSServiceThingConfigNameGenerated(), - Check: resource.ComposeTestCheckFunc( - testAccCheckAWSServiceThingExists(resourceName, &thing), - naming.TestCheckResourceAttrNameGenerated(resourceName, "name"), - ), - }, - // If the resource supports import: - { - ResourceName: resourceName, - ImportState: true, - ImportStateVerify: true, - }, - }, - }) -} - -func TestAccAWSServiceThing_NamePrefix(t *testing.T) { - var thing service.ServiceThing - resourceName := "aws_service_thing.test" - - resource.ParallelTest(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t) }, - Providers: testAccProviders, - CheckDestroy: testAccCheckAWSServiceThingDestroy, - Steps: []resource.TestStep{ - { - Config: testAccAWSServiceThingConfigNamePrefix("tf-acc-test-prefix-"), - Check: resource.ComposeTestCheckFunc( - testAccCheckAWSServiceThingExists(resourceName, &thing), - naming.TestCheckResourceAttrNameFromPrefix(resourceName, "name", "tf-acc-test-prefix-"), - ), - }, - // If the resource supports import: - { - ResourceName: resourceName, - ImportState: true, - ImportStateVerify: true, - }, - }, - }) -} - -func testAccAWSServiceThingConfigNameGenerated() string { - return fmt.Sprintf(` -resource "aws_service_thing" "test" { - # ... other configuration ... -} -`) -} - -func testAccAWSServiceThingConfigNamePrefix(namePrefix string) string { - return fmt.Sprintf(` -resource "aws_service_thing" "test" { - # ... other configuration ... - - name_prefix = %[1]q -} -`, namePrefix) -} -``` - -##### Resource Code Generation Documentation Implementation - -- In the resource documentation (e.g. `website/docs/r/service_thing.html.markdown`), add the following to the arguments reference: - -```markdown -* `name_prefix` - (Optional) Creates a unique name beginning with the specified prefix. Conflicts with `name`. -``` - -- Adjust the existing `name` argument reference to ensure its denoted as `Optional`, includes a mention that it can be generated, and that it conflicts with `name_prefix`: - -```markdown -* `name` - (Optional) Name of the thing. If omitted, Terraform will assign a random, unique name. Conflicts with `name_prefix`. -``` - -#### Adding Resource Tagging Support - -AWS provides key-value metadata across many services and resources, which can be used for a variety of use cases including billing, ownership, and more. See the [AWS Tagging Strategy page](https://aws.amazon.com/answers/account-management/aws-tagging-strategies/) for more information about tagging at a high level. - -Implementing tagging support for Terraform AWS Provider resources requires the following, each with its own section below: - -- [ ] _Generated Service Tagging Code_: In the internal code generators (e.g. `aws/internal/keyvaluetags`), implementation and customization of how a service handles tagging, which is standardized for the resources. -- [ ] _Resource Tagging Code Implementation_: In the resource code (e.g. `aws/resource_aws_service_thing.go`), implementation of `tags` schema attribute, along with handling in `Create`, `Read`, and `Update` functions. -- [ ] _Resource Tagging Acceptance Testing Implementation_: In the resource acceptance testing (e.g. `aws/resource_aws_service_thing_test.go`), implementation of new acceptance test function and configurations to exercise new tagging logic. -- [ ] _Resource Tagging Documentation Implementation_: In the resource documentation (e.g. `website/docs/r/service_thing.html.markdown`), addition of `tags` argument - -See also a [full example pull request for implementing EKS tagging](https://github.com/terraform-providers/terraform-provider-aws/pull/10307). - -##### Adding Service to Tag Generating Code - -This step is only necessary for the first implementation and may have been previously completed. If so, move on to the next section. - -More details about this code generation, including fixes for potential error messages in this process, can be found in the [keyvaluetags documentation](../aws/internal/keyvaluetags/README.md). - -- Open the AWS Go SDK documentation for the service, e.g. for [`service/eks`](https://docs.aws.amazon.com/sdk-for-go/api/service/eks/). Note: there can be a delay between the AWS announcement and the updated AWS Go SDK documentation. -- Determine the "type" of tagging implementation. Some services will use a simple map style (`map[string]*string` in Go) while others will have a separate structure shape (`[]service.Tag` struct with `Key` and `Value` fields). - - - If the type is a map, add the AWS Go SDK service name (e.g. `eks`) to `mapServiceNames` in `aws/internal/keyvaluetags/generators/servicetags/main.go` - - Otherwise, if the type is a struct, add the AWS Go SDK service name (e.g. `eks`) to `sliceServiceNames` in `aws/internal/keyvaluetags/generators/servicetags/main.go`. If the struct name is not exactly `Tag`, it can be customized via the `ServiceTagType` function. If the struct key field is not exactly `Key`, it can be customized via the `ServiceTagTypeKeyField` function. If the struct value field is not exactly `Value`, it can be customized via the `ServiceTagTypeValueField` function. - -- Determine if the service API includes functionality for listing tags (usually a `ListTags` or `ListTagsForResource` API call) or updating tags (usually `TagResource` and `UntagResource` API calls). If so, add the AWS Go SDK service client information to `ServiceClientType` (along with the new required import) in `aws/internal/keyvaluetags/service_generation_customizations.go`, e.g. for EKS: - - ```go - case "eks": - funcType = reflect.TypeOf(eks.New) - ``` - - - If the service API includes functionality for listing tags, add the AWS Go SDK service name (e.g. `eks`) to `serviceNames` in `aws/internal/keyvaluetags/generators/listtags/main.go`. - - If the service API includes functionality for updating tags, add the AWS Go SDK service name (e.g. `eks`) to `serviceNames` in `aws/internal/keyvaluetags/generators/updatetags/main.go`. - -- Run `make gen` (`go generate ./...`) and ensure there are no errors via `make test` (`go test ./...`) - -##### Resource Tagging Code Implementation - -- In the resource Go file (e.g. `aws/resource_aws_eks_cluster.go`), add the following Go import: `"github.com/terraform-providers/terraform-provider-aws/aws/internal/keyvaluetags"` -- In the resource schema, add `"tags": tagsSchema(),` -- If the API supports tagging on creation (the `Input` struct accepts a `Tags` field), in the resource `Create` function, implement the logic to convert the configuration tags into the service tags, e.g. with EKS Clusters: - - ```go - input := &eks.CreateClusterInput{ - /* ... other configuration ... */ - Tags: keyvaluetags.New(d.Get("tags").(map[string]interface{})).IgnoreAws().EksTags(), - } - ``` - - If the service API does not allow passing an empty list, the logic can be adjusted similar to: - - ```go - input := &eks.CreateClusterInput{ - /* ... other configuration ... */ - } - - if v := d.Get("tags").(map[string]interface{}); len(v) > 0 { - input.Tags = keyvaluetags.New(v).IgnoreAws().EksTags() - } - ``` - -- Otherwise if the API does not support tagging on creation (the `Input` struct does not accept a `Tags` field), in the resource `Create` function, implement the logic to convert the configuration tags into the service API call to tag a resource, e.g. with ElasticSearch Domain: - - ```go - if v := d.Get("tags").(map[string]interface{}); len(v) > 0 { - if err := keyvaluetags.ElasticsearchserviceUpdateTags(conn, d.Id(), nil, v); err != nil { - return fmt.Errorf("error adding Elasticsearch Cluster (%s) tags: %s", d.Id(), err) - } - } - ``` - -- Some EC2 resources (for example [`aws_ec2_fleet`](https://www.terraform.io/docs/providers/aws/r/ec2_fleet.html)) have a `TagsSpecification` field in the `InputStruct` instead of a `Tags` field. In these cases the `ec2TagSpecificationsFromMap()` helper function should be used, e.g.: - - ```go - input := &ec2.CreateFleetInput{ - /* ... other configuration ... */ - TagSpecifications: ec2TagSpecificationsFromMap(d.Get("tags").(map[string]interface{}), ec2.ResourceTypeFleet), - } - ``` - -- In the resource `Read` function, implement the logic to convert the service tags to save them into the Terraform state for drift detection, e.g. with EKS Clusters (which had the tags available in the DescribeCluster API call): - - ```go - // Typically declared near conn := /* ... */ - ignoreTagsConfig := meta.(*AWSClient).IgnoreTagsConfig - - if err := d.Set("tags", keyvaluetags.EksKeyValueTags(cluster.Tags).IgnoreAws().IgnoreConfig(ignoreTagsConfig).Map()); err != nil { - return fmt.Errorf("error setting tags: %s", err) - } - ``` - - If the service API does not return the tags directly from reading the resource and requires a separate API call, its possible to use the `keyvaluetags` functionality like the following, e.g. with Athena Workgroups: - - ```go - // Typically declared near conn := /* ... */ - ignoreTagsConfig := meta.(*AWSClient).IgnoreTagsConfig - - tags, err := keyvaluetags.AthenaListTags(conn, arn.String()) - - if err != nil { - return fmt.Errorf("error listing tags for resource (%s): %s", arn, err) - } - - if err := d.Set("tags", tags.IgnoreAws().IgnoreConfig(ignoreTagsConfig).Map()); err != nil { - return fmt.Errorf("error setting tags: %s", err) - } - ``` - -- In the resource `Update` function (this may be the first functionality requiring the creation of the `Update` function), implement the logic to handle tagging updates, e.g. with EKS Clusters: - - ```go - if d.HasChange("tags") { - o, n := d.GetChange("tags") - if err := keyvaluetags.EksUpdateTags(conn, d.Get("arn").(string), o, n); err != nil { - return fmt.Errorf("error updating tags: %s", err) - } - } - ``` - -##### Resource Tagging Acceptance Testing Implementation - -- In the resource testing (e.g. `aws/resource_aws_eks_cluster_test.go`), verify that existing resources without tagging are unaffected and do not have tags saved into their Terraform state. This should be done in the `_basic` acceptance test by adding a line similar to `resource.TestCheckResourceAttr(resourceName, "tags.%s", "0"),` -- In the resource testing, implement a new test named `_Tags` with associated configurations, that verifies creating the resource with tags and updating tags. e.g. EKS Clusters: - - ```go - func TestAccAWSEksCluster_Tags(t *testing.T) { - var cluster1, cluster2, cluster3 eks.Cluster - rName := acctest.RandomWithPrefix("tf-acc-test") - resourceName := "aws_eks_cluster.test" - - resource.ParallelTest(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSEks(t) }, - Providers: testAccProviders, - CheckDestroy: testAccCheckAWSEksClusterDestroy, - Steps: []resource.TestStep{ - { - Config: testAccAWSEksClusterConfigTags1(rName, "key1", "value1"), - Check: resource.ComposeTestCheckFunc( - testAccCheckAWSEksClusterExists(resourceName, &cluster1), - resource.TestCheckResourceAttr(resourceName, "tags.%", "1"), - resource.TestCheckResourceAttr(resourceName, "tags.key1", "value1"), - ), - }, - { - ResourceName: resourceName, - ImportState: true, - ImportStateVerify: true, - }, - { - Config: testAccAWSEksClusterConfigTags2(rName, "key1", "value1updated", "key2", "value2"), - Check: resource.ComposeTestCheckFunc( - testAccCheckAWSEksClusterExists(resourceName, &cluster2), - resource.TestCheckResourceAttr(resourceName, "tags.%", "2"), - resource.TestCheckResourceAttr(resourceName, "tags.key1", "value1updated"), - resource.TestCheckResourceAttr(resourceName, "tags.key2", "value2"), - ), - }, - { - Config: testAccAWSEksClusterConfigTags1(rName, "key2", "value2"), - Check: resource.ComposeTestCheckFunc( - testAccCheckAWSEksClusterExists(resourceName, &cluster3), - resource.TestCheckResourceAttr(resourceName, "tags.%", "1"), - resource.TestCheckResourceAttr(resourceName, "tags.key2", "value2"), - ), - }, - }, - }) - } - - func testAccAWSEksClusterConfigTags1(rName, tagKey1, tagValue1 string) string { - return testAccAWSEksClusterConfig_Base(rName) + fmt.Sprintf(` - resource "aws_eks_cluster" "test" { - name = %[1]q - role_arn = "${aws_iam_role.test.arn}" - - tags = { - %[2]q = %[3]q - } - - vpc_config { - subnet_ids = ["${aws_subnet.test.*.id[0]}", "${aws_subnet.test.*.id[1]}"] - } - - depends_on = ["aws_iam_role_policy_attachment.test-AmazonEKSClusterPolicy", "aws_iam_role_policy_attachment.test-AmazonEKSServicePolicy"] - } - `, rName, tagKey1, tagValue1) - } - - func testAccAWSEksClusterConfigTags2(rName, tagKey1, tagValue1, tagKey2, tagValue2 string) string { - return testAccAWSEksClusterConfig_Base(rName) + fmt.Sprintf(` - resource "aws_eks_cluster" "test" { - name = %[1]q - role_arn = "${aws_iam_role.test.arn}" - - tags = { - %[2]q = %[3]q - %[4]q = %[5]q - } - - vpc_config { - subnet_ids = ["${aws_subnet.test.*.id[0]}", "${aws_subnet.test.*.id[1]}"] - } - - depends_on = ["aws_iam_role_policy_attachment.test-AmazonEKSClusterPolicy", "aws_iam_role_policy_attachment.test-AmazonEKSServicePolicy"] - } - `, rName, tagKey1, tagValue1, tagKey2, tagValue2) - } - ``` - -- Verify all acceptance testing passes for the resource (e.g. `make testacc TESTARGS='-run=TestAccAWSEksCluster_'`) - -#### Resource Tagging Documentation Implementation - -- In the resource documentation (e.g. `website/docs/r/eks_cluster.html.markdown`), add the following to the arguments reference: - - ```markdown - * `tags` - (Optional) Key-value mapping of resource tags - ``` - -#### New Resource - -Implementing a new resource is a good way to learn more about how Terraform -interacts with upstream APIs. There are plenty of examples to draw from in the -existing resources, but you still get to implement something completely new. - -In addition to the below checklist, please see the [Common Review -Items](#common-review-items) sections for more specific coding and testing -guidelines. - - - [ ] __Minimal LOC__: It's difficult for both the reviewer and author to go - through long feedback cycles on a big PR with many resources. We ask you to - only submit **1 resource at a time**. - - [ ] __Acceptance tests__: New resources should include acceptance tests - covering their behavior. See [Writing Acceptance - Tests](#writing-acceptance-tests) below for a detailed guide on how to - approach these. - - [ ] __Resource Naming__: Resources should be named `aws__`, - using underscores (`_`) as the separator. Resources are namespaced with the - service name to allow easier searching of related resources, to align - the resource naming with the service for [Customizing Endpoints](https://www.terraform.io/docs/providers/aws/guides/custom-service-endpoints.html#available-endpoint-customizations), - and to prevent future conflicts with new AWS services/resources. - For reference: - - - `service` is the AWS short service name that matches the entry in - `endpointServiceNames` (created via the [New Service](#new-service) - section) - - `name` represents the conceptual infrastructure represented by the - create, read, update, and delete methods of the service API. It should - be a singular noun. For example, in an API that has methods such as - `CreateThing`, `DeleteThing`, `DescribeThing`, and `ModifyThing` the name - of the resource would end in `_thing`. - - - [ ] __Arguments_and_Attributes__: The HCL for arguments and attributes should - mimic the types and structs presented by the AWS API. API arguments should be - converted from `CamelCase` to `camel_case`. - - [ ] __Documentation__: Each resource gets a page in the Terraform - documentation. The [Terraform website][website] source is in this - repo and includes instructions for getting a local copy of the site up and - running if you'd like to preview your changes. For a resource, you'll want - to add a new file in the appropriate place and add a link to the sidebar for - that page. - - [ ] __Well-formed Code__: Do your best to follow existing conventions you - see in the codebase, and ensure your code is formatted with `go fmt`. (The - Travis CI build will fail if `go fmt` has not been run on incoming code.) - The PR reviewers can help out on this front, and may provide comments with - suggestions on how to improve the code. - - [ ] __Vendor updates__: Create a separate PR if you are adding to the vendor - folder. This is to avoid conflicts as the vendor versions tend to be fast- - moving targets. We will plan to merge the PR with this change first. - -#### New Service - -Implementing a new AWS service gives Terraform the ability to manage resources in -a whole new API. It's a larger undertaking, but brings major new functionality -into Terraform. - -- [ ] __Service Client__: Before new resources are submitted, we request - a separate pull request containing just the new AWS Go SDK service client. - Doing so will pull the AWS Go SDK service code into the project at the - current version. Since the AWS Go SDK is updated frequently, these pull - requests can easily have merge conflicts or be out of date. The maintainers - prioritize reviewing and merging these quickly to prevent those situations. - - To add the AWS Go SDK service client: - - - In `aws/provider.go` Add a new service entry to `endpointServiceNames`. - This service name should match the AWS Go SDK or AWS CLI service name. - - In `aws/config.go`: Add a new import for the AWS Go SDK code. e.g. - `github.com/aws/aws-sdk-go/service/quicksight` - - In `aws/config.go`: Add a new `{SERVICE}conn` field to the `AWSClient` - struct for the service client. The service name should match the name - in `endpointServiceNames`. e.g. `quicksightconn *quicksight.QuickSight` - - In `aws/config.go`: Create the new service client in the `{SERVICE}conn` - field in the `AWSClient` instantiation within `Client()`. e.g. - `quicksightconn: quicksight.New(sess.Copy(&aws.Config{Endpoint: aws.String(c.Endpoints["quicksight"])})),` - - In `website/allowed-subcategories.txt`: Add a name acceptable for the documentation navigation. - - In `website/docs/guides/custom-service-endpoints.html.md`: Add the service - name in the list of customizable endpoints. - - In `infrastructure/repository/labels-service.tf`: Add the new service to create a repository label. - - In `.hashibot.hcl`: Add the new service to automated issue and pull request labeling. e.g. with the `quicksight` service - - ```hcl - behavior "regexp_issue_labeler_v2" "service_labels" { - # ... other configuration ... - - label_map = { - # ... other services ... - "service/quicksight" = [ - "aws_quicksight_", - ], - # ... other services ... - } - } - - behavior "pull_request_path_labeler" "service_labels" - # ... other configuration ... - - label_map = { - # ... other services ... - "service/quicksight" = [ - "**/*_quicksight_*", - "**/quicksight_*", - ], - # ... other services ... - } - } - ``` - - - Run the following then submit the pull request: - - ```sh - go test ./aws - go mod tidy - go mod vendor - ``` - -- [ ] __Initial Resource__: Some services can be big and it can be - difficult for both reviewer & author to go through long feedback cycles - on a big PR with many resources. Often feedback items in one resource - will also need to be applied in other resources. We prefer you to submit - the necessary minimum in a single PR, ideally **just the first resource** - of the service. - -The initial resource and changes afterwards should follow the other sections -of this guide as appropriate. - -#### New Region - -While region validation is automatically added with SDK updates, new regions -are generally limited in which services they support. Below are some -manually sourced values from documentation. - - - [ ] Check [Elastic Load Balancing endpoints and quotas](https://docs.aws.amazon.com/general/latest/gr/elb.html#elb_region) and add Route53 Hosted Zone ID if available to `aws/data_source_aws_elb_hosted_zone_id.go` - - [ ] Check [Amazon Simple Storage Service endpoints and quotas](https://docs.aws.amazon.com/general/latest/gr/s3.html#s3_region) and add Route53 Hosted Zone ID if available to `aws/hosted_zones.go` - - [ ] Check [CloudTrail Supported Regions docs](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-supported-regions.html#cloudtrail-supported-regions) and add AWS Account ID if available to `aws/data_source_aws_cloudtrail_service_account.go` - - [ ] Check [Elastic Load Balancing Access Logs docs](https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/enable-access-logs.html#attach-bucket-policy) and add Elastic Load Balancing Account ID if available to `aws/data_source_aws_elb_service_account.go` - - [ ] Check [Redshift Database Audit Logging docs](https://docs.aws.amazon.com/redshift/latest/mgmt/db-auditing.html#db-auditing-bucket-permissions) and add AWS Account ID if available to `aws/data_source_aws_redshift_service_account.go` - - [ ] Check [AWS Elastic Beanstalk endpoints and quotas](https://docs.aws.amazon.com/general/latest/gr/elasticbeanstalk.html#elasticbeanstalk_region) and add Route53 Hosted Zone ID if available to `aws/data_source_aws_elastic_beanstalk_hosted_zone.go` - -### Common Review Items - -The Terraform AWS Provider follows common practices to ensure consistent and -reliable implementations across all resources in the project. While there may be -older resource and testing code that predates these guidelines, new submissions -are generally expected to adhere to these items to maintain Terraform Provider -quality. For any guidelines listed, contributors are encouraged to ask any -questions and community reviewers are encouraged to provide review suggestions -based on these guidelines to speed up the review and merge process. - -#### Go Coding Style - -The following Go language resources provide common coding preferences that may be referenced during review, if not automatically handled by the project's linting tools. - -- [Effective Go](https://golang.org/doc/effective_go.html) -- [Go Code Review Comments](https://github.com/golang/go/wiki/CodeReviewComments) - -#### Resource Contribution Guidelines - -The following resource checks need to be addressed before your contribution can be merged. The exclusion of any applicable check may result in a delayed time to merge. - -- [ ] __Passes Testing__: All code and documentation changes must pass unit testing, code linting, and website link testing. Resource code changes must pass all acceptance testing for the resource. -- [ ] __Avoids API Calls Across Account, Region, and Service Boundaries__: Resources should not implement cross-account, cross-region, or cross-service API calls. -- [ ] __Avoids Optional and Required for Non-Configurable Attributes__: Resource schema definitions for read-only attributes should not include `Optional: true` or `Required: true`. -- [ ] __Avoids resource.Retry() without resource.RetryableError()__: Resource logic should only implement [`resource.Retry()`](https://godoc.org/github.com/hashicorp/terraform/helper/resource#Retry) if there is a retryable condition (e.g. `return resource.RetryableError(err)`). -- [ ] __Avoids Resource Read Function in Data Source Read Function__: Data sources should fully implement their own resource `Read` functionality including duplicating `d.Set()` calls. -- [ ] __Avoids Reading Schema Structure in Resource Code__: The resource `Schema` should not be read in resource `Create`/`Read`/`Update`/`Delete` functions to perform looping or otherwise complex attribute logic. Use [`d.Get()`](https://godoc.org/github.com/hashicorp/terraform/helper/schema#ResourceData.Get) and [`d.Set()`](https://godoc.org/github.com/hashicorp/terraform/helper/schema#ResourceData.Set) directly with individual attributes instead. -- [ ] __Avoids ResourceData.GetOkExists()__: Resource logic should avoid using [`ResourceData.GetOkExists()`](https://godoc.org/github.com/hashicorp/terraform/helper/schema#ResourceData.GetOkExists) as its expected functionality is not guaranteed in all scenarios. -- [ ] __Implements Read After Create and Update__: Except where API eventual consistency prohibits immediate reading of resources or updated attributes, resource `Create` and `Update` functions should return the resource `Read` function. -- [ ] __Implements Immediate Resource ID Set During Create__: Immediately after calling the API creation function, the resource ID should be set with [`d.SetId()`](https://godoc.org/github.com/hashicorp/terraform/helper/schema#ResourceData.SetId) before other API operations or returning the `Read` function. -- [ ] __Implements Attribute Refreshes During Read__: All attributes available in the API should have [`d.Set()`](https://godoc.org/github.com/hashicorp/terraform/helper/schema#ResourceData.Set) called their values in the Terraform state during the `Read` function. -- [ ] __Implements Error Checks with Non-Primative Attribute Refreshes__: When using [`d.Set()`](https://godoc.org/github.com/hashicorp/terraform/helper/schema#ResourceData.Set) with non-primative types (`schema.TypeList`, `schema.TypeSet`, or `schema.TypeMap`), perform error checking to [prevent issues where the code is not properly able to refresh the Terraform state](https://www.terraform.io/docs/extend/best-practices/detecting-drift.html#error-checking-aggregate-types). -- [ ] __Implements Import Acceptance Testing and Documentation__: Support for resource import (`Importer` in resource schema) must include `ImportState` acceptance testing (see also the [Acceptance Testing Guidelines](#acceptance-testing-guidelines) below) and `## Import` section in resource documentation. -- [ ] __Implements Customizable Timeouts Documentation__: Support for customizable timeouts (`Timeouts` in resource schema) must include `## Timeouts` section in resource documentation. -- [ ] __Implements State Migration When Adding New Virtual Attribute__: For new "virtual" attributes (those only in Terraform and not in the API), the schema should implement [State Migration](https://www.terraform.io/docs/extend/resources.html#state-migrations) to prevent differences for existing configurations that upgrade. -- [ ] __Uses AWS Go SDK Constants__: Many AWS services provide string constants for value enumerations, error codes, and status types. See also the "Constants" sections under each of the service packages in the [AWS Go SDK documentation](https://docs.aws.amazon.com/sdk-for-go/api/). -- [ ] __Uses AWS Go SDK Pointer Conversion Functions__: Many APIs return pointer types and these functions return the zero value for the type if the pointer is `nil`. This prevents potential panics from unchecked `*` pointer dereferences and can eliminate boilerplate `nil` checking in many cases. See also the [`aws` package in the AWS Go SDK documentation](https://docs.aws.amazon.com/sdk-for-go/api/aws/). -- [ ] __Uses AWS Go SDK Types__: Use available SDK structs instead of implementing custom types with indirection. -- [ ] __Uses TypeList and MaxItems: 1__: Configuration block attributes (e.g. `Type: schema.TypeList` or `Type: schema.TypeSet` with `Elem: &schema.Resource{...}`) that can only have one block should use `Type: schema.TypeList` and `MaxItems: 1` in the schema definition. -- [ ] __Uses Existing Validation Functions__: Schema definitions including `ValidateFunc` for attribute validation should use available [Terraform `helper/validation` package](https://godoc.org/github.com/hashicorp/terraform/helper/validation) functions. `All()`/`Any()` can be used for combining multiple validation function behaviors. -- [ ] __Uses isResourceTimeoutError() with resource.Retry()__: Resource logic implementing [`resource.Retry()`](https://godoc.org/github.com/hashicorp/terraform/helper/resource#Retry) should error check with `isResourceTimeoutError(err error)` and potentially unset the error before returning the error. For example: - - ```go - var output *kms.CreateKeyOutput - err := resource.Retry(1*time.Minute, func() *resource.RetryError { - var err error - - output, err = conn.CreateKey(input) - - /* ... */ - - return nil - }) - - if isResourceTimeoutError(err) { - output, err = conn.CreateKey(input) - } - - if err != nil { - return fmt.Errorf("error creating KMS External Key: %s", err) - } - ``` - -- [ ] __Uses resource.NotFoundError__: Custom errors for missing resources should use [`resource.NotFoundError`](https://godoc.org/github.com/hashicorp/terraform/helper/resource#NotFoundError). -- [ ] __Uses resource.UniqueId()__: API fields for concurrency protection such as `CallerReference` and `IdempotencyToken` should use [`resource.UniqueId()`](https://godoc.org/github.com/hashicorp/terraform/helper/resource#UniqueId). The implementation includes a monotonic counter which is safer for concurrent operations than solutions such as `time.Now()`. -- [ ] __Skips Exists Function__: Implementing a resource `Exists` function is extraneous as it often duplicates resource `Read` functionality. Ensure `d.SetId("")` is used to appropriately trigger resource recreation in the resource `Read` function. -- [ ] __Skips id Attribute__: The `id` attribute is implicit for all Terraform resources and does not need to be defined in the schema. - -The below are style-based items that _may_ be noted during review and are recommended for simplicity, consistency, and quality assurance: - -- [ ] __Avoids CustomizeDiff__: Usage of `CustomizeDiff` is generally discouraged. -- [ ] __Implements Error Message Context__: Returning errors from resource `Create`, `Read`, `Update`, and `Delete` functions should include additional messaging about the location or cause of the error for operators and code maintainers by wrapping with [`fmt.Errorf()`](https://godoc.org/golang.org/x/exp/errors/fmt#Errorf). - - An example `Delete` API error: `return fmt.Errorf("error deleting {SERVICE} {THING} (%s): %s", d.Id(), err)` - - An example `d.Set()` error: `return fmt.Errorf("error setting {ATTRIBUTE}: %s", err)` -- [ ] __Implements arn Attribute__: APIs that return an Amazon Resource Name (ARN), should implement `arn` as an attribute. -- [ ] __Implements Warning Logging With Resource State Removal__: If a resource is removed outside of Terraform (e.g. via different tool, API, or web UI), `d.SetId("")` and `return nil` can be used in the resource `Read` function to trigger resource recreation. When this occurs, a warning log message should be printed beforehand: `log.Printf("[WARN] {SERVICE} {THING} (%s) not found, removing from state", d.Id())` -- [ ] __Uses isAWSErr() with AWS Go SDK Error Objects__: Use the available `isAWSErr(err error, code string, message string)` helper function instead of the `awserr` package to compare error code and message contents. -- [ ] __Uses %s fmt Verb with AWS Go SDK Objects__: AWS Go SDK objects implement `String()` so using the `%v`, `%#v`, or `%+v` fmt verbs with the object are extraneous or provide unhelpful detail. -- [ ] __Uses Elem with TypeMap__: While provider schema validation does not error when the `Elem` configuration is not present with `Type: schema.TypeMap` attributes, including the explicit `Elem: &schema.Schema{Type: schema.TypeString}` is recommended. -- [ ] __Uses American English for Attribute Naming__: For any ambiguity with attribute naming, prefer American English over British English. e.g. `color` instead of `colour`. -- [ ] __Skips Timestamp Attributes__: Generally, creation and modification dates from the API should be omitted from the schema. -- [ ] __Skips Error() Call with AWS Go SDK Error Objects__: Error objects do not need to have `Error()` called. - -#### Acceptance Testing Guidelines - -The below are required items that will be noted during submission review and prevent immediate merging: - -- [ ] __Implements CheckDestroy__: Resource testing should include a `CheckDestroy` function (typically named `testAccCheckAws{SERVICE}{RESOURCE}Destroy`) that calls the API to verify that the Terraform resource has been deleted or disassociated as appropriate. More information about `CheckDestroy` functions can be found in the [Extending Terraform TestCase documentation](https://www.terraform.io/docs/extend/testing/acceptance-tests/testcase.html#checkdestroy). -- [ ] __Implements Exists Check Function__: Resource testing should include a `TestCheckFunc` function (typically named `testAccCheckAws{SERVICE}{RESOURCE}Exists`) that calls the API to verify that the Terraform resource has been created or associated as appropriate. Preferably, this function will also accept a pointer to an API object representing the Terraform resource from the API response that can be set for potential usage in later `TestCheckFunc`. More information about these functions can be found in the [Extending Terraform Custom Check Functions documentation](https://www.terraform.io/docs/extend/testing/acceptance-tests/testcase.html#checkdestroy). -- [ ] __Excludes Provider Declarations__: Test configurations should not include `provider "aws" {...}` declarations. If necessary, only the provider declarations in `provider_test.go` should be used for multiple account/region or otherwise specialized testing. -- [ ] __Passes in us-west-2 Region__: Tests default to running in `us-west-2` and at a minimum should pass in that region or include necessary `PreCheck` functions to skip the test when ran outside an expected environment. -- [ ] __Uses resource.ParallelTest__: Tests should utilize [`resource.ParallelTest()`](https://godoc.org/github.com/hashicorp/terraform/helper/resource#ParallelTest) instead of [`resource.Test()`](https://godoc.org/github.com/hashicorp/terraform/helper/resource#Test) except where serialized testing is absolutely required. -- [ ] __Uses fmt.Sprintf()__: Test configurations preferably should to be separated into their own functions (typically named `testAccAws{SERVICE}{RESOURCE}Config{PURPOSE}`) that call [`fmt.Sprintf()`](https://golang.org/pkg/fmt/#Sprintf) for variable injection or a string `const` for completely static configurations. Test configurations should avoid `var` or other variable injection functionality such as [`text/template`](https://golang.org/pkg/text/template/). -- [ ] __Uses Randomized Infrastructure Naming__: Test configurations that utilize resources where a unique name is required should generate a random name. Typically this is created via `rName := acctest.RandomWithPrefix("tf-acc-test")` in the acceptance test function before generating the configuration. - -For resources that support import, the additional item below is required that will be noted during submission review and prevent immediate merging: - -- [ ] __Implements ImportState Testing__: Tests should include an additional `TestStep` configuration that verifies resource import via `ImportState: true` and `ImportStateVerify: true`. This `TestStep` should be added to all possible tests for the resource to ensure that all infrastructure configurations are properly imported into Terraform. - -The below are style-based items that _may_ be noted during review and are recommended for simplicity, consistency, and quality assurance: - -- [ ] __Uses Builtin Check Functions__: Tests should utilize already available check functions, e.g. `resource.TestCheckResourceAttr()`, to verify values in the Terraform state over creating custom `TestCheckFunc`. More information about these functions can be found in the [Extending Terraform Builtin Check Functions documentation](https://www.terraform.io/docs/extend/testing/acceptance-tests/teststep.html#builtin-check-functions). -- [ ] __Uses TestCheckResoureAttrPair() for Data Sources__: Tests should utilize [`resource.TestCheckResourceAttrPair()`](https://godoc.org/github.com/hashicorp/terraform/helper/resource#TestCheckResourceAttrPair) to verify values in the Terraform state for data sources attributes to compare them with their expected resource attributes. -- [ ] __Excludes Timeouts Configurations__: Test configurations should not include `timeouts {...}` configuration blocks except for explicit testing of customizable timeouts (typically very short timeouts with `ExpectError`). -- [ ] __Implements Default and Zero Value Validation__: The basic test for a resource (typically named `TestAccAws{SERVICE}{RESOURCE}_basic`) should utilize available check functions, e.g. `resource.TestCheckResourceAttr()`, to verify default and zero values in the Terraform state for all attributes. Empty/missing configuration blocks can be verified with `resource.TestCheckResourceAttr(resourceName, "{ATTRIBUTE}.#", "0")` and empty maps with `resource.TestCheckResourceAttr(resourceName, "{ATTRIBUTE}.%", "0")` - -The below are location-based items that _may_ be noted during review and are recommended for consistency with testing flexibility. Resource testing is expected to pass across multiple AWS environments supported by the Terraform AWS Provider (e.g. AWS Standard and AWS GovCloud (US)). Contributors are not expected or required to perform testing outside of AWS Standard, e.g. running only in the `us-west-2` region is perfectly acceptable, however these are provided for reference: - -- [ ] __Uses aws_ami Data Source__: Any hardcoded AMI ID configuration, e.g. `ami-12345678`, should be replaced with the [`aws_ami` data source](https://www.terraform.io/docs/providers/aws/d/ami.html) pointing to an Amazon Linux image. A common pattern is a configuration like the below, which will likely be moved into a common configuration function in the future: - - ```hcl - data "aws_ami" "amzn-ami-minimal-hvm-ebs" { - most_recent = true - owners = ["amazon"] - - filter { - name = "name" - values = ["amzn-ami-minimal-hvm-*"] - } - filter { - name = "root-device-type" - values = ["ebs"] - } - } - ``` - -- [ ] __Uses aws_availability_zones Data Source__: Any hardcoded AWS Availability Zone configuration, e.g. `us-west-2a`, should be replaced with the [`aws_availability_zones` data source](https://www.terraform.io/docs/providers/aws/d/availability_zones.html). A common pattern is declaring `data "aws_availability_zones" "available" {...}` and referencing it via `data.aws_availability_zones.available.names[0]` or `data.aws_availability_zones.available.names[count.index]` in resources utilizing `count`. - - ```hcl - data "aws_availability_zones" "available" { - state = "available" - - filter { - name = "opt-in-status" - values = ["opt-in-not-required"] - } - } - ``` - -- [ ] __Uses aws_region Data Source__: Any hardcoded AWS Region configuration, e.g. `us-west-2`, should be replaced with the [`aws_region` data source](https://www.terraform.io/docs/providers/aws/d/region.html). A common pattern is declaring `data "aws_region" "current" {}` and referencing it via `data.aws_region.current.name` -- [ ] __Uses aws_partition Data Source__: Any hardcoded AWS Partition configuration, e.g. the `aws` in a `arn:aws:SERVICE:REGION:ACCOUNT:RESOURCE` ARN, should be replaced with the [`aws_partition` data source](https://www.terraform.io/docs/providers/aws/d/partition.html). A common pattern is declaring `data "aws_partition" "current" {}` and referencing it via `data.aws_partition.current.partition` -- [ ] __Uses Builtin ARN Check Functions__: Tests should utilize available ARN check functions, e.g. `testAccMatchResourceAttrRegionalARN()`, to validate ARN attribute values in the Terraform state over `resource.TestCheckResourceAttrSet()` and `resource.TestMatchResourceAttr()` -- [ ] __Uses testAccCheckResourceAttrAccountID()__: Tests should utilize the available AWS Account ID check function, `testAccCheckResourceAttrAccountID()` to validate account ID attribute values in the Terraform state over `resource.TestCheckResourceAttrSet()` and `resource.TestMatchResourceAttr()` - -### Writing Acceptance Tests - -Terraform includes an acceptance test harness that does most of the repetitive -work involved in testing a resource. For additional information about testing -Terraform Providers, see the [Extending Terraform documentation](https://www.terraform.io/docs/extend/testing/index.html). - -#### Acceptance Tests Often Cost Money to Run - -Because acceptance tests create real resources, they often cost money to run. -Because the resources only exist for a short period of time, the total amount -of money required is usually a relatively small. Nevertheless, we don't want -financial limitations to be a barrier to contribution, so if you are unable to -pay to run acceptance tests for your contribution, mention this in your -pull request. We will happily accept "best effort" implementations of -acceptance tests and run them for you on our side. This might mean that your PR -takes a bit longer to merge, but it most definitely is not a blocker for -contributions. - -#### Running an Acceptance Test - -Acceptance tests can be run using the `testacc` target in the Terraform -`Makefile`. The individual tests to run can be controlled using a regular -expression. Prior to running the tests provider configuration details such as -access keys must be made available as environment variables. - -For example, to run an acceptance test against the Amazon Web Services -provider, the following environment variables must be set: - -```sh -# Using a profile -export AWS_PROFILE=... -# Otherwise -export AWS_ACCESS_KEY_ID=... -export AWS_SECRET_ACCESS_KEY=... -export AWS_DEFAULT_REGION=... -``` - -Please note that the default region for the testing is `us-west-2` and must be -overriden via the `AWS_DEFAULT_REGION` environment variable, if necessary. This -is especially important for testing AWS GovCloud (US), which requires: - -```sh -export AWS_DEFAULT_REGION=us-gov-west-1 -``` - -Tests can then be run by specifying the target provider and a regular -expression defining the tests to run: - -```sh -$ make testacc TEST=./aws TESTARGS='-run=TestAccAWSCloudWatchDashboard_update' -==> Checking that code complies with gofmt requirements... -TF_ACC=1 go test ./aws -v -run=TestAccAWSCloudWatchDashboard_update -timeout 120m -=== RUN TestAccAWSCloudWatchDashboard_update ---- PASS: TestAccAWSCloudWatchDashboard_update (26.56s) -PASS -ok github.com/terraform-providers/terraform-provider-aws/aws 26.607s -``` - -Entire resource test suites can be targeted by using the naming convention to -write the regular expression. For example, to run all tests of the -`aws_cloudwatch_dashboard` resource rather than just the update test, you can start -testing like this: - -```sh -$ make testacc TEST=./aws TESTARGS='-run=TestAccAWSCloudWatchDashboard' -==> Checking that code complies with gofmt requirements... -TF_ACC=1 go test ./aws -v -run=TestAccAWSCloudWatchDashboard -timeout 120m -=== RUN TestAccAWSCloudWatchDashboard_importBasic ---- PASS: TestAccAWSCloudWatchDashboard_importBasic (15.06s) -=== RUN TestAccAWSCloudWatchDashboard_basic ---- PASS: TestAccAWSCloudWatchDashboard_basic (12.70s) -=== RUN TestAccAWSCloudWatchDashboard_update ---- PASS: TestAccAWSCloudWatchDashboard_update (27.81s) -PASS -ok github.com/terraform-providers/terraform-provider-aws/aws 55.619s -``` - -Please Note: On macOS 10.14 and later (and some Linux distributions), the default user open file limit is 256. This may cause unexpected issues when running the acceptance testing since this can prevent various operations from occurring such as opening network connections to AWS. To view this limit, the `ulimit -n` command can be run. To update this limit, run `ulimit -n 1024` (or higher). - -#### Writing an Acceptance Test - -Terraform has a framework for writing acceptance tests which minimises the -amount of boilerplate code necessary to use common testing patterns. The entry -point to the framework is the `resource.ParallelTest()` function. - -Tests are divided into `TestStep`s. Each `TestStep` proceeds by applying some -Terraform configuration using the provider under test, and then verifying that -results are as expected by making assertions using the provider API. It is -common for a single test function to exercise both the creation of and updates -to a single resource. Most tests follow a similar structure. - -1. Pre-flight checks are made to ensure that sufficient provider configuration - is available to be able to proceed - for example in an acceptance test - targeting AWS, `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY` must be set prior - to running acceptance tests. This is common to all tests exercising a single - provider. - -Each `TestStep` is defined in the call to `resource.ParallelTest()`. Most assertion -functions are defined out of band with the tests. This keeps the tests -readable, and allows reuse of assertion functions across different tests of the -same type of resource. The definition of a complete test looks like this: - -```go -func TestAccAWSCloudWatchDashboard_basic(t *testing.T) { - var dashboard cloudwatch.GetDashboardOutput - rInt := acctest.RandInt() - resource.ParallelTest(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t) }, - Providers: testAccProviders, - CheckDestroy: testAccCheckAWSCloudWatchDashboardDestroy, - Steps: []resource.TestStep{ - { - Config: testAccAWSCloudWatchDashboardConfig(rInt), - Check: resource.ComposeTestCheckFunc( - testAccCheckCloudWatchDashboardExists("aws_cloudwatch_dashboard.foobar", &dashboard), - resource.TestCheckResourceAttr("aws_cloudwatch_dashboard.foobar", "dashboard_name", testAccAWSCloudWatchDashboardName(rInt)), - ), - }, - }, - }) -} -``` - -When executing the test, the following steps are taken for each `TestStep`: - -1. The Terraform configuration required for the test is applied. This is - responsible for configuring the resource under test, and any dependencies it - may have. For example, to test the `aws_cloudwatch_dashboard` resource, a valid configuration with the requisite fields is required. This results in configuration which looks like this: - - ```hcl - resource "aws_cloudwatch_dashboard" "foobar" { - dashboard_name = "terraform-test-dashboard-%d" - dashboard_body = < + Terraform logo + -- Website: https://www.terraform.io -- [![Gitter chat](https://badges.gitter.im/hashicorp-terraform/Lobby.png)](https://gitter.im/hashicorp-terraform/Lobby) -- Mailing list: [Google Groups](http://groups.google.com/group/terraform-tool) +# Terraform Provider for AWS - +[![Build Status][travis-badge]][travis] +[![Forums][discuss-badge]][discuss] +[![GoReportCard][report-badge]][report] -Requirements ------------- +[travis-badge]: https://api.travis-ci.org/terraform-providers/terraform-provider-aws.svg?branch=master +[travis]: https://travis-ci.org/github/terraform-providers/terraform-provider-aws +[discuss-badge]: https://img.shields.io/badge/discuss-terraform--aws-623CE4.svg?style=flat +[discuss]: https://discuss.hashicorp.com/c/terraform-providers/tf-aws/ +[report-badge]: https://goreportcard.com/badge/github.com/terraform-providers/terraform-provider-aws +[report]: https://goreportcard.com/report/github.com/terraform-providers/terraform-provider-aws -- [Terraform](https://www.terraform.io/downloads.html) 0.10+ -- [Go](https://golang.org/doc/install) 1.13 (to build the provider plugin) -Developing the Provider ---------------------- +- Website: [terraform.io](https://terraform.io) +- Tutorials: [learn.hashicorp.com](https://learn.hashicorp.com/terraform?track=getting-started#getting-started) +- Forum: [discuss.hashicorp.com](https://discuss.hashicorp.com/c/terraform-providers/tf-aws/) +- Chat: [gitter](https://gitter.im/hashicorp-terraform/Lobby) +- Mailing List: [Google Groups](http://groups.google.com/group/terraform-tool) -If you wish to work on the provider, you'll first need [Go](http://www.golang.org) installed on your machine (please check the [requirements](https://github.com/terraform-providers/terraform-provider-aws#requirements) before proceeding). +The Terraform AWS provider is a plugin for Terraform that allows for the full lifecycle management of AWS resources. +This provider is maintained internally by the HashiCorp AWS Provider team. -*Note:* This project uses [Go Modules](https://blog.golang.org/using-go-modules) making it safe to work with it outside of your existing [GOPATH](http://golang.org/doc/code.html#GOPATH). The instructions that follow assume a directory in your home directory outside of the standard GOPATH (i.e `$HOME/development/terraform-providers/`). +Please note: We take Terraform's security and our users' trust very seriously. If you believe you have found a security issue in the Terraform AWS Provider, please responsibly disclose by contacting us at security@hashicorp.com. -Clone repository to: `$HOME/development/terraform-providers/` +## Quick Starts -```sh -$ mkdir -p $HOME/development/terraform-providers/; cd $HOME/development/terraform-providers/ -$ git clone git@github.com:terraform-providers/terraform-provider-aws -... -``` +- [Using the provider](https://www.terraform.io/docs/providers/aws/index.html) +- [Provider development](info/DEVELOPMENT.md) -Enter the provider directory and run `make tools`. This will install the needed tools for the provider. +## Documentation -```sh -$ make tools -``` +Full, comprehensive documentation is available on the Terraform website: -To compile the provider, run `make build`. This will build the provider and put the provider binary in the `$GOPATH/bin` directory. +https://terraform.io/docs/providers/aws/index.html -```sh -$ make build -... -$ $GOPATH/bin/terraform-provider-aws -... -``` +## Roadmap -Using the Provider ----------------------- +Our roadmap for expanding support in Terraform for AWS resources can be found in our [Roadmap](ROADMAP.md) -To use a released provider in your Terraform environment, run [`terraform init`](https://www.terraform.io/docs/commands/init.html) and Terraform will automatically install the provider. To specify a particular provider version when installing released providers, see the [Terraform documentation on provider versioning](https://www.terraform.io/docs/configuration/providers.html#version-provider-versions). +## Frequently Asked Questions -To instead use a custom-built provider in your Terraform environment (e.g. the provider binary from the build instructions above), follow the instructions to [install it as a plugin.](https://www.terraform.io/docs/plugins/basics.html#installing-plugins) After placing the custom-built provider into your plugins directory, run `terraform init` to initialize it. +Responses to our most frequently asked questions can be found in our [FAQ](info/FAQ.md ) -For either installation method, documentation about the provider specific configuration options can be found on the [provider's website](https://www.terraform.io/docs/providers/aws/index.html). +## Contributing -Testing the Provider ---------------------------- - -In order to test the provider, you can run `make test`. - -*Note:* Make sure no `AWS_ACCESS_KEY_ID` or `AWS_SECRET_ACCESS_KEY` variables are set, and there's no `[default]` section in the AWS credentials file `~/.aws/credentials`. - -```sh -$ make test -``` - -In order to run the full suite of Acceptance tests, run `make testacc`. - -*Note:* Acceptance tests create real resources, and often cost money to run. Please read [Running an Acceptance Test](https://github.com/terraform-providers/terraform-provider-aws/blob/master/.github/CONTRIBUTING.md#running-an-acceptance-test) in the contribution guidelines for more information on usage. - -```sh -$ make testacc -``` - -Contributing ---------------------------- - -Terraform is the work of thousands of contributors. We appreciate your help! - -To contribute, please read the contribution guidelines: [Contributing to Terraform - AWS Provider](.github/CONTRIBUTING.md) - -Issues on GitHub are intended to be related to bugs or feature requests with provider codebase. See https://www.terraform.io/docs/extend/community/index.html for a list of community resources to ask questions about Terraform. +The Terraform AWS Provider is the work of thousands of contributors. We appreciate your help! +To contribute, please read the contribution guidelines: [Contributing to Terraform - AWS Provider](info/CONTRIBUTING.md) \ No newline at end of file diff --git a/info/CONTRIBUTING.md b/info/CONTRIBUTING.md new file mode 100644 index 00000000000..0455bda6f02 --- /dev/null +++ b/info/CONTRIBUTING.md @@ -0,0 +1,18 @@ +# Contributing to Terraform - AWS Provider + +**First:** if you're unsure or afraid of _anything_, ask for help! You can +submit a work in progress (WIP) pull request, or file an issue with the parts +you know. We'll do our best to guide you in the right direction, and let you +know if there are guidelines we will need to follow. We want people to be able +to participate without fear of doing the wrong thing. + +Below are our expectations for contributors. Following these guidelines gives us +the best opportunity to work with you, by making sure we have the things we need +in order to make it happen. Doing your best to follow it will speed up our +ability to merge PRs and respond to issues. + +- [Development Environment Setup](DEVELOPMENT.md) +- [Issue Reporting and Lifecycle](contributing/issue-reporting-and-lifecycle.md) +- [Pull Request Submission and Lifecycle](contributing/pullrequest-submission-and-lifecycle.md) +- [Contribution Types and Checklists](contributing/contribution-checklists.md) +- [Running and Writing Acceptance Tests](contributing/running-and-writing-acceptance-tests.md) diff --git a/info/DEVELOPMENT.md b/info/DEVELOPMENT.md new file mode 100644 index 00000000000..0a1bf4ee5c2 --- /dev/null +++ b/info/DEVELOPMENT.md @@ -0,0 +1,53 @@ +# Development Environment Setup + +## Requirements + +- [Terraform](https://www.terraform.io/downloads.html) 0.10+ +- [Go](https://golang.org/doc/install) 1.13 (to build the provider plugin) + +## Quick Start + +If you wish to work on the provider, you'll first need [Go](http://www.golang.org) installed on your machine (please check the [requirements](#requirements) before proceeding). + +*Note:* This project uses [Go Modules](https://blog.golang.org/using-go-modules) making it safe to work with it outside of your existing [GOPATH](http://golang.org/doc/code.html#GOPATH). The instructions that follow assume a directory in your home directory outside of the standard GOPATH (i.e `$HOME/development/terraform-providers/`). + +Clone repository to: `$HOME/development/terraform-providers/` + +```sh +$ mkdir -p $HOME/development/terraform-providers/; cd $HOME/development/terraform-providers/ +$ git clone git@github.com:terraform-providers/terraform-provider-aws +... +``` + +Enter the provider directory and run `make tools`. This will install the needed tools for the provider. + +```sh +$ make tools +``` + +To compile the provider, run `make build`. This will build the provider and put the provider binary in the `$GOPATH/bin` directory. + +```sh +$ make build +... +$ $GOPATH/bin/terraform-provider-aws +... +``` + +## Testing the Provider + +In order to test the provider, you can run `make test`. + +*Note:* Make sure no `AWS_ACCESS_KEY_ID` or `AWS_SECRET_ACCESS_KEY` variables are set, and there's no `[default]` section in the AWS credentials file `~/.aws/credentials`. + +```sh +$ make test +``` + +In order to run the full suite of Acceptance tests, run `make testacc`. + +*Note:* Acceptance tests create real resources, and often cost money to run. Please read [Running an Acceptance Test](https://github.com/terraform-providers/terraform-provider-aws/blob/master/.github/CONTRIBUTING.md#running-an-acceptance-test) in the contribution guidelines for more information on usage. + +```sh +$ make testacc +``` \ No newline at end of file diff --git a/info/FAQ.md b/info/FAQ.md new file mode 100644 index 00000000000..4ca45b5b256 --- /dev/null +++ b/info/FAQ.md @@ -0,0 +1,65 @@ +# Frequently Asked Questions + +### Who are the maintainers? + +The HashiCorp Terraform AWS provider team is : + +* Mary Cutrali, Product Manager - GitHub [@maryelizbeth](https://github.com/maryelizbeth) Twitter [@marycutrali](https://twitter.com/marycutrali) +* Brian Flad, Engineering Lead GitHub [@bflad](https://github.com/bflad) +* Graham Davison, Engineer - GitHub [@gdavison](https://github.com/gdavison) +* Angie Pinilla, Engineer - GitHub [@angie44](https://github.com/angie44) +* Simon Davis, Engineering Manager - GitHub [@breathingdust](https://github.com/breathingdust) +* Kerim Satirli, Developer Advocate - GitHub [@satirli](https://github.com/ksatirli) + +### Why isn’t my PR merged yet? + +Unfortunately, due to the volume of issues and new pull requests we receive, we are unable to give each one the full attention that we would like. We always focus on the contributions that provide the most value to the most community members. + +### How do you decide what gets merged for each release? + +The number one factor we look at when deciding what issues to look at are your reactions, comments, and upvotes on the issues or PR’s. The items with the most support are always on our radar, and we commit to keep the community updated on their status and potential timelines. + +We also are investing time to improve the contributing experience by improving documentation, adding more linter coverage to ensure that incoming PR's can be in as good shape as possible. This will allow us to get through them quicker. + +### How often do you release? + +We release weekly on Thursday. We release often to ensure we can bring value to the community at a frequent cadence and to ensure we are in a good place to react to AWS region launches and service announcements. + +### Backward Compatibility Promise + +Our policy is described on the Terraform website [here](https://www.terraform.io/docs/extend/best-practices/versioning.html). + +### AWS just announced a new region, when will I see it in the provider. + +Normally pretty quickly. We usually see the region appear within the `aws-go-sdk` within a couple days of the announcement. Depending on when it lands, we can often get it out within the current or following weekly release. Comparatively, adding support for a new region in the S3 backend can take a little longer, as it is shipped as part of Terraform Core and not via the AWS Provider. + +Please note that this new region requires a manual process to enable in your account. Once enabled in the console, it takes a few minutes for everything to work properly. + +If the region is not enabled properly, or the enablement process is still in progress, you may receive errors like these: + +``` +$ terraform apply + +Error: error validating provider credentials: error calling sts:GetCallerIdentity: InvalidClientTokenId: The security token included in the request is invalid. + status code: 403, request id: 142f947b-b2c3-11e9-9959-c11ab17bcc63 + + on main.tf line 1, in provider "aws": + 1: provider "aws" { + +To use this new region before support has been added to the Terraform AWS Provider, you can disable the provider's automatic region validation via: +provider "aws" { + # ... potentially other configuration ... + + region = "af-south-1" + skip_region_validation = true +} + +``` + +### How can I help? + +Great question, if you have contributed before check out issues with the `help-wanted` label. These are normally issues with support, but we are currently unable to field resources to work on. If you are just getting started, take a look at issues with the `good-first-issue` label. Items with these labels will always be given priority for response. + +### How can I become a maintainer? + +This is an area under active research. Stay tuned! \ No newline at end of file diff --git a/.github/MAINTAINING.md b/info/MAINTAINING.md similarity index 60% rename from .github/MAINTAINING.md rename to info/MAINTAINING.md index be32dee870d..a70c5f4ca84 100644 --- a/.github/MAINTAINING.md +++ b/info/MAINTAINING.md @@ -13,10 +13,15 @@ - [yaml.v2 Updates](#yaml-v2-updates) - [Pull Request Merge Process](#pull-request-merge-process) - [Pull Request Types to CHANGELOG](#pull-request-types-to-changelog) -- [Release Process](#release-process) +- [Label Dictionary](#label-dictionary) +## Triage + +Incoming issues are classified using labels. These are assigned either by automation, or manually during the triage process. At a minimum tickets should be classified by type and by the area of the provider they affect. + + ## Pull Requests ### Pull Request Review Process @@ -282,7 +287,7 @@ The fix for this has been merged and will release with version X.Y.Z of the Terr The CHANGELOG is intended to show operator-impacting changes to the codebase for a particular version. If every change or commit to the code resulted in an entry, the CHANGELOG would become less useful for operators. The lists below are general guidelines on when a decision needs to be made to decide whether a change should have an entry. -Changes that should have a CHANGELOG entry: +#### Changes that should have a CHANGELOG entry: - New Resources and Data Sources - New full-length documentation guides (e.g. EKS Getting Started Guide, IAM Policy Documents with Terraform) @@ -291,20 +296,99 @@ Changes that should have a CHANGELOG entry: - Deprecations - Removals -Changes that may have a CHANGELOG entry: +#### Changes that may have a CHANGELOG entry: - Dependency updates: If the update contains relevant bug fixes or enhancements that affect operators, those should be called out. -Changes that should _not_ have a CHANGELOG entry: +#### Changes that should _not_ have a CHANGELOG entry: - Resource and provider documentation updates - Testing updates -## Release Process - -- Create a milestone for the next release after this release (generally, the next milestone will be a minor version increase unless previously decided for a major or patch version) -- Check the existing release milestone for open items and either work through them or move them to the next milestone -- Run the HashiCorp (non-OSS) TeamCity release job with the `DEPLOYMENT_TARGET_VERSION` matching the expected release milestone and `DEPLOYMENT_NEXT_VERSION` matching the next release milestone -- Wait for the TeamCity release job and CircleCI website deployment jobs to complete either by watching the build logs or Slack notifications -- Close the release milestone -- Create a new GitHub release with the release title exactly matching the tag and milestone (e.g. `v2.22.0`) and copy the notes from the CHANGELOG to the release notes. This will trigger [HashiBot](https://github.com/apps/hashibot) release comments. +## Label Dictionary + + + +| Label | Description | Automation | +|---------|-------------|----------| +| [![breaking-change][breaking-change-badge]][breaking-change]                                    | Introduces a breaking change in current functionality; breaking changes are usually deferred to the next major release. | None | +| [![bug][bug-badge]][bug] | Addresses a defect in current functionality. | None | +| [![crash][crash-badge]][crash] | Results from or addresses a Terraform crash or kernel panic. | None | +| [![dependencies][dependencies-badge]][dependencies] | Used to indicate a dependency version update. | Added by the Renovate bot. Configuration is found in the `renovate.json` file. | +| [![documentation][documentation-badge]][documentation] | Introduces or discusses updates to documentation. | None | +| [![enhancement][enhancement-badge]][enhancement] | Requests to existing resources that expand the functionality or scope. | None | +| [![good first issue][good-first-issue-badge]][good-first-issue] | Call to action for new contributors looking for a place to start. Smaller or straightforward issues. | None | +| [![hacktoberfest][hacktoberfest-badge]][hacktoberfest] | Call to action for Hacktoberfest (OSS Initiative). | None | +| [![hashibot ignore][hashibot-ignore-badge]][hashibot-ignore] | Issues or PRs labelled with this are ignored by Hashibot. | None | +| [![help wanted][help-wanted-badge]][help-wanted] | Call to action for contributors. Indicates an area of the codebase we’d like to expand/work on but don’t have the bandwidth inside the team. | None | +| [![needs-triage][needs-triage-badge]][needs-triage] | Waiting for first response or review from a maintainer. | Added to all new issues or PRs by GitHub action in `.github/workflows/issues.yml` unless they were submitted by a maintainer. | +| [![new-data-source][new-data-source-badge]][new-data-source] | Introduces a new data source. | None | +| [![new-resource][new-resource-badge]][new-resource] | Introduces a new resrouce. | None | +| [![proposal][proposal-badge]][proposal] | Proposes new design or functionality. | None | +| [![provider][provider-badge]][provider] | Pertains to the provider itself, rather than any interaction with AWS. | Added by Hashibot when the code change is in an area configured in `.hashibot.hcl` | +| [![question][question-badge]][question] | Includes a question about existing functionality; most questions will be re-routed to discuss.hashicorp.com. | None | +| [![regression][regression-badge]][regression] | Pertains to a degraded workflow resulting from an upstream patch or internal enhancement; usually categorized as a bug. | None | +| [![reinvent][reinvent-badge]][reinvent] | Pertains to a service or feature announced at reinvent. | None | +| ![service <*>][service-badge] | Indicates the service that is covered or introduced (i.e. service/s3) | Added by Hashibot when the code change matches a service definition in `.hashibot.hcl`. +| ![size%2F<*>][size-badge] | Managed by automation to categorize the size of a PR | Added by Hashibot to indicate the size of the PR. | +| [![stale][stale-badge]][stale] | Old or inactive issues managed by automation, if no further action taken these will get closed. | Added by a Github Action, configuration is found: `.github/workflows/stale.yml`. | +| [![technical-debt][technical-debt-badge]][technical-debt] | +Addresses areas of the codebase that need refactoring or redesign. | None| +| [![tests][tests-badge]][tests] | On a PR this indicates expanded test coverage. On an Issue this proposes expanded coverage or enhancement to test infrastructure. | None | +| [![thinking][thinking-badge]][thinking] | Requires additional research by the maintainers. | None | +| [![upstream-terraform][upstream-terraform-badge]][upstream-terraform] | Addresses functionality related to the Terraform core binary. | None | +| [![upstream][upstream-badge]][upstream] | Addresses functionality related to the cloud provider. | None | +| [![waiting-response](https://img.shields.io/badge/waiting--response-5319e7)](https://github.com/terraform-providers/terraform-provider-aws/labels/waiting-response) | Addresses functionality related to the cloud provider. | None | + +[breaking-change-badge]: https://img.shields.io/badge/breaking--change-d93f0b +[breaking-change]: https://github.com/terraform-providers/terraform-provider-aws/labels/breaking-change +[bug-badge]: https://img.shields.io/badge/bug-f7c6c7 +[bug]: https://github.com/terraform-providers/terraform-provider-aws/labels/bug +[crash-badge]: https://img.shields.io/badge/crash-e11d21 +[crash]: https://github.com/terraform-providers/terraform-provider-aws/labels/crash +[dependencies-badge]: https://img.shields.io/badge/dependencies-fad8c7 +[dependencies]: https://github.com/terraform-providers/terraform-provider-aws/labels/dependencies +[documentation-badge]: https://img.shields.io/badge/documentation-fef2c0 +[documentation]: https://github.com/terraform-providers/terraform-provider-aws/labels/documentation +[enhancement-badge]: https://img.shields.io/badge/enhancement-d4c5f9 +[enhancement]: https://github.com/terraform-providers/terraform-provider-aws/labels/enhancement +[good-first-issue-badge]: https://img.shields.io/badge/good%20first%20issue-128A0C +[good-first-issue]: https://github.com/terraform-providers/terraform-provider-aws/labels/good%20first%20issue +[hacktoberfest-badge]: https://img.shields.io/badge/hacktoberfest-2c0fad +[hacktoberfest]: https://github.com/terraform-providers/terraform-provider-aws/labels/hacktoberfest +[hashibot-ignore-badge]: https://img.shields.io/badge/hashibot%2Fignore-2c0fad +[hashibot-ignore]: https://github.com/terraform-providers/terraform-provider-aws/labels/hashibot-ignore +[help-wanted-badge]: https://img.shields.io/badge/help%20wanted-128A0C +[help-wanted]: https://github.com/terraform-providers/terraform-provider-aws/labels/help-wanted +[needs-triage-badge]: https://img.shields.io/badge/needs--triage-e236d7 +[needs-triage]: https://github.com/terraform-providers/terraform-provider-aws/labels/needs-triage +[new-data-source-badge]: https://img.shields.io/badge/new--data--source-d4c5f9 +[new-data-source]: https://github.com/terraform-providers/terraform-provider-aws/labels/new-data-source +[new-resource-badge]: https://img.shields.io/badge/new--resource-d4c5f9 +[new-resource]: https://github.com/terraform-providers/terraform-provider-aws/labels/new-resource +[proposal-badge]: https://img.shields.io/badge/proposal-fbca04 +[proposal]: https://github.com/terraform-providers/terraform-provider-aws/labels/proposal +[provider-badge]: https://img.shields.io/badge/provider-bfd4f2 +[provider]: https://github.com/terraform-providers/terraform-provider-aws/labels/provider +[question-badge]: https://img.shields.io/badge/question-d4c5f9 +[question]: https://github.com/terraform-providers/terraform-provider-aws/labels/question +[regression-badge]: https://img.shields.io/badge/regression-e11d21 +[regression]: https://github.com/terraform-providers/terraform-provider-aws/labels/regression +[reinvent-badge]: https://img.shields.io/badge/reinvent-c5def5 +[reinvent]: https://github.com/terraform-providers/terraform-provider-aws/labels/reinvent +[service-badge]: https://img.shields.io/badge/service%2F<*>-bfd4f2 +[size-badge]: https://img.shields.io/badge/size%2F<*>-ffffff +[stale-badge]: https://img.shields.io/badge/stale-e11d21 +[stale]: https://github.com/terraform-providers/terraform-provider-aws/labels/stale +[technical-debt-badge]: https://img.shields.io/badge/technical--debt-1d76db +[technical-debt]: https://github.com/terraform-providers/terraform-provider-aws/labels/technical-debt +[tests-badge]: https://img.shields.io/badge/tests-DDDDDD +[tests]: https://github.com/terraform-providers/terraform-provider-aws/labels/tests +[thinking-badge]: https://img.shields.io/badge/thinking-bfd4f2 +[thinking]: https://github.com/terraform-providers/terraform-provider-aws/labels/thinking +[upstream-terraform-badge]: https://img.shields.io/badge/upstream--terraform-CCCCCC +[upstream-terraform]: https://github.com/terraform-providers/terraform-provider-aws/labels/upstream-terraform +[upstream-badge]: https://img.shields.io/badge/upstream-fad8c7 +[upstream]: https://github.com/terraform-providers/terraform-provider-aws/labels/upstream +[waiting-response-badge]: https://img.shields.io/badge/waiting-response-bfd4f2 +[waiting-response]: https://github.com/terraform-providers/terraform-provider-aws/labels/waiting-response diff --git a/info/contributing/contribution-checklists.md b/info/contributing/contribution-checklists.md new file mode 100644 index 00000000000..8da282e2eb6 --- /dev/null +++ b/info/contributing/contribution-checklists.md @@ -0,0 +1,567 @@ +# Contribution Types and Checklists + +There are several different kinds of contribution, each of which has its own +standards for a speedy review. The following sections describe guidelines for +each type of contribution. + +- [Documentation Update](#documentation-update) +- [Enhancement/Bugfix to a Resource](#enhancementbugfix-to-a-resource) +- [Adding Resource Import Support](#adding-resource-import-support) +- [Adding Resource Name Generation Support](#adding-resource-name-generation-support) + - [Resource Name Generation Code Implementation](#resource-name-generation-code-implementation) + - [Resource Name Generation Testing Implementation](#resource-name-generation-testing-implementation) + - [Resource Code Generation Documentation Implementation](#resource-code-generation-documentation-implementation) +- [Adding Resource Tagging Support](#adding-resource-tagging-support) + - [Adding Service to Tag Generating Code](#adding-service-to-tag-generating-code) + - [Resource Tagging Code Implementation](#resource-tagging-code-implementation) + - [Resource Tagging Acceptance Testing Implementation](#resource-tagging-acceptance-testing-implementation) +- [Resource Tagging Documentation Implementation](#resource-tagging-documentation-implementation) +- [New Resource](#new-resource) +- [New Service](#new-service) +- [New Region](#new-region) + +## Documentation Update + +The [Terraform AWS Provider's website source][website] is in this repository +along with the code and tests. Below are some common items that will get +flagged during documentation reviews: + +- [ ] __Reasoning for Change__: Documentation updates should include an explanation for why the update is needed. +- [ ] __Prefer AWS Documentation__: Documentation about AWS service features and valid argument values that are likely to update over time should link to AWS service user guides and API references where possible. +- [ ] __Large Example Configurations__: Example Terraform configuration that includes multiple resource definitions should be added to the repository `examples` directory instead of an individual resource documentation page. Each directory under `examples` should be self-contained to call `terraform apply` without special configuration. +- [ ] __Terraform Configuration Language Features__: Individual resource documentation pages and examples should refrain from highlighting particular Terraform configuration language syntax workarounds or features such as `variable`, `local`, `count`, and built-in functions. + +## Enhancement/Bugfix to a Resource + +Working on existing resources is a great way to get started as a Terraform +contributor because you can work within existing code and tests to get a feel +for what to do. + +In addition to the below checklist, please see the [Common Review +Items](#common-review-items) sections for more specific coding and testing +guidelines. + + - [ ] __Acceptance test coverage of new behavior__: Existing resources each + have a set of [acceptance tests][acctests] covering their functionality. + These tests should exercise all the behavior of the resource. Whether you are + adding something or fixing a bug, the idea is to have an acceptance test that + fails if your code were to be removed. Sometimes it is sufficient to + "enhance" an existing test by adding an assertion or tweaking the config + that is used, but it's often better to add a new test. You can copy/paste an + existing test and follow the conventions you see there, modifying the test + to exercise the behavior of your code. + - [ ] __Documentation updates__: If your code makes any changes that need to + be documented, you should include those doc updates in the same PR. This + includes things like new resource attributes or changes in default values. + The [Terraform website][website] source is in this repo and includes + instructions for getting a local copy of the site up and running if you'd + like to preview your changes. + - [ ] __Well-formed Code__: Do your best to follow existing conventions you + see in the codebase, and ensure your code is formatted with `go fmt`. (The + Travis CI build will fail if `go fmt` has not been run on incoming code.) + The PR reviewers can help out on this front, and may provide comments with + suggestions on how to improve the code. + - [ ] __Vendor additions__: Create a separate PR if you are updating the vendor + folder. This is to avoid conflicts as the vendor versions tend to be fast- + moving targets. We will plan to merge the PR with this change first. + +## Adding Resource Import Support + +Adding import support for Terraform resources will allow existing infrastructure to be managed within Terraform. This type of enhancement generally requires a small to moderate amount of code changes. + +Comprehensive code examples and information about resource import support can be found in the [Extending Terraform documentation](https://www.terraform.io/docs/extend/resources/import.html). + +In addition to the below checklist and the items noted in the Extending Terraform documentation, please see the [Common Review Items](#common-review-items) sections for more specific coding and testing guidelines. + +- [ ] _Resource Code Implementation_: In the resource code (e.g. `aws/resource_aws_service_thing.go`), implementation of `Importer` `State` function +- [ ] _Resource Acceptance Testing Implementation_: In the resource acceptance testing (e.g. `aws/resource_aws_service_thing_test.go`), implementation of `TestStep`s with `ImportState: true` +- [ ] _Resource Documentation Implementation_: In the resource documentation (e.g. `website/docs/r/service_thing.html.markdown`), addition of `Import` documentation section at the bottom of the page + +## Adding Resource Name Generation Support + +Terraform AWS Provider resources can use shared logic to support and test name generation, where the operator can choose between an expected naming value, a generated naming value with a prefix, or a fully generated name. + +Implementing name generation support for Terraform AWS Provider resources requires the following, each with its own section below: + +- [ ] _Resource Name Generation Code Implementation_: In the resource code (e.g. `aws/resource_aws_service_thing.go`), implementation of `name_prefix` attribute, along with handling in `Create` function. +- [ ] _Resource Name Generation Testing Implementation_: In the resource acceptance testing (e.g. `aws/resource_aws_service_thing_test.go`), implementation of new acceptance test functions and configurations to exercise new naming logic. +- [ ] _Resource Name Generation Documentation Implementation_: In the resource documentation (e.g. `website/docs/r/service_thing.html.markdown`), addition of `name_prefix` argument and update of `name` argument description. + +### Resource Name Generation Code Implementation + +- In the resource Go file (e.g. `aws/resource_aws_service_thing.go`), add the following Go import: `"github.com/terraform-providers/terraform-provider-aws/aws/internal/naming"` +- In the resource schema, add the new `name_prefix` attribute and adjust the `name` attribute to be `Optional`, `Computed`, and `ConflictsWith` the `name_prefix` attribute. Ensure to keep any existing schema fields on `name` such as `ValidateFunc`. e.g. + +```go +"name": { + Type: schema.TypeString, + Optional: true, + Computed: true, + ForceNew: true, + ConflictsWith: []string{"name_prefix"}, +}, +"name_prefix": { + Type: schema.TypeString, + Optional: true, + ForceNew: true, + ConflictsWith: []string{"name"}, +}, +``` + +- In the resource `Create` function, switch any calls from `d.Get("name").(string)` to instead use the `naming.Generate()` function, e.g. + +```go +name := naming.Generate(d.Get("name").(string), d.Get("name_prefix").(string)) + +// ... in AWS Go SDK Input types, etc. use aws.String(name) +``` + +### Resource Name Generation Testing Implementation + +- In the resource testing (e.g. `aws/resource_aws_service_thing_test.go`), add the following Go import: `"github.com/terraform-providers/terraform-provider-aws/aws/internal/naming"` +- In the resource testing, implement two new tests named `_Name_Generated` and `_NamePrefix` with associated configurations, that verifies creating the resource without `name` and `name_prefix` arguments (for the former) and with only the `name_prefix` argument (for the latter). e.g. + +```go +func TestAccAWSServiceThing_Name_Generated(t *testing.T) { + var thing service.ServiceThing + resourceName := "aws_service_thing.test" + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSServiceThingDestroy, + Steps: []resource.TestStep{ + { + Config: testAccAWSServiceThingConfigNameGenerated(), + Check: resource.ComposeTestCheckFunc( + testAccCheckAWSServiceThingExists(resourceName, &thing), + naming.TestCheckResourceAttrNameGenerated(resourceName, "name"), + ), + }, + // If the resource supports import: + { + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + }, + }, + }) +} + +func TestAccAWSServiceThing_NamePrefix(t *testing.T) { + var thing service.ServiceThing + resourceName := "aws_service_thing.test" + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSServiceThingDestroy, + Steps: []resource.TestStep{ + { + Config: testAccAWSServiceThingConfigNamePrefix("tf-acc-test-prefix-"), + Check: resource.ComposeTestCheckFunc( + testAccCheckAWSServiceThingExists(resourceName, &thing), + naming.TestCheckResourceAttrNameFromPrefix(resourceName, "name", "tf-acc-test-prefix-"), + ), + }, + // If the resource supports import: + { + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + }, + }, + }) +} + +func testAccAWSServiceThingConfigNameGenerated() string { + return fmt.Sprintf(` +resource "aws_service_thing" "test" { + # ... other configuration ... +} +`) +} + +func testAccAWSServiceThingConfigNamePrefix(namePrefix string) string { + return fmt.Sprintf(` +resource "aws_service_thing" "test" { + # ... other configuration ... + + name_prefix = %[1]q +} +`, namePrefix) +} +``` + +### Resource Code Generation Documentation Implementation + +- In the resource documentation (e.g. `website/docs/r/service_thing.html.markdown`), add the following to the arguments reference: + +```markdown +* `name_prefix` - (Optional) Creates a unique name beginning with the specified prefix. Conflicts with `name`. +``` + +- Adjust the existing `name` argument reference to ensure its denoted as `Optional`, includes a mention that it can be generated, and that it conflicts with `name_prefix`: + +```markdown +* `name` - (Optional) Name of the thing. If omitted, Terraform will assign a random, unique name. Conflicts with `name_prefix`. +``` + +## Adding Resource Tagging Support + +AWS provides key-value metadata across many services and resources, which can be used for a variety of use cases including billing, ownership, and more. See the [AWS Tagging Strategy page](https://aws.amazon.com/answers/account-management/aws-tagging-strategies/) for more information about tagging at a high level. + +Implementing tagging support for Terraform AWS Provider resources requires the following, each with its own section below: + +- [ ] _Generated Service Tagging Code_: In the internal code generators (e.g. `aws/internal/keyvaluetags`), implementation and customization of how a service handles tagging, which is standardized for the resources. +- [ ] _Resource Tagging Code Implementation_: In the resource code (e.g. `aws/resource_aws_service_thing.go`), implementation of `tags` schema attribute, along with handling in `Create`, `Read`, and `Update` functions. +- [ ] _Resource Tagging Acceptance Testing Implementation_: In the resource acceptance testing (e.g. `aws/resource_aws_service_thing_test.go`), implementation of new acceptance test function and configurations to exercise new tagging logic. +- [ ] _Resource Tagging Documentation Implementation_: In the resource documentation (e.g. `website/docs/r/service_thing.html.markdown`), addition of `tags` argument + +See also a [full example pull request for implementing EKS tagging](https://github.com/terraform-providers/terraform-provider-aws/pull/10307). + +### Adding Service to Tag Generating Code + +This step is only necessary for the first implementation and may have been previously completed. If so, move on to the next section. + +More details about this code generation, including fixes for potential error messages in this process, can be found in the [keyvaluetags documentation](../aws/internal/keyvaluetags/README.md). + +- Open the AWS Go SDK documentation for the service, e.g. for [`service/eks`](https://docs.aws.amazon.com/sdk-for-go/api/service/eks/). Note: there can be a delay between the AWS announcement and the updated AWS Go SDK documentation. +- Determine the "type" of tagging implementation. Some services will use a simple map style (`map[string]*string` in Go) while others will have a separate structure shape (`[]service.Tag` struct with `Key` and `Value` fields). + + - If the type is a map, add the AWS Go SDK service name (e.g. `eks`) to `mapServiceNames` in `aws/internal/keyvaluetags/generators/servicetags/main.go` + - Otherwise, if the type is a struct, add the AWS Go SDK service name (e.g. `eks`) to `sliceServiceNames` in `aws/internal/keyvaluetags/generators/servicetags/main.go`. If the struct name is not exactly `Tag`, it can be customized via the `ServiceTagType` function. If the struct key field is not exactly `Key`, it can be customized via the `ServiceTagTypeKeyField` function. If the struct value field is not exactly `Value`, it can be customized via the `ServiceTagTypeValueField` function. + +- Determine if the service API includes functionality for listing tags (usually a `ListTags` or `ListTagsForResource` API call) or updating tags (usually `TagResource` and `UntagResource` API calls). If so, add the AWS Go SDK service client information to `ServiceClientType` (along with the new required import) in `aws/internal/keyvaluetags/service_generation_customizations.go`, e.g. for EKS: + + ```go + case "eks": + funcType = reflect.TypeOf(eks.New) + ``` + + - If the service API includes functionality for listing tags, add the AWS Go SDK service name (e.g. `eks`) to `serviceNames` in `aws/internal/keyvaluetags/generators/listtags/main.go`. + - If the service API includes functionality for updating tags, add the AWS Go SDK service name (e.g. `eks`) to `serviceNames` in `aws/internal/keyvaluetags/generators/updatetags/main.go`. + +- Run `make gen` (`go generate ./...`) and ensure there are no errors via `make test` (`go test ./...`) + +### Resource Tagging Code Implementation + +- In the resource Go file (e.g. `aws/resource_aws_eks_cluster.go`), add the following Go import: `"github.com/terraform-providers/terraform-provider-aws/aws/internal/keyvaluetags"` +- In the resource schema, add `"tags": tagsSchema(),` +- If the API supports tagging on creation (the `Input` struct accepts a `Tags` field), in the resource `Create` function, implement the logic to convert the configuration tags into the service tags, e.g. with EKS Clusters: + + ```go + input := &eks.CreateClusterInput{ + /* ... other configuration ... */ + Tags: keyvaluetags.New(d.Get("tags").(map[string]interface{})).IgnoreAws().EksTags(), + } + ``` + + If the service API does not allow passing an empty list, the logic can be adjusted similar to: + + ```go + input := &eks.CreateClusterInput{ + /* ... other configuration ... */ + } + + if v := d.Get("tags").(map[string]interface{}); len(v) > 0 { + input.Tags = keyvaluetags.New(v).IgnoreAws().EksTags() + } + ``` + +- Otherwise if the API does not support tagging on creation (the `Input` struct does not accept a `Tags` field), in the resource `Create` function, implement the logic to convert the configuration tags into the service API call to tag a resource, e.g. with ElasticSearch Domain: + + ```go + if v := d.Get("tags").(map[string]interface{}); len(v) > 0 { + if err := keyvaluetags.ElasticsearchserviceUpdateTags(conn, d.Id(), nil, v); err != nil { + return fmt.Errorf("error adding Elasticsearch Cluster (%s) tags: %s", d.Id(), err) + } + } + ``` + +- Some EC2 resources (for example [`aws_ec2_fleet`](https://www.terraform.io/docs/providers/aws/r/ec2_fleet.html)) have a `TagsSpecification` field in the `InputStruct` instead of a `Tags` field. In these cases the `ec2TagSpecificationsFromMap()` helper function should be used, e.g.: + + ```go + input := &ec2.CreateFleetInput{ + /* ... other configuration ... */ + TagSpecifications: ec2TagSpecificationsFromMap(d.Get("tags").(map[string]interface{}), ec2.ResourceTypeFleet), + } + ``` + +- In the resource `Read` function, implement the logic to convert the service tags to save them into the Terraform state for drift detection, e.g. with EKS Clusters (which had the tags available in the DescribeCluster API call): + + ```go + // Typically declared near conn := /* ... */ + ignoreTagsConfig := meta.(*AWSClient).IgnoreTagsConfig + + if err := d.Set("tags", keyvaluetags.EksKeyValueTags(cluster.Tags).IgnoreAws().IgnoreConfig(ignoreTagsConfig).Map()); err != nil { + return fmt.Errorf("error setting tags: %s", err) + } + ``` + + If the service API does not return the tags directly from reading the resource and requires a separate API call, its possible to use the `keyvaluetags` functionality like the following, e.g. with Athena Workgroups: + + ```go + // Typically declared near conn := /* ... */ + ignoreTagsConfig := meta.(*AWSClient).IgnoreTagsConfig + + tags, err := keyvaluetags.AthenaListTags(conn, arn.String()) + + if err != nil { + return fmt.Errorf("error listing tags for resource (%s): %s", arn, err) + } + + if err := d.Set("tags", tags.IgnoreAws().IgnoreConfig(ignoreTagsConfig).Map()); err != nil { + return fmt.Errorf("error setting tags: %s", err) + } + ``` + +- In the resource `Update` function (this may be the first functionality requiring the creation of the `Update` function), implement the logic to handle tagging updates, e.g. with EKS Clusters: + + ```go + if d.HasChange("tags") { + o, n := d.GetChange("tags") + if err := keyvaluetags.EksUpdateTags(conn, d.Get("arn").(string), o, n); err != nil { + return fmt.Errorf("error updating tags: %s", err) + } + } + ``` + +### Resource Tagging Acceptance Testing Implementation + +- In the resource testing (e.g. `aws/resource_aws_eks_cluster_test.go`), verify that existing resources without tagging are unaffected and do not have tags saved into their Terraform state. This should be done in the `_basic` acceptance test by adding a line similar to `resource.TestCheckResourceAttr(resourceName, "tags.%s", "0"),` +- In the resource testing, implement a new test named `_Tags` with associated configurations, that verifies creating the resource with tags and updating tags. e.g. EKS Clusters: + + ```go + func TestAccAWSEksCluster_Tags(t *testing.T) { + var cluster1, cluster2, cluster3 eks.Cluster + rName := acctest.RandomWithPrefix("tf-acc-test") + resourceName := "aws_eks_cluster.test" + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSEks(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSEksClusterDestroy, + Steps: []resource.TestStep{ + { + Config: testAccAWSEksClusterConfigTags1(rName, "key1", "value1"), + Check: resource.ComposeTestCheckFunc( + testAccCheckAWSEksClusterExists(resourceName, &cluster1), + resource.TestCheckResourceAttr(resourceName, "tags.%", "1"), + resource.TestCheckResourceAttr(resourceName, "tags.key1", "value1"), + ), + }, + { + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + }, + { + Config: testAccAWSEksClusterConfigTags2(rName, "key1", "value1updated", "key2", "value2"), + Check: resource.ComposeTestCheckFunc( + testAccCheckAWSEksClusterExists(resourceName, &cluster2), + resource.TestCheckResourceAttr(resourceName, "tags.%", "2"), + resource.TestCheckResourceAttr(resourceName, "tags.key1", "value1updated"), + resource.TestCheckResourceAttr(resourceName, "tags.key2", "value2"), + ), + }, + { + Config: testAccAWSEksClusterConfigTags1(rName, "key2", "value2"), + Check: resource.ComposeTestCheckFunc( + testAccCheckAWSEksClusterExists(resourceName, &cluster3), + resource.TestCheckResourceAttr(resourceName, "tags.%", "1"), + resource.TestCheckResourceAttr(resourceName, "tags.key2", "value2"), + ), + }, + }, + }) + } + + func testAccAWSEksClusterConfigTags1(rName, tagKey1, tagValue1 string) string { + return testAccAWSEksClusterConfig_Base(rName) + fmt.Sprintf(` + resource "aws_eks_cluster" "test" { + name = %[1]q + role_arn = "${aws_iam_role.test.arn}" + + tags = { + %[2]q = %[3]q + } + + vpc_config { + subnet_ids = ["${aws_subnet.test.*.id[0]}", "${aws_subnet.test.*.id[1]}"] + } + + depends_on = ["aws_iam_role_policy_attachment.test-AmazonEKSClusterPolicy", "aws_iam_role_policy_attachment.test-AmazonEKSServicePolicy"] + } + `, rName, tagKey1, tagValue1) + } + + func testAccAWSEksClusterConfigTags2(rName, tagKey1, tagValue1, tagKey2, tagValue2 string) string { + return testAccAWSEksClusterConfig_Base(rName) + fmt.Sprintf(` + resource "aws_eks_cluster" "test" { + name = %[1]q + role_arn = "${aws_iam_role.test.arn}" + + tags = { + %[2]q = %[3]q + %[4]q = %[5]q + } + + vpc_config { + subnet_ids = ["${aws_subnet.test.*.id[0]}", "${aws_subnet.test.*.id[1]}"] + } + + depends_on = ["aws_iam_role_policy_attachment.test-AmazonEKSClusterPolicy", "aws_iam_role_policy_attachment.test-AmazonEKSServicePolicy"] + } + `, rName, tagKey1, tagValue1, tagKey2, tagValue2) + } + ``` + +- Verify all acceptance testing passes for the resource (e.g. `make testacc TESTARGS='-run=TestAccAWSEksCluster_'`) + +## Resource Tagging Documentation Implementation + +- In the resource documentation (e.g. `website/docs/r/eks_cluster.html.markdown`), add the following to the arguments reference: + + ```markdown + * `tags` - (Optional) Key-value mapping of resource tags + ``` + +## New Resource + +Implementing a new resource is a good way to learn more about how Terraform +interacts with upstream APIs. There are plenty of examples to draw from in the +existing resources, but you still get to implement something completely new. + +In addition to the below checklist, please see the [Common Review +Items](#common-review-items) sections for more specific coding and testing +guidelines. + + - [ ] __Minimal LOC__: It's difficult for both the reviewer and author to go + through long feedback cycles on a big PR with many resources. We ask you to + only submit **1 resource at a time**. + - [ ] __Acceptance tests__: New resources should include acceptance tests + covering their behavior. See [Writing Acceptance + Tests](#writing-acceptance-tests) below for a detailed guide on how to + approach these. + - [ ] __Resource Naming__: Resources should be named `aws__`, + using underscores (`_`) as the separator. Resources are namespaced with the + service name to allow easier searching of related resources, to align + the resource naming with the service for [Customizing Endpoints](https://www.terraform.io/docs/providers/aws/guides/custom-service-endpoints.html#available-endpoint-customizations), + and to prevent future conflicts with new AWS services/resources. + For reference: + + - `service` is the AWS short service name that matches the entry in + `endpointServiceNames` (created via the [New Service](#new-service) + section) + - `name` represents the conceptual infrastructure represented by the + create, read, update, and delete methods of the service API. It should + be a singular noun. For example, in an API that has methods such as + `CreateThing`, `DeleteThing`, `DescribeThing`, and `ModifyThing` the name + of the resource would end in `_thing`. + + - [ ] __Arguments_and_Attributes__: The HCL for arguments and attributes should + mimic the types and structs presented by the AWS API. API arguments should be + converted from `CamelCase` to `camel_case`. + - [ ] __Documentation__: Each resource gets a page in the Terraform + documentation. The [Terraform website][website] source is in this + repo and includes instructions for getting a local copy of the site up and + running if you'd like to preview your changes. For a resource, you'll want + to add a new file in the appropriate place and add a link to the sidebar for + that page. + - [ ] __Well-formed Code__: Do your best to follow existing conventions you + see in the codebase, and ensure your code is formatted with `go fmt`. (The + Travis CI build will fail if `go fmt` has not been run on incoming code.) + The PR reviewers can help out on this front, and may provide comments with + suggestions on how to improve the code. + - [ ] __Vendor updates__: Create a separate PR if you are adding to the vendor + folder. This is to avoid conflicts as the vendor versions tend to be fast- + moving targets. We will plan to merge the PR with this change first. + +## New Service + +Implementing a new AWS service gives Terraform the ability to manage resources in +a whole new API. It's a larger undertaking, but brings major new functionality +into Terraform. + +- [ ] __Service Client__: Before new resources are submitted, we request + a separate pull request containing just the new AWS Go SDK service client. + Doing so will pull the AWS Go SDK service code into the project at the + current version. Since the AWS Go SDK is updated frequently, these pull + requests can easily have merge conflicts or be out of date. The maintainers + prioritize reviewing and merging these quickly to prevent those situations. + + To add the AWS Go SDK service client: + + - In `aws/provider.go` Add a new service entry to `endpointServiceNames`. + This service name should match the AWS Go SDK or AWS CLI service name. + - In `aws/config.go`: Add a new import for the AWS Go SDK code. e.g. + `github.com/aws/aws-sdk-go/service/quicksight` + - In `aws/config.go`: Add a new `{SERVICE}conn` field to the `AWSClient` + struct for the service client. The service name should match the name + in `endpointServiceNames`. e.g. `quicksightconn *quicksight.QuickSight` + - In `aws/config.go`: Create the new service client in the `{SERVICE}conn` + field in the `AWSClient` instantiation within `Client()`. e.g. + `quicksightconn: quicksight.New(sess.Copy(&aws.Config{Endpoint: aws.String(c.Endpoints["quicksight"])})),` + - In `website/allowed-subcategories.txt`: Add a name acceptable for the documentation navigation. + - In `website/docs/guides/custom-service-endpoints.html.md`: Add the service + name in the list of customizable endpoints. + - In `.hashibot.hcl`: Add the new service to automated issue and pull request labeling. e.g. with the `quicksight` service + + ```hcl + behavior "regexp_issue_labeler_v2" "service_labels" { + # ... other configuration ... + + label_map = { + # ... other services ... + "service/quicksight" = [ + "aws_quicksight_", + ], + # ... other services ... + } + } + + behavior "pull_request_path_labeler" "service_labels" + # ... other configuration ... + + label_map = { + # ... other services ... + "service/quicksight" = [ + "**/*_quicksight_*", + "**/quicksight_*", + ], + # ... other services ... + } + } + ``` + + - Run the following then submit the pull request: + + ```sh + go test ./aws + go mod tidy + go mod vendor + ``` + +- [ ] __Initial Resource__: Some services can be big and it can be + difficult for both reviewer & author to go through long feedback cycles + on a big PR with many resources. Often feedback items in one resource + will also need to be applied in other resources. We prefer you to submit + the necessary minimum in a single PR, ideally **just the first resource** + of the service. + +The initial resource and changes afterwards should follow the other sections +of this guide as appropriate. + +## New Region + +While region validation is automatically added with SDK updates, new regions +are generally limited in which services they support. Below are some +manually sourced values from documentation. + + - [ ] Check [Elastic Load Balancing endpoints and quotas](https://docs.aws.amazon.com/general/latest/gr/elb.html#elb_region) and add Route53 Hosted Zone ID if available to `aws/data_source_aws_elb_hosted_zone_id.go` + - [ ] Check [Amazon Simple Storage Service endpoints and quotas](https://docs.aws.amazon.com/general/latest/gr/s3.html#s3_region) and add Route53 Hosted Zone ID if available to `aws/hosted_zones.go` + - [ ] Check [CloudTrail Supported Regions docs](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-supported-regions.html#cloudtrail-supported-regions) and add AWS Account ID if available to `aws/data_source_aws_cloudtrail_service_account.go` + - [ ] Check [Elastic Load Balancing Access Logs docs](https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/enable-access-logs.html#attach-bucket-policy) and add Elastic Load Balancing Account ID if available to `aws/data_source_aws_elb_service_account.go` + - [ ] Check [Redshift Database Audit Logging docs](https://docs.aws.amazon.com/redshift/latest/mgmt/db-auditing.html#db-auditing-bucket-permissions) and add AWS Account ID if available to `aws/data_source_aws_redshift_service_account.go` + - [ ] Check [AWS Elastic Beanstalk endpoints and quotas](https://docs.aws.amazon.com/general/latest/gr/elasticbeanstalk.html#elasticbeanstalk_region) and add Route53 Hosted Zone ID if available to `aws/data_source_aws_elastic_beanstalk_hosted_zone.go` \ No newline at end of file diff --git a/info/contributing/issue-reporting-and-lifecycle.md b/info/contributing/issue-reporting-and-lifecycle.md new file mode 100644 index 00000000000..98f029fd8ea --- /dev/null +++ b/info/contributing/issue-reporting-and-lifecycle.md @@ -0,0 +1,77 @@ +# Issue Reporting and Lifecycle + + + +- [Issue Reporting Checklists](#issue-reporting-checklists) + - [Bug Reports](https://github.com/terraform-providers/terraform-provider-aws/issues/new?template=Bug_Report.md) + - [Feature Requests](https://github.com/terraform-providers/terraform-provider-aws/issues/new?labels=enhancement&template=Feature_Request.md) + - [Questions](https://github.com/terraform-providers/terraform-provider-aws/issues/new?labels=question&template=Question.md) +- [Issue Lifecycle](#issue-lifecycle) + + + +## Issue Reporting Checklists + +We welcome issues of all kinds including feature requests, bug reports, and +general questions. Below you'll find checklists with guidelines for well-formed +issues of each type. + +### [Bug Reports](https://github.com/terraform-providers/terraform-provider-aws/issues/new?template=Bug_Report.md) + + - [ ] __Test against latest release__: Make sure you test against the latest + released version. It is possible we already fixed the bug you're experiencing. + + - [ ] __Search for possible duplicate reports__: It's helpful to keep bug + reports consolidated to one thread, so do a quick search on existing bug + reports to check if anybody else has reported the same thing. You can [scope + searches by the label "bug"](https://github.com/terraform-providers/terraform-provider-aws/issues?q=is%3Aopen+is%3Aissue+label%3Abug) to help narrow things down. + + - [ ] __Include steps to reproduce__: Provide steps to reproduce the issue, + along with your `.tf` files, with secrets removed, so we can try to + reproduce it. Without this, it makes it much harder to fix the issue. + + - [ ] __For panics, include `crash.log`__: If you experienced a panic, please + create a [gist](https://gist.github.com) of the *entire* generated crash log + for us to look at. Double check no sensitive items were in the log. + +### [Feature Requests](https://github.com/terraform-providers/terraform-provider-aws/issues/new?labels=enhancement&template=Feature_Request.md) + + - [ ] __Search for possible duplicate requests__: It's helpful to keep requests + consolidated to one thread, so do a quick search on existing requests to + check if anybody else has reported the same thing. You can [scope searches by + the label "enhancement"](https://github.com/terraform-providers/terraform-provider-aws/issues?q=is%3Aopen+is%3Aissue+label%3Aenhancement) to help narrow things down. + + - [ ] __Include a use case description__: In addition to describing the + behavior of the feature you'd like to see added, it's helpful to also lay + out the reason why the feature would be important and how it would benefit + Terraform users. + +### [Questions](https://github.com/terraform-providers/terraform-provider-aws/issues/new?labels=question&template=Question.md) + + - [ ] __Search for answers in Terraform documentation__: We're happy to answer + questions in GitHub Issues, but it helps reduce issue churn and maintainer + workload if you work to [find answers to common questions in the + documentation](https://www.terraform.io/docs/providers/aws/index.html). Oftentimes Question issues result in documentation updates + to help future users, so if you don't find an answer, you can give us + pointers for where you'd expect to see it in the docs. + +## Issue Lifecycle + +1. The issue is reported. + +2. The issue is verified and categorized by a Terraform collaborator. + Categorization is done via GitHub labels. We generally use a two-label + system of (1) issue/PR type, and (2) section of the codebase. Type is + one of "bug", "enhancement", "documentation", or "question", and section + is usually the AWS service name. + +3. An initial triage process determines whether the issue is critical and must + be addressed immediately, or can be left open for community discussion. + +4. The issue is addressed in a pull request or commit. The issue number will be + referenced in the commit message so that the code that fixes it is clearly + linked. + +5. The issue is closed. Sometimes, valid issues will be closed because they are + tracked elsewhere or non-actionable. The issue is still indexed and + available for future viewers, or can be re-opened if necessary. \ No newline at end of file diff --git a/info/contributing/pullrequest-submission-and-lifecycle.md b/info/contributing/pullrequest-submission-and-lifecycle.md new file mode 100644 index 00000000000..1608624805b --- /dev/null +++ b/info/contributing/pullrequest-submission-and-lifecycle.md @@ -0,0 +1,128 @@ +# Pull Request Submission and Lifecycle + +- [Pull Request Lifecycle](#pull-request-lifecycle) +- [Common Review Items](#common-review-items) + - [Go Coding Style](#go-coding-style) + - [Resource Contribution Guidelines](#resource-contribution-guidelines) + +We appreciate direct contributions to the provider codebase. Here's what to +expect: + + * For pull requests that follow the guidelines, we will proceed to reviewing + and merging, following the provider team's review schedule. There may be some + internal or community discussion needed before we can complete this. + * Pull requests that don't follow the guidelines will be commented with what + they're missing. The person who submits the pull request or another community + member will need to address those requests before they move forward. + +## Pull Request Lifecycle + +1. [Fork the GitHub repository](https://help.github.com/en/articles/fork-a-repo), + modify the code, and [create a pull request](https://help.github.com/en/articles/creating-a-pull-request-from-a-fork). + You are welcome to submit your pull request for commentary or review before + it is fully completed by creating a [draft pull request](https://help.github.com/en/articles/about-pull-requests#draft-pull-requests) + or adding `[WIP]` to the beginning of the pull request title. + Please include specific questions or items you'd like feedback on. + +1. Once you believe your pull request is ready to be reviewed, ensure the + pull request is not a draft pull request by [marking it ready for review](https://help.github.com/en/articles/changing-the-stage-of-a-pull-request) + or removing `[WIP]` from the pull request title if necessary, and a + maintainer will review it. Follow [the checklists below](#checklists-for-contribution) + to help ensure that your contribution can be easily reviewed and potentially + merged. + +1. One of Terraform's provider team members will look over your contribution and + either approve it or provide comments letting you know if there is anything + left to do. We do our best to keep up with the volume of PRs waiting for + review, but it may take some time depending on the complexity of the work. + +1. Once all outstanding comments and checklist items have been addressed, your + contribution will be merged! Merged PRs will be included in the next + Terraform release. The provider team takes care of updating the CHANGELOG as + they merge. + +1. In some cases, we might decide that a PR should be closed without merging. + We'll make sure to provide clear reasoning when this happens. + +## Common Review Items + +The Terraform AWS Provider follows common practices to ensure consistent and +reliable implementations across all resources in the project. While there may be +older resource and testing code that predates these guidelines, new submissions +are generally expected to adhere to these items to maintain Terraform Provider +quality. For any guidelines listed, contributors are encouraged to ask any +questions and community reviewers are encouraged to provide review suggestions +based on these guidelines to speed up the review and merge process. + +### Go Coding Style + +The following Go language resources provide common coding preferences that may be referenced during review, if not automatically handled by the project's linting tools. + +- [Effective Go](https://golang.org/doc/effective_go.html) +- [Go Code Review Comments](https://github.com/golang/go/wiki/CodeReviewComments) + +### Resource Contribution Guidelines + +The following resource checks need to be addressed before your contribution can be merged. The exclusion of any applicable check may result in a delayed time to merge. + +- [ ] __Passes Testing__: All code and documentation changes must pass unit testing, code linting, and website link testing. Resource code changes must pass all acceptance testing for the resource. +- [ ] __Avoids API Calls Across Account, Region, and Service Boundaries__: Resources should not implement cross-account, cross-region, or cross-service API calls. +- [ ] __Avoids Optional and Required for Non-Configurable Attributes__: Resource schema definitions for read-only attributes should not include `Optional: true` or `Required: true`. +- [ ] __Avoids resource.Retry() without resource.RetryableError()__: Resource logic should only implement [`resource.Retry()`](https://godoc.org/github.com/hashicorp/terraform/helper/resource#Retry) if there is a retryable condition (e.g. `return resource.RetryableError(err)`). +- [ ] __Avoids Resource Read Function in Data Source Read Function__: Data sources should fully implement their own resource `Read` functionality including duplicating `d.Set()` calls. +- [ ] __Avoids Reading Schema Structure in Resource Code__: The resource `Schema` should not be read in resource `Create`/`Read`/`Update`/`Delete` functions to perform looping or otherwise complex attribute logic. Use [`d.Get()`](https://godoc.org/github.com/hashicorp/terraform/helper/schema#ResourceData.Get) and [`d.Set()`](https://godoc.org/github.com/hashicorp/terraform/helper/schema#ResourceData.Set) directly with individual attributes instead. +- [ ] __Avoids ResourceData.GetOkExists()__: Resource logic should avoid using [`ResourceData.GetOkExists()`](https://godoc.org/github.com/hashicorp/terraform/helper/schema#ResourceData.GetOkExists) as its expected functionality is not guaranteed in all scenarios. +- [ ] __Implements Read After Create and Update__: Except where API eventual consistency prohibits immediate reading of resources or updated attributes, resource `Create` and `Update` functions should return the resource `Read` function. +- [ ] __Implements Immediate Resource ID Set During Create__: Immediately after calling the API creation function, the resource ID should be set with [`d.SetId()`](https://godoc.org/github.com/hashicorp/terraform/helper/schema#ResourceData.SetId) before other API operations or returning the `Read` function. +- [ ] __Implements Attribute Refreshes During Read__: All attributes available in the API should have [`d.Set()`](https://godoc.org/github.com/hashicorp/terraform/helper/schema#ResourceData.Set) called their values in the Terraform state during the `Read` function. +- [ ] __Implements Error Checks with Non-Primative Attribute Refreshes__: When using [`d.Set()`](https://godoc.org/github.com/hashicorp/terraform/helper/schema#ResourceData.Set) with non-primative types (`schema.TypeList`, `schema.TypeSet`, or `schema.TypeMap`), perform error checking to [prevent issues where the code is not properly able to refresh the Terraform state](https://www.terraform.io/docs/extend/best-practices/detecting-drift.html#error-checking-aggregate-types). +- [ ] __Implements Import Acceptance Testing and Documentation__: Support for resource import (`Importer` in resource schema) must include `ImportState` acceptance testing (see also the [Acceptance Testing Guidelines](#acceptance-testing-guidelines) below) and `## Import` section in resource documentation. +- [ ] __Implements Customizable Timeouts Documentation__: Support for customizable timeouts (`Timeouts` in resource schema) must include `## Timeouts` section in resource documentation. +- [ ] __Implements State Migration When Adding New Virtual Attribute__: For new "virtual" attributes (those only in Terraform and not in the API), the schema should implement [State Migration](https://www.terraform.io/docs/extend/resources.html#state-migrations) to prevent differences for existing configurations that upgrade. +- [ ] __Uses AWS Go SDK Constants__: Many AWS services provide string constants for value enumerations, error codes, and status types. See also the "Constants" sections under each of the service packages in the [AWS Go SDK documentation](https://docs.aws.amazon.com/sdk-for-go/api/). +- [ ] __Uses AWS Go SDK Pointer Conversion Functions__: Many APIs return pointer types and these functions return the zero value for the type if the pointer is `nil`. This prevents potential panics from unchecked `*` pointer dereferences and can eliminate boilerplate `nil` checking in many cases. See also the [`aws` package in the AWS Go SDK documentation](https://docs.aws.amazon.com/sdk-for-go/api/aws/). +- [ ] __Uses AWS Go SDK Types__: Use available SDK structs instead of implementing custom types with indirection. +- [ ] __Uses TypeList and MaxItems: 1__: Configuration block attributes (e.g. `Type: schema.TypeList` or `Type: schema.TypeSet` with `Elem: &schema.Resource{...}`) that can only have one block should use `Type: schema.TypeList` and `MaxItems: 1` in the schema definition. +- [ ] __Uses Existing Validation Functions__: Schema definitions including `ValidateFunc` for attribute validation should use available [Terraform `helper/validation` package](https://godoc.org/github.com/hashicorp/terraform/helper/validation) functions. `All()`/`Any()` can be used for combining multiple validation function behaviors. +- [ ] __Uses isResourceTimeoutError() with resource.Retry()__: Resource logic implementing [`resource.Retry()`](https://godoc.org/github.com/hashicorp/terraform/helper/resource#Retry) should error check with `isResourceTimeoutError(err error)` and potentially unset the error before returning the error. For example: + + ```go + var output *kms.CreateKeyOutput + err := resource.Retry(1*time.Minute, func() *resource.RetryError { + var err error + + output, err = conn.CreateKey(input) + + /* ... */ + + return nil + }) + + if isResourceTimeoutError(err) { + output, err = conn.CreateKey(input) + } + + if err != nil { + return fmt.Errorf("error creating KMS External Key: %s", err) + } + ``` + +- [ ] __Uses resource.NotFoundError__: Custom errors for missing resources should use [`resource.NotFoundError`](https://godoc.org/github.com/hashicorp/terraform/helper/resource#NotFoundError). +- [ ] __Uses resource.UniqueId()__: API fields for concurrency protection such as `CallerReference` and `IdempotencyToken` should use [`resource.UniqueId()`](https://godoc.org/github.com/hashicorp/terraform/helper/resource#UniqueId). The implementation includes a monotonic counter which is safer for concurrent operations than solutions such as `time.Now()`. +- [ ] __Skips Exists Function__: Implementing a resource `Exists` function is extraneous as it often duplicates resource `Read` functionality. Ensure `d.SetId("")` is used to appropriately trigger resource recreation in the resource `Read` function. +- [ ] __Skips id Attribute__: The `id` attribute is implicit for all Terraform resources and does not need to be defined in the schema. + +The below are style-based items that _may_ be noted during review and are recommended for simplicity, consistency, and quality assurance: + +- [ ] __Avoids CustomizeDiff__: Usage of `CustomizeDiff` is generally discouraged. +- [ ] __Implements Error Message Context__: Returning errors from resource `Create`, `Read`, `Update`, and `Delete` functions should include additional messaging about the location or cause of the error for operators and code maintainers by wrapping with [`fmt.Errorf()`](https://godoc.org/golang.org/x/exp/errors/fmt#Errorf). + - An example `Delete` API error: `return fmt.Errorf("error deleting {SERVICE} {THING} (%s): %s", d.Id(), err)` + - An example `d.Set()` error: `return fmt.Errorf("error setting {ATTRIBUTE}: %s", err)` +- [ ] __Implements arn Attribute__: APIs that return an Amazon Resource Name (ARN), should implement `arn` as an attribute. +- [ ] __Implements Warning Logging With Resource State Removal__: If a resource is removed outside of Terraform (e.g. via different tool, API, or web UI), `d.SetId("")` and `return nil` can be used in the resource `Read` function to trigger resource recreation. When this occurs, a warning log message should be printed beforehand: `log.Printf("[WARN] {SERVICE} {THING} (%s) not found, removing from state", d.Id())` +- [ ] __Uses isAWSErr() with AWS Go SDK Error Objects__: Use the available `isAWSErr(err error, code string, message string)` helper function instead of the `awserr` package to compare error code and message contents. +- [ ] __Uses %s fmt Verb with AWS Go SDK Objects__: AWS Go SDK objects implement `String()` so using the `%v`, `%#v`, or `%+v` fmt verbs with the object are extraneous or provide unhelpful detail. +- [ ] __Uses Elem with TypeMap__: While provider schema validation does not error when the `Elem` configuration is not present with `Type: schema.TypeMap` attributes, including the explicit `Elem: &schema.Schema{Type: schema.TypeString}` is recommended. +- [ ] __Uses American English for Attribute Naming__: For any ambiguity with attribute naming, prefer American English over British English. e.g. `color` instead of `colour`. +- [ ] __Skips Timestamp Attributes__: Generally, creation and modification dates from the API should be omitted from the schema. +- [ ] __Skips Error() Call with AWS Go SDK Error Objects__: Error objects do not need to have `Error()` called. \ No newline at end of file diff --git a/info/contributing/running-and-writing-acceptance-tests.md b/info/contributing/running-and-writing-acceptance-tests.md new file mode 100644 index 00000000000..7d419488676 --- /dev/null +++ b/info/contributing/running-and-writing-acceptance-tests.md @@ -0,0 +1,439 @@ +# Running and Writing Acceptance Tests + + - [Acceptance Tests Often Cost Money to Run](#acceptance-tests-often-cost-money-to-run) + - [Running an Acceptance Test](#running-an-acceptance-test) + - [Writing an Acceptance Test](#writing-an-acceptance-test) + - [Writing and running Cross-Account Acceptance Tests](#writing-and-running-cross-account-acceptance-tests) + - [Writing and running Cross-Region Acceptance Tests](#writing-and-running-cross-region-acceptance-tests) + - [Acceptance Test Checklist](#acceptance-test-checklist) + +Terraform includes an acceptance test harness that does most of the repetitive +work involved in testing a resource. For additional information about testing +Terraform Providers, see the [Extending Terraform documentation](https://www.terraform.io/docs/extend/testing/index.html). + +## Acceptance Tests Often Cost Money to Run + +Because acceptance tests create real resources, they often cost money to run. +Because the resources only exist for a short period of time, the total amount +of money required is usually a relatively small. Nevertheless, we don't want +financial limitations to be a barrier to contribution, so if you are unable to +pay to run acceptance tests for your contribution, mention this in your +pull request. We will happily accept "best effort" implementations of +acceptance tests and run them for you on our side. This might mean that your PR +takes a bit longer to merge, but it most definitely is not a blocker for +contributions. + +## Running an Acceptance Test + +Acceptance tests can be run using the `testacc` target in the Terraform +`Makefile`. The individual tests to run can be controlled using a regular +expression. Prior to running the tests provider configuration details such as +access keys must be made available as environment variables. + +For example, to run an acceptance test against the Amazon Web Services +provider, the following environment variables must be set: + +```sh +# Using a profile +export AWS_PROFILE=... +# Otherwise +export AWS_ACCESS_KEY_ID=... +export AWS_SECRET_ACCESS_KEY=... +export AWS_DEFAULT_REGION=... +``` + +Please note that the default region for the testing is `us-west-2` and must be +overriden via the `AWS_DEFAULT_REGION` environment variable, if necessary. This +is especially important for testing AWS GovCloud (US), which requires: + +```sh +export AWS_DEFAULT_REGION=us-gov-west-1 +``` + +Tests can then be run by specifying the target provider and a regular +expression defining the tests to run: + +```sh +$ make testacc TEST=./aws TESTARGS='-run=TestAccAWSCloudWatchDashboard_update' +==> Checking that code complies with gofmt requirements... +TF_ACC=1 go test ./aws -v -run=TestAccAWSCloudWatchDashboard_update -timeout 120m +=== RUN TestAccAWSCloudWatchDashboard_update +--- PASS: TestAccAWSCloudWatchDashboard_update (26.56s) +PASS +ok github.com/terraform-providers/terraform-provider-aws/aws 26.607s +``` + +Entire resource test suites can be targeted by using the naming convention to +write the regular expression. For example, to run all tests of the +`aws_cloudwatch_dashboard` resource rather than just the update test, you can start +testing like this: + +```sh +$ make testacc TEST=./aws TESTARGS='-run=TestAccAWSCloudWatchDashboard' +==> Checking that code complies with gofmt requirements... +TF_ACC=1 go test ./aws -v -run=TestAccAWSCloudWatchDashboard -timeout 120m +=== RUN TestAccAWSCloudWatchDashboard_importBasic +--- PASS: TestAccAWSCloudWatchDashboard_importBasic (15.06s) +=== RUN TestAccAWSCloudWatchDashboard_basic +--- PASS: TestAccAWSCloudWatchDashboard_basic (12.70s) +=== RUN TestAccAWSCloudWatchDashboard_update +--- PASS: TestAccAWSCloudWatchDashboard_update (27.81s) +PASS +ok github.com/terraform-providers/terraform-provider-aws/aws 55.619s +``` + +Please Note: On macOS 10.14 and later (and some Linux distributions), the default user open file limit is 256. This may cause unexpected issues when running the acceptance testing since this can prevent various operations from occurring such as opening network connections to AWS. To view this limit, the `ulimit -n` command can be run. To update this limit, run `ulimit -n 1024` (or higher). + +## Writing an Acceptance Test + +Terraform has a framework for writing acceptance tests which minimises the +amount of boilerplate code necessary to use common testing patterns. The entry +point to the framework is the `resource.ParallelTest()` function. + +Tests are divided into `TestStep`s. Each `TestStep` proceeds by applying some +Terraform configuration using the provider under test, and then verifying that +results are as expected by making assertions using the provider API. It is +common for a single test function to exercise both the creation of and updates +to a single resource. Most tests follow a similar structure. + +1. Pre-flight checks are made to ensure that sufficient provider configuration + is available to be able to proceed - for example in an acceptance test + targeting AWS, `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY` must be set prior + to running acceptance tests. This is common to all tests exercising a single + provider. + +Each `TestStep` is defined in the call to `resource.ParallelTest()`. Most assertion +functions are defined out of band with the tests. This keeps the tests +readable, and allows reuse of assertion functions across different tests of the +same type of resource. The definition of a complete test looks like this: + +```go +func TestAccAWSCloudWatchDashboard_basic(t *testing.T) { + var dashboard cloudwatch.GetDashboardOutput + rInt := acctest.RandInt() + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSCloudWatchDashboardDestroy, + Steps: []resource.TestStep{ + { + Config: testAccAWSCloudWatchDashboardConfig(rInt), + Check: resource.ComposeTestCheckFunc( + testAccCheckCloudWatchDashboardExists("aws_cloudwatch_dashboard.foobar", &dashboard), + resource.TestCheckResourceAttr("aws_cloudwatch_dashboard.foobar", "dashboard_name", testAccAWSCloudWatchDashboardName(rInt)), + ), + }, + }, + }) +} +``` + +When executing the test, the following steps are taken for each `TestStep`: + +1. The Terraform configuration required for the test is applied. This is + responsible for configuring the resource under test, and any dependencies it + may have. For example, to test the `aws_cloudwatch_dashboard` resource, a valid configuration with the requisite fields is required. This results in configuration which looks like this: + + ```hcl + resource "aws_cloudwatch_dashboard" "foobar" { + dashboard_name = "terraform-test-dashboard-%d" + dashboard_body = < Date: Thu, 7 May 2020 21:54:56 -0400 Subject: [PATCH 063/475] Update module bflad/tfproviderdocs to v0.5.3 (#13225) Co-authored-by: Renovate Bot --- go.mod | 2 +- go.sum | 4 ++-- vendor/github.com/bflad/tfproviderdocs/.gitignore | 1 + vendor/github.com/bflad/tfproviderdocs/CHANGELOG.md | 6 ++++++ .../github.com/bflad/tfproviderdocs/check/directory.go | 10 +++++++++- .../check/sidenavigation/sidenavigation.go | 2 +- .../github.com/bflad/tfproviderdocs/version/version.go | 2 +- vendor/modules.txt | 2 +- 8 files changed, 22 insertions(+), 7 deletions(-) diff --git a/go.mod b/go.mod index 120bddb6b06..fe28e1d0016 100644 --- a/go.mod +++ b/go.mod @@ -5,7 +5,7 @@ go 1.13 require ( github.com/aws/aws-sdk-go v1.30.21 github.com/beevik/etree v1.1.0 - github.com/bflad/tfproviderdocs v0.5.2 + github.com/bflad/tfproviderdocs v0.5.3 github.com/bflad/tfproviderlint v0.14.0 github.com/client9/misspell v0.3.4 github.com/golangci/golangci-lint v1.26.0 diff --git a/go.sum b/go.sum index bc78c6c6174..63b3b715bd3 100644 --- a/go.sum +++ b/go.sum @@ -47,8 +47,8 @@ github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24 github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8= github.com/bflad/gopaniccheck v0.1.0 h1:tJftp+bv42ouERmUMWLoUn/5bi/iQZjHPznM00cP/bU= github.com/bflad/gopaniccheck v0.1.0/go.mod h1:ZCj2vSr7EqVeDaqVsWN4n2MwdROx1YL+LFo47TSWtsA= -github.com/bflad/tfproviderdocs v0.5.2 h1:iQoJJTXYcd9eVuWICK6gBNSYcy4FCS2ZdhwiH/iLfq8= -github.com/bflad/tfproviderdocs v0.5.2/go.mod h1:d0k1fQLEu1pdeORxozwuwmvauFaEmMBREQ1fw3J+pPc= +github.com/bflad/tfproviderdocs v0.5.3 h1:0JozhslEaLujgTnV6OdljbFiT/FCponx5hruFSkizGk= +github.com/bflad/tfproviderdocs v0.5.3/go.mod h1:d0k1fQLEu1pdeORxozwuwmvauFaEmMBREQ1fw3J+pPc= github.com/bflad/tfproviderlint v0.14.0 h1:iki5tDr4l0jp0zEL0chZylptMT5QdE09E60cziFQNZA= github.com/bflad/tfproviderlint v0.14.0/go.mod h1:1Jtjs6DPKoyqPrbPyMiy33h0ViO2h831uzoOuikCA60= github.com/bgentry/go-netrc v0.0.0-20140422174119-9fd32a8b3d3d h1:xDfNPAt8lFiC1UJrqV3uuy861HCTo708pDMbjHHdCas= diff --git a/vendor/github.com/bflad/tfproviderdocs/.gitignore b/vendor/github.com/bflad/tfproviderdocs/.gitignore index 560afc14739..b7c5ec8050d 100644 --- a/vendor/github.com/bflad/tfproviderdocs/.gitignore +++ b/vendor/github.com/bflad/tfproviderdocs/.gitignore @@ -3,3 +3,4 @@ .idea/ .vscode/ dist/ +RELEASE-NOTES.md diff --git a/vendor/github.com/bflad/tfproviderdocs/CHANGELOG.md b/vendor/github.com/bflad/tfproviderdocs/CHANGELOG.md index 4a88a5e8c01..515bfc5325e 100644 --- a/vendor/github.com/bflad/tfproviderdocs/CHANGELOG.md +++ b/vendor/github.com/bflad/tfproviderdocs/CHANGELOG.md @@ -1,3 +1,9 @@ +# v0.5.3 + +BUG FIXES + +* check: Prevent additional errors when `docs/` contains files outside Terraform Provider documentation + # v0.5.2 BUG FIXES diff --git a/vendor/github.com/bflad/tfproviderdocs/check/directory.go b/vendor/github.com/bflad/tfproviderdocs/check/directory.go index 0fa488fd46e..aa3738e1e73 100644 --- a/vendor/github.com/bflad/tfproviderdocs/check/directory.go +++ b/vendor/github.com/bflad/tfproviderdocs/check/directory.go @@ -9,7 +9,7 @@ import ( ) const ( - DocumentationGlobPattern = `{docs,website/docs}/**/*` + DocumentationGlobPattern = `{docs/index.md,docs/{data-sources,guides,resources},website/docs}/**/*` LegacyIndexDirectory = `website/docs` LegacyDataSourcesDirectory = `website/docs/d` @@ -127,6 +127,14 @@ func GetDirectories(basepath string) (map[string][]string, error) { } directory := filepath.Dir(file) + + // Skip handling of docs/ files except index.md + // if directory == RegistryIndexDirectory && filepath.Base(file) != "index.md" { + // continue + // } + + // Skip handling of docs/** outside valid Registry Directories + directories[directory] = append(directories[directory], file) } diff --git a/vendor/github.com/bflad/tfproviderdocs/check/sidenavigation/sidenavigation.go b/vendor/github.com/bflad/tfproviderdocs/check/sidenavigation/sidenavigation.go index 7cf27416694..e64fb7d8c95 100644 --- a/vendor/github.com/bflad/tfproviderdocs/check/sidenavigation/sidenavigation.go +++ b/vendor/github.com/bflad/tfproviderdocs/check/sidenavigation/sidenavigation.go @@ -48,7 +48,7 @@ func FindFile(path string) (*SideNavigation, error) { fileContents, err := ioutil.ReadFile(path) if err != nil { - log.Fatalf("error opening file (%s): %w", path, err) + log.Fatalf("error opening file (%s): %s", path, err) } return FindString(string(fileContents)) diff --git a/vendor/github.com/bflad/tfproviderdocs/version/version.go b/vendor/github.com/bflad/tfproviderdocs/version/version.go index 1bdf10bbfe9..97f2848c8b4 100644 --- a/vendor/github.com/bflad/tfproviderdocs/version/version.go +++ b/vendor/github.com/bflad/tfproviderdocs/version/version.go @@ -11,7 +11,7 @@ var ( GitDescribe string // The main version number that is being run at the moment. - Version = "0.5.2" + Version = "0.5.3" // A pre-release marker for the version. If this is "" (empty string) // then it means that it is a final release. Otherwise, this is a pre-release diff --git a/vendor/modules.txt b/vendor/modules.txt index db362e04db2..1e0da311f48 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -215,7 +215,7 @@ github.com/bflad/gopaniccheck/passes/logpaniccallexpr github.com/bflad/gopaniccheck/passes/logpanicfcallexpr github.com/bflad/gopaniccheck/passes/logpaniclncallexpr github.com/bflad/gopaniccheck/passes/paniccallexpr -# github.com/bflad/tfproviderdocs v0.5.2 +# github.com/bflad/tfproviderdocs v0.5.3 github.com/bflad/tfproviderdocs github.com/bflad/tfproviderdocs/check github.com/bflad/tfproviderdocs/check/sidenavigation From 11577bb5501b5f0dd93ada2ae7f2c2d34ea6afc8 Mon Sep 17 00:00:00 2001 From: Simon Davis Date: Thu, 7 May 2020 18:55:27 -0700 Subject: [PATCH 064/475] add link to the label dictionary --- info/MAINTAINING.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/info/MAINTAINING.md b/info/MAINTAINING.md index a70c5f4ca84..867ce11b159 100644 --- a/info/MAINTAINING.md +++ b/info/MAINTAINING.md @@ -19,7 +19,7 @@ ## Triage -Incoming issues are classified using labels. These are assigned either by automation, or manually during the triage process. At a minimum tickets should be classified by type and by the area of the provider they affect. +Incoming issues are classified using labels. These are assigned either by automation, or manually during the triage process. At a minimum tickets should be classified by type and by the area of the provider they affect. A full listing of the labels and how they are used can be found in the [Label Dictionary](#label-dictionary) ## Pull Requests From 5c1cafdffd4b9c57f59dcf56c6f7029b4a85b2a2 Mon Sep 17 00:00:00 2001 From: Simon Davis Date: Thu, 7 May 2020 20:08:35 -0700 Subject: [PATCH 065/475] some FAQ changes --- info/FAQ.md | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/info/FAQ.md b/info/FAQ.md index 4ca45b5b256..43bdaad89ec 100644 --- a/info/FAQ.md +++ b/info/FAQ.md @@ -13,12 +13,14 @@ The HashiCorp Terraform AWS provider team is : ### Why isn’t my PR merged yet? -Unfortunately, due to the volume of issues and new pull requests we receive, we are unable to give each one the full attention that we would like. We always focus on the contributions that provide the most value to the most community members. +Unfortunately, due to the volume of issues and new pull requests we receive, we are unable to give each one the full attention that we would like. We always focus on the contributions that provide the greatest value to the most community members. ### How do you decide what gets merged for each release? The number one factor we look at when deciding what issues to look at are your reactions, comments, and upvotes on the issues or PR’s. The items with the most support are always on our radar, and we commit to keep the community updated on their status and potential timelines. +We publish a [roadmap](../ROADMAP.md) every quarter which describes major themes or specific product areas of focus. + We also are investing time to improve the contributing experience by improving documentation, adding more linter coverage to ensure that incoming PR's can be in as good shape as possible. This will allow us to get through them quicker. ### How often do you release? @@ -58,7 +60,7 @@ provider "aws" { ### How can I help? -Great question, if you have contributed before check out issues with the `help-wanted` label. These are normally issues with support, but we are currently unable to field resources to work on. If you are just getting started, take a look at issues with the `good-first-issue` label. Items with these labels will always be given priority for response. +Great question, if you have contributed before check out issues with the `help-wanted` label. These are normally features which we want to support, but we are currently unable to field resources to work on. If you are just getting started, take a look at issues with the `good-first-issue` label. Items with these labels will always be given priority for response. ### How can I become a maintainer? From 565152f88741dd6d9c8a8c8f8c6f136258ba848b Mon Sep 17 00:00:00 2001 From: Simon Davis Date: Thu, 7 May 2020 20:15:44 -0700 Subject: [PATCH 066/475] Update info/FAQ.md Co-authored-by: Brian Flad --- info/FAQ.md | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/info/FAQ.md b/info/FAQ.md index 43bdaad89ec..c28b1824bb9 100644 --- a/info/FAQ.md +++ b/info/FAQ.md @@ -47,8 +47,11 @@ Error: error validating provider credentials: error calling sts:GetCallerIdentit on main.tf line 1, in provider "aws": 1: provider "aws" { +``` To use this new region before support has been added to the Terraform AWS Provider, you can disable the provider's automatic region validation via: + +```hcl provider "aws" { # ... potentially other configuration ... @@ -64,4 +67,4 @@ Great question, if you have contributed before check out issues with the `help-w ### How can I become a maintainer? -This is an area under active research. Stay tuned! \ No newline at end of file +This is an area under active research. Stay tuned! From c874930731eb7f08151a0ef467c623567aad49f7 Mon Sep 17 00:00:00 2001 From: Simon Davis Date: Thu, 7 May 2020 20:16:15 -0700 Subject: [PATCH 067/475] Update info/MAINTAINING.md Co-authored-by: Brian Flad --- info/MAINTAINING.md | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/info/MAINTAINING.md b/info/MAINTAINING.md index 867ce11b159..7ee79e7b2f2 100644 --- a/info/MAINTAINING.md +++ b/info/MAINTAINING.md @@ -332,8 +332,7 @@ The CHANGELOG is intended to show operator-impacting changes to the codebase for | ![service <*>][service-badge] | Indicates the service that is covered or introduced (i.e. service/s3) | Added by Hashibot when the code change matches a service definition in `.hashibot.hcl`. | ![size%2F<*>][size-badge] | Managed by automation to categorize the size of a PR | Added by Hashibot to indicate the size of the PR. | | [![stale][stale-badge]][stale] | Old or inactive issues managed by automation, if no further action taken these will get closed. | Added by a Github Action, configuration is found: `.github/workflows/stale.yml`. | -| [![technical-debt][technical-debt-badge]][technical-debt] | -Addresses areas of the codebase that need refactoring or redesign. | None| +| [![technical-debt][technical-debt-badge]][technical-debt] | Addresses areas of the codebase that need refactoring or redesign. | None | | [![tests][tests-badge]][tests] | On a PR this indicates expanded test coverage. On an Issue this proposes expanded coverage or enhancement to test infrastructure. | None | | [![thinking][thinking-badge]][thinking] | Requires additional research by the maintainers. | None | | [![upstream-terraform][upstream-terraform-badge]][upstream-terraform] | Addresses functionality related to the Terraform core binary. | None | From 990b8e4062660c85e9cc76ea9d42b4d2df7d950c Mon Sep 17 00:00:00 2001 From: Simon Davis Date: Thu, 7 May 2020 20:20:13 -0700 Subject: [PATCH 068/475] fix waiting response tag link --- info/MAINTAINING.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/info/MAINTAINING.md b/info/MAINTAINING.md index 7ee79e7b2f2..b8f9fa8767b 100644 --- a/info/MAINTAINING.md +++ b/info/MAINTAINING.md @@ -19,7 +19,7 @@ ## Triage -Incoming issues are classified using labels. These are assigned either by automation, or manually during the triage process. At a minimum tickets should be classified by type and by the area of the provider they affect. A full listing of the labels and how they are used can be found in the [Label Dictionary](#label-dictionary) +Incoming issues are classified using labels. These are assigned either by automation, or manually during the triage process. At a minimum tickets should be classified by type and by the area of the provider they affect. A full listing of the labels and how they are used can be found in the [Label Dictionary](#label-dictionary). ## Pull Requests @@ -337,7 +337,7 @@ The CHANGELOG is intended to show operator-impacting changes to the codebase for | [![thinking][thinking-badge]][thinking] | Requires additional research by the maintainers. | None | | [![upstream-terraform][upstream-terraform-badge]][upstream-terraform] | Addresses functionality related to the Terraform core binary. | None | | [![upstream][upstream-badge]][upstream] | Addresses functionality related to the cloud provider. | None | -| [![waiting-response](https://img.shields.io/badge/waiting--response-5319e7)](https://github.com/terraform-providers/terraform-provider-aws/labels/waiting-response) | Addresses functionality related to the cloud provider. | None | +| [![waiting-response][waiting-response-badge]][waiting-response] | Addresses functionality related to the cloud provider. | None | [breaking-change-badge]: https://img.shields.io/badge/breaking--change-d93f0b [breaking-change]: https://github.com/terraform-providers/terraform-provider-aws/labels/breaking-change @@ -389,5 +389,5 @@ The CHANGELOG is intended to show operator-impacting changes to the codebase for [upstream-terraform]: https://github.com/terraform-providers/terraform-provider-aws/labels/upstream-terraform [upstream-badge]: https://img.shields.io/badge/upstream-fad8c7 [upstream]: https://github.com/terraform-providers/terraform-provider-aws/labels/upstream -[waiting-response-badge]: https://img.shields.io/badge/waiting-response-bfd4f2 +[waiting-response-badge]: https://img.shields.io/badge/waiting--response-5319e7 [waiting-response]: https://github.com/terraform-providers/terraform-provider-aws/labels/waiting-response From a19c634ecf986ab5f91789e1030a5ebabbf8750c Mon Sep 17 00:00:00 2001 From: Simon Davis Date: Thu, 7 May 2020 20:26:04 -0700 Subject: [PATCH 069/475] Update info/contributing/contribution-checklists.md Co-authored-by: Brian Flad --- info/contributing/contribution-checklists.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/info/contributing/contribution-checklists.md b/info/contributing/contribution-checklists.md index 8da282e2eb6..d29e1394d57 100644 --- a/info/contributing/contribution-checklists.md +++ b/info/contributing/contribution-checklists.md @@ -506,6 +506,7 @@ into Terraform. - In `website/allowed-subcategories.txt`: Add a name acceptable for the documentation navigation. - In `website/docs/guides/custom-service-endpoints.html.md`: Add the service name in the list of customizable endpoints. + - In `infrastructure/repository/labels-service.tf`: Add the new service to create a repository label. - In `.hashibot.hcl`: Add the new service to automated issue and pull request labeling. e.g. with the `quicksight` service ```hcl @@ -564,4 +565,4 @@ manually sourced values from documentation. - [ ] Check [CloudTrail Supported Regions docs](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-supported-regions.html#cloudtrail-supported-regions) and add AWS Account ID if available to `aws/data_source_aws_cloudtrail_service_account.go` - [ ] Check [Elastic Load Balancing Access Logs docs](https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/enable-access-logs.html#attach-bucket-policy) and add Elastic Load Balancing Account ID if available to `aws/data_source_aws_elb_service_account.go` - [ ] Check [Redshift Database Audit Logging docs](https://docs.aws.amazon.com/redshift/latest/mgmt/db-auditing.html#db-auditing-bucket-permissions) and add AWS Account ID if available to `aws/data_source_aws_redshift_service_account.go` - - [ ] Check [AWS Elastic Beanstalk endpoints and quotas](https://docs.aws.amazon.com/general/latest/gr/elasticbeanstalk.html#elasticbeanstalk_region) and add Route53 Hosted Zone ID if available to `aws/data_source_aws_elastic_beanstalk_hosted_zone.go` \ No newline at end of file + - [ ] Check [AWS Elastic Beanstalk endpoints and quotas](https://docs.aws.amazon.com/general/latest/gr/elasticbeanstalk.html#elasticbeanstalk_region) and add Route53 Hosted Zone ID if available to `aws/data_source_aws_elastic_beanstalk_hosted_zone.go` From 7e1db5a0748b0871dd6551f98f0e548124de33e5 Mon Sep 17 00:00:00 2001 From: Simon Davis Date: Thu, 7 May 2020 20:26:43 -0700 Subject: [PATCH 070/475] Update info/FAQ.md Co-authored-by: Brian Flad --- info/FAQ.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/info/FAQ.md b/info/FAQ.md index c28b1824bb9..9e2d1fd4eab 100644 --- a/info/FAQ.md +++ b/info/FAQ.md @@ -29,7 +29,9 @@ We release weekly on Thursday. We release often to ensure we can bring value to ### Backward Compatibility Promise -Our policy is described on the Terraform website [here](https://www.terraform.io/docs/extend/best-practices/versioning.html). +Our policy is described on the Terraform website [here](https://www.terraform.io/docs/extend/best-practices/versioning.html). While we do our best to prevent breaking changes until major version releases of the provider, it is generally recommended to [pin the provider version in your configuration](https://www.terraform.io/docs/configuration/providers.html#provider-versions). + +Due to the constant release pace of AWS and the relatively infrequent major version releases of the provider, there can be cases where a minor version update may contain unexpected changes depending on your configuration or environment. These may include items such as a resource requiring additional IAM permissions to support newer functionality. We typically base these decisions on a pragmatic compromise between introducing a relatively minor one-time inconvenience for a subset of the community versus better overall user experience for the entire community. ### AWS just announced a new region, when will I see it in the provider. From 5f84a958c3a49ee7be18aeaf7e5dffa8c6c704ba Mon Sep 17 00:00:00 2001 From: Simon Davis Date: Thu, 7 May 2020 20:27:56 -0700 Subject: [PATCH 071/475] code review fixes --- info/FAQ.md | 4 +++- info/MAINTAINING.md | 6 +++--- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/info/FAQ.md b/info/FAQ.md index c28b1824bb9..e62b6e3a27b 100644 --- a/info/FAQ.md +++ b/info/FAQ.md @@ -63,7 +63,9 @@ provider "aws" { ### How can I help? -Great question, if you have contributed before check out issues with the `help-wanted` label. These are normally features which we want to support, but we are currently unable to field resources to work on. If you are just getting started, take a look at issues with the `good-first-issue` label. Items with these labels will always be given priority for response. +Great question, if you have contributed before check out issues with the `help-wanted` label. These are normally enhancement issues that will have a great impact, but the maintainers are unable to develop them in the near future. If you are just getting started, take a look at issues with the `good-first-issue` label. Items with these labels will always be given priority for response. + +Check out the [Contributing Guide](CONTRIBUTING.md) for additional information. ### How can I become a maintainer? diff --git a/info/MAINTAINING.md b/info/MAINTAINING.md index b8f9fa8767b..3bf4e6baec7 100644 --- a/info/MAINTAINING.md +++ b/info/MAINTAINING.md @@ -314,14 +314,14 @@ The CHANGELOG is intended to show operator-impacting changes to the codebase for | [![breaking-change][breaking-change-badge]][breaking-change]                                    | Introduces a breaking change in current functionality; breaking changes are usually deferred to the next major release. | None | | [![bug][bug-badge]][bug] | Addresses a defect in current functionality. | None | | [![crash][crash-badge]][crash] | Results from or addresses a Terraform crash or kernel panic. | None | -| [![dependencies][dependencies-badge]][dependencies] | Used to indicate a dependency version update. | Added by the Renovate bot. Configuration is found in the `renovate.json` file. | +| [![dependencies][dependencies-badge]][dependencies] | Used to indicate dependency or vendoring changes. | Added by Hashibot. | | [![documentation][documentation-badge]][documentation] | Introduces or discusses updates to documentation. | None | | [![enhancement][enhancement-badge]][enhancement] | Requests to existing resources that expand the functionality or scope. | None | | [![good first issue][good-first-issue-badge]][good-first-issue] | Call to action for new contributors looking for a place to start. Smaller or straightforward issues. | None | | [![hacktoberfest][hacktoberfest-badge]][hacktoberfest] | Call to action for Hacktoberfest (OSS Initiative). | None | | [![hashibot ignore][hashibot-ignore-badge]][hashibot-ignore] | Issues or PRs labelled with this are ignored by Hashibot. | None | | [![help wanted][help-wanted-badge]][help-wanted] | Call to action for contributors. Indicates an area of the codebase we’d like to expand/work on but don’t have the bandwidth inside the team. | None | -| [![needs-triage][needs-triage-badge]][needs-triage] | Waiting for first response or review from a maintainer. | Added to all new issues or PRs by GitHub action in `.github/workflows/issues.yml` unless they were submitted by a maintainer. | +| [![needs-triage][needs-triage-badge]][needs-triage] | Waiting for first response or review from a maintainer. | Added to all new issues or PRs by GitHub action in `.github/workflows/issues.yml` or PRs by Hashibot in `.hashibot.hcl` unless they were submitted by a maintainer. | | [![new-data-source][new-data-source-badge]][new-data-source] | Introduces a new data source. | None | | [![new-resource][new-resource-badge]][new-resource] | Introduces a new resrouce. | None | | [![proposal][proposal-badge]][proposal] | Proposes new design or functionality. | None | @@ -337,7 +337,7 @@ The CHANGELOG is intended to show operator-impacting changes to the codebase for | [![thinking][thinking-badge]][thinking] | Requires additional research by the maintainers. | None | | [![upstream-terraform][upstream-terraform-badge]][upstream-terraform] | Addresses functionality related to the Terraform core binary. | None | | [![upstream][upstream-badge]][upstream] | Addresses functionality related to the cloud provider. | None | -| [![waiting-response][waiting-response-badge]][waiting-response] | Addresses functionality related to the cloud provider. | None | +| [![waiting-response][waiting-response-badge]][waiting-response] | Maintainers are waiting on response from community or contributor. | None | [breaking-change-badge]: https://img.shields.io/badge/breaking--change-d93f0b [breaking-change]: https://github.com/terraform-providers/terraform-provider-aws/labels/breaking-change From 1e58589b9332370d54f93aefa93c50df7c5f530d Mon Sep 17 00:00:00 2001 From: Simon Davis Date: Thu, 7 May 2020 20:30:24 -0700 Subject: [PATCH 072/475] FAQ revision --- info/FAQ.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/info/FAQ.md b/info/FAQ.md index 69566cdfc4c..daf43af1edf 100644 --- a/info/FAQ.md +++ b/info/FAQ.md @@ -17,7 +17,7 @@ Unfortunately, due to the volume of issues and new pull requests we receive, we ### How do you decide what gets merged for each release? -The number one factor we look at when deciding what issues to look at are your reactions, comments, and upvotes on the issues or PR’s. The items with the most support are always on our radar, and we commit to keep the community updated on their status and potential timelines. +The number one factor we look at when deciding what issues to look at are your 👍 [reactions](https://blog.github.com/2016-03-10-add-reactions-to-pull-requests-issues-and-comments/) to the original issue/PR description as these can be easily discovered. Comments that further explain desired use cases or poor user experience are also heavily factored. The items with the most support are always on our radar, and we commit to keep the community updated on their status and potential timelines. We publish a [roadmap](../ROADMAP.md) every quarter which describes major themes or specific product areas of focus. From 2e44671f325ec1154f1d908eaa83854c1cb2f55f Mon Sep 17 00:00:00 2001 From: Simon Davis Date: Thu, 7 May 2020 20:36:40 -0700 Subject: [PATCH 073/475] info > docs --- README.md | 6 +++--- {info => docs}/CONTRIBUTING.md | 0 {info => docs}/CORE_SERVICES.md | 0 {info => docs}/DEVELOPMENT.md | 2 +- {info => docs}/FAQ.md | 0 {info => docs}/MAINTAINING.md | 0 {info => docs}/contributing/contribution-checklists.md | 0 .../contributing/issue-reporting-and-lifecycle.md | 0 .../contributing/pullrequest-submission-and-lifecycle.md | 0 .../contributing/running-and-writing-acceptance-tests.md | 0 10 files changed, 4 insertions(+), 4 deletions(-) rename {info => docs}/CONTRIBUTING.md (100%) rename {info => docs}/CORE_SERVICES.md (100%) rename {info => docs}/DEVELOPMENT.md (87%) rename {info => docs}/FAQ.md (100%) rename {info => docs}/MAINTAINING.md (100%) rename {info => docs}/contributing/contribution-checklists.md (100%) rename {info => docs}/contributing/issue-reporting-and-lifecycle.md (100%) rename {info => docs}/contributing/pullrequest-submission-and-lifecycle.md (100%) rename {info => docs}/contributing/running-and-writing-acceptance-tests.md (100%) diff --git a/README.md b/README.md index cf02d4ddf61..45fb5e8cedb 100644 --- a/README.md +++ b/README.md @@ -30,7 +30,7 @@ Please note: We take Terraform's security and our users' trust very seriously. I ## Quick Starts - [Using the provider](https://www.terraform.io/docs/providers/aws/index.html) -- [Provider development](info/DEVELOPMENT.md) +- [Provider development](docs/DEVELOPMENT.md) ## Documentation @@ -44,10 +44,10 @@ Our roadmap for expanding support in Terraform for AWS resources can be found in ## Frequently Asked Questions -Responses to our most frequently asked questions can be found in our [FAQ](info/FAQ.md ) +Responses to our most frequently asked questions can be found in our [FAQ](docs/FAQ.md ) ## Contributing The Terraform AWS Provider is the work of thousands of contributors. We appreciate your help! -To contribute, please read the contribution guidelines: [Contributing to Terraform - AWS Provider](info/CONTRIBUTING.md) \ No newline at end of file +To contribute, please read the contribution guidelines: [Contributing to Terraform - AWS Provider](docs/CONTRIBUTING.md) \ No newline at end of file diff --git a/info/CONTRIBUTING.md b/docs/CONTRIBUTING.md similarity index 100% rename from info/CONTRIBUTING.md rename to docs/CONTRIBUTING.md diff --git a/info/CORE_SERVICES.md b/docs/CORE_SERVICES.md similarity index 100% rename from info/CORE_SERVICES.md rename to docs/CORE_SERVICES.md diff --git a/info/DEVELOPMENT.md b/docs/DEVELOPMENT.md similarity index 87% rename from info/DEVELOPMENT.md rename to docs/DEVELOPMENT.md index 0a1bf4ee5c2..017f1706f19 100644 --- a/info/DEVELOPMENT.md +++ b/docs/DEVELOPMENT.md @@ -46,7 +46,7 @@ $ make test In order to run the full suite of Acceptance tests, run `make testacc`. -*Note:* Acceptance tests create real resources, and often cost money to run. Please read [Running an Acceptance Test](https://github.com/terraform-providers/terraform-provider-aws/blob/master/.github/CONTRIBUTING.md#running-an-acceptance-test) in the contribution guidelines for more information on usage. +*Note:* Acceptance tests create real resources, and often cost money to run. Please read [Running and Writing Acceptance Tests](contributing/running-and-writing-acceptance-tests.md) in the contribution guidelines for more information on usage. ```sh $ make testacc diff --git a/info/FAQ.md b/docs/FAQ.md similarity index 100% rename from info/FAQ.md rename to docs/FAQ.md diff --git a/info/MAINTAINING.md b/docs/MAINTAINING.md similarity index 100% rename from info/MAINTAINING.md rename to docs/MAINTAINING.md diff --git a/info/contributing/contribution-checklists.md b/docs/contributing/contribution-checklists.md similarity index 100% rename from info/contributing/contribution-checklists.md rename to docs/contributing/contribution-checklists.md diff --git a/info/contributing/issue-reporting-and-lifecycle.md b/docs/contributing/issue-reporting-and-lifecycle.md similarity index 100% rename from info/contributing/issue-reporting-and-lifecycle.md rename to docs/contributing/issue-reporting-and-lifecycle.md diff --git a/info/contributing/pullrequest-submission-and-lifecycle.md b/docs/contributing/pullrequest-submission-and-lifecycle.md similarity index 100% rename from info/contributing/pullrequest-submission-and-lifecycle.md rename to docs/contributing/pullrequest-submission-and-lifecycle.md diff --git a/info/contributing/running-and-writing-acceptance-tests.md b/docs/contributing/running-and-writing-acceptance-tests.md similarity index 100% rename from info/contributing/running-and-writing-acceptance-tests.md rename to docs/contributing/running-and-writing-acceptance-tests.md From 3d63d920fa49a79192de7ede6a114d55c7fbe698 Mon Sep 17 00:00:00 2001 From: Angie Pinilla Date: Fri, 8 May 2020 17:39:28 -0400 Subject: [PATCH 074/475] add elem attribute to typemaps --- aws/data_source_aws_ami.go | 2 ++ aws/data_source_aws_cloudformation_stack.go | 2 ++ aws/data_source_aws_elasticsearch_domain.go | 1 + aws/data_source_aws_lb_listener.go | 2 ++ aws/data_source_aws_s3_bucket_object.go | 1 + aws/data_source_aws_secretsmanager_secret.go | 1 + aws/resource_aws_api_gateway_stage.go | 1 + aws/resource_aws_autoscaling_group.go | 9 ++++++--- aws/resource_aws_budgets_budget.go | 1 + aws/resource_aws_cloudformation_stack.go | 2 ++ aws/resource_aws_cloudfront_distribution.go | 1 + aws/resource_aws_cloudwatch_event_target.go | 1 + aws/resource_aws_cloudwatch_metric_alarm.go | 2 ++ aws/resource_aws_cognito_identity_provider.go | 1 + aws/resource_aws_dlm_lifecycle_policy.go | 2 ++ aws/resource_aws_elastic_transcoder_preset.go | 1 + aws/resource_aws_elasticsearch_domain.go | 1 + aws/resource_aws_emr_cluster.go | 1 + aws/resource_aws_glue_connection.go | 1 + aws/resource_aws_glue_job.go | 1 + aws/resource_aws_glue_trigger.go | 1 + aws/resource_aws_inspector_resource_group.go | 1 + aws/resource_aws_iot_thing.go | 1 + aws/resource_aws_lb_listener.go | 2 ++ aws/resource_aws_lb_listener_rule.go | 2 ++ aws/resource_aws_s3_bucket_analytics_configuration.go | 1 + aws/resource_aws_sagemaker_model.go | 2 ++ aws/resource_aws_spot_fleet_request.go | 1 + aws/resource_aws_spot_instance_request.go | 1 + aws/resource_aws_ssm_association.go | 1 + aws/tags.go | 3 +++ 31 files changed, 47 insertions(+), 3 deletions(-) diff --git a/aws/data_source_aws_ami.go b/aws/data_source_aws_ami.go index 0f5e9e12d92..f244ad4bae4 100644 --- a/aws/data_source_aws_ami.go +++ b/aws/data_source_aws_ami.go @@ -149,6 +149,7 @@ func dataSourceAwsAmi() *schema.Resource { "ebs": { Type: schema.TypeMap, Computed: true, + Elem: &schema.Schema{Type: schema.TypeString}, }, }, }, @@ -173,6 +174,7 @@ func dataSourceAwsAmi() *schema.Resource { "state_reason": { Type: schema.TypeMap, Computed: true, + Elem: &schema.Schema{Type: schema.TypeString}, }, "tags": tagsSchemaComputed(), }, diff --git a/aws/data_source_aws_cloudformation_stack.go b/aws/data_source_aws_cloudformation_stack.go index 93a5a36bba5..9255192ae8e 100644 --- a/aws/data_source_aws_cloudformation_stack.go +++ b/aws/data_source_aws_cloudformation_stack.go @@ -46,10 +46,12 @@ func dataSourceAwsCloudFormationStack() *schema.Resource { "parameters": { Type: schema.TypeMap, Computed: true, + Elem: &schema.Schema{Type: schema.TypeString}, }, "outputs": { Type: schema.TypeMap, Computed: true, + Elem: &schema.Schema{Type: schema.TypeString}, }, "timeout_in_minutes": { Type: schema.TypeInt, diff --git a/aws/data_source_aws_elasticsearch_domain.go b/aws/data_source_aws_elasticsearch_domain.go index aab4877483c..3860ce98c7a 100644 --- a/aws/data_source_aws_elasticsearch_domain.go +++ b/aws/data_source_aws_elasticsearch_domain.go @@ -22,6 +22,7 @@ func dataSourceAwsElasticSearchDomain() *schema.Resource { "advanced_options": { Type: schema.TypeMap, Computed: true, + Elem: &schema.Schema{Type: schema.TypeString}, }, "domain_name": { Type: schema.TypeString, diff --git a/aws/data_source_aws_lb_listener.go b/aws/data_source_aws_lb_listener.go index f4bca086bd4..f35b59ebb36 100644 --- a/aws/data_source_aws_lb_listener.go +++ b/aws/data_source_aws_lb_listener.go @@ -62,6 +62,7 @@ func dataSourceAwsLbListener() *schema.Resource { "authentication_request_extra_params": { Type: schema.TypeMap, Computed: true, + Elem: &schema.Schema{Type: schema.TypeString}, }, "on_unauthenticated_request": { Type: schema.TypeString, @@ -102,6 +103,7 @@ func dataSourceAwsLbListener() *schema.Resource { "authentication_request_extra_params": { Type: schema.TypeMap, Computed: true, + Elem: &schema.Schema{Type: schema.TypeString}, }, "authorization_endpoint": { Type: schema.TypeString, diff --git a/aws/data_source_aws_s3_bucket_object.go b/aws/data_source_aws_s3_bucket_object.go index ec7d78300a0..d7b46197a35 100644 --- a/aws/data_source_aws_s3_bucket_object.go +++ b/aws/data_source_aws_s3_bucket_object.go @@ -74,6 +74,7 @@ func dataSourceAwsS3BucketObject() *schema.Resource { "metadata": { Type: schema.TypeMap, Computed: true, + Elem: &schema.Schema{Type: schema.TypeString}, }, "object_lock_legal_hold_status": { Type: schema.TypeString, diff --git a/aws/data_source_aws_secretsmanager_secret.go b/aws/data_source_aws_secretsmanager_secret.go index 76e5fbaca13..2f17ecbbe95 100644 --- a/aws/data_source_aws_secretsmanager_secret.go +++ b/aws/data_source_aws_secretsmanager_secret.go @@ -63,6 +63,7 @@ func dataSourceAwsSecretsManagerSecret() *schema.Resource { "tags": { Type: schema.TypeMap, Computed: true, + Elem: &schema.Schema{Type: schema.TypeString}, }, }, } diff --git a/aws/resource_aws_api_gateway_stage.go b/aws/resource_aws_api_gateway_stage.go index 6131a706f78..96c6c62b146 100644 --- a/aws/resource_aws_api_gateway_stage.go +++ b/aws/resource_aws_api_gateway_stage.go @@ -113,6 +113,7 @@ func resourceAwsApiGatewayStage() *schema.Resource { "variables": { Type: schema.TypeMap, Optional: true, + Elem: &schema.Schema{Type: schema.TypeString}, }, "tags": tagsSchema(), "xray_tracing_enabled": { diff --git a/aws/resource_aws_autoscaling_group.go b/aws/resource_aws_autoscaling_group.go index 189dcc90918..79ce5024fd4 100644 --- a/aws/resource_aws_autoscaling_group.go +++ b/aws/resource_aws_autoscaling_group.go @@ -396,9 +396,12 @@ func resourceAwsAutoscalingGroup() *schema.Resource { "tag": autoscalingTagSchema(), "tags": { - Type: schema.TypeList, - Optional: true, - Elem: &schema.Schema{Type: schema.TypeMap}, + Type: schema.TypeList, + Optional: true, + Elem: &schema.Schema{ + Type: schema.TypeMap, + Elem: &schema.Schema{Type: schema.TypeString}, + }, ConflictsWith: []string{"tag"}, }, diff --git a/aws/resource_aws_budgets_budget.go b/aws/resource_aws_budgets_budget.go index 8298b7fb0f2..d8a59d0a57b 100644 --- a/aws/resource_aws_budgets_budget.go +++ b/aws/resource_aws_budgets_budget.go @@ -130,6 +130,7 @@ func resourceAwsBudgetsBudget() *schema.Resource { Type: schema.TypeMap, Optional: true, Computed: true, + Elem: &schema.Schema{Type: schema.TypeString}, }, "notification": { Type: schema.TypeSet, diff --git a/aws/resource_aws_cloudformation_stack.go b/aws/resource_aws_cloudformation_stack.go index efeed23d0fa..ffea86d7de5 100644 --- a/aws/resource_aws_cloudformation_stack.go +++ b/aws/resource_aws_cloudformation_stack.go @@ -79,10 +79,12 @@ func resourceAwsCloudFormationStack() *schema.Resource { Type: schema.TypeMap, Optional: true, Computed: true, + Elem: &schema.Schema{Type: schema.TypeString}, }, "outputs": { Type: schema.TypeMap, Computed: true, + Elem: &schema.Schema{Type: schema.TypeString}, }, "policy_body": { Type: schema.TypeString, diff --git a/aws/resource_aws_cloudfront_distribution.go b/aws/resource_aws_cloudfront_distribution.go index 93607c5eb1e..827b84b97aa 100644 --- a/aws/resource_aws_cloudfront_distribution.go +++ b/aws/resource_aws_cloudfront_distribution.go @@ -704,6 +704,7 @@ func resourceAwsCloudFrontDistribution() *schema.Resource { "active_trusted_signers": { Type: schema.TypeMap, Computed: true, + Elem: &schema.Schema{Type: schema.TypeString}, }, "domain_name": { Type: schema.TypeString, diff --git a/aws/resource_aws_cloudwatch_event_target.go b/aws/resource_aws_cloudwatch_event_target.go index 9e559012e15..46fc9003207 100644 --- a/aws/resource_aws_cloudwatch_event_target.go +++ b/aws/resource_aws_cloudwatch_event_target.go @@ -215,6 +215,7 @@ func resourceAwsCloudWatchEventTarget() *schema.Resource { "input_paths": { Type: schema.TypeMap, Optional: true, + Elem: &schema.Schema{Type: schema.TypeString}, }, "input_template": { Type: schema.TypeString, diff --git a/aws/resource_aws_cloudwatch_metric_alarm.go b/aws/resource_aws_cloudwatch_metric_alarm.go index d073979218d..aecc3289b6e 100644 --- a/aws/resource_aws_cloudwatch_metric_alarm.go +++ b/aws/resource_aws_cloudwatch_metric_alarm.go @@ -71,6 +71,7 @@ func resourceAwsCloudWatchMetricAlarm() *schema.Resource { "dimensions": { Type: schema.TypeMap, Optional: true, + Elem: &schema.Schema{Type: schema.TypeString}, }, "metric_name": { Type: schema.TypeString, @@ -163,6 +164,7 @@ func resourceAwsCloudWatchMetricAlarm() *schema.Resource { Type: schema.TypeMap, Optional: true, ConflictsWith: []string{"metric_query"}, + Elem: &schema.Schema{Type: schema.TypeString}, }, "insufficient_data_actions": { Type: schema.TypeSet, diff --git a/aws/resource_aws_cognito_identity_provider.go b/aws/resource_aws_cognito_identity_provider.go index 8364786aed5..ca9e5ff4398 100644 --- a/aws/resource_aws_cognito_identity_provider.go +++ b/aws/resource_aws_cognito_identity_provider.go @@ -49,6 +49,7 @@ func resourceAwsCognitoIdentityProvider() *schema.Resource { "provider_details": { Type: schema.TypeMap, Required: true, + Elem: &schema.Schema{Type: schema.TypeString}, }, "provider_name": { diff --git a/aws/resource_aws_dlm_lifecycle_policy.go b/aws/resource_aws_dlm_lifecycle_policy.go index 9c3f27ad115..3a99a9662a4 100644 --- a/aws/resource_aws_dlm_lifecycle_policy.go +++ b/aws/resource_aws_dlm_lifecycle_policy.go @@ -115,6 +115,7 @@ func resourceAwsDlmLifecyclePolicy() *schema.Resource { "tags_to_add": { Type: schema.TypeMap, Optional: true, + Elem: &schema.Schema{Type: schema.TypeString}, }, }, }, @@ -122,6 +123,7 @@ func resourceAwsDlmLifecyclePolicy() *schema.Resource { "target_tags": { Type: schema.TypeMap, Required: true, + Elem: &schema.Schema{Type: schema.TypeString}, }, }, }, diff --git a/aws/resource_aws_elastic_transcoder_preset.go b/aws/resource_aws_elastic_transcoder_preset.go index 2273b12b2be..ca57e63b119 100644 --- a/aws/resource_aws_elastic_transcoder_preset.go +++ b/aws/resource_aws_elastic_transcoder_preset.go @@ -313,6 +313,7 @@ func resourceAwsElasticTranscoderPreset() *schema.Resource { Type: schema.TypeMap, Optional: true, ForceNew: true, + Elem: &schema.Schema{Type: schema.TypeString}, }, }, } diff --git a/aws/resource_aws_elasticsearch_domain.go b/aws/resource_aws_elasticsearch_domain.go index d870352eeda..e932d9d4beb 100644 --- a/aws/resource_aws_elasticsearch_domain.go +++ b/aws/resource_aws_elasticsearch_domain.go @@ -69,6 +69,7 @@ func resourceAwsElasticSearchDomain() *schema.Resource { Type: schema.TypeMap, Optional: true, Computed: true, + Elem: &schema.Schema{Type: schema.TypeString}, }, "domain_name": { Type: schema.TypeString, diff --git a/aws/resource_aws_emr_cluster.go b/aws/resource_aws_emr_cluster.go index 65b6c160c2f..de696e96baf 100644 --- a/aws/resource_aws_emr_cluster.go +++ b/aws/resource_aws_emr_cluster.go @@ -561,6 +561,7 @@ func resourceAwsEMRCluster() *schema.Resource { Type: schema.TypeMap, Optional: true, ForceNew: true, + Elem: &schema.Schema{Type: schema.TypeString}, }, }, }, diff --git a/aws/resource_aws_glue_connection.go b/aws/resource_aws_glue_connection.go index 6491868ab3d..46109fe255f 100644 --- a/aws/resource_aws_glue_connection.go +++ b/aws/resource_aws_glue_connection.go @@ -32,6 +32,7 @@ func resourceAwsGlueConnection() *schema.Resource { Type: schema.TypeMap, Required: true, Sensitive: true, + Elem: &schema.Schema{Type: schema.TypeString}, }, "connection_type": { Type: schema.TypeString, diff --git a/aws/resource_aws_glue_job.go b/aws/resource_aws_glue_job.go index 9e5579a7d17..1ac7ae6ebdc 100644 --- a/aws/resource_aws_glue_job.go +++ b/aws/resource_aws_glue_job.go @@ -67,6 +67,7 @@ func resourceAwsGlueJob() *schema.Resource { "default_arguments": { Type: schema.TypeMap, Optional: true, + Elem: &schema.Schema{Type: schema.TypeString}, }, "description": { Type: schema.TypeString, diff --git a/aws/resource_aws_glue_trigger.go b/aws/resource_aws_glue_trigger.go index 7ddb8be631c..be43a4ee273 100644 --- a/aws/resource_aws_glue_trigger.go +++ b/aws/resource_aws_glue_trigger.go @@ -38,6 +38,7 @@ func resourceAwsGlueTrigger() *schema.Resource { "arguments": { Type: schema.TypeMap, Optional: true, + Elem: &schema.Schema{Type: schema.TypeString}, }, "crawler_name": { Type: schema.TypeString, diff --git a/aws/resource_aws_inspector_resource_group.go b/aws/resource_aws_inspector_resource_group.go index 47de0a45f2d..4508a3b7523 100644 --- a/aws/resource_aws_inspector_resource_group.go +++ b/aws/resource_aws_inspector_resource_group.go @@ -20,6 +20,7 @@ func resourceAWSInspectorResourceGroup() *schema.Resource { ForceNew: true, Required: true, Type: schema.TypeMap, + Elem: &schema.Schema{Type: schema.TypeString}, }, "arn": { Type: schema.TypeString, diff --git a/aws/resource_aws_iot_thing.go b/aws/resource_aws_iot_thing.go index 19c4b44d1c9..c6d76ab45fb 100644 --- a/aws/resource_aws_iot_thing.go +++ b/aws/resource_aws_iot_thing.go @@ -30,6 +30,7 @@ func resourceAwsIotThing() *schema.Resource { "attributes": { Type: schema.TypeMap, Optional: true, + Elem: &schema.Schema{Type: schema.TypeString}, }, "thing_type_name": { Type: schema.TypeString, diff --git a/aws/resource_aws_lb_listener.go b/aws/resource_aws_lb_listener.go index 81976c0e739..74d1f327998 100644 --- a/aws/resource_aws_lb_listener.go +++ b/aws/resource_aws_lb_listener.go @@ -204,6 +204,7 @@ func resourceAwsLbListener() *schema.Resource { "authentication_request_extra_params": { Type: schema.TypeMap, Optional: true, + Elem: &schema.Schema{Type: schema.TypeString}, }, "on_unauthenticated_request": { Type: schema.TypeString, @@ -256,6 +257,7 @@ func resourceAwsLbListener() *schema.Resource { "authentication_request_extra_params": { Type: schema.TypeMap, Optional: true, + Elem: &schema.Schema{Type: schema.TypeString}, }, "authorization_endpoint": { Type: schema.TypeString, diff --git a/aws/resource_aws_lb_listener_rule.go b/aws/resource_aws_lb_listener_rule.go index ab72c11dc20..c4cbac50cb4 100644 --- a/aws/resource_aws_lb_listener_rule.go +++ b/aws/resource_aws_lb_listener_rule.go @@ -172,6 +172,7 @@ func resourceAwsLbbListenerRule() *schema.Resource { "authentication_request_extra_params": { Type: schema.TypeMap, Optional: true, + Elem: &schema.Schema{Type: schema.TypeString}, }, "on_unauthenticated_request": { Type: schema.TypeString, @@ -224,6 +225,7 @@ func resourceAwsLbbListenerRule() *schema.Resource { "authentication_request_extra_params": { Type: schema.TypeMap, Optional: true, + Elem: &schema.Schema{Type: schema.TypeString}, }, "authorization_endpoint": { Type: schema.TypeString, diff --git a/aws/resource_aws_s3_bucket_analytics_configuration.go b/aws/resource_aws_s3_bucket_analytics_configuration.go index 0929e0a5fed..9b687af31ce 100644 --- a/aws/resource_aws_s3_bucket_analytics_configuration.go +++ b/aws/resource_aws_s3_bucket_analytics_configuration.go @@ -50,6 +50,7 @@ func resourceAwsS3BucketAnalyticsConfiguration() *schema.Resource { Type: schema.TypeMap, Optional: true, AtLeastOneOf: filterAtLeastOneOfKeys, + Elem: &schema.Schema{Type: schema.TypeString}, }, }, }, diff --git a/aws/resource_aws_sagemaker_model.go b/aws/resource_aws_sagemaker_model.go index 7edd9ad9a91..18dade3623b 100644 --- a/aws/resource_aws_sagemaker_model.go +++ b/aws/resource_aws_sagemaker_model.go @@ -69,6 +69,7 @@ func resourceAwsSagemakerModel() *schema.Resource { Optional: true, ForceNew: true, ValidateFunc: validateSagemakerEnvironment, + Elem: &schema.Schema{Type: schema.TypeString}, }, }, }, @@ -140,6 +141,7 @@ func resourceAwsSagemakerModel() *schema.Resource { Optional: true, ForceNew: true, ValidateFunc: validateSagemakerEnvironment, + Elem: &schema.Schema{Type: schema.TypeString}, }, }, }, diff --git a/aws/resource_aws_spot_fleet_request.go b/aws/resource_aws_spot_fleet_request.go index 6566271e1f9..19279970fa8 100644 --- a/aws/resource_aws_spot_fleet_request.go +++ b/aws/resource_aws_spot_fleet_request.go @@ -311,6 +311,7 @@ func resourceAwsSpotFleetRequest() *schema.Resource { Type: schema.TypeMap, Optional: true, ForceNew: true, + Elem: &schema.Schema{Type: schema.TypeString}, }, }, }, diff --git a/aws/resource_aws_spot_instance_request.go b/aws/resource_aws_spot_instance_request.go index 04c623975f2..69ca0396d11 100644 --- a/aws/resource_aws_spot_instance_request.go +++ b/aws/resource_aws_spot_instance_request.go @@ -41,6 +41,7 @@ func resourceAwsSpotInstanceRequest() *schema.Resource { s["volume_tags"] = &schema.Schema{ Type: schema.TypeMap, Optional: true, + Elem: &schema.Schema{Type: schema.TypeString}, } s["spot_price"] = &schema.Schema{ diff --git a/aws/resource_aws_ssm_association.go b/aws/resource_aws_ssm_association.go index a79ffa0a871..da7fd9ffd33 100644 --- a/aws/resource_aws_ssm_association.go +++ b/aws/resource_aws_ssm_association.go @@ -62,6 +62,7 @@ func resourceAwsSsmAssociation() *schema.Resource { Type: schema.TypeMap, Optional: true, Computed: true, + Elem: &schema.Schema{Type: schema.TypeString}, }, "schedule_expression": { Type: schema.TypeString, diff --git a/aws/tags.go b/aws/tags.go index c35f62ef62d..2123771346c 100644 --- a/aws/tags.go +++ b/aws/tags.go @@ -13,6 +13,7 @@ func tagsSchema() *schema.Schema { return &schema.Schema{ Type: schema.TypeMap, Optional: true, + Elem: &schema.Schema{Type: schema.TypeString}, } } @@ -21,6 +22,7 @@ func tagsSchemaComputed() *schema.Schema { Type: schema.TypeMap, Optional: true, Computed: true, + Elem: &schema.Schema{Type: schema.TypeString}, } } @@ -29,6 +31,7 @@ func tagsSchemaForceNew() *schema.Schema { Type: schema.TypeMap, Optional: true, ForceNew: true, + Elem: &schema.Schema{Type: schema.TypeString}, } } From c7e021e333ff88df3f5e00e7e9e4e3cc76be46c1 Mon Sep 17 00:00:00 2001 From: Simon Davis Date: Fri, 8 May 2020 18:54:46 -0700 Subject: [PATCH 075/475] add breaking changes section --- docs/MAINTAINING.md | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/docs/MAINTAINING.md b/docs/MAINTAINING.md index 3bf4e6baec7..ab9417fa5b5 100644 --- a/docs/MAINTAINING.md +++ b/docs/MAINTAINING.md @@ -13,6 +13,7 @@ - [yaml.v2 Updates](#yaml-v2-updates) - [Pull Request Merge Process](#pull-request-merge-process) - [Pull Request Types to CHANGELOG](#pull-request-types-to-changelog) +- [Breaking Changes](#breaking-changes) - [Label Dictionary](#label-dictionary) @@ -305,6 +306,13 @@ The CHANGELOG is intended to show operator-impacting changes to the codebase for - Resource and provider documentation updates - Testing updates +## Breaking Changes + +When breaking changes to the provider are necessary we release them in a major version. If an issue or PR necessitates a breaking change, then the following procedure should be observed: +- Add the `breaking-change` label. +- Add the issue/PR to the next major version milestone. +- Leave a comment why this is a breaking change or otherwise only being considered for a major version update. If possible, detail any changes that might be made for the contributor to accomplish the task without a breaking change. + ## Label Dictionary From 1cb3110584731d14abd16ed997ddf5d576f87712 Mon Sep 17 00:00:00 2001 From: Micheal Harker Date: Sat, 9 May 2020 19:02:13 +0100 Subject: [PATCH 076/475] r/organizations_account: tech debt: replace custom validation funcs --- aws/resource_aws_organizations_account.go | 43 +++++------------------ 1 file changed, 8 insertions(+), 35 deletions(-) diff --git a/aws/resource_aws_organizations_account.go b/aws/resource_aws_organizations_account.go index 952ef540be4..14cd7648ee2 100644 --- a/aws/resource_aws_organizations_account.go +++ b/aws/resource_aws_organizations_account.go @@ -54,10 +54,13 @@ func resourceAwsOrganizationsAccount() *schema.Resource { ValidateFunc: validation.StringLenBetween(1, 50), }, "email": { - ForceNew: true, - Type: schema.TypeString, - Required: true, - ValidateFunc: validateAwsOrganizationsAccountEmail, + ForceNew: true, + Type: schema.TypeString, + Required: true, + ValidateFunc: validation.All( + validation.StringLenBetween(6, 64), + validation.StringMatch(regexp.MustCompile(`^[^\s@]+@[^\s@]+\.[^\s@]+$`), "must be a valid email address"), + ), }, "iam_user_access_to_billing": { ForceNew: true, @@ -69,7 +72,7 @@ func resourceAwsOrganizationsAccount() *schema.Resource { ForceNew: true, Type: schema.TypeString, Optional: true, - ValidateFunc: validateAwsOrganizationsAccountRoleName, + ValidateFunc: validation.StringMatch(regexp.MustCompile(`^[\w+=,.@-]{1,64}$`), "must consist of uppercase letters, lowercase letters, digits with no spaces, and any of the following characters"), }, "tags": tagsSchema(), }, @@ -299,36 +302,6 @@ func resourceAwsOrganizationsAccountStateRefreshFunc(conn *organizations.Organiz } } -func validateAwsOrganizationsAccountEmail(v interface{}, k string) (ws []string, errors []error) { - value := v.(string) - if !regexp.MustCompile(`^[^\s@]+@[^\s@]+\.[^\s@]+$`).MatchString(value) { - errors = append(errors, fmt.Errorf( - "%q must be a valid email address", value)) - } - - if len(value) < 6 { - errors = append(errors, fmt.Errorf( - "%q cannot be less than 6 characters", value)) - } - - if len(value) > 64 { - errors = append(errors, fmt.Errorf( - "%q cannot be greater than 64 characters", value)) - } - - return -} - -func validateAwsOrganizationsAccountRoleName(v interface{}, k string) (ws []string, errors []error) { - value := v.(string) - if !regexp.MustCompile(`^[\w+=,.@-]{1,64}$`).MatchString(value) { - errors = append(errors, fmt.Errorf( - "%q must consist of uppercase letters, lowercase letters, digits with no spaces, and any of the following characters: =,.@-", value)) - } - - return -} - func resourceAwsOrganizationsAccountGetParentId(conn *organizations.Organizations, childId string) (string, error) { input := &organizations.ListParentsInput{ ChildId: aws.String(childId), From 245472063af946849bbd5c39a6b3e74cc6abe71b Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Sun, 10 May 2020 00:15:26 -0400 Subject: [PATCH 077/475] Update module hashicorp/terraform-plugin-sdk to v1.12.0 (#12740) Co-authored-by: Renovate Bot --- go.mod | 2 +- go.sum | 6 +- .../terraform-plugin-sdk/acctest/doc.go | 31 +++++++ .../helper/encryption/encryption.go | 8 ++ .../helper/resource/testing.go | 92 ++++++++++++++----- .../helper/resource/testing_new.go | 42 ++++++--- .../helper/resource/testing_new_config.go | 1 + .../helper/schema/field_reader.go | 2 + .../helper/schema/resource.go | 2 + .../helper/schema/schema.go | 79 ++++++++++++++-- .../terraform-plugin-sdk/helper/schema/set.go | 37 +++++++- .../terraform-plugin-sdk/meta/meta.go | 2 +- .../terraform-plugin-sdk/terraform/state.go | 4 + .../hashicorp/terraform-plugin-test/helper.go | 7 +- .../hashicorp/terraform-plugin-test/util.go | 40 ++++++++ vendor/modules.txt | 4 +- 16 files changed, 305 insertions(+), 54 deletions(-) create mode 100644 vendor/github.com/hashicorp/terraform-plugin-sdk/acctest/doc.go diff --git a/go.mod b/go.mod index fe28e1d0016..769223c578b 100644 --- a/go.mod +++ b/go.mod @@ -13,7 +13,7 @@ require ( github.com/hashicorp/go-cleanhttp v0.5.1 github.com/hashicorp/go-multierror v1.0.0 github.com/hashicorp/go-version v1.2.0 - github.com/hashicorp/terraform-plugin-sdk v1.9.0 + github.com/hashicorp/terraform-plugin-sdk v1.12.0 github.com/hashicorp/vault v0.10.4 github.com/jen20/awspolicyequivalence v1.1.0 github.com/katbyte/terrafmt v0.2.1-0.20200303174203-e6a3e82cb21b diff --git a/go.sum b/go.sum index 63b3b715bd3..5d3eca21f10 100644 --- a/go.sum +++ b/go.sum @@ -266,10 +266,12 @@ github.com/hashicorp/terraform-json v0.4.0 h1:KNh29iNxozP5adfUFBJ4/fWd0Cu3taGgjH github.com/hashicorp/terraform-json v0.4.0/go.mod h1:eAbqb4w0pSlRmdvl8fOyHAi/+8jnkVYN28gJkSJrLhU= github.com/hashicorp/terraform-plugin-sdk v1.7.0 h1:B//oq0ZORG+EkVrIJy0uPGSonvmXqxSzXe8+GhknoW0= github.com/hashicorp/terraform-plugin-sdk v1.7.0/go.mod h1:OjgQmey5VxnPej/buEhe+YqKm0KNvV3QqU4hkqHqPCY= -github.com/hashicorp/terraform-plugin-sdk v1.9.0 h1:WBHHIX/RgF6/lbfMCzx0qKl96BbQy3bexWFvDqt1bhE= -github.com/hashicorp/terraform-plugin-sdk v1.9.0/go.mod h1:C/AXwmDHqbc3h6URiHpIsVKrwV4PS0Sh0+VTaeEkShw= +github.com/hashicorp/terraform-plugin-sdk v1.12.0 h1:HPp65ShSsKUMPf6jD50UQn/xAjyrGVO4FxI63bvu+pc= +github.com/hashicorp/terraform-plugin-sdk v1.12.0/go.mod h1:HiWIPD/T9HixIhQUwaSoDQxo4BLFdmiBi/Qz5gjB8Q0= github.com/hashicorp/terraform-plugin-test v1.2.0 h1:AWFdqyfnOj04sxTdaAF57QqvW7XXrT8PseUHkbKsE8I= github.com/hashicorp/terraform-plugin-test v1.2.0/go.mod h1:QIJHYz8j+xJtdtLrFTlzQVC0ocr3rf/OjIpgZLK56Hs= +github.com/hashicorp/terraform-plugin-test v1.3.0 h1:hU5LoxrOn9qvOo+LTKN6mSav2J+dAMprbdxJPEQvp4U= +github.com/hashicorp/terraform-plugin-test v1.3.0/go.mod h1:QIJHYz8j+xJtdtLrFTlzQVC0ocr3rf/OjIpgZLK56Hs= github.com/hashicorp/terraform-svchost v0.0.0-20191011084731-65d371908596 h1:hjyO2JsNZUKT1ym+FAdlBEkGPevazYsmVgIMw7dVELg= github.com/hashicorp/terraform-svchost v0.0.0-20191011084731-65d371908596/go.mod h1:kNDNcF7sN4DocDLBkQYz73HGKwN1ANB1blq4lIYLYvg= github.com/hashicorp/vault v0.10.4 h1:4x0lHxui/ZRp/B3E0Auv1QNBJpzETqHR2kQD3mHSBJU= diff --git a/vendor/github.com/hashicorp/terraform-plugin-sdk/acctest/doc.go b/vendor/github.com/hashicorp/terraform-plugin-sdk/acctest/doc.go new file mode 100644 index 00000000000..08bff3c88b5 --- /dev/null +++ b/vendor/github.com/hashicorp/terraform-plugin-sdk/acctest/doc.go @@ -0,0 +1,31 @@ +// Package acctest provides the ability to opt in to the new binary test driver. The binary +// test driver allows you to run your acceptance tests with a binary of Terraform instead of +// an emulated version packaged inside the SDK. This allows for a number of important +// enhancements, but most notably a more realistic testing experience and matrix testing +// against multiple versions of Terraform CLI. This also allows the SDK to be completely +// separated, at a dependency level, from the Terraform CLI, as long as it is >= 0.12.0 +// +// The new test driver must be enabled by initialising the test helper in your TestMain +// function in all provider packages that run acceptance tests. Most providers have only +// one package. +// +// In v2 of the SDK, the binary test driver will be mandatory. +// +// After importing this package, you can add code similar to the following: +// +// func TestMain(m *testing.M) { +// acctest.UseBinaryDriver("provider_name", Provider) +// resource.TestMain(m) +// } +// +// Where `Provider` is the function that returns the instance of a configured `terraform.ResourceProvider` +// Some providers already have a TestMain defined, usually for the purpose of enabling test +// sweepers. These additional occurrences should be removed. +// +// Initialising the binary test helper using UseBinaryDriver causes all tests to be run using +// the new binary driver. Until SDK v2, the DisableBinaryDriver boolean property can be used +// to use the legacy test driver for an individual TestCase. +// +// It is no longer necessary to import other Terraform providers as Go modules: these +// imports should be removed. +package acctest diff --git a/vendor/github.com/hashicorp/terraform-plugin-sdk/helper/encryption/encryption.go b/vendor/github.com/hashicorp/terraform-plugin-sdk/helper/encryption/encryption.go index 110ed18cd96..a84bf4020e3 100644 --- a/vendor/github.com/hashicorp/terraform-plugin-sdk/helper/encryption/encryption.go +++ b/vendor/github.com/hashicorp/terraform-plugin-sdk/helper/encryption/encryption.go @@ -12,6 +12,10 @@ import ( // RetrieveGPGKey returns the PGP key specified as the pgpKey parameter, or queries // the public key from the keybase service if the parameter is a keybase username // prefixed with the phrase "keybase:" +// +// Deprecated: This function will be removed in v2 without replacement. Please +// see https://www.terraform.io/docs/extend/best-practices/sensitive-state.html#don-39-t-encrypt-state +// for more information. func RetrieveGPGKey(pgpKey string) (string, error) { const keybasePrefix = "keybase:" @@ -29,6 +33,10 @@ func RetrieveGPGKey(pgpKey string) (string, error) { // EncryptValue encrypts the given value with the given encryption key. Description // should be set such that errors return a meaningful user-facing response. +// +// Deprecated: This function will be removed in v2 without replacement. Please +// see https://www.terraform.io/docs/extend/best-practices/sensitive-state.html#don-39-t-encrypt-state +// for more information. func EncryptValue(encryptionKey, value, description string) (string, string, error) { fingerprints, encryptedValue, err := pgpkeys.EncryptShares([][]byte{[]byte(value)}, []string{encryptionKey}) diff --git a/vendor/github.com/hashicorp/terraform-plugin-sdk/helper/resource/testing.go b/vendor/github.com/hashicorp/terraform-plugin-sdk/helper/resource/testing.go index 7b331d80d13..1f63e615d29 100644 --- a/vendor/github.com/hashicorp/terraform-plugin-sdk/helper/resource/testing.go +++ b/vendor/github.com/hashicorp/terraform-plugin-sdk/helper/resource/testing.go @@ -12,6 +12,7 @@ import ( "path/filepath" "reflect" "regexp" + "strconv" "strings" "syscall" "testing" @@ -108,10 +109,15 @@ func TestMain(m *testing.M) { os.Exit(1) } } else { + exitCode := m.Run() + if acctest.TestHelper != nil { - defer acctest.TestHelper.Close() + err := acctest.TestHelper.Close() + if err != nil { + log.Printf("Error cleaning up temporary test files: %s", err) + } } - os.Exit(m.Run()) + os.Exit(exitCode) } } @@ -255,6 +261,7 @@ func runSweeperWithRegion(region string, s *Sweeper, sweepers map[string]*Sweepe } const TestEnvVar = "TF_ACC" +const TestDisableBinaryTestingFlagEnvVar = "TF_DISABLE_BINARY_TESTING" // TestProvider can be implemented by any ResourceProvider to provide custom // reset functionality at the start of an acceptance test. @@ -543,6 +550,14 @@ func Test(t TestT, c TestCase) { TestEnvVar)) return } + if v := os.Getenv(TestDisableBinaryTestingFlagEnvVar); v != "" { + b, err := strconv.ParseBool(v) + if err != nil { + t.Error(fmt.Errorf("Error parsing EnvVar %q value %q: %s", TestDisableBinaryTestingFlagEnvVar, v, err)) + } + + c.DisableBinaryDriver = b + } logWriter, err := LogOutput(t) if err != nil { @@ -553,7 +568,6 @@ func Test(t TestT, c TestCase) { // We require verbose mode so that the user knows what is going on. if !testTesting && !testing.Verbose() && !c.IsUnitTest { t.Fatal("Acceptance tests must be run with the -v flag on tests") - return } // get instances of all providers, so we can use the individual @@ -1016,28 +1030,28 @@ func ComposeAggregateTestCheckFunc(fs ...TestCheckFunc) TestCheckFunc { // testing that computed values were set, when it is not possible to // know ahead of time what the values will be. func TestCheckResourceAttrSet(name, key string) TestCheckFunc { - return func(s *terraform.State) error { + return checkIfIndexesIntoTypeSet(key, func(s *terraform.State) error { is, err := primaryInstanceState(s, name) if err != nil { return err } return testCheckResourceAttrSet(is, name, key) - } + }) } // TestCheckModuleResourceAttrSet - as per TestCheckResourceAttrSet but with // support for non-root modules func TestCheckModuleResourceAttrSet(mp []string, name string, key string) TestCheckFunc { mpt := addrs.Module(mp).UnkeyedInstanceShim() - return func(s *terraform.State) error { + return checkIfIndexesIntoTypeSet(key, func(s *terraform.State) error { is, err := modulePathPrimaryInstanceState(s, mpt, name) if err != nil { return err } return testCheckResourceAttrSet(is, name, key) - } + }) } func testCheckResourceAttrSet(is *terraform.InstanceState, name string, key string) error { @@ -1051,28 +1065,28 @@ func testCheckResourceAttrSet(is *terraform.InstanceState, name string, key stri // TestCheckResourceAttr is a TestCheckFunc which validates // the value in state for the given name/key combination. func TestCheckResourceAttr(name, key, value string) TestCheckFunc { - return func(s *terraform.State) error { + return checkIfIndexesIntoTypeSet(key, func(s *terraform.State) error { is, err := primaryInstanceState(s, name) if err != nil { return err } return testCheckResourceAttr(is, name, key, value) - } + }) } // TestCheckModuleResourceAttr - as per TestCheckResourceAttr but with // support for non-root modules func TestCheckModuleResourceAttr(mp []string, name string, key string, value string) TestCheckFunc { mpt := addrs.Module(mp).UnkeyedInstanceShim() - return func(s *terraform.State) error { + return checkIfIndexesIntoTypeSet(key, func(s *terraform.State) error { is, err := modulePathPrimaryInstanceState(s, mpt, name) if err != nil { return err } return testCheckResourceAttr(is, name, key, value) - } + }) } func testCheckResourceAttr(is *terraform.InstanceState, name string, key string, value string) error { @@ -1106,28 +1120,28 @@ func testCheckResourceAttr(is *terraform.InstanceState, name string, key string, // TestCheckNoResourceAttr is a TestCheckFunc which ensures that // NO value exists in state for the given name/key combination. func TestCheckNoResourceAttr(name, key string) TestCheckFunc { - return func(s *terraform.State) error { + return checkIfIndexesIntoTypeSet(key, func(s *terraform.State) error { is, err := primaryInstanceState(s, name) if err != nil { return err } return testCheckNoResourceAttr(is, name, key) - } + }) } // TestCheckModuleNoResourceAttr - as per TestCheckNoResourceAttr but with // support for non-root modules func TestCheckModuleNoResourceAttr(mp []string, name string, key string) TestCheckFunc { mpt := addrs.Module(mp).UnkeyedInstanceShim() - return func(s *terraform.State) error { + return checkIfIndexesIntoTypeSet(key, func(s *terraform.State) error { is, err := modulePathPrimaryInstanceState(s, mpt, name) if err != nil { return err } return testCheckNoResourceAttr(is, name, key) - } + }) } func testCheckNoResourceAttr(is *terraform.InstanceState, name string, key string) error { @@ -1154,28 +1168,28 @@ func testCheckNoResourceAttr(is *terraform.InstanceState, name string, key strin // TestMatchResourceAttr is a TestCheckFunc which checks that the value // in state for the given name/key combination matches the given regex. func TestMatchResourceAttr(name, key string, r *regexp.Regexp) TestCheckFunc { - return func(s *terraform.State) error { + return checkIfIndexesIntoTypeSet(key, func(s *terraform.State) error { is, err := primaryInstanceState(s, name) if err != nil { return err } return testMatchResourceAttr(is, name, key, r) - } + }) } // TestModuleMatchResourceAttr - as per TestMatchResourceAttr but with // support for non-root modules func TestModuleMatchResourceAttr(mp []string, name string, key string, r *regexp.Regexp) TestCheckFunc { mpt := addrs.Module(mp).UnkeyedInstanceShim() - return func(s *terraform.State) error { + return checkIfIndexesIntoTypeSet(key, func(s *terraform.State) error { is, err := modulePathPrimaryInstanceState(s, mpt, name) if err != nil { return err } return testMatchResourceAttr(is, name, key, r) - } + }) } func testMatchResourceAttr(is *terraform.InstanceState, name string, key string, r *regexp.Regexp) error { @@ -1211,7 +1225,7 @@ func TestCheckModuleResourceAttrPtr(mp []string, name string, key string, value // TestCheckResourceAttrPair is a TestCheckFunc which validates that the values // in state for a pair of name/key combinations are equal. func TestCheckResourceAttrPair(nameFirst, keyFirst, nameSecond, keySecond string) TestCheckFunc { - return func(s *terraform.State) error { + return checkIfIndexesIntoTypeSetPair(keyFirst, keySecond, func(s *terraform.State) error { isFirst, err := primaryInstanceState(s, nameFirst) if err != nil { return err @@ -1223,7 +1237,7 @@ func TestCheckResourceAttrPair(nameFirst, keyFirst, nameSecond, keySecond string } return testCheckResourceAttrPair(isFirst, nameFirst, keyFirst, isSecond, nameSecond, keySecond) - } + }) } // TestCheckModuleResourceAttrPair - as per TestCheckResourceAttrPair but with @@ -1231,7 +1245,7 @@ func TestCheckResourceAttrPair(nameFirst, keyFirst, nameSecond, keySecond string func TestCheckModuleResourceAttrPair(mpFirst []string, nameFirst string, keyFirst string, mpSecond []string, nameSecond string, keySecond string) TestCheckFunc { mptFirst := addrs.Module(mpFirst).UnkeyedInstanceShim() mptSecond := addrs.Module(mpSecond).UnkeyedInstanceShim() - return func(s *terraform.State) error { + return checkIfIndexesIntoTypeSetPair(keyFirst, keySecond, func(s *terraform.State) error { isFirst, err := modulePathPrimaryInstanceState(s, mptFirst, nameFirst) if err != nil { return err @@ -1243,7 +1257,7 @@ func TestCheckModuleResourceAttrPair(mpFirst []string, nameFirst string, keyFirs } return testCheckResourceAttrPair(isFirst, nameFirst, keyFirst, isSecond, nameSecond, keySecond) - } + }) } func testCheckResourceAttrPair(isFirst *terraform.InstanceState, nameFirst string, keyFirst string, isSecond *terraform.InstanceState, nameSecond string, keySecond string) error { @@ -1419,3 +1433,35 @@ func detailedErrorMessage(err error) string { return err.Error() } } + +// indexesIntoTypeSet is a heuristic to try and identify if a flatmap style +// string address uses a precalculated TypeSet hash, which are integers and +// typically are large and obviously not a list index +func indexesIntoTypeSet(key string) bool { + for _, part := range strings.Split(key, ".") { + if i, err := strconv.Atoi(part); err == nil && i > 100 { + return true + } + } + return false +} + +func checkIfIndexesIntoTypeSet(key string, f TestCheckFunc) TestCheckFunc { + return func(s *terraform.State) error { + err := f(s) + if err != nil && s.IsBinaryDrivenTest && indexesIntoTypeSet(key) { + return fmt.Errorf("Error in test check: %s\nTest check address %q likely indexes into TypeSet\nThis is not possible in V1 of the SDK while using the binary driver\nPlease disable the driver for this TestCase with DisableBinaryDriver: true", err, key) + } + return err + } +} + +func checkIfIndexesIntoTypeSetPair(keyFirst, keySecond string, f TestCheckFunc) TestCheckFunc { + return func(s *terraform.State) error { + err := f(s) + if err != nil && s.IsBinaryDrivenTest && (indexesIntoTypeSet(keyFirst) || indexesIntoTypeSet(keySecond)) { + return fmt.Errorf("Error in test check: %s\nTest check address %q or %q likely indexes into TypeSet\nThis is not possible in V1 of the SDK while using the binary driver\nPlease disable the driver for this TestCase with DisableBinaryDriver: true", err, keyFirst, keySecond) + } + return err + } +} diff --git a/vendor/github.com/hashicorp/terraform-plugin-sdk/helper/resource/testing_new.go b/vendor/github.com/hashicorp/terraform-plugin-sdk/helper/resource/testing_new.go index 8ba9c85d31b..34244e095f8 100644 --- a/vendor/github.com/hashicorp/terraform-plugin-sdk/helper/resource/testing_new.go +++ b/vendor/github.com/hashicorp/terraform-plugin-sdk/helper/resource/testing_new.go @@ -14,13 +14,18 @@ import ( tftest "github.com/hashicorp/terraform-plugin-test" ) -func getState(t *testing.T, wd *tftest.WorkingDir) *terraform.State { - jsonState := wd.RequireState(t) - state, err := shimStateFromJson(jsonState) - if err != nil { - t.Fatal(err) +func runPostTestDestroy(t *testing.T, c TestCase, wd *tftest.WorkingDir) error { + wd.RequireDestroy(t) + + if c.CheckDestroy != nil { + statePostDestroy := getState(t, wd) + + if err := c.CheckDestroy(statePostDestroy); err != nil { + return err + } } - return state + + return nil } func RunNewTest(t *testing.T, c TestCase, providers map[string]terraform.ResourceProvider) { @@ -29,15 +34,12 @@ func RunNewTest(t *testing.T, c TestCase, providers map[string]terraform.Resourc wd := acctest.TestHelper.RequireNewWorkingDir(t) defer func() { - wd.RequireDestroy(t) + statePreDestroy := getState(t, wd) - if c.CheckDestroy != nil { - statePostDestroy := getState(t, wd) - - if err := c.CheckDestroy(statePostDestroy); err != nil { - t.Fatal(err) - } + if !stateIsEmpty(statePreDestroy) { + runPostTestDestroy(t, c, wd) } + wd.Close() }() @@ -98,6 +100,19 @@ func RunNewTest(t *testing.T, c TestCase, providers map[string]terraform.Resourc } } +func getState(t *testing.T, wd *tftest.WorkingDir) *terraform.State { + jsonState := wd.RequireState(t) + state, err := shimStateFromJson(jsonState) + if err != nil { + t.Fatal(err) + } + return state +} + +func stateIsEmpty(state *terraform.State) bool { + return state.Empty() || !state.HasResources() +} + func planIsEmpty(plan *tfjson.Plan) bool { for _, rc := range plan.ResourceChanges { if rc.Mode == tfjson.DataResourceMode { @@ -114,6 +129,7 @@ func planIsEmpty(plan *tfjson.Plan) bool { } return true } + func testIDRefresh(c TestCase, t *testing.T, wd *tftest.WorkingDir, step TestStep, r *terraform.ResourceState) error { spewConf := spew.NewDefaultConfig() spewConf.SortKeys = true diff --git a/vendor/github.com/hashicorp/terraform-plugin-sdk/helper/resource/testing_new_config.go b/vendor/github.com/hashicorp/terraform-plugin-sdk/helper/resource/testing_new_config.go index d2fbf29d783..a59d685d8d9 100644 --- a/vendor/github.com/hashicorp/terraform-plugin-sdk/helper/resource/testing_new_config.go +++ b/vendor/github.com/hashicorp/terraform-plugin-sdk/helper/resource/testing_new_config.go @@ -32,6 +32,7 @@ func testStepNewConfig(t *testing.T, c TestCase, wd *tftest.WorkingDir, step Tes state := getState(t, wd) if step.Check != nil { + state.IsBinaryDrivenTest = true if err := step.Check(state); err != nil { t.Fatal(err) } diff --git a/vendor/github.com/hashicorp/terraform-plugin-sdk/helper/schema/field_reader.go b/vendor/github.com/hashicorp/terraform-plugin-sdk/helper/schema/field_reader.go index 622e9b13eb2..b3c023d19f1 100644 --- a/vendor/github.com/hashicorp/terraform-plugin-sdk/helper/schema/field_reader.go +++ b/vendor/github.com/hashicorp/terraform-plugin-sdk/helper/schema/field_reader.go @@ -44,6 +44,8 @@ func (r *FieldReadResult) ValueOrZero(s *Schema) interface{} { // SchemasForFlatmapPath tries its best to find a sequence of schemas that // the given dot-delimited attribute path traverses through. +// +// Deprecated: This function will be removed in version 2 without replacement. func SchemasForFlatmapPath(path string, schemaMap map[string]*Schema) []*Schema { parts := strings.Split(path, ".") return addrToSchema(parts, schemaMap) diff --git a/vendor/github.com/hashicorp/terraform-plugin-sdk/helper/schema/resource.go b/vendor/github.com/hashicorp/terraform-plugin-sdk/helper/schema/resource.go index 75cfe8857a3..1bc30808819 100644 --- a/vendor/github.com/hashicorp/terraform-plugin-sdk/helper/schema/resource.go +++ b/vendor/github.com/hashicorp/terraform-plugin-sdk/helper/schema/resource.go @@ -770,6 +770,8 @@ func (r *Resource) TestResourceData() *ResourceData { // SchemasForFlatmapPath tries its best to find a sequence of schemas that // the given dot-delimited attribute path traverses through in the schema // of the receiving Resource. +// +// Deprecated: This function will be removed in version 2 without replacement. func (r *Resource) SchemasForFlatmapPath(path string) []*Schema { return SchemasForFlatmapPath(path, r.Schema) } diff --git a/vendor/github.com/hashicorp/terraform-plugin-sdk/helper/schema/schema.go b/vendor/github.com/hashicorp/terraform-plugin-sdk/helper/schema/schema.go index 69ab09b7c5a..df0172fa108 100644 --- a/vendor/github.com/hashicorp/terraform-plugin-sdk/helper/schema/schema.go +++ b/vendor/github.com/hashicorp/terraform-plugin-sdk/helper/schema/schema.go @@ -223,9 +223,12 @@ type Schema struct { // // AtLeastOneOf is a set of schema keys that, when set, at least one of // the keys in that list must be specified. + // + // RequiredWith is a set of schema keys that must be set simultaneously. ConflictsWith []string ExactlyOneOf []string AtLeastOneOf []string + RequiredWith []string // When Deprecated is set, this attribute is deprecated. // @@ -236,6 +239,9 @@ type Schema struct { // When Removed is set, this attribute has been removed from the schema // + // Deprecated: This field will be removed in version 2 without replacement + // as the functionality is not necessary. + // // Removed attributes can be left in the Schema to generate informative error // messages for the user when they show up in resource configurations. // This string is the message shown to the user with instructions on @@ -767,21 +773,28 @@ func (m schemaMap) internalValidate(topSchemaMap schemaMap, attrsOnly bool) erro } if len(v.ConflictsWith) > 0 { - err := checkKeysAgainstSchemaFlags(k, v.ConflictsWith, topSchemaMap) + err := checkKeysAgainstSchemaFlags(k, v.ConflictsWith, topSchemaMap, v, false) if err != nil { return fmt.Errorf("ConflictsWith: %+v", err) } } + if len(v.RequiredWith) > 0 { + err := checkKeysAgainstSchemaFlags(k, v.RequiredWith, topSchemaMap, v, true) + if err != nil { + return fmt.Errorf("RequiredWith: %+v", err) + } + } + if len(v.ExactlyOneOf) > 0 { - err := checkKeysAgainstSchemaFlags(k, v.ExactlyOneOf, topSchemaMap) + err := checkKeysAgainstSchemaFlags(k, v.ExactlyOneOf, topSchemaMap, v, true) if err != nil { return fmt.Errorf("ExactlyOneOf: %+v", err) } } if len(v.AtLeastOneOf) > 0 { - err := checkKeysAgainstSchemaFlags(k, v.AtLeastOneOf, topSchemaMap) + err := checkKeysAgainstSchemaFlags(k, v.AtLeastOneOf, topSchemaMap, v, true) if err != nil { return fmt.Errorf("AtLeastOneOf: %+v", err) } @@ -850,14 +863,20 @@ func (m schemaMap) internalValidate(topSchemaMap schemaMap, attrsOnly bool) erro return nil } -func checkKeysAgainstSchemaFlags(k string, keys []string, topSchemaMap schemaMap) error { +func checkKeysAgainstSchemaFlags(k string, keys []string, topSchemaMap schemaMap, self *Schema, allowSelfReference bool) error { for _, key := range keys { parts := strings.Split(key, ".") sm := topSchemaMap var target *Schema - for _, part := range parts { - // Skip index fields - if _, err := strconv.Atoi(part); err == nil { + for idx, part := range parts { + // Skip index fields if 0 + partInt, err := strconv.Atoi(part) + + if err == nil { + if partInt != 0 { + return fmt.Errorf("%s configuration block reference (%s) can only use the .0. index for TypeList and MaxItems: 1 configuration blocks", k, key) + } + continue } @@ -866,13 +885,28 @@ func checkKeysAgainstSchemaFlags(k string, keys []string, topSchemaMap schemaMap return fmt.Errorf("%s references unknown attribute (%s) at part (%s)", k, key, part) } - if subResource, ok := target.Elem.(*Resource); ok { - sm = schemaMap(subResource.Schema) + subResource, ok := target.Elem.(*Resource) + + if !ok { + continue + } + + // Skip Type/MaxItems check if not the last element + if (target.Type == TypeSet || target.MaxItems != 1) && idx+1 != len(parts) { + return fmt.Errorf("%s configuration block reference (%s) can only be used with TypeList and MaxItems: 1 configuration blocks", k, key) } + + sm = schemaMap(subResource.Schema) } + if target == nil { return fmt.Errorf("%s cannot find target attribute (%s), sm: %#v", k, key, sm) } + + if target == self && !allowSelfReference { + return fmt.Errorf("%s cannot reference self (%s)", k, key) + } + if target.Required { return fmt.Errorf("%s cannot contain Required attribute (%s)", k, key) } @@ -881,6 +915,7 @@ func checkKeysAgainstSchemaFlags(k string, keys []string, topSchemaMap schemaMap return fmt.Errorf("%s cannot contain Computed(When) attribute (%s)", k, key) } } + return nil } @@ -1414,6 +1449,11 @@ func (m schemaMap) validate( "%q: this field cannot be set", k)} } + err = validateRequiredWithAttribute(k, schema, c) + if err != nil { + return nil, []error{err} + } + // If the value is unknown then we can't validate it yet. // In particular, this avoids spurious type errors where downstream // validation code sees UnknownVariableValue as being just a string. @@ -1494,6 +1534,27 @@ func removeDuplicates(elements []string) []string { return result } +func validateRequiredWithAttribute( + k string, + schema *Schema, + c *terraform.ResourceConfig) error { + + if len(schema.RequiredWith) == 0 { + return nil + } + + allKeys := removeDuplicates(append(schema.RequiredWith, k)) + sort.Strings(allKeys) + + for _, key := range allKeys { + if _, ok := c.Get(key); !ok { + return fmt.Errorf("%q: all of `%s` must be specified", k, strings.Join(allKeys, ",")) + } + } + + return nil +} + func validateExactlyOneAttribute( k string, schema *Schema, diff --git a/vendor/github.com/hashicorp/terraform-plugin-sdk/helper/schema/set.go b/vendor/github.com/hashicorp/terraform-plugin-sdk/helper/schema/set.go index daa431ddb1c..1b39ff639d1 100644 --- a/vendor/github.com/hashicorp/terraform-plugin-sdk/helper/schema/set.go +++ b/vendor/github.com/hashicorp/terraform-plugin-sdk/helper/schema/set.go @@ -150,13 +150,46 @@ func (s *Set) Union(other *Set) *Set { return result } +func checkSetMapEqual(m1, m2 map[string]interface{}) bool { + if (m1 == nil) != (m2 == nil) { + return false + } + if len(m1) != len(m2) { + return false + } + for k := range m1 { + v1 := m1[k] + v2, ok := m2[k] + if !ok { + return false + } + switch v1.(type) { + case map[string]interface{}: + same := checkSetMapEqual(v1.(map[string]interface{}), v2.(map[string]interface{})) + if !same { + return false + } + case *Set: + same := v1.(*Set).Equal(v2) + if !same { + return false + } + default: + same := reflect.DeepEqual(v1, v2) + if !same { + return false + } + } + } + return true +} + func (s *Set) Equal(raw interface{}) bool { other, ok := raw.(*Set) if !ok { return false } - - return reflect.DeepEqual(s.m, other.m) + return checkSetMapEqual(s.m, other.m) } // HashEqual simply checks to the keys the top-level map to the keys in the diff --git a/vendor/github.com/hashicorp/terraform-plugin-sdk/meta/meta.go b/vendor/github.com/hashicorp/terraform-plugin-sdk/meta/meta.go index 0363c2d9371..345d1cab6d4 100644 --- a/vendor/github.com/hashicorp/terraform-plugin-sdk/meta/meta.go +++ b/vendor/github.com/hashicorp/terraform-plugin-sdk/meta/meta.go @@ -11,7 +11,7 @@ import ( ) // The main version number that is being run at the moment. -var SDKVersion = "1.9.0" +var SDKVersion = "1.12.0" // A pre-release marker for the version. If this is "" (empty string) // then it means that it is a final release. Otherwise, this is a pre-release diff --git a/vendor/github.com/hashicorp/terraform-plugin-sdk/terraform/state.go b/vendor/github.com/hashicorp/terraform-plugin-sdk/terraform/state.go index b2b308e7905..98b20be7cbe 100644 --- a/vendor/github.com/hashicorp/terraform-plugin-sdk/terraform/state.go +++ b/vendor/github.com/hashicorp/terraform-plugin-sdk/terraform/state.go @@ -112,6 +112,10 @@ type State struct { Modules []*ModuleState `json:"modules"` mu sync.Mutex + + // IsBinaryDrivenTest is a special flag that assists with a binary driver + // heuristic, it should not be set externally + IsBinaryDrivenTest bool } func (s *State) Lock() { s.mu.Lock() } diff --git a/vendor/github.com/hashicorp/terraform-plugin-test/helper.go b/vendor/github.com/hashicorp/terraform-plugin-test/helper.go index d4de44680e8..8a519aaf088 100644 --- a/vendor/github.com/hashicorp/terraform-plugin-test/helper.go +++ b/vendor/github.com/hashicorp/terraform-plugin-test/helper.go @@ -196,6 +196,11 @@ func symlinkAuxiliaryProviders(pluginDir string) error { return nil } +// GetPluginName returns the configured plugin name. +func (h *Helper) GetPluginName() string { + return h.pluginName +} + // Close cleans up temporary files and directories created to support this // helper, returning an error if any of the cleanup fails. // @@ -218,7 +223,7 @@ func (h *Helper) NewWorkingDir() (*WorkingDir, error) { } // symlink the provider source files into the base directory - err = symlinkDir(h.sourceDir, dir) + err = symlinkDirectoriesOnly(h.sourceDir, dir) if err != nil { return nil, err } diff --git a/vendor/github.com/hashicorp/terraform-plugin-test/util.go b/vendor/github.com/hashicorp/terraform-plugin-test/util.go index 0732c82d197..57bc84f2dcc 100644 --- a/vendor/github.com/hashicorp/terraform-plugin-test/util.go +++ b/vendor/github.com/hashicorp/terraform-plugin-test/util.go @@ -53,3 +53,43 @@ func symlinkDir(srcDir string, destDir string) (err error) { } return } + +// symlinkDirectoriesOnly finds only the first-level child directories in srcDir +// and symlinks them into destDir. +// Unlike symlinkDir, this is done non-recursively in order to limit the number +// of file descriptors used. +func symlinkDirectoriesOnly(srcDir string, destDir string) (err error) { + srcInfo, err := os.Stat(srcDir) + if err != nil { + return err + } + + err = os.MkdirAll(destDir, srcInfo.Mode()) + if err != nil { + return err + } + + directory, err := os.Open(srcDir) + if err != nil { + return err + } + defer directory.Close() + objects, err := directory.Readdir(-1) + if err != nil { + return err + } + + for _, obj := range objects { + srcPath := filepath.Join(srcDir, obj.Name()) + destPath := filepath.Join(destDir, obj.Name()) + + if obj.IsDir() { + err = symlinkFile(srcPath, destPath) + if err != nil { + return err + } + } + + } + return +} diff --git a/vendor/modules.txt b/vendor/modules.txt index 1e0da311f48..1d827ac71fa 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -527,7 +527,7 @@ github.com/hashicorp/logutils github.com/hashicorp/terraform-config-inspect/tfconfig # github.com/hashicorp/terraform-json v0.4.0 github.com/hashicorp/terraform-json -# github.com/hashicorp/terraform-plugin-sdk v1.9.0 +# github.com/hashicorp/terraform-plugin-sdk v1.12.0 github.com/hashicorp/terraform-plugin-sdk/acctest github.com/hashicorp/terraform-plugin-sdk/helper/acctest github.com/hashicorp/terraform-plugin-sdk/helper/customdiff @@ -579,7 +579,7 @@ github.com/hashicorp/terraform-plugin-sdk/internal/version github.com/hashicorp/terraform-plugin-sdk/meta github.com/hashicorp/terraform-plugin-sdk/plugin github.com/hashicorp/terraform-plugin-sdk/terraform -# github.com/hashicorp/terraform-plugin-test v1.2.0 +# github.com/hashicorp/terraform-plugin-test v1.3.0 github.com/hashicorp/terraform-plugin-test # github.com/hashicorp/terraform-svchost v0.0.0-20191011084731-65d371908596 github.com/hashicorp/terraform-svchost From 74fdc28b49d4bd5b20eddce369d1ed919c312a7e Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Sun, 10 May 2020 00:35:45 -0400 Subject: [PATCH 078/475] Update module bflad/tfproviderdocs to v0.6.0 (#13246) Co-authored-by: Renovate Bot --- go.mod | 2 +- go.sum | 9 +- .../bflad/tfproviderdocs/CHANGELOG.md | 9 ++ .../bflad/tfproviderdocs/check/check.go | 50 ++++------ .../tfproviderdocs/check/file_mismatch.go | 85 +++++++++++++++-- .../bflad/tfproviderdocs/command/check.go | 93 ++++++++++++++----- vendor/github.com/bflad/tfproviderdocs/go.mod | 2 +- vendor/github.com/bflad/tfproviderdocs/go.sum | 10 +- .../bflad/tfproviderdocs/version/version.go | 2 +- .../hashicorp/terraform-json/schemas.go | 29 +++++- vendor/modules.txt | 4 +- 11 files changed, 220 insertions(+), 75 deletions(-) diff --git a/go.mod b/go.mod index 769223c578b..bb57dafcf6f 100644 --- a/go.mod +++ b/go.mod @@ -5,7 +5,7 @@ go 1.13 require ( github.com/aws/aws-sdk-go v1.30.21 github.com/beevik/etree v1.1.0 - github.com/bflad/tfproviderdocs v0.5.3 + github.com/bflad/tfproviderdocs v0.6.0 github.com/bflad/tfproviderlint v0.14.0 github.com/client9/misspell v0.3.4 github.com/golangci/golangci-lint v1.26.0 diff --git a/go.sum b/go.sum index 5d3eca21f10..ab0868d9339 100644 --- a/go.sum +++ b/go.sum @@ -47,8 +47,8 @@ github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24 github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8= github.com/bflad/gopaniccheck v0.1.0 h1:tJftp+bv42ouERmUMWLoUn/5bi/iQZjHPznM00cP/bU= github.com/bflad/gopaniccheck v0.1.0/go.mod h1:ZCj2vSr7EqVeDaqVsWN4n2MwdROx1YL+LFo47TSWtsA= -github.com/bflad/tfproviderdocs v0.5.3 h1:0JozhslEaLujgTnV6OdljbFiT/FCponx5hruFSkizGk= -github.com/bflad/tfproviderdocs v0.5.3/go.mod h1:d0k1fQLEu1pdeORxozwuwmvauFaEmMBREQ1fw3J+pPc= +github.com/bflad/tfproviderdocs v0.6.0 h1:P5XMTe0tB44xlMZmIvoQx/nfPht0pNymLtEArvYSOQE= +github.com/bflad/tfproviderdocs v0.6.0/go.mod h1:W6wVZPtBa6V5bpjaK1eJAoVCL/7B4Amfrld0dro+fHU= github.com/bflad/tfproviderlint v0.14.0 h1:iki5tDr4l0jp0zEL0chZylptMT5QdE09E60cziFQNZA= github.com/bflad/tfproviderlint v0.14.0/go.mod h1:1Jtjs6DPKoyqPrbPyMiy33h0ViO2h831uzoOuikCA60= github.com/bgentry/go-netrc v0.0.0-20140422174119-9fd32a8b3d3d h1:xDfNPAt8lFiC1UJrqV3uuy861HCTo708pDMbjHHdCas= @@ -260,10 +260,10 @@ github.com/hashicorp/logutils v1.0.0 h1:dLEQVugN8vlakKOUE3ihGLTZJRB4j+M2cdTm/ORI github.com/hashicorp/logutils v1.0.0/go.mod h1:QIAnNjmIWmVIIkWDTG1z5v++HQmx9WQRO+LraFDTW64= github.com/hashicorp/terraform-config-inspect v0.0.0-20191115094559-17f92b0546e8 h1:+RyjwU+Gnd/aTJBPZVDNm903eXVjjqhbaR4Ypx3xYyY= github.com/hashicorp/terraform-config-inspect v0.0.0-20191115094559-17f92b0546e8/go.mod h1:p+ivJws3dpqbp1iP84+npOyAmTTOLMgCzrXd3GSdn/A= -github.com/hashicorp/terraform-json v0.3.1 h1:vRiOLck4YX4UqzljVhdQKsVLixX4L+Pgnm/q+xu6QvE= -github.com/hashicorp/terraform-json v0.3.1/go.mod h1:MdwQStcJb00ht55L/2YH0ypAO9RNtczJ1MaUlf+gJcg= github.com/hashicorp/terraform-json v0.4.0 h1:KNh29iNxozP5adfUFBJ4/fWd0Cu3taGgjHB38JYqOF4= github.com/hashicorp/terraform-json v0.4.0/go.mod h1:eAbqb4w0pSlRmdvl8fOyHAi/+8jnkVYN28gJkSJrLhU= +github.com/hashicorp/terraform-json v0.5.0 h1:7TV3/F3y7QVSuN4r9BEXqnWqrAyeOtON8f0wvREtyzs= +github.com/hashicorp/terraform-json v0.5.0/go.mod h1:eAbqb4w0pSlRmdvl8fOyHAi/+8jnkVYN28gJkSJrLhU= github.com/hashicorp/terraform-plugin-sdk v1.7.0 h1:B//oq0ZORG+EkVrIJy0uPGSonvmXqxSzXe8+GhknoW0= github.com/hashicorp/terraform-plugin-sdk v1.7.0/go.mod h1:OjgQmey5VxnPej/buEhe+YqKm0KNvV3QqU4hkqHqPCY= github.com/hashicorp/terraform-plugin-sdk v1.12.0 h1:HPp65ShSsKUMPf6jD50UQn/xAjyrGVO4FxI63bvu+pc= @@ -518,7 +518,6 @@ github.com/xiang90/probing v0.0.0-20190116061207-43a291ad63a2/go.mod h1:UETIi67q github.com/xordataexchange/crypt v0.0.3-0.20170626215501-b2862e3d0a77/go.mod h1:aYKd//L2LvnjZzWKhF00oedf4jCCReLcmhLdhm1A27Q= github.com/yuin/goldmark v1.1.25/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= -github.com/zclconf/go-cty v0.0.0-20190430221426-d36a6f0dbffd/go.mod h1:xnAOWiHeOqg2nWS62VtQ7pbOu17FtxJNW8RLEih+O3s= github.com/zclconf/go-cty v1.0.0/go.mod h1:xnAOWiHeOqg2nWS62VtQ7pbOu17FtxJNW8RLEih+O3s= github.com/zclconf/go-cty v1.1.0 h1:uJwc9HiBOCpoKIObTQaLR+tsEXx1HBHnOsOOpcdhZgw= github.com/zclconf/go-cty v1.1.0/go.mod h1:xnAOWiHeOqg2nWS62VtQ7pbOu17FtxJNW8RLEih+O3s= diff --git a/vendor/github.com/bflad/tfproviderdocs/CHANGELOG.md b/vendor/github.com/bflad/tfproviderdocs/CHANGELOG.md index 515bfc5325e..07ac77c6bc2 100644 --- a/vendor/github.com/bflad/tfproviderdocs/CHANGELOG.md +++ b/vendor/github.com/bflad/tfproviderdocs/CHANGELOG.md @@ -1,3 +1,12 @@ +# v0.6.0 + +ENHANCEMENTS + +* check: Add `-ignore-file-mismatch-data-sources` option +* check: Add `-ignore-file-mismatch-resources` option +* check: Add `-ignore-file-missing-data-sources` option +* check: Add `-ignore-file-missing-resources` option + # v0.5.3 BUG FIXES diff --git a/vendor/github.com/bflad/tfproviderdocs/check/check.go b/vendor/github.com/bflad/tfproviderdocs/check/check.go index fabca3661d3..d29be21cc68 100644 --- a/vendor/github.com/bflad/tfproviderdocs/check/check.go +++ b/vendor/github.com/bflad/tfproviderdocs/check/check.go @@ -4,7 +4,6 @@ import ( "sort" "github.com/hashicorp/go-multierror" - tfjson "github.com/hashicorp/terraform-json" ) const ( @@ -22,6 +21,8 @@ type Check struct { } type CheckOptions struct { + DataSourceFileMismatch *FileMismatchOptions + LegacyDataSourceFile *LegacyDataSourceFileOptions LegacyGuideFile *LegacyGuideFileOptions LegacyIndexFile *LegacyIndexFileOptions @@ -34,8 +35,7 @@ type CheckOptions struct { RegistryIndexFile *RegistryIndexFileOptions RegistryResourceFile *RegistryResourceFileOptions - SchemaDataSources map[string]*tfjson.Schema - SchemaResources map[string]*tfjson.Schema + ResourceFileMismatch *FileMismatchOptions SideNavigation *SideNavigationOptions } @@ -65,37 +65,13 @@ func (check *Check) Run(directories map[string][]string) error { return err } - if len(check.Options.SchemaDataSources) > 0 && false { - var dataSourceFiles []string - - if files, ok := directories[RegistryDataSourcesDirectory]; ok { - dataSourceFiles = files - } else if files, ok := directories[LegacyDataSourcesDirectory]; ok { - dataSourceFiles = files - } - - if err := ResourceFileMismatchCheck(check.Options.ProviderName, ResourceTypeDataSource, check.Options.SchemaDataSources, dataSourceFiles); err != nil { - return err - } - } - - if len(check.Options.SchemaResources) > 0 { - var resourceFiles []string - - if files, ok := directories[RegistryResourcesDirectory]; ok { - resourceFiles = files - } else if files, ok := directories[LegacyResourcesDirectory]; ok { - resourceFiles = files - } - - if err := ResourceFileMismatchCheck(check.Options.ProviderName, ResourceTypeResource, check.Options.SchemaResources, resourceFiles); err != nil { - return err - } - } - var result *multierror.Error if files, ok := directories[RegistryDataSourcesDirectory]; ok { + if err := NewFileMismatchCheck(check.Options.DataSourceFileMismatch).Run(files); err != nil { + result = multierror.Append(result, err) + } + if err := NewRegistryDataSourceFileCheck(check.Options.RegistryDataSourceFile).RunAll(files); err != nil { result = multierror.Append(result, err) } @@ -114,6 +90,10 @@ func (check *Check) Run(directories map[string][]string) error { } if files, ok := directories[RegistryResourcesDirectory]; ok { + if err := NewFileMismatchCheck(check.Options.ResourceFileMismatch).Run(files); err != nil { + result = multierror.Append(result, err) + } + if err := NewRegistryResourceFileCheck(check.Options.RegistryResourceFile).RunAll(files); err != nil { result = multierror.Append(result, err) } @@ -123,6 +103,10 @@ func (check *Check) Run(directories map[string][]string) error { legacyResourcesFiles, legacyResourcesOk := directories[LegacyResourcesDirectory] if legacyDataSourcesOk { + if err := NewFileMismatchCheck(check.Options.DataSourceFileMismatch).Run(legacyDataSourcesFiles); err != nil { + result = multierror.Append(result, err) + } + if err := NewLegacyDataSourceFileCheck(check.Options.LegacyDataSourceFile).RunAll(legacyDataSourcesFiles); err != nil { result = multierror.Append(result, err) } @@ -141,6 +125,10 @@ func (check *Check) Run(directories map[string][]string) error { } if legacyResourcesOk { + if err := NewFileMismatchCheck(check.Options.ResourceFileMismatch).Run(legacyResourcesFiles); err != nil { + result = multierror.Append(result, err) + } + if err := NewLegacyResourceFileCheck(check.Options.LegacyResourceFile).RunAll(legacyResourcesFiles); err != nil { result = multierror.Append(result, err) } diff --git a/vendor/github.com/bflad/tfproviderdocs/check/file_mismatch.go b/vendor/github.com/bflad/tfproviderdocs/check/file_mismatch.go index b5c4868dd36..85898240300 100644 --- a/vendor/github.com/bflad/tfproviderdocs/check/file_mismatch.go +++ b/vendor/github.com/bflad/tfproviderdocs/check/file_mismatch.go @@ -2,26 +2,79 @@ package check import ( "fmt" + "log" "sort" "github.com/hashicorp/go-multierror" tfjson "github.com/hashicorp/terraform-json" ) -func ResourceFileMismatchCheck(providerName string, resourceType string, schemaResources map[string]*tfjson.Schema, files []string) error { +type FileMismatchOptions struct { + *FileOptions + + IgnoreFileMismatch []string + + IgnoreFileMissing []string + + ProviderName string + + ResourceType string + + Schemas map[string]*tfjson.Schema +} + +type FileMismatchCheck struct { + Options *FileMismatchOptions +} + +func NewFileMismatchCheck(opts *FileMismatchOptions) *FileMismatchCheck { + check := &FileMismatchCheck{ + Options: opts, + } + + if check.Options == nil { + check.Options = &FileMismatchOptions{} + } + + if check.Options.FileOptions == nil { + check.Options.FileOptions = &FileOptions{} + } + + return check +} + +func (check *FileMismatchCheck) Run(files []string) error { + if len(files) == 0 { + log.Printf("[DEBUG] Skipping %s file mismatch checks due to missing file list", check.Options.ResourceType) + return nil + } + + if len(check.Options.Schemas) == 0 { + log.Printf("[DEBUG] Skipping %s file mismatch checks due to missing schemas", check.Options.ResourceType) + return nil + } + var extraFiles []string var missingFiles []string for _, file := range files { - if fileHasResource(schemaResources, providerName, file) { + if fileHasResource(check.Options.Schemas, check.Options.ProviderName, file) { + continue + } + + if check.IgnoreFileMismatch(file) { continue } extraFiles = append(extraFiles, file) } - for _, resourceName := range resourceNames(schemaResources) { - if resourceHasFile(files, providerName, resourceName) { + for _, resourceName := range resourceNames(check.Options.Schemas) { + if resourceHasFile(files, check.Options.ProviderName, resourceName) { + continue + } + + if check.IgnoreFileMissing(resourceName) { continue } @@ -31,18 +84,38 @@ func ResourceFileMismatchCheck(providerName string, resourceType string, schemaR var result *multierror.Error for _, extraFile := range extraFiles { - err := fmt.Errorf("matching %s for documentation file (%s) not found, file is extraneous or incorrectly named", resourceType, extraFile) + err := fmt.Errorf("matching %s for documentation file (%s) not found, file is extraneous or incorrectly named", check.Options.ResourceType, extraFile) result = multierror.Append(result, err) } for _, missingFile := range missingFiles { - err := fmt.Errorf("missing documentation file for %s: %s", resourceType, missingFile) + err := fmt.Errorf("missing documentation file for %s: %s", check.Options.ResourceType, missingFile) result = multierror.Append(result, err) } return result.ErrorOrNil() } +func (check *FileMismatchCheck) IgnoreFileMismatch(file string) bool { + for _, ignoreResourceName := range check.Options.IgnoreFileMismatch { + if ignoreResourceName == fileResourceName(check.Options.ProviderName, file) { + return true + } + } + + return false +} + +func (check *FileMismatchCheck) IgnoreFileMissing(resourceName string) bool { + for _, ignoreResourceName := range check.Options.IgnoreFileMissing { + if ignoreResourceName == resourceName { + return true + } + } + + return false +} + func fileHasResource(schemaResources map[string]*tfjson.Schema, providerName, file string) bool { if _, ok := schemaResources[fileResourceName(providerName, file)]; ok { return true diff --git a/vendor/github.com/bflad/tfproviderdocs/command/check.go b/vendor/github.com/bflad/tfproviderdocs/command/check.go index d83d8aca8f0..43934bb5833 100644 --- a/vendor/github.com/bflad/tfproviderdocs/command/check.go +++ b/vendor/github.com/bflad/tfproviderdocs/command/check.go @@ -24,6 +24,10 @@ type CheckCommandConfig struct { AllowedGuideSubcategoriesFile string AllowedResourceSubcategories string AllowedResourceSubcategoriesFile string + IgnoreFileMismatchDataSources string + IgnoreFileMismatchResources string + IgnoreFileMissingDataSources string + IgnoreFileMissingResources string IgnoreSideNavigationDataSources string IgnoreSideNavigationResources string LogLevel string @@ -47,6 +51,10 @@ func (*CheckCommand) Help() string { fmt.Fprintf(opts, CommandHelpOptionFormat, "-allowed-guide-subcategories-file", "Path to newline separated file of allowed guide frontmatter subcategories.") fmt.Fprintf(opts, CommandHelpOptionFormat, "-allowed-resource-subcategories", "Comma separated list of allowed data source and resource frontmatter subcategories.") fmt.Fprintf(opts, CommandHelpOptionFormat, "-allowed-resource-subcategories-file", "Path to newline separated file of allowed data source and resource frontmatter subcategories.") + fmt.Fprintf(opts, CommandHelpOptionFormat, "-ignore-file-mismatch-data-sources", "Comma separated list of data sources to ignore mismatched/extra files.") + fmt.Fprintf(opts, CommandHelpOptionFormat, "-ignore-file-mismatch-resources", "Comma separated list of resources to ignore mismatched/extra files.") + fmt.Fprintf(opts, CommandHelpOptionFormat, "-ignore-file-missing-data-sources", "Comma separated list of data sources to ignore missing files.") + fmt.Fprintf(opts, CommandHelpOptionFormat, "-ignore-file-missing-resources", "Comma separated list of resources to ignore missing files.") fmt.Fprintf(opts, CommandHelpOptionFormat, "-ignore-side-navigation-data-sources", "Comma separated list of data sources to ignore side navigation validation.") fmt.Fprintf(opts, CommandHelpOptionFormat, "-ignore-side-navigation-resources", "Comma separated list of resources to ignore side navigation validation.") fmt.Fprintf(opts, CommandHelpOptionFormat, "-provider-name", "Terraform Provider name. Automatically determined if current working directory or provided path is prefixed with terraform-provider-*.") @@ -80,6 +88,10 @@ func (c *CheckCommand) Run(args []string) int { flags.StringVar(&config.AllowedGuideSubcategoriesFile, "allowed-guide-subcategories-file", "", "") flags.StringVar(&config.AllowedResourceSubcategories, "allowed-resource-subcategories", "", "") flags.StringVar(&config.AllowedResourceSubcategoriesFile, "allowed-resource-subcategories-file", "", "") + flags.StringVar(&config.IgnoreFileMismatchDataSources, "ignore-file-mismatch-data-sources", "", "") + flags.StringVar(&config.IgnoreFileMismatchResources, "ignore-file-mismatch-resources", "", "") + flags.StringVar(&config.IgnoreFileMissingDataSources, "ignore-file-missing-data-sources", "", "") + flags.StringVar(&config.IgnoreFileMissingResources, "ignore-file-missing-resources", "", "") flags.StringVar(&config.IgnoreSideNavigationDataSources, "ignore-side-navigation-data-sources", "", "") flags.StringVar(&config.IgnoreSideNavigationResources, "ignore-side-navigation-resources", "", "") flags.StringVar(&config.ProviderName, "provider-name", "", "") @@ -131,8 +143,7 @@ func (c *CheckCommand) Run(args []string) int { return 1 } - var allowedGuideSubcategories, allowedResourceSubcategories, ignoreSideNavigationDataSources, ignoreSideNavigationResources []string - + var allowedGuideSubcategories []string if v := config.AllowedGuideSubcategories; v != "" { allowedGuideSubcategories = strings.Split(v, ",") } @@ -147,6 +158,7 @@ func (c *CheckCommand) Run(args []string) int { } } + var allowedResourceSubcategories []string if v := config.AllowedResourceSubcategories; v != "" { allowedResourceSubcategories = strings.Split(v, ",") } @@ -161,18 +173,68 @@ func (c *CheckCommand) Run(args []string) int { } } + var ignoreFileMismatchDataSources []string + if v := config.IgnoreFileMismatchDataSources; v != "" { + ignoreFileMismatchDataSources = strings.Split(v, ",") + } + + var ignoreFileMismatchResources []string + if v := config.IgnoreFileMismatchResources; v != "" { + ignoreFileMismatchResources = strings.Split(v, ",") + } + + var ignoreFileMissingDataSources []string + if v := config.IgnoreFileMissingDataSources; v != "" { + ignoreFileMissingDataSources = strings.Split(v, ",") + } + + var ignoreFileMissingResources []string + if v := config.IgnoreFileMissingResources; v != "" { + ignoreFileMissingResources = strings.Split(v, ",") + } + + var ignoreSideNavigationDataSources []string if v := config.IgnoreSideNavigationDataSources; v != "" { ignoreSideNavigationDataSources = strings.Split(v, ",") } + var ignoreSideNavigationResources []string if v := config.IgnoreSideNavigationResources; v != "" { ignoreSideNavigationResources = strings.Split(v, ",") } + var schemaDataSources, schemaResources map[string]*tfjson.Schema + if config.ProvidersSchemaJson != "" { + ps, err := providerSchemas(config.ProvidersSchemaJson) + + if err != nil { + c.Ui.Error(fmt.Sprintf("Error enabling Terraform Provider schema checks: %s", err)) + return 1 + } + + if config.ProviderName == "" { + msg := `Unknown provider name for enabling Terraform Provider schema checks. + +Check that the current working directory or provided path is prefixed with terraform-provider-*.` + c.Ui.Error(msg) + return 1 + } + + schemaDataSources = providerSchemasDataSources(ps, config.ProviderName) + schemaResources = providerSchemasResources(ps, config.ProviderName) + } + fileOpts := &check.FileOptions{ BasePath: config.Path, } checkOpts := &check.CheckOptions{ + DataSourceFileMismatch: &check.FileMismatchOptions{ + IgnoreFileMismatch: ignoreFileMismatchDataSources, + IgnoreFileMissing: ignoreFileMissingDataSources, + ProviderName: config.ProviderName, + ResourceType: check.ResourceTypeDataSource, + Schemas: schemaDataSources, + }, LegacyDataSourceFile: &check.LegacyDataSourceFileOptions{ FileOptions: fileOpts, FrontMatter: &check.FrontMatterOptions{ @@ -222,6 +284,13 @@ func (c *CheckCommand) Run(args []string) int { RequireSubcategory: config.RequireResourceSubcategory, }, }, + ResourceFileMismatch: &check.FileMismatchOptions{ + IgnoreFileMismatch: ignoreFileMismatchResources, + IgnoreFileMissing: ignoreFileMissingResources, + ProviderName: config.ProviderName, + ResourceType: check.ResourceTypeResource, + Schemas: schemaResources, + }, SideNavigation: &check.SideNavigationOptions{ FileOptions: fileOpts, IgnoreDataSources: ignoreSideNavigationDataSources, @@ -230,26 +299,6 @@ func (c *CheckCommand) Run(args []string) int { }, } - if config.ProvidersSchemaJson != "" { - ps, err := providerSchemas(config.ProvidersSchemaJson) - - if err != nil { - c.Ui.Error(fmt.Sprintf("Error enabling Terraform Provider schema checks: %s", err)) - return 1 - } - - if config.ProviderName == "" { - msg := `Unknown provider name for enabling Terraform Provider schema checks. - -Check that the current working directory or provided path is prefixed with terraform-provider-*.` - c.Ui.Error(msg) - return 1 - } - - checkOpts.SchemaDataSources = providerSchemasDataSources(ps, config.ProviderName) - checkOpts.SchemaResources = providerSchemasResources(ps, config.ProviderName) - } - if err := check.NewCheck(checkOpts).Run(directories); err != nil { c.Ui.Error(fmt.Sprintf("Error checking Terraform Provider documentation: %s", err)) return 1 diff --git a/vendor/github.com/bflad/tfproviderdocs/go.mod b/vendor/github.com/bflad/tfproviderdocs/go.mod index 11196dd4f7a..94e895337aa 100644 --- a/vendor/github.com/bflad/tfproviderdocs/go.mod +++ b/vendor/github.com/bflad/tfproviderdocs/go.mod @@ -6,7 +6,7 @@ require ( github.com/bmatcuk/doublestar v1.2.1 github.com/hashicorp/go-hclog v0.10.0 github.com/hashicorp/go-multierror v1.0.0 - github.com/hashicorp/terraform-json v0.3.1 + github.com/hashicorp/terraform-json v0.5.0 github.com/mattn/go-colorable v0.1.4 github.com/mitchellh/cli v1.0.0 golang.org/x/net v0.0.0-20180811021610-c39426892332 diff --git a/vendor/github.com/bflad/tfproviderdocs/go.sum b/vendor/github.com/bflad/tfproviderdocs/go.sum index 915d3453fb2..ed5ba548b98 100644 --- a/vendor/github.com/bflad/tfproviderdocs/go.sum +++ b/vendor/github.com/bflad/tfproviderdocs/go.sum @@ -10,14 +10,16 @@ github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSs github.com/fatih/color v1.7.0 h1:DkWD4oS2D8LGGgTQ6IvwJJXSL5Vp2ffcQg58nFV38Ys= github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4= github.com/golang/protobuf v1.1.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= +github.com/google/go-cmp v0.3.1 h1:Xye71clBPdm5HgqGwUkwhbynsUJZhDbS20FvLhQ2izg= +github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= github.com/hashicorp/errwrap v1.0.0 h1:hLrqtEDnRye3+sgx6z4qVLNuviH3MR5aQ0ykNJa/UYA= github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= github.com/hashicorp/go-hclog v0.10.0 h1:b86HUuA126IcSHyC55WjPo7KtCOVeTCKIjr+3lBhPxI= github.com/hashicorp/go-hclog v0.10.0/go.mod h1:whpDNt7SSdeAju8AWKIWsul05p54N/39EeqMAyrmvFQ= github.com/hashicorp/go-multierror v1.0.0 h1:iVjPR7a6H0tWELX5NxNe7bYopibicUzc7uPribsnS6o= github.com/hashicorp/go-multierror v1.0.0/go.mod h1:dHtQlpGsu+cZNNAkkCN/P3hoUDHhCYQXV3UM06sGGrk= -github.com/hashicorp/terraform-json v0.3.1 h1:vRiOLck4YX4UqzljVhdQKsVLixX4L+Pgnm/q+xu6QvE= -github.com/hashicorp/terraform-json v0.3.1/go.mod h1:MdwQStcJb00ht55L/2YH0ypAO9RNtczJ1MaUlf+gJcg= +github.com/hashicorp/terraform-json v0.5.0 h1:7TV3/F3y7QVSuN4r9BEXqnWqrAyeOtON8f0wvREtyzs= +github.com/hashicorp/terraform-json v0.5.0/go.mod h1:eAbqb4w0pSlRmdvl8fOyHAi/+8jnkVYN28gJkSJrLhU= github.com/kr/pretty v0.1.0 h1:L/CwN0zerZDmRFUapSPitk6f+Q3+0za1rQkzVuMiMFI= github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= @@ -40,8 +42,8 @@ github.com/posener/complete v1.1.1/go.mod h1:em0nMJCgc9GFtwrmVmEMR/ZL6WyhyjMBndr github.com/stretchr/testify v1.2.2 h1:bSDNvY7ZPG5RlJ8otE/7V6gMiyenm9RtJ7IUVIAoJ1w= github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= github.com/vmihailenco/msgpack v3.3.3+incompatible/go.mod h1:fy3FlTQTDXWkZ7Bh6AcGMlsjHatGryHQYUTf1ShIgkk= -github.com/zclconf/go-cty v0.0.0-20190430221426-d36a6f0dbffd h1:NZOOU7h+pDtcKo6xlqm8PwnarS8nJ+6+I83jT8ZfLPI= -github.com/zclconf/go-cty v0.0.0-20190430221426-d36a6f0dbffd/go.mod h1:xnAOWiHeOqg2nWS62VtQ7pbOu17FtxJNW8RLEih+O3s= +github.com/zclconf/go-cty v1.2.1 h1:vGMsygfmeCl4Xb6OA5U5XVAaQZ69FvoG7X2jUtQujb8= +github.com/zclconf/go-cty v1.2.1/go.mod h1:hOPWgoHbaTUnI5k4D2ld+GRpFJSCe6bCM7m1q/N4PQ8= golang.org/x/net v0.0.0-20180811021610-c39426892332 h1:efGso+ep0DjyCBJPjvoz0HI6UldX4Md2F1rZFe1ir0E= golang.org/x/net v0.0.0-20180811021610-c39426892332/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= diff --git a/vendor/github.com/bflad/tfproviderdocs/version/version.go b/vendor/github.com/bflad/tfproviderdocs/version/version.go index 97f2848c8b4..c2072752726 100644 --- a/vendor/github.com/bflad/tfproviderdocs/version/version.go +++ b/vendor/github.com/bflad/tfproviderdocs/version/version.go @@ -11,7 +11,7 @@ var ( GitDescribe string // The main version number that is being run at the moment. - Version = "0.5.3" + Version = "0.6.0" // A pre-release marker for the version. If this is "" (empty string) // then it means that it is a final release. Otherwise, this is a pre-release diff --git a/vendor/github.com/hashicorp/terraform-json/schemas.go b/vendor/github.com/hashicorp/terraform-json/schemas.go index e025fbe0410..5dd430a5553 100644 --- a/vendor/github.com/hashicorp/terraform-json/schemas.go +++ b/vendor/github.com/hashicorp/terraform-json/schemas.go @@ -83,6 +83,18 @@ type Schema struct { Block *SchemaBlock `json:"block,omitempty"` } +// SchemaDescriptionKind describes the format type for a particular description's field. +type SchemaDescriptionKind string + +const ( + // SchemaDescriptionKindPlain indicates a string in plain text format. + SchemaDescriptionKindPlain SchemaDescriptionKind = "plaintext" + + // SchemaDescriptionKindMarkdown indicates a Markdown string and may need to be + // processed prior to presentation. + SchemaDescriptionKindMarkdown SchemaDescriptionKind = "markdown" +) + // SchemaBlock represents a nested block within a particular schema. type SchemaBlock struct { // The attributes defined at the particular level of this block. @@ -90,6 +102,14 @@ type SchemaBlock struct { // Any nested blocks within this particular block. NestedBlocks map[string]*SchemaBlockType `json:"block_types,omitempty"` + + // The description for this block and format of the description. If + // no kind is provided, it can be assumed to be plain text. + Description string `json:"description,omitempty"` + DescriptionKind SchemaDescriptionKind `json:"description_kind,omitempty"` + + // If true, this block is deprecated. + Deprecated bool `json:"deprecated,omitempty"` } // SchemaNestingMode is the nesting mode for a particular nested @@ -145,8 +165,13 @@ type SchemaAttribute struct { // The attribute type. AttributeType cty.Type `json:"type,omitempty"` - // The description field for this attribute. - Description string `json:"description,omitempty"` + // The description field for this attribute. If no kind is + // provided, it can be assumed to be plain text. + Description string `json:"description,omitempty"` + DescriptionKind SchemaDescriptionKind `json:"description_kind,omitempty"` + + // If true, this attribute is deprecated. + Deprecated bool `json:"deprecated,omitempty"` // If true, this attribute is required - it has to be entered in // configuration. diff --git a/vendor/modules.txt b/vendor/modules.txt index 1d827ac71fa..3459394f6b1 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -215,7 +215,7 @@ github.com/bflad/gopaniccheck/passes/logpaniccallexpr github.com/bflad/gopaniccheck/passes/logpanicfcallexpr github.com/bflad/gopaniccheck/passes/logpaniclncallexpr github.com/bflad/gopaniccheck/passes/paniccallexpr -# github.com/bflad/tfproviderdocs v0.5.3 +# github.com/bflad/tfproviderdocs v0.6.0 github.com/bflad/tfproviderdocs github.com/bflad/tfproviderdocs/check github.com/bflad/tfproviderdocs/check/sidenavigation @@ -525,7 +525,7 @@ github.com/hashicorp/hcl/v2/json github.com/hashicorp/logutils # github.com/hashicorp/terraform-config-inspect v0.0.0-20191115094559-17f92b0546e8 github.com/hashicorp/terraform-config-inspect/tfconfig -# github.com/hashicorp/terraform-json v0.4.0 +# github.com/hashicorp/terraform-json v0.5.0 github.com/hashicorp/terraform-json # github.com/hashicorp/terraform-plugin-sdk v1.12.0 github.com/hashicorp/terraform-plugin-sdk/acctest From b00fe10c595064f13b4cb6bb485661f6c78de346 Mon Sep 17 00:00:00 2001 From: Tom Fotherby Date: Mon, 11 May 2020 13:44:10 +0100 Subject: [PATCH 079/475] Wording fix: noncurrent object versions --- website/docs/r/s3_bucket.html.markdown | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/website/docs/r/s3_bucket.html.markdown b/website/docs/r/s3_bucket.html.markdown index 6eb96a9d192..054d8094810 100644 --- a/website/docs/r/s3_bucket.html.markdown +++ b/website/docs/r/s3_bucket.html.markdown @@ -414,12 +414,12 @@ The `transition` object supports the following The `noncurrent_version_expiration` object supports the following -* `days` (Required) Specifies the number of days an object is noncurrent object versions expire. +* `days` (Required) Specifies the number of days noncurrent object versions expire. The `noncurrent_version_transition` object supports the following -* `days` (Required) Specifies the number of days an object is noncurrent object versions expire. -* `storage_class` (Required) Specifies the Amazon S3 storage class to which you want the noncurrent versions object to transition. Can be `ONEZONE_IA`, `STANDARD_IA`, `INTELLIGENT_TIERING`, `GLACIER`, or `DEEP_ARCHIVE`. +* `days` (Required) Specifies the number of days noncurrent object versions transition. +* `storage_class` (Required) Specifies the Amazon S3 storage class to which you want the noncurrent object versions to transition. Can be `ONEZONE_IA`, `STANDARD_IA`, `INTELLIGENT_TIERING`, `GLACIER`, or `DEEP_ARCHIVE`. The `replication_configuration` object supports the following: From 2562a50e12ae444cb198731011e56a4546d9671d Mon Sep 17 00:00:00 2001 From: Gerard Costa Date: Mon, 11 May 2020 18:54:15 +0200 Subject: [PATCH 080/475] Update enabled_cloudwatch_logs_exports description Update enabled_cloudwatch_logs_exports argument description to be more clear. --- website/docs/r/db_instance.html.markdown | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/website/docs/r/db_instance.html.markdown b/website/docs/r/db_instance.html.markdown index dc8d64870a2..0e3c90421d3 100644 --- a/website/docs/r/db_instance.html.markdown +++ b/website/docs/r/db_instance.html.markdown @@ -107,7 +107,7 @@ for additional read replica contraints. * `deletion_protection` - (Optional) If the DB instance should have deletion protection enabled. The database can't be deleted when this value is set to `true`. The default is `false`. * `domain` - (Optional) The ID of the Directory Service Active Directory domain to create the instance in. * `domain_iam_role_name` - (Optional, but required if domain is provided) The name of the IAM role to be used when making API calls to the Directory Service. -* `enabled_cloudwatch_logs_exports` - (Optional) List of log types to enable for exporting to CloudWatch logs. If omitted, no logs will be exported. Valid values (depending on `engine`): `agent` (MSSQL), `alert`, `audit`, `error`, `general`, `listener`, `slowquery`, `trace`, `postgresql` (PostgreSQL), `upgrade` (PostgreSQL). +* `enabled_cloudwatch_logs_exports` - (Optional) List of log types to enable for exporting to CloudWatch logs. If omitted, no logs will be exported. Valid values (depending on `engine`). MySQL and MariaDB: `audit`, `error`, `general`, `slowquery`. PostgreSQL: `postgresql`, `upgrade`. MSSQL: `agent` , `error`. Oracle: `alert`, `audit`, `listener`, `trace`. * `engine` - (Required unless a `snapshot_identifier` or `replicate_source_db` is provided) The database engine to use. For supported values, see the Engine parameter in [API action CreateDBInstance](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBInstance.html). Note that for Amazon Aurora instances the engine must match the [DB cluster](/docs/providers/aws/r/rds_cluster.html)'s engine'. From ebc340674f79f119b159bd1cc47a9b7b324c705e Mon Sep 17 00:00:00 2001 From: Akihito Nakano Date: Tue, 12 May 2020 02:15:19 +0900 Subject: [PATCH 081/475] resource/aws_appsync_resolver: Add CachingConfig support (#12747) Output from acceptance testing: ``` --- PASS: TestAccAwsAppsyncResolver_disappears (17.59s) --- PASS: TestAccAwsAppsyncResolver_CachingConfig (21.28s) --- PASS: TestAccAwsAppsyncResolver_PipelineConfig (21.32s) --- PASS: TestAccAwsAppsyncResolver_ResponseTemplate (27.75s) --- PASS: TestAccAwsAppsyncResolver_basic (30.41s) --- PASS: TestAccAwsAppsyncResolver_RequestTemplate (32.44s) --- PASS: TestAccAwsAppsyncResolver_multipleResolvers (33.10s) --- PASS: TestAccAwsAppsyncResolver_DataSource (35.67s) ``` --- aws/resource_aws_appsync_resolver.go | 84 ++++++++++++++++ aws/resource_aws_appsync_resolver_test.go | 98 +++++++++++++++++++ aws/structure.go | 17 ---- website/docs/r/appsync_resolver.html.markdown | 18 +++- 4 files changed, 195 insertions(+), 22 deletions(-) diff --git a/aws/resource_aws_appsync_resolver.go b/aws/resource_aws_appsync_resolver.go index 470f47ef3eb..11b3e52e988 100644 --- a/aws/resource_aws_appsync_resolver.go +++ b/aws/resource_aws_appsync_resolver.go @@ -77,6 +77,27 @@ func resourceAwsAppsyncResolver() *schema.Resource { }, }, }, + "caching_config": { + Type: schema.TypeList, + Optional: true, + MaxItems: 1, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "caching_keys": { + Type: schema.TypeSet, + Optional: true, + Elem: &schema.Schema{ + Type: schema.TypeString, + }, + Set: schema.HashString, + }, + "ttl": { + Type: schema.TypeInt, + Optional: true, + }, + }, + }, + }, "arn": { Type: schema.TypeString, Computed: true, @@ -108,6 +129,10 @@ func resourceAwsAppsyncResolverCreate(d *schema.ResourceData, meta interface{}) } } + if v, ok := d.GetOk("caching_config"); ok { + input.CachingConfig = expandAppsyncResolverCachingConfig(v.([]interface{})) + } + mutexKey := fmt.Sprintf("appsync-schema-%s", d.Get("api_id").(string)) awsMutexKV.Lock(mutexKey) defer awsMutexKV.Unlock(mutexKey) @@ -165,6 +190,10 @@ func resourceAwsAppsyncResolverRead(d *schema.ResourceData, meta interface{}) er return fmt.Errorf("Error setting pipeline_config: %s", err) } + if err := d.Set("caching_config", flattenAppsyncCachingConfig(resp.Resolver.CachingConfig)); err != nil { + return fmt.Errorf("Error setting caching_config: %s", err) + } + return nil } @@ -191,6 +220,10 @@ func resourceAwsAppsyncResolverUpdate(d *schema.ResourceData, meta interface{}) } } + if v, ok := d.GetOk("caching_config"); ok { + input.CachingConfig = expandAppsyncResolverCachingConfig(v.([]interface{})) + } + mutexKey := fmt.Sprintf("appsync-schema-%s", d.Get("api_id").(string)) awsMutexKV.Lock(mutexKey) defer awsMutexKV.Unlock(mutexKey) @@ -243,3 +276,54 @@ func decodeAppsyncResolverID(id string) (string, string, string, error) { } return idParts[0], idParts[1], idParts[2], nil } + +func expandAppsyncResolverCachingConfig(l []interface{}) *appsync.CachingConfig { + if len(l) < 1 || l[0] == nil { + return nil + } + + m := l[0].(map[string]interface{}) + + cachingConfig := &appsync.CachingConfig{ + CachingKeys: expandStringSet(m["caching_keys"].(*schema.Set)), + } + + if v, ok := m["ttl"].(int); ok && v != 0 { + cachingConfig.Ttl = aws.Int64(int64(v)) + } + + return cachingConfig +} + +func flattenAppsyncPipelineConfig(c *appsync.PipelineConfig) []interface{} { + if c == nil { + return nil + } + + if len(c.Functions) == 0 { + return nil + } + + m := map[string]interface{}{ + "functions": flattenStringList(c.Functions), + } + + return []interface{}{m} +} + +func flattenAppsyncCachingConfig(c *appsync.CachingConfig) []interface{} { + if c == nil { + return nil + } + + if len(c.CachingKeys) == 0 && *(c.Ttl) == 0 { + return nil + } + + m := map[string]interface{}{ + "caching_keys": flattenStringSet(c.CachingKeys), + "ttl": int(aws.Int64Value(c.Ttl)), + } + + return []interface{}{m} +} diff --git a/aws/resource_aws_appsync_resolver_test.go b/aws/resource_aws_appsync_resolver_test.go index 7b18942e7b1..8cbbfec9df8 100644 --- a/aws/resource_aws_appsync_resolver_test.go +++ b/aws/resource_aws_appsync_resolver_test.go @@ -220,6 +220,33 @@ func TestAccAwsAppsyncResolver_PipelineConfig(t *testing.T) { }) } +func TestAccAwsAppsyncResolver_CachingConfig(t *testing.T) { + var resolver appsync.Resolver + rName := fmt.Sprintf("tfacctest%d", acctest.RandInt()) + resourceName := "aws_appsync_resolver.test" + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAwsAppsyncResolverDestroy, + Steps: []resource.TestStep{ + { + Config: testAccAppsyncResolver_cachingConfig(rName), + Check: resource.ComposeTestCheckFunc( + testAccCheckAwsAppsyncResolverExists(resourceName, &resolver), + resource.TestCheckResourceAttr(resourceName, "caching_config.0.caching_keys.#", "2"), + resource.TestCheckResourceAttr(resourceName, "caching_config.0.ttl", "60"), + ), + }, + { + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + }, + }, + }) +} + func testAccCheckAwsAppsyncResolverDestroy(s *terraform.State) error { conn := testAccProvider.Meta().(*AWSClient).appsyncconn for _, rs := range s.RootModule().Resources { @@ -739,3 +766,74 @@ EOF `, rName) } + +func testAccAppsyncResolver_cachingConfig(rName string) string { + return fmt.Sprintf(` +resource "aws_appsync_graphql_api" "test" { + authentication_type = "API_KEY" + name = "%[1]s" + schema = < Date: Mon, 11 May 2020 13:17:22 -0400 Subject: [PATCH 082/475] Update CHANGELOG for #12747 --- CHANGELOG.md | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 689ded43ef6..a9a8e4d25f1 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,4 +1,9 @@ ## 2.62.0 (Unreleased) + +ENHANCEMENTS: + +* resource/aws_appsync_resolver: Add `cache_config` configuration block [GH-12747] + ## 2.61.0 (May 08, 2020) FEATURES: From 766f45e00214b46772f9e56259f8a6b3efd2fb60 Mon Sep 17 00:00:00 2001 From: Kit Ewbank Date: Mon, 11 May 2020 14:02:11 -0400 Subject: [PATCH 083/475] tests/resource/aws_budgets_budget: Add test sweeper. (#13210) Output from sweeper in AWS Commercial: ``` 2020/05/11 13:29:44 [INFO] Deleting Budget: test-budget-6271992019102694956 2020/05/11 13:29:44 [INFO] Deleting Budget: test-budget-630276250939568571 2020/05/11 13:29:44 [INFO] Deleting Budget: test-budget-6433868691412216261 2020/05/11 13:29:45 [INFO] Deleting Budget: test-budget-7261892134268242315 2020/05/11 13:29:45 Sweeper Tests ran successfully: - aws_budgets_budget ``` Output from sweeper in AWS GovCloud (US): ``` 2020/05/11 13:29:52 [WARN] Skipping Budgets sweep for us-gov-west-1: RequestError: send request failed caused by: Post "https://budgets.us-gov-west-1.amazonaws.com/": dial tcp: lookup budgets.us-gov-west-1.amazonaws.com: no such host 2020/05/11 13:29:52 Sweeper Tests ran successfully: - aws_budgets_budget ``` --- aws/resource_aws_budgets_budget_test.go | 64 ++++++++++++++++++++++++- 1 file changed, 62 insertions(+), 2 deletions(-) diff --git a/aws/resource_aws_budgets_budget_test.go b/aws/resource_aws_budgets_budget_test.go index 65ddb8b7310..6cb5b1fa3ef 100644 --- a/aws/resource_aws_budgets_budget_test.go +++ b/aws/resource_aws_budgets_budget_test.go @@ -2,6 +2,7 @@ package aws import ( "fmt" + "log" "reflect" "regexp" "strconv" @@ -11,11 +12,70 @@ import ( "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/service/budgets" + "github.com/hashicorp/go-multierror" "github.com/hashicorp/terraform-plugin-sdk/helper/acctest" "github.com/hashicorp/terraform-plugin-sdk/helper/resource" "github.com/hashicorp/terraform-plugin-sdk/terraform" ) +func init() { + resource.AddTestSweepers("aws_budgets_budget", &resource.Sweeper{ + Name: "aws_budgets_budget", + F: testSweepBudgetsBudgets, + }) +} + +func testSweepBudgetsBudgets(region string) error { + client, err := sharedClientForRegion(region) + if err != nil { + return fmt.Errorf("error getting client: %w", err) + } + conn := client.(*AWSClient).budgetconn + accountID := client.(*AWSClient).accountid + input := &budgets.DescribeBudgetsInput{ + AccountId: aws.String(accountID), + } + var sweeperErrs *multierror.Error + + for { + output, err := conn.DescribeBudgets(input) + if testSweepSkipSweepError(err) { + log.Printf("[WARN] Skipping Budgets sweep for %s: %s", region, err) + return sweeperErrs.ErrorOrNil() // In case we have completed some pages, but had errors + } + if err != nil { + sweeperErrs = multierror.Append(sweeperErrs, fmt.Errorf("error retrieving Budgets: %w", err)) + return sweeperErrs + } + + for _, budget := range output.Budgets { + name := aws.StringValue(budget.BudgetName) + + log.Printf("[INFO] Deleting Budget: %s", name) + _, err := conn.DeleteBudget(&budgets.DeleteBudgetInput{ + AccountId: aws.String(accountID), + BudgetName: aws.String(name), + }) + if isAWSErr(err, budgets.ErrCodeNotFoundException, "") { + continue + } + if err != nil { + sweeperErr := fmt.Errorf("error deleting Budget (%s): %w", name, err) + log.Printf("[ERROR] %s", sweeperErr) + sweeperErrs = multierror.Append(sweeperErrs, sweeperErr) + continue + } + } + + if aws.StringValue(output.NextToken) == "" { + break + } + input.NextToken = output.NextToken + } + + return sweeperErrs.ErrorOrNil() +} + func TestAccAWSBudgetsBudget_basic(t *testing.T) { costFilterKey := "AZ" name := fmt.Sprintf("test-budget-%d", acctest.RandInt()) @@ -584,10 +644,10 @@ resource "aws_budgets_budget" "foo" { use_blended = "%t" } - time_period_start = "%s" + time_period_start = "%s" time_period_end = "%s" time_unit = "%s" - + %s } `, *budgetConfig.BudgetName, *budgetConfig.BudgetType, *budgetConfig.BudgetLimit.Amount, *budgetConfig.BudgetLimit.Unit, *budgetConfig.CostTypes.IncludeTax, *budgetConfig.CostTypes.IncludeSubscription, *budgetConfig.CostTypes.UseBlended, timePeriodStart, timePeriodEnd, *budgetConfig.TimeUnit, strings.Join(notificationStrings, "\n")) From e395572d260be21e1d1aaa072364f0b360784290 Mon Sep 17 00:00:00 2001 From: Kit Ewbank Date: Sun, 28 Jul 2019 17:03:13 -0400 Subject: [PATCH 084/475] API Gateway WebSocket chat application example --- .../api-gateway-websocket-chat-app/.gitignore | 1 + .../api-gateway-websocket-chat-app/README.md | 17 + .../api-gateway-websocket-chat-app/main.tf | 456 ++++++++++++++++++ .../onconnect/app.js | 22 + .../onconnect/package.json | 11 + .../ondisconnect/app.js | 22 + .../ondisconnect/package.json | 11 + .../sendmessage/app.js | 46 ++ .../sendmessage/package.json | 11 + .../terraform.template.tfvars | 5 + .../variables.tf | 11 + 11 files changed, 613 insertions(+) create mode 100644 examples/api-gateway-websocket-chat-app/.gitignore create mode 100644 examples/api-gateway-websocket-chat-app/README.md create mode 100644 examples/api-gateway-websocket-chat-app/main.tf create mode 100644 examples/api-gateway-websocket-chat-app/onconnect/app.js create mode 100644 examples/api-gateway-websocket-chat-app/onconnect/package.json create mode 100644 examples/api-gateway-websocket-chat-app/ondisconnect/app.js create mode 100644 examples/api-gateway-websocket-chat-app/ondisconnect/package.json create mode 100644 examples/api-gateway-websocket-chat-app/sendmessage/app.js create mode 100644 examples/api-gateway-websocket-chat-app/sendmessage/package.json create mode 100644 examples/api-gateway-websocket-chat-app/terraform.template.tfvars create mode 100644 examples/api-gateway-websocket-chat-app/variables.tf diff --git a/examples/api-gateway-websocket-chat-app/.gitignore b/examples/api-gateway-websocket-chat-app/.gitignore new file mode 100644 index 00000000000..c4c4ffc6aa4 --- /dev/null +++ b/examples/api-gateway-websocket-chat-app/.gitignore @@ -0,0 +1 @@ +*.zip diff --git a/examples/api-gateway-websocket-chat-app/README.md b/examples/api-gateway-websocket-chat-app/README.md new file mode 100644 index 00000000000..74e065f6a3b --- /dev/null +++ b/examples/api-gateway-websocket-chat-app/README.md @@ -0,0 +1,17 @@ +# API Gateway WebSocket Chat Application + +This example demonstrates how to create a simple chat application using [API Gateway's WebSocket-based API](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-api.html) features. +It's based on the [AWS Serverless Application Model](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/what-is-sam.html) [`simple-websockets-chat-app`](https://github.com/aws-samples/simple-websockets-chat-app). + +## Running this Example + +Either `cp terraform.template.tfvars terraform.tfvars` and modify that new file accordingly or provide variables via CLI: + +``` +terraform apply \ + -var="aws_access_key=yourawsaccesskey" \ + -var="aws_secret_key=yourawssecretkey" \ + -var="aws_region=us-east-1" +``` + +The `WebSocketURI` output contains the URL of the API endpoint to be used when following the [instructions](https://github.com/aws-samples/simple-websockets-chat-app#testing-the-chat-api) for testing. diff --git a/examples/api-gateway-websocket-chat-app/main.tf b/examples/api-gateway-websocket-chat-app/main.tf new file mode 100644 index 00000000000..4b5c485d339 --- /dev/null +++ b/examples/api-gateway-websocket-chat-app/main.tf @@ -0,0 +1,456 @@ +# +# Terraform configuration for simple-websockets-chat-app that has the DynamoDB table and +# Lambda functions needed to demonstrate the Websocket protocol on API Gateway. +# + +# +# Providers. +# + +provider "aws" { + access_key = "${var.aws_access_key}" + secret_key = "${var.aws_secret_key}" + region = "${var.aws_region}" +} + +provider "archive" {} + +# +# Data sources for current AWS account ID, partition and region. +# + +data "aws_caller_identity" "current" {} + +data "aws_partition" "current" {} + +data "aws_region" "current" {} + +# +# DynamoDB table resources. +# + +resource "aws_dynamodb_table" "ConnectionsTable" { + name = "simplechat_connections" + read_capacity = 5 + write_capacity = 5 + hash_key = "connectionId" + + attribute { + name = "connectionId" + type = "S" + } + + server_side_encryption { + enabled = true + } +} + +# See https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/serverless-policy-template-list.html#dynamo-db-crud-policy. +resource "aws_iam_policy" "DynamoDBCrudPolicy" { + name = "DynamoDBCrudPolicy" + + policy = < { + let connectionData; + + try { + connectionData = await ddb.scan({ TableName: TABLE_NAME, ProjectionExpression: 'connectionId' }).promise(); + } catch (e) { + return { statusCode: 500, body: e.stack }; + } + + const apigwManagementApi = new AWS.ApiGatewayManagementApi({ + apiVersion: '2018-11-29', + endpoint: event.requestContext.domainName + '/' + event.requestContext.stage + }); + + const postData = JSON.parse(event.body).data; + + const postCalls = connectionData.Items.map(async ({ connectionId }) => { + try { + await apigwManagementApi.postToConnection({ ConnectionId: connectionId, Data: postData }).promise(); + } catch (e) { + if (e.statusCode === 410) { + console.log(`Found stale connection, deleting ${connectionId}`); + await ddb.delete({ TableName: TABLE_NAME, Key: { connectionId } }).promise(); + } else { + throw e; + } + } + }); + + try { + await Promise.all(postCalls); + } catch (e) { + return { statusCode: 500, body: e.stack }; + } + + return { statusCode: 200, body: 'Data sent.' }; +}; diff --git a/examples/api-gateway-websocket-chat-app/sendmessage/package.json b/examples/api-gateway-websocket-chat-app/sendmessage/package.json new file mode 100644 index 00000000000..6b3b04aa615 --- /dev/null +++ b/examples/api-gateway-websocket-chat-app/sendmessage/package.json @@ -0,0 +1,11 @@ +{ + "name": "send-message", + "version": "1.0.0", + "description": "sendmessage example for WebSockets on API Gateway", + "main": "src/app.js", + "author": "SAM CLI", + "license": "MIT", + "dependencies": { + "aws-sdk": "^2.434.0" + } +} diff --git a/examples/api-gateway-websocket-chat-app/terraform.template.tfvars b/examples/api-gateway-websocket-chat-app/terraform.template.tfvars new file mode 100644 index 00000000000..286c3091224 --- /dev/null +++ b/examples/api-gateway-websocket-chat-app/terraform.template.tfvars @@ -0,0 +1,5 @@ +aws_access_key = "yourawsaccesskey" + +aws_secret_key = "yourawssecretkey" + +aws_region = "us-east-1" diff --git a/examples/api-gateway-websocket-chat-app/variables.tf b/examples/api-gateway-websocket-chat-app/variables.tf new file mode 100644 index 00000000000..e1143d86d0a --- /dev/null +++ b/examples/api-gateway-websocket-chat-app/variables.tf @@ -0,0 +1,11 @@ +variable "aws_access_key" { + description = "" +} + +variable "aws_secret_key" { + description = "" +} + +variable "aws_region" { + description = "" +} From f7e9818ad2d62345b00828da14d61babe54c1974 Mon Sep 17 00:00:00 2001 From: Kit Ewbank Date: Sat, 18 Apr 2020 19:04:46 -0400 Subject: [PATCH 085/475] Updated resource names (aws_apigatewayv2_). --- .../api-gateway-websocket-chat-app/main.tf | 52 +++++++++---------- 1 file changed, 26 insertions(+), 26 deletions(-) diff --git a/examples/api-gateway-websocket-chat-app/main.tf b/examples/api-gateway-websocket-chat-app/main.tf index 4b5c485d339..8e8f7ad43b1 100644 --- a/examples/api-gateway-websocket-chat-app/main.tf +++ b/examples/api-gateway-websocket-chat-app/main.tf @@ -78,81 +78,81 @@ EOT # WebSocket API resources. # -resource "aws_api_gateway_v2_api" "SimpleChatWebSocket" { +resource "aws_apigatewayv2_api" "SimpleChatWebSocket" { name = "SimpleChatWebSocket" protocol_type = "WEBSOCKET" route_selection_expression = "$request.body.message" } -resource "aws_api_gateway_v2_deployment" "Deployment" { - api_id = "${aws_api_gateway_v2_api.SimpleChatWebSocket.id}" +resource "aws_apigatewayv2_deployment" "Deployment" { + api_id = "${aws_apigatewayv2_api.SimpleChatWebSocket.id}" depends_on = [ - "aws_api_gateway_v2_route.ConnectRoute", - "aws_api_gateway_v2_route.DisconnectRoute", - "aws_api_gateway_v2_route.SendRoute", + "aws_apigatewayv2_route.ConnectRoute", + "aws_apigatewayv2_route.DisconnectRoute", + "aws_apigatewayv2_route.SendRoute", ] } -resource "aws_api_gateway_v2_stage" "Stage" { - api_id = "${aws_api_gateway_v2_api.SimpleChatWebSocket.id}" +resource "aws_apigatewayv2_stage" "Stage" { + api_id = "${aws_apigatewayv2_api.SimpleChatWebSocket.id}" name = "Prod" description = "Prod Stage" - deployment_id = "${aws_api_gateway_v2_deployment.Deployment.id}" + deployment_id = "${aws_apigatewayv2_deployment.Deployment.id}" } ########### # OnConnect ########### -resource "aws_api_gateway_v2_integration" "ConnectIntegrat" { - api_id = "${aws_api_gateway_v2_api.SimpleChatWebSocket.id}" +resource "aws_apigatewayv2_integration" "ConnectIntegrat" { + api_id = "${aws_apigatewayv2_api.SimpleChatWebSocket.id}" integration_type = "AWS_PROXY" description = "Connect Integration" integration_uri = "${aws_lambda_function.OnConnectFunction.invoke_arn}" integration_method = "POST" } -resource "aws_api_gateway_v2_route" "ConnectRoute" { - api_id = "${aws_api_gateway_v2_api.SimpleChatWebSocket.id}" +resource "aws_apigatewayv2_route" "ConnectRoute" { + api_id = "${aws_apigatewayv2_api.SimpleChatWebSocket.id}" route_key = "$connect" operation_name = "ConnectRoute" - target = "integrations/${aws_api_gateway_v2_integration.ConnectIntegrat.id}" + target = "integrations/${aws_apigatewayv2_integration.ConnectIntegrat.id}" } ############## # OnDisconnect ############## -resource "aws_api_gateway_v2_integration" "DisconnectInteg" { - api_id = "${aws_api_gateway_v2_api.SimpleChatWebSocket.id}" +resource "aws_apigatewayv2_integration" "DisconnectInteg" { + api_id = "${aws_apigatewayv2_api.SimpleChatWebSocket.id}" integration_type = "AWS_PROXY" description = "Disconnect Integration" integration_uri = "${aws_lambda_function.OnDisconnectFunction.invoke_arn}" integration_method = "POST" } -resource "aws_api_gateway_v2_route" "DisconnectRoute" { - api_id = "${aws_api_gateway_v2_api.SimpleChatWebSocket.id}" +resource "aws_apigatewayv2_route" "DisconnectRoute" { + api_id = "${aws_apigatewayv2_api.SimpleChatWebSocket.id}" route_key = "$disconnect" operation_name = "DisconnectRoute" - target = "integrations/${aws_api_gateway_v2_integration.DisconnectInteg.id}" + target = "integrations/${aws_apigatewayv2_integration.DisconnectInteg.id}" } ############# # SendMessage ############# -resource "aws_api_gateway_v2_integration" "SendInteg" { - api_id = "${aws_api_gateway_v2_api.SimpleChatWebSocket.id}" +resource "aws_apigatewayv2_integration" "SendInteg" { + api_id = "${aws_apigatewayv2_api.SimpleChatWebSocket.id}" integration_type = "AWS_PROXY" description = "Send Integration" integration_uri = "${aws_lambda_function.SendMessageFunction.invoke_arn}" integration_method = "POST" } -resource "aws_api_gateway_v2_route" "SendRoute" { - api_id = "${aws_api_gateway_v2_api.SimpleChatWebSocket.id}" +resource "aws_apigatewayv2_route" "SendRoute" { + api_id = "${aws_apigatewayv2_api.SimpleChatWebSocket.id}" route_key = "sendmessage" operation_name = "SendRoute" - target = "integrations/${aws_api_gateway_v2_integration.SendInteg.id}" + target = "integrations/${aws_apigatewayv2_integration.SendInteg.id}" } # @@ -420,7 +420,7 @@ resource "aws_iam_policy" "SendMessageManageConnectionsPolicy" { "Statement": [{ "Effect": "Allow", "Action": "execute-api:ManageConnections", - "Resource": "${aws_api_gateway_v2_api.SimpleChatWebSocket.execution_arn}/*" + "Resource": "${aws_apigatewayv2_api.SimpleChatWebSocket.execution_arn}/*" }] } EOT @@ -452,5 +452,5 @@ output "SendMessageFunctionArn" { } output "WebSocketURI" { - value = "${aws_api_gateway_v2_stage.Stage.invoke_url}" + value = "${aws_apigatewayv2_stage.Stage.invoke_url}" } From c841d796fe4fcbf5ae82777b7b7a829440f1856a Mon Sep 17 00:00:00 2001 From: Kit Ewbank Date: Sun, 19 Apr 2020 16:27:44 -0400 Subject: [PATCH 086/475] Update AWS SDK version. Equivalent to https://github.com/aws-samples/simple-websockets-chat-app/commit/59bcc3f64491dbb0dc222bb90dc7bf81e6f873e4. --- examples/api-gateway-websocket-chat-app/onconnect/package.json | 2 +- .../api-gateway-websocket-chat-app/ondisconnect/package.json | 2 +- .../api-gateway-websocket-chat-app/sendmessage/package.json | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/examples/api-gateway-websocket-chat-app/onconnect/package.json b/examples/api-gateway-websocket-chat-app/onconnect/package.json index 1731da25369..c3af0703f89 100644 --- a/examples/api-gateway-websocket-chat-app/onconnect/package.json +++ b/examples/api-gateway-websocket-chat-app/onconnect/package.json @@ -6,6 +6,6 @@ "author": "SAM CLI", "license": "MIT", "dependencies": { - "aws-sdk": "^2.434.0" + "aws-sdk": "^2.655.0" } } diff --git a/examples/api-gateway-websocket-chat-app/ondisconnect/package.json b/examples/api-gateway-websocket-chat-app/ondisconnect/package.json index 833297462b9..3d3d07cdcaa 100644 --- a/examples/api-gateway-websocket-chat-app/ondisconnect/package.json +++ b/examples/api-gateway-websocket-chat-app/ondisconnect/package.json @@ -6,6 +6,6 @@ "author": "SAM CLI", "license": "MIT", "dependencies": { - "aws-sdk": "^2.434.0" + "aws-sdk": "^2.655.0" } } diff --git a/examples/api-gateway-websocket-chat-app/sendmessage/package.json b/examples/api-gateway-websocket-chat-app/sendmessage/package.json index 6b3b04aa615..1f96ca5faef 100644 --- a/examples/api-gateway-websocket-chat-app/sendmessage/package.json +++ b/examples/api-gateway-websocket-chat-app/sendmessage/package.json @@ -6,6 +6,6 @@ "author": "SAM CLI", "license": "MIT", "dependencies": { - "aws-sdk": "^2.434.0" + "aws-sdk": "^2.655.0" } } From b6d0974c0c3f644e33af37e8b4dcc4c30465b314 Mon Sep 17 00:00:00 2001 From: Kit Ewbank Date: Sun, 19 Apr 2020 16:29:37 -0400 Subject: [PATCH 087/475] Bump lambda runtime Node version. Equivalent to https://github.com/aws-samples/simple-websockets-chat-app/commit/a0315590d3b6c4b98711281f4881b212e1039bc1. --- examples/api-gateway-websocket-chat-app/main.tf | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/examples/api-gateway-websocket-chat-app/main.tf b/examples/api-gateway-websocket-chat-app/main.tf index 8e8f7ad43b1..963c3257503 100644 --- a/examples/api-gateway-websocket-chat-app/main.tf +++ b/examples/api-gateway-websocket-chat-app/main.tf @@ -173,7 +173,7 @@ resource "aws_lambda_function" "OnConnectFunction" { function_name = "OnConnectFunction" role = "${aws_iam_role.OnConnectRole.arn}" handler = "app.handler" - runtime = "nodejs10.x" + runtime = "nodejs12.x" memory_size = 256 environment { @@ -257,7 +257,7 @@ resource "aws_lambda_function" "OnDisconnectFunction" { function_name = "OnDisconnectFunction" role = "${aws_iam_role.OnDisconnectRole.arn}" handler = "app.handler" - runtime = "nodejs10.x" + runtime = "nodejs12.x" memory_size = 256 environment { @@ -341,7 +341,7 @@ resource "aws_lambda_function" "SendMessageFunction" { function_name = "SendMessageFunction" role = "${aws_iam_role.SendMessageRole.arn}" handler = "app.handler" - runtime = "nodejs10.x" + runtime = "nodejs12.x" memory_size = 256 environment { From 29dfd54faf26340e09ffd9f5ba52a3ae9e5c1c72 Mon Sep 17 00:00:00 2001 From: Kit Ewbank Date: Sun, 19 Apr 2020 16:33:15 -0400 Subject: [PATCH 088/475] Cleanup code and make it consistent across all handlers. Equivalent to https://github.com/aws-samples/simple-websockets-chat-app/commit/acab347f4a8265b7828ba51fabee854d772dce3e and https://github.com/aws-samples/simple-websockets-chat-app/commit/8539381d453da1a886ce92d94b118f98a45951e3. --- .../onconnect/app.js | 25 +++++++------- .../ondisconnect/app.js | 33 +++++++++++-------- .../sendmessage/app.js | 14 ++++---- 3 files changed, 40 insertions(+), 32 deletions(-) diff --git a/examples/api-gateway-websocket-chat-app/onconnect/app.js b/examples/api-gateway-websocket-chat-app/onconnect/app.js index 3166943dcaf..560b720acfd 100644 --- a/examples/api-gateway-websocket-chat-app/onconnect/app.js +++ b/examples/api-gateway-websocket-chat-app/onconnect/app.js @@ -1,22 +1,23 @@ // Copyright 2018 Amazon.com, Inc. or its affiliates. All Rights Reserved. // SPDX-License-Identifier: MIT-0 -var AWS = require("aws-sdk"); -AWS.config.update({ region: process.env.AWS_REGION }); -var DDB = new AWS.DynamoDB({ apiVersion: "2012-10-08" }); +const AWS = require('aws-sdk'); -exports.handler = function (event, context, callback) { - var putParams = { +const ddb = new AWS.DynamoDB.DocumentClient({ apiVersion: '2012-08-10', region: process.env.AWS_REGION }); + +exports.handler = async event => { + const putParams = { TableName: process.env.TABLE_NAME, Item: { - connectionId: { S: event.requestContext.connectionId } + connectionId: event.requestContext.connectionId } }; - DDB.putItem(putParams, function (err) { - callback(null, { - statusCode: err ? 500 : 200, - body: err ? "Failed to connect: " + JSON.stringify(err) : "Connected." - }); - }); + try { + await ddb.put(putParams).promise(); + } catch (err) { + return { statusCode: 500, body: 'Failed to connect: ' + JSON.stringify(err) }; + } + + return { statusCode: 200, body: 'Connected.' }; }; diff --git a/examples/api-gateway-websocket-chat-app/ondisconnect/app.js b/examples/api-gateway-websocket-chat-app/ondisconnect/app.js index 43326d7dec1..7c6c2d7d739 100644 --- a/examples/api-gateway-websocket-chat-app/ondisconnect/app.js +++ b/examples/api-gateway-websocket-chat-app/ondisconnect/app.js @@ -1,22 +1,29 @@ // Copyright 2018 Amazon.com, Inc. or its affiliates. All Rights Reserved. // SPDX-License-Identifier: MIT-0 -var AWS = require("aws-sdk"); -AWS.config.update({ region: process.env.AWS_REGION }); -var DDB = new AWS.DynamoDB({ apiVersion: "2012-10-08" }); +// https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-api-route-keys-connect-disconnect.html +// The $disconnect route is executed after the connection is closed. +// The connection can be closed by the server or by the client. As the connection is already closed when it is executed, +// $disconnect is a best-effort event. +// API Gateway will try its best to deliver the $disconnect event to your integration, but it cannot guarantee delivery. -exports.handler = function (event, context, callback) { - var deleteParams = { +const AWS = require('aws-sdk'); + +const ddb = new AWS.DynamoDB.DocumentClient({ apiVersion: '2012-08-10', region: process.env.AWS_REGION }); + +exports.handler = async event => { + const deleteParams = { TableName: process.env.TABLE_NAME, Key: { - connectionId: { S: event.requestContext.connectionId } + connectionId: event.requestContext.connectionId } }; - DDB.deleteItem(deleteParams, function (err) { - callback(null, { - statusCode: err ? 500 : 200, - body: err ? "Failed to disconnect: " + JSON.stringify(err) : "Disconnected." - }); - }); -}; \ No newline at end of file + try { + await ddb.delete(deleteParams).promise(); + } catch (err) { + return { statusCode: 500, body: 'Failed to disconnect: ' + JSON.stringify(err) }; + } + + return { statusCode: 200, body: 'Disconnected.' }; +}; diff --git a/examples/api-gateway-websocket-chat-app/sendmessage/app.js b/examples/api-gateway-websocket-chat-app/sendmessage/app.js index 5df63d3c77f..c217de88007 100644 --- a/examples/api-gateway-websocket-chat-app/sendmessage/app.js +++ b/examples/api-gateway-websocket-chat-app/sendmessage/app.js @@ -3,26 +3,26 @@ const AWS = require('aws-sdk'); -const ddb = new AWS.DynamoDB.DocumentClient({ apiVersion: '2012-08-10' }); +const ddb = new AWS.DynamoDB.DocumentClient({ apiVersion: '2012-08-10', region: process.env.AWS_REGION }); const { TABLE_NAME } = process.env; -exports.handler = async (event, context) => { +exports.handler = async event => { let connectionData; - + try { connectionData = await ddb.scan({ TableName: TABLE_NAME, ProjectionExpression: 'connectionId' }).promise(); } catch (e) { return { statusCode: 500, body: e.stack }; } - + const apigwManagementApi = new AWS.ApiGatewayManagementApi({ apiVersion: '2018-11-29', endpoint: event.requestContext.domainName + '/' + event.requestContext.stage }); - + const postData = JSON.parse(event.body).data; - + const postCalls = connectionData.Items.map(async ({ connectionId }) => { try { await apigwManagementApi.postToConnection({ ConnectionId: connectionId, Data: postData }).promise(); @@ -35,7 +35,7 @@ exports.handler = async (event, context) => { } } }); - + try { await Promise.all(postCalls); } catch (e) { From 88e26162cb7f7f377e77e9df1e3486d17585c27c Mon Sep 17 00:00:00 2001 From: Simon Davis Date: Mon, 11 May 2020 11:18:02 -0700 Subject: [PATCH 089/475] brief triage section --- docs/MAINTAINING.md | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/docs/MAINTAINING.md b/docs/MAINTAINING.md index ab9417fa5b5..33b3e81113f 100644 --- a/docs/MAINTAINING.md +++ b/docs/MAINTAINING.md @@ -20,8 +20,7 @@ ## Triage -Incoming issues are classified using labels. These are assigned either by automation, or manually during the triage process. At a minimum tickets should be classified by type and by the area of the provider they affect. A full listing of the labels and how they are used can be found in the [Label Dictionary](#label-dictionary). - +Incoming issues are classified using labels. These are assigned either by automation, or manually during the triage process. We follow a two-label system where we classify by type and by the area of the provider they affect. A full listing of the labels and how they are used can be found in the [Label Dictionary](#label-dictionary). ## Pull Requests From 5bb0f1e4013aab9c5931231d58a251510426ef27 Mon Sep 17 00:00:00 2001 From: Kit Ewbank Date: Mon, 11 May 2020 14:18:40 -0400 Subject: [PATCH 090/475] tests/resource/aws_db_event_subscription: Add test sweeper. (#13213) Output from sweeper in AWS Commercial: ``` 2020/05/11 14:14:22 [DEBUG] Running Sweepers for region (us-west-2): ... 2020/05/11 14:14:25 [INFO] Deleting RDS Event Subscription: tf-acc-test-rds-event-subs-20191021133601971700000001 2020/05/11 14:14:25 [DEBUG] Waiting for state to become: [NotFound] 2020/05/11 14:14:26 [INFO] Deleting RDS Event Subscription: tf-acc-test-rds-event-subs-with-ids-361763032171412572 2020/05/11 14:14:26 [DEBUG] Waiting for state to become: [NotFound] 2020/05/11 14:14:27 Sweeper Tests ran successfully: - aws_db_event_subscription 2020/05/11 14:14:27 [DEBUG] Running Sweepers for region (us-east-1): ... 2020/05/11 14:14:28 [INFO] Deleting RDS Event Subscription: tf-acc-test-rds-event-subs-1820955943561857838 2020/05/11 14:14:28 [DEBUG] Waiting for state to become: [NotFound] 2020/05/11 14:14:28 [INFO] Deleting RDS Event Subscription: tf-acc-test-rds-event-subs-20200423224041091000000003 2020/05/11 14:14:28 [DEBUG] Waiting for state to become: [NotFound] 2020/05/11 14:14:28 [INFO] Deleting RDS Event Subscription: tf-acc-test-rds-event-subs-20200423224810295700000005 2020/05/11 14:14:28 [DEBUG] Waiting for state to become: [NotFound] 2020/05/11 14:14:29 [INFO] Deleting RDS Event Subscription: tf-acc-test-rds-event-subs-2179228110378263774 2020/05/11 14:14:29 [DEBUG] Waiting for state to become: [NotFound] 2020/05/11 14:14:29 [INFO] Deleting RDS Event Subscription: tf-acc-test-rds-event-subs-6780601559120754865 2020/05/11 14:14:29 [DEBUG] Waiting for state to become: [NotFound] 2020/05/11 14:14:29 [INFO] Deleting RDS Event Subscription: tf-acc-test-rds-event-subs-9207950827952522213 2020/05/11 14:14:29 [DEBUG] Waiting for state to become: [NotFound] 2020/05/11 14:14:29 [INFO] Deleting RDS Event Subscription: tf-acc-test-rds-event-subs-with-ids-4506979627267242866 2020/05/11 14:14:29 [DEBUG] Waiting for state to become: [NotFound] 2020/05/11 14:14:29 [INFO] Deleting RDS Event Subscription: tf-acc-test-rds-event-subs-with-ids-5063938615852179267 2020/05/11 14:14:29 [DEBUG] Waiting for state to become: [NotFound] 2020/05/11 14:14:30 Sweeper Tests ran successfully: - aws_db_event_subscription ``` Output from sweeper in AWS GovCloud (US): ``` 2020/05/11 14:13:52 [DEBUG] Running Sweepers for region (us-gov-west-1): ... 2020/05/11 14:13:55 Sweeper Tests ran successfully: - aws_db_event_subscription ``` --- aws/internal/service/rds/waiter/status.go | 36 ++++++++++ aws/internal/service/rds/waiter/waiter.go | 31 +++++++++ ...resource_aws_db_event_subscription_test.go | 65 +++++++++++++++++++ 3 files changed, 132 insertions(+) create mode 100644 aws/internal/service/rds/waiter/status.go create mode 100644 aws/internal/service/rds/waiter/waiter.go diff --git a/aws/internal/service/rds/waiter/status.go b/aws/internal/service/rds/waiter/status.go new file mode 100644 index 00000000000..62e70a79523 --- /dev/null +++ b/aws/internal/service/rds/waiter/status.go @@ -0,0 +1,36 @@ +package waiter + +import ( + "github.com/aws/aws-sdk-go/aws" + "github.com/aws/aws-sdk-go/service/rds" + "github.com/hashicorp/terraform-plugin-sdk/helper/resource" +) + +const ( + // EventSubscription NotFound + EventSubscriptionStatusNotFound = "NotFound" + + // EventSubscription Unknown + EventSubscriptionStatusUnknown = "Unknown" +) + +// EventSubscriptionStatus fetches the EventSubscription and its Status +func EventSubscriptionStatus(conn *rds.RDS, subscriptionName string) resource.StateRefreshFunc { + return func() (interface{}, string, error) { + input := &rds.DescribeEventSubscriptionsInput{ + SubscriptionName: aws.String(subscriptionName), + } + + output, err := conn.DescribeEventSubscriptions(input) + + if err != nil { + return nil, EventSubscriptionStatusUnknown, err + } + + if len(output.EventSubscriptionsList) == 0 { + return nil, EventSubscriptionStatusNotFound, nil + } + + return output.EventSubscriptionsList[0], aws.StringValue(output.EventSubscriptionsList[0].Status), nil + } +} diff --git a/aws/internal/service/rds/waiter/waiter.go b/aws/internal/service/rds/waiter/waiter.go new file mode 100644 index 00000000000..482b98573ad --- /dev/null +++ b/aws/internal/service/rds/waiter/waiter.go @@ -0,0 +1,31 @@ +package waiter + +import ( + "time" + + "github.com/aws/aws-sdk-go/service/rds" + "github.com/hashicorp/terraform-plugin-sdk/helper/resource" +) + +const ( + // Maximum amount of time to wait for an EventSubscription to return Deleted + EventSubscriptionDeletedTimeout = 10 * time.Minute +) + +// DeploymentDeployed waits for a EventSubscription to return Deleted +func EventSubscriptionDeleted(conn *rds.RDS, subscriptionName string) (*rds.EventSubscription, error) { + stateConf := &resource.StateChangeConf{ + Pending: []string{"deleting"}, + Target: []string{EventSubscriptionStatusNotFound}, + Refresh: EventSubscriptionStatus(conn, subscriptionName), + Timeout: EventSubscriptionDeletedTimeout, + } + + outputRaw, err := stateConf.WaitForState() + + if v, ok := outputRaw.(*rds.EventSubscription); ok { + return v, err + } + + return nil, err +} diff --git a/aws/resource_aws_db_event_subscription_test.go b/aws/resource_aws_db_event_subscription_test.go index 60d5966dac4..5d52b3328e9 100644 --- a/aws/resource_aws_db_event_subscription_test.go +++ b/aws/resource_aws_db_event_subscription_test.go @@ -2,17 +2,82 @@ package aws import ( "fmt" + "log" "regexp" "testing" "time" "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/service/rds" + "github.com/hashicorp/go-multierror" "github.com/hashicorp/terraform-plugin-sdk/helper/acctest" "github.com/hashicorp/terraform-plugin-sdk/helper/resource" "github.com/hashicorp/terraform-plugin-sdk/terraform" + "github.com/terraform-providers/terraform-provider-aws/aws/internal/service/rds/waiter" ) +func init() { + resource.AddTestSweepers("aws_db_event_subscription", &resource.Sweeper{ + Name: "aws_db_event_subscription", + F: testSweepDbEventSubscriptions, + }) +} + +func testSweepDbEventSubscriptions(region string) error { + client, err := sharedClientForRegion(region) + if err != nil { + return fmt.Errorf("error getting client: %w", err) + } + conn := client.(*AWSClient).rdsconn + var sweeperErrs *multierror.Error + + err = conn.DescribeEventSubscriptionsPages(&rds.DescribeEventSubscriptionsInput{}, func(page *rds.DescribeEventSubscriptionsOutput, isLast bool) bool { + if page == nil { + return !isLast + } + + for _, eventSubscription := range page.EventSubscriptionsList { + name := aws.StringValue(eventSubscription.CustSubscriptionId) + + log.Printf("[INFO] Deleting RDS Event Subscription: %s", name) + _, err = conn.DeleteEventSubscription(&rds.DeleteEventSubscriptionInput{ + SubscriptionName: aws.String(name), + }) + if isAWSErr(err, rds.ErrCodeSubscriptionNotFoundFault, "") { + continue + } + if err != nil { + sweeperErr := fmt.Errorf("error deleting RDS Event Subscription (%s): %w", name, err) + log.Printf("[ERROR] %s", sweeperErr) + sweeperErrs = multierror.Append(sweeperErrs, sweeperErr) + continue + } + + _, err = waiter.EventSubscriptionDeleted(conn, name) + if isAWSErr(err, rds.ErrCodeSubscriptionNotFoundFault, "") { + continue + } + if err != nil { + sweeperErr := fmt.Errorf("error waiting for RDS Event Subscription (%s) deletion: %w", name, err) + log.Printf("[ERROR] %s", sweeperErr) + sweeperErrs = multierror.Append(sweeperErrs, sweeperErr) + continue + } + } + + return !isLast + }) + if testSweepSkipSweepError(err) { + log.Printf("[WARN] Skipping RDS Event Subscriptions sweep for %s: %s", region, err) + return sweeperErrs.ErrorOrNil() // In case we have completed some pages, but had errors + } + if err != nil { + sweeperErrs = multierror.Append(sweeperErrs, fmt.Errorf("error retrieving RDS Event Subscriptions: %w", err)) + } + + return sweeperErrs.ErrorOrNil() +} + func TestAccAWSDBEventSubscription_basicUpdate(t *testing.T) { var v rds.EventSubscription rInt := acctest.RandInt() From d4bc44b46bc9e12cff4896d20f1d4c3589384b50 Mon Sep 17 00:00:00 2001 From: Simon Davis Date: Mon, 11 May 2020 11:25:59 -0700 Subject: [PATCH 091/475] add community guidelines link --- docs/MAINTAINING.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/docs/MAINTAINING.md b/docs/MAINTAINING.md index 33b3e81113f..4bf01519358 100644 --- a/docs/MAINTAINING.md +++ b/docs/MAINTAINING.md @@ -18,6 +18,10 @@ +## Community Maintainers + +Members of the community who participate in any aspects of maintaining the provider must adhere to the HashiCorp [Community Guidelines](https://www.hashicorp.com/community-guidelines). + ## Triage Incoming issues are classified using labels. These are assigned either by automation, or manually during the triage process. We follow a two-label system where we classify by type and by the area of the provider they affect. A full listing of the labels and how they are used can be found in the [Label Dictionary](#label-dictionary). From 281dc31651af88e32bab12e9c2ce1bc130c1599b Mon Sep 17 00:00:00 2001 From: Simon Davis Date: Mon, 11 May 2020 11:36:46 -0700 Subject: [PATCH 092/475] extra blurb on roadmap --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 45fb5e8cedb..8f685f06e21 100644 --- a/README.md +++ b/README.md @@ -40,7 +40,7 @@ https://terraform.io/docs/providers/aws/index.html ## Roadmap -Our roadmap for expanding support in Terraform for AWS resources can be found in our [Roadmap](ROADMAP.md) +Our roadmap for expanding support in Terraform for AWS resources can be found in our [Roadmap](ROADMAP.md) which is published quarterly. ## Frequently Asked Questions From 50c2628ae89ea85f8fac5ef84d8aa9cf3d6563e6 Mon Sep 17 00:00:00 2001 From: Simon Davis Date: Mon, 11 May 2020 11:38:38 -0700 Subject: [PATCH 093/475] fix kerims handle --- docs/FAQ.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/FAQ.md b/docs/FAQ.md index daf43af1edf..180bc97de3a 100644 --- a/docs/FAQ.md +++ b/docs/FAQ.md @@ -9,7 +9,7 @@ The HashiCorp Terraform AWS provider team is : * Graham Davison, Engineer - GitHub [@gdavison](https://github.com/gdavison) * Angie Pinilla, Engineer - GitHub [@angie44](https://github.com/angie44) * Simon Davis, Engineering Manager - GitHub [@breathingdust](https://github.com/breathingdust) -* Kerim Satirli, Developer Advocate - GitHub [@satirli](https://github.com/ksatirli) +* Kerim Satirli, Developer Advocate - GitHub [@ksatirli](https://github.com/ksatirli) ### Why isn’t my PR merged yet? From 98b6c395e92f6593412e07a195304eeb17b12395 Mon Sep 17 00:00:00 2001 From: Kit Ewbank Date: Mon, 11 May 2020 15:00:36 -0400 Subject: [PATCH 094/475] tests/resource/aws_neptune_event_subscription: Add sweeper (#13214) Output from acceptance testing: ``` --- PASS: TestAccAWSNeptuneEventSubscription_withPrefix (69.43s) --- PASS: TestAccAWSNeptuneEventSubscription_withSourceIds (75.35s) --- PASS: TestAccAWSNeptuneEventSubscription_basic (105.22s) --- PASS: TestAccAWSNeptuneEventSubscription_withCategories (105.28s) ``` Output from sweeper in AWS Commercial: ``` 2020/05/11 14:59:05 Sweeper Tests ran successfully: - aws_neptune_event_subscription ``` Output from sweeper in AWS GovCloud (US): ``` 2020/05/11 14:59:04 Sweeper Tests ran successfully: - aws_neptune_event_subscription ``` --- aws/internal/service/neptune/waiter/status.go | 36 ++++++++ aws/internal/service/neptune/waiter/waiter.go | 31 +++++++ ...rce_aws_neptune_event_subscription_test.go | 84 ++++++++++++++++--- 3 files changed, 138 insertions(+), 13 deletions(-) create mode 100644 aws/internal/service/neptune/waiter/status.go create mode 100644 aws/internal/service/neptune/waiter/waiter.go diff --git a/aws/internal/service/neptune/waiter/status.go b/aws/internal/service/neptune/waiter/status.go new file mode 100644 index 00000000000..9bd81125fb3 --- /dev/null +++ b/aws/internal/service/neptune/waiter/status.go @@ -0,0 +1,36 @@ +package waiter + +import ( + "github.com/aws/aws-sdk-go/aws" + "github.com/aws/aws-sdk-go/service/neptune" + "github.com/hashicorp/terraform-plugin-sdk/helper/resource" +) + +const ( + // EventSubscription NotFound + EventSubscriptionStatusNotFound = "NotFound" + + // EventSubscription Unknown + EventSubscriptionStatusUnknown = "Unknown" +) + +// EventSubscriptionStatus fetches the EventSubscription and its Status +func EventSubscriptionStatus(conn *neptune.Neptune, subscriptionName string) resource.StateRefreshFunc { + return func() (interface{}, string, error) { + input := &neptune.DescribeEventSubscriptionsInput{ + SubscriptionName: aws.String(subscriptionName), + } + + output, err := conn.DescribeEventSubscriptions(input) + + if err != nil { + return nil, EventSubscriptionStatusUnknown, err + } + + if len(output.EventSubscriptionsList) == 0 { + return nil, EventSubscriptionStatusNotFound, nil + } + + return output.EventSubscriptionsList[0], aws.StringValue(output.EventSubscriptionsList[0].Status), nil + } +} diff --git a/aws/internal/service/neptune/waiter/waiter.go b/aws/internal/service/neptune/waiter/waiter.go new file mode 100644 index 00000000000..63b287a6876 --- /dev/null +++ b/aws/internal/service/neptune/waiter/waiter.go @@ -0,0 +1,31 @@ +package waiter + +import ( + "time" + + "github.com/aws/aws-sdk-go/service/neptune" + "github.com/hashicorp/terraform-plugin-sdk/helper/resource" +) + +const ( + // Maximum amount of time to wait for an EventSubscription to return Deleted + EventSubscriptionDeletedTimeout = 10 * time.Minute +) + +// DeploymentDeployed waits for a EventSubscription to return Deleted +func EventSubscriptionDeleted(conn *neptune.Neptune, subscriptionName string) (*neptune.EventSubscription, error) { + stateConf := &resource.StateChangeConf{ + Pending: []string{"deleting"}, + Target: []string{EventSubscriptionStatusNotFound}, + Refresh: EventSubscriptionStatus(conn, subscriptionName), + Timeout: EventSubscriptionDeletedTimeout, + } + + outputRaw, err := stateConf.WaitForState() + + if v, ok := outputRaw.(*neptune.EventSubscription); ok { + return v, err + } + + return nil, err +} diff --git a/aws/resource_aws_neptune_event_subscription_test.go b/aws/resource_aws_neptune_event_subscription_test.go index 7820ebf486e..642c3529a05 100644 --- a/aws/resource_aws_neptune_event_subscription_test.go +++ b/aws/resource_aws_neptune_event_subscription_test.go @@ -2,17 +2,81 @@ package aws import ( "fmt" + "log" "regexp" "testing" "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/aws/awserr" "github.com/aws/aws-sdk-go/service/neptune" + "github.com/hashicorp/go-multierror" "github.com/hashicorp/terraform-plugin-sdk/helper/acctest" "github.com/hashicorp/terraform-plugin-sdk/helper/resource" "github.com/hashicorp/terraform-plugin-sdk/terraform" + "github.com/terraform-providers/terraform-provider-aws/aws/internal/service/neptune/waiter" ) +func init() { + resource.AddTestSweepers("aws_neptune_event_subscription", &resource.Sweeper{ + Name: "aws_neptune_event_subscription", + F: testSweepNeptuneEventSubscriptions, + }) +} + +func testSweepNeptuneEventSubscriptions(region string) error { + client, err := sharedClientForRegion(region) + if err != nil { + return fmt.Errorf("error getting client: %w", err) + } + conn := client.(*AWSClient).neptuneconn + var sweeperErrs *multierror.Error + + err = conn.DescribeEventSubscriptionsPages(&neptune.DescribeEventSubscriptionsInput{}, func(page *neptune.DescribeEventSubscriptionsOutput, isLast bool) bool { + if page == nil { + return !isLast + } + + for _, eventSubscription := range page.EventSubscriptionsList { + name := aws.StringValue(eventSubscription.CustSubscriptionId) + + log.Printf("[INFO] Deleting Neptune Event Subscription: %s", name) + _, err = conn.DeleteEventSubscription(&neptune.DeleteEventSubscriptionInput{ + SubscriptionName: aws.String(name), + }) + if isAWSErr(err, neptune.ErrCodeSubscriptionNotFoundFault, "") { + continue + } + if err != nil { + sweeperErr := fmt.Errorf("error deleting Neptune Event Subscription (%s): %w", name, err) + log.Printf("[ERROR] %s", sweeperErr) + sweeperErrs = multierror.Append(sweeperErrs, sweeperErr) + continue + } + + _, err = waiter.EventSubscriptionDeleted(conn, name) + if isAWSErr(err, neptune.ErrCodeSubscriptionNotFoundFault, "") { + continue + } + if err != nil { + sweeperErr := fmt.Errorf("error waiting for Neptune Event Subscription (%s) deletion: %w", name, err) + log.Printf("[ERROR] %s", sweeperErr) + sweeperErrs = multierror.Append(sweeperErrs, sweeperErr) + continue + } + } + + return !isLast + }) + if testSweepSkipSweepError(err) { + log.Printf("[WARN] Skipping Neptune Event Subscriptions sweep for %s: %s", region, err) + return sweeperErrs.ErrorOrNil() // In case we have completed some pages, but had errors + } + if err != nil { + sweeperErrs = multierror.Append(sweeperErrs, fmt.Errorf("error retrieving Neptune Event Subscriptions: %w", err)) + } + + return sweeperErrs.ErrorOrNil() +} + func TestAccAWSNeptuneEventSubscription_basic(t *testing.T) { var v neptune.EventSubscription rInt := acctest.RandInt() @@ -205,23 +269,17 @@ func testAccCheckAWSNeptuneEventSubscriptionDestroy(s *terraform.State) error { SubscriptionName: aws.String(rs.Primary.ID), }) - if ae, ok := err.(awserr.Error); ok && ae.Code() == "SubscriptionNotFound" { + if isAWSErr(err, neptune.ErrCodeSubscriptionNotFoundFault, "") { continue } - if err == nil { - if len(resp.EventSubscriptionsList) != 0 && - aws.StringValue(resp.EventSubscriptionsList[0].CustSubscriptionId) == rs.Primary.ID { - return fmt.Errorf("Event Subscription still exists") - } - } - - newerr, ok := err.(awserr.Error) - if !ok { + if err != nil { return err } - if newerr.Code() != "SubscriptionNotFound" { - return err + + if len(resp.EventSubscriptionsList) != 0 && + aws.StringValue(resp.EventSubscriptionsList[0].CustSubscriptionId) == rs.Primary.ID { + return fmt.Errorf("Event Subscription still exists") } } From 12f378090071bb11254a50619fdeca22a8e55dfc Mon Sep 17 00:00:00 2001 From: Kit Ewbank Date: Mon, 11 May 2020 15:03:44 -0400 Subject: [PATCH 095/475] tests/resource/aws_redshift_event_subscription: Add sweeper (#13215) Output from acceptance testing: ``` --- PASS: TestAccAWSRedshiftEventSubscription_withSourceIds (15.01s) --- PASS: TestAccAWSRedshiftEventSubscription_categoryUpdate (15.03s) --- PASS: TestAccAWSRedshiftEventSubscription_basicUpdate (15.12s) --- PASS: TestAccAWSRedshiftEventSubscription_withPrefix (19.41s) --- PASS: TestAccAWSRedshiftEventSubscription_tagsUpdate (33.67s) ``` Output from sweeper in AWS Commercial: ``` 2020/05/11 15:02:12 [INFO] Deleting Redshift Event Subscription: tf-acc-test-redshift-event-subs-355677199278903155 2020/05/11 15:02:12 [INFO] Deleting Redshift Event Subscription: tf-acc-test-redshift-event-subs-6008710189813830042 2020/05/11 15:02:13 [INFO] Deleting Redshift Event Subscription: tf-acc-test-redshift-event-subs-with-ids-6512691407830475824 2020/05/11 15:02:13 Sweeper Tests ran successfully: - aws_redshift_event_subscription ``` Output from sweeper in AWS GovCloud (US): ``` 2020/05/11 15:02:24 Sweeper Tests ran successfully: - aws_redshift_event_subscription ``` --- ...ce_aws_redshift_event_subscription_test.go | 73 +++++++++++++++---- 1 file changed, 59 insertions(+), 14 deletions(-) diff --git a/aws/resource_aws_redshift_event_subscription_test.go b/aws/resource_aws_redshift_event_subscription_test.go index bf47f132fa0..b873820f40b 100644 --- a/aws/resource_aws_redshift_event_subscription_test.go +++ b/aws/resource_aws_redshift_event_subscription_test.go @@ -2,16 +2,68 @@ package aws import ( "fmt" + "log" "testing" "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/aws/awserr" "github.com/aws/aws-sdk-go/service/redshift" + "github.com/hashicorp/go-multierror" "github.com/hashicorp/terraform-plugin-sdk/helper/acctest" "github.com/hashicorp/terraform-plugin-sdk/helper/resource" "github.com/hashicorp/terraform-plugin-sdk/terraform" ) +func init() { + resource.AddTestSweepers("aws_redshift_event_subscription", &resource.Sweeper{ + Name: "aws_redshift_event_subscription", + F: testSweepRedshiftEventSubscriptions, + }) +} + +func testSweepRedshiftEventSubscriptions(region string) error { + client, err := sharedClientForRegion(region) + if err != nil { + return fmt.Errorf("error getting client: %w", err) + } + conn := client.(*AWSClient).redshiftconn + var sweeperErrs *multierror.Error + + err = conn.DescribeEventSubscriptionsPages(&redshift.DescribeEventSubscriptionsInput{}, func(page *redshift.DescribeEventSubscriptionsOutput, isLast bool) bool { + if page == nil { + return !isLast + } + + for _, eventSubscription := range page.EventSubscriptionsList { + name := aws.StringValue(eventSubscription.CustSubscriptionId) + + log.Printf("[INFO] Deleting Redshift Event Subscription: %s", name) + _, err = conn.DeleteEventSubscription(&redshift.DeleteEventSubscriptionInput{ + SubscriptionName: aws.String(name), + }) + if isAWSErr(err, redshift.ErrCodeSubscriptionNotFoundFault, "") { + continue + } + if err != nil { + sweeperErr := fmt.Errorf("error deleting Redshift Event Subscription (%s): %w", name, err) + log.Printf("[ERROR] %s", sweeperErr) + sweeperErrs = multierror.Append(sweeperErrs, sweeperErr) + continue + } + } + + return !isLast + }) + if testSweepSkipSweepError(err) { + log.Printf("[WARN] Skipping Redshift Event Subscriptions sweep for %s: %s", region, err) + return sweeperErrs.ErrorOrNil() // In case we have completed some pages, but had errors + } + if err != nil { + sweeperErrs = multierror.Append(sweeperErrs, fmt.Errorf("error retrieving Redshift Event Subscriptions: %w", err)) + } + + return sweeperErrs.ErrorOrNil() +} + func TestAccAWSRedshiftEventSubscription_basicUpdate(t *testing.T) { var v redshift.EventSubscription rInt := acctest.RandInt() @@ -268,24 +320,17 @@ func testAccCheckAWSRedshiftEventSubscriptionDestroy(s *terraform.State) error { SubscriptionName: aws.String(rs.Primary.ID), }) - if ae, ok := err.(awserr.Error); ok && ae.Code() == "SubscriptionNotFound" { + if isAWSErr(err, redshift.ErrCodeSubscriptionNotFoundFault, "") { continue } - if err == nil { - if len(resp.EventSubscriptionsList) != 0 && - *resp.EventSubscriptionsList[0].CustSubscriptionId == rs.Primary.ID { - return fmt.Errorf("Event Subscription still exists") - } - } - - // Verify the error - newerr, ok := err.(awserr.Error) - if !ok { + if err != nil { return err } - if newerr.Code() != "SubscriptionNotFound" { - return err + + if len(resp.EventSubscriptionsList) != 0 && + *resp.EventSubscriptionsList[0].CustSubscriptionId == rs.Primary.ID { + return fmt.Errorf("Event Subscription still exists") } } From 670917e1c988b5078b48a2812c4cfe049efa8b3c Mon Sep 17 00:00:00 2001 From: Kit Ewbank Date: Mon, 11 May 2020 15:13:35 -0400 Subject: [PATCH 096/475] tests/resource/aws_ses_configuration_set: Add sweeper (#13216) Output from sweeper in AWS Commercial: ``` 2020/05/11 15:12:01 [INFO] Deleting SES Configuration Set: event_config 2020/05/11 15:12:01 [INFO] Deleting SES Configuration Set: some-configuration-set-2981819045392895787 2020/05/11 15:12:02 [INFO] Deleting SES Configuration Set: some-configuration-set-4661762272036991094 2020/05/11 15:12:02 [INFO] Deleting SES Configuration Set: tf_acc_cfg_ses_event_dst_qjipi62k 2020/05/11 15:12:03 [INFO] Deleting SES Configuration Set: tf_acc_cfg_ses_event_dst_v28ltiav 2020/05/11 15:12:03 Sweeper Tests ran successfully: - aws_ses_configuration_set 2020/05/11 15:12:05 [INFO] Deleting SES Configuration Set: some-configuration-set-2459335473671996120 2020/05/11 15:12:05 Sweeper Tests ran successfully: - aws_ses_configuration_set ``` Output from sweeper in AWS GovCloud (US): ``` 2020/05/11 15:12:11 Sweeper Tests ran successfully: - aws_ses_configuration_set ``` --- ...resource_aws_ses_configuration_set_test.go | 57 +++++++++++++++++++ 1 file changed, 57 insertions(+) diff --git a/aws/resource_aws_ses_configuration_set_test.go b/aws/resource_aws_ses_configuration_set_test.go index 1999f22bca6..d98b8005e32 100644 --- a/aws/resource_aws_ses_configuration_set_test.go +++ b/aws/resource_aws_ses_configuration_set_test.go @@ -2,14 +2,71 @@ package aws import ( "fmt" + "log" "testing" + "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/service/ses" + "github.com/hashicorp/go-multierror" "github.com/hashicorp/terraform-plugin-sdk/helper/acctest" "github.com/hashicorp/terraform-plugin-sdk/helper/resource" "github.com/hashicorp/terraform-plugin-sdk/terraform" ) +func init() { + resource.AddTestSweepers("aws_ses_configuration_set", &resource.Sweeper{ + Name: "aws_ses_configuration_set", + F: testSweepSesConfigurationSets, + }) +} + +func testSweepSesConfigurationSets(region string) error { + client, err := sharedClientForRegion(region) + if err != nil { + return fmt.Errorf("error getting client: %w", err) + } + conn := client.(*AWSClient).sesconn + input := &ses.ListConfigurationSetsInput{} + var sweeperErrs *multierror.Error + + for { + output, err := conn.ListConfigurationSets(input) + if testSweepSkipSweepError(err) { + log.Printf("[WARN] Skipping SES Configuration Sets sweep for %s: %s", region, err) + return sweeperErrs.ErrorOrNil() // In case we have completed some pages, but had errors + } + if err != nil { + sweeperErrs = multierror.Append(sweeperErrs, fmt.Errorf("error retrieving SES Configuration Sets: %w", err)) + return sweeperErrs + } + + for _, configurationSet := range output.ConfigurationSets { + name := aws.StringValue(configurationSet.Name) + + log.Printf("[INFO] Deleting SES Configuration Set: %s", name) + _, err := conn.DeleteConfigurationSet(&ses.DeleteConfigurationSetInput{ + ConfigurationSetName: aws.String(name), + }) + if isAWSErr(err, ses.ErrCodeConfigurationSetDoesNotExistException, "") { + continue + } + if err != nil { + sweeperErr := fmt.Errorf("error deleting SES Configuration Set (%s): %w", name, err) + log.Printf("[ERROR] %s", sweeperErr) + sweeperErrs = multierror.Append(sweeperErrs, sweeperErr) + continue + } + } + + if aws.StringValue(output.NextToken) == "" { + break + } + input.NextToken = output.NextToken + } + + return sweeperErrs.ErrorOrNil() +} + func TestAccAWSSESConfigurationSet_basic(t *testing.T) { resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { From 0c1e8fc7c39d2429fa80a62fdddce1a98b199438 Mon Sep 17 00:00:00 2001 From: Angie Pinilla Date: Mon, 11 May 2020 15:20:16 -0400 Subject: [PATCH 097/475] add S006 linter rule --- GNUmakefile | 1 + 1 file changed, 1 insertion(+) diff --git a/GNUmakefile b/GNUmakefile index 8b86351dce1..feef8d3c111 100644 --- a/GNUmakefile +++ b/GNUmakefile @@ -84,6 +84,7 @@ lint: -S003 \ -S004 \ -S005 \ + -S006 \ -S007 \ -S008 \ -S009 \ From fa393a2d4386c8ce22d0f80aa4fe1f702739ee85 Mon Sep 17 00:00:00 2001 From: Kit Ewbank Date: Mon, 11 May 2020 15:22:02 -0400 Subject: [PATCH 098/475] tests/service/ses: Add sweepers for aws_ses_domain_identity and aws_ses_email_identity resources (#13217) Output from sweeper in AWS Commercial: ``` 2020/05/11 15:18:08 [DEBUG] Running Sweepers for region (us-west-2): 2020/05/11 15:18:08 [DEBUG] Running Sweeper (aws_ses_domain_identity) in region (us-west-2) ... 2020/05/11 15:18:11 [INFO] Deleting SES Identity: u0vs67afvm.terraformtesting.com 2020/05/11 15:18:11 [INFO] Deleting SES Identity: ev8la34dmn.terraformtesting.com 2020/05/11 15:18:12 [INFO] Deleting SES Identity: sandw6a1ly.terraformtesting.com 2020/05/11 15:18:12 [INFO] Deleting SES Identity: ar9kkg48xm.terraformtesting.com 2020/05/11 15:18:13 [INFO] Deleting SES Identity: t7uux8as6i.terraformtesting.com 2020/05/11 15:18:13 [INFO] Deleting SES Identity: ct7cxvtwpy.terraformtesting.com 2020/05/11 15:18:14 [INFO] Deleting SES Identity: iup8rdmzsa.terraformtesting.com 2020/05/11 15:18:14 [INFO] Deleting SES Identity: ayhkvplwms.terraformtesting.com 2020/05/11 15:18:15 [INFO] Deleting SES Identity: kqmsovrsbe.terraformtesting.com 2020/05/11 15:18:15 [INFO] Deleting SES Identity: 2prm894o4o.terraformtesting.com 2020/05/11 15:18:16 [INFO] Deleting SES Identity: yf3lp40d1b.terraformtesting.com 2020/05/11 15:18:16 [INFO] Deleting SES Identity: v3jv80wyfp.terraformtesting.com 2020/05/11 15:18:17 [INFO] Deleting SES Identity: m29t130h73.terraformtesting.com 2020/05/11 15:18:17 [INFO] Deleting SES Identity: 93uiyxvr7e.terraformtesting.com 2020/05/11 15:18:18 [INFO] Deleting SES Identity: 0t78sotjyi.terraformtesting.com 2020/05/11 15:18:18 [INFO] Deleting SES Identity: 3s8g6i8ohb.terraformtesting.com 2020/05/11 15:18:19 [INFO] Deleting SES Identity: v0xczapxsy.terraformtesting.com 2020/05/11 15:18:19 [INFO] Deleting SES Identity: o0igbw66dq.terraformtesting.com 2020/05/11 15:18:20 [INFO] Deleting SES Identity: g26fhmlk3z.terraformtesting.com 2020/05/11 15:18:20 [INFO] Deleting SES Identity: rnjinah71k.terraformtesting.com 2020/05/11 15:18:21 [INFO] Deleting SES Identity: u2yh38lex4.terraformtesting.com 2020/05/11 15:18:21 [INFO] Deleting SES Identity: 7jaor22vrs.terraformtesting.com 2020/05/11 15:18:22 [INFO] Deleting SES Identity: frbmutital.terraformtesting.com 2020/05/11 15:18:22 [INFO] Deleting SES Identity: lg6ct2sxbx.terraformtesting.com 2020/05/11 15:18:23 [INFO] Deleting SES Identity: izb9lhzyvg.terraformtesting.com 2020/05/11 15:18:23 [INFO] Deleting SES Identity: 6q240n91ut.terraformtesting.com 2020/05/11 15:18:24 [INFO] Deleting SES Identity: iayvi6kjw6.terraformtesting.com 2020/05/11 15:18:24 [INFO] Deleting SES Identity: wxdqpsedxk.terraformtesting.com 2020/05/11 15:18:25 [INFO] Deleting SES Identity: qd1udhklyy.terraformtesting.com 2020/05/11 15:18:26 [INFO] Deleting SES Identity: mo6int19jy.terraformtesting.com 2020/05/11 15:18:26 [INFO] Deleting SES Identity: nkulrwqdgk.terraformtesting.com 2020/05/11 15:18:27 [INFO] Deleting SES Identity: bsx4ajh43w.terraformtesting.com 2020/05/11 15:18:27 [INFO] Deleting SES Identity: onl7slmmvt.terraformtesting.com 2020/05/11 15:18:28 [INFO] Deleting SES Identity: fmef1p760i.terraformtesting.com 2020/05/11 15:18:28 [INFO] Deleting SES Identity: 9fr6iefj31.terraformtesting.com 2020/05/11 15:18:29 [INFO] Deleting SES Identity: 76mu3hngu2.terraformtesting.com 2020/05/11 15:18:29 [INFO] Deleting SES Identity: 0vx0tr3btl.terraformtesting.com 2020/05/11 15:18:30 [INFO] Deleting SES Identity: qs3dyrhfkh.terraformtesting.com 2020/05/11 15:18:30 [INFO] Deleting SES Identity: 4j4erypx61.terraformtesting.com 2020/05/11 15:18:31 [INFO] Deleting SES Identity: 9kux6l6jz2.terraformtesting.com 2020/05/11 15:18:31 [INFO] Deleting SES Identity: 92j22syd6b.terraformtesting.com 2020/05/11 15:18:32 [INFO] Deleting SES Identity: yj7pft1hwp.terraformtesting.com 2020/05/11 15:18:32 [INFO] Deleting SES Identity: hcs01cm41r.terraformtesting.com 2020/05/11 15:18:33 [INFO] Deleting SES Identity: 2jrnqs9022.terraformtesting.com 2020/05/11 15:18:34 [INFO] Deleting SES Identity: nwxpiq8pjs.terraformtesting.com 2020/05/11 15:18:34 [INFO] Deleting SES Identity: gcwweydjxr.terraformtesting.com 2020/05/11 15:18:35 [INFO] Deleting SES Identity: ej288oisci.terraformtesting.com 2020/05/11 15:18:35 [INFO] Deleting SES Identity: ubqvb8ryi8.terraformtesting.com 2020/05/11 15:18:36 [INFO] Deleting SES Identity: x3lbs2zvjs.terraformtesting.com 2020/05/11 15:18:36 [INFO] Deleting SES Identity: kkgdc4v810.terraformtesting.com 2020/05/11 15:18:37 [INFO] Deleting SES Identity: 7c699fz6zx.terraformtesting.com 2020/05/11 15:18:39 [INFO] Deleting SES Identity: acgjvc2bpl.terraformtesting.com 2020/05/11 15:18:39 [INFO] Deleting SES Identity: upwsljnrgd.terraformtesting.com 2020/05/11 15:18:40 [INFO] Deleting SES Identity: 974cqc2hnj.terraformtesting.com 2020/05/11 15:18:40 [INFO] Deleting SES Identity: 7ia7ojlf8t.terraformtesting.com 2020/05/11 15:18:41 [INFO] Deleting SES Identity: 0dep1b9pz4.terraformtesting.com 2020/05/11 15:18:43 [INFO] Deleting SES Identity: om1wgkavjs.terraformtesting.com 2020/05/11 15:18:44 [INFO] Deleting SES Identity: x1zq4k02vx.terraformtesting.com 2020/05/11 15:18:45 [INFO] Deleting SES Identity: sb8z9iotdz.terraformtesting.com 2020/05/11 15:18:45 [INFO] Deleting SES Identity: qbc913s6sk.terraformtesting.com 2020/05/11 15:18:46 [INFO] Deleting SES Identity: dp2tkrnvk3.terraformtesting.com 2020/05/11 15:18:49 [INFO] Deleting SES Identity: unfpswaoag.terraformtesting.com 2020/05/11 15:18:50 [INFO] Deleting SES Identity: meedn8bson.terraformtesting.com 2020/05/11 15:18:50 [INFO] Deleting SES Identity: kdcxmoe1fl.terraformtesting.com 2020/05/11 15:18:51 [INFO] Deleting SES Identity: 84wvkwq9xl.terraformtesting.com 2020/05/11 15:18:52 [INFO] Deleting SES Identity: 4owrz0txfe.terraformtesting.com 2020/05/11 15:18:53 [DEBUG] Running Sweeper (aws_ses_email_identity) in region (us-west-2) 2020/05/11 15:18:53 [INFO] Deleting SES Identity: af3bem6w38@terraformtesting.com 2020/05/11 15:18:54 [INFO] Deleting SES Identity: fi4ryuwgnq@terraformtesting.com 2020/05/11 15:18:54 [INFO] Deleting SES Identity: jkmbzg3u2d@terraformtesting.com 2020/05/11 15:18:55 [INFO] Deleting SES Identity: tic8byzr40@terraformtesting.com 2020/05/11 15:18:58 [INFO] Deleting SES Identity: 3hgpwdfj9f@terraformtesting.com 2020/05/11 15:18:59 [INFO] Deleting SES Identity: 6l8a29ytfz@terraformtesting.com 2020/05/11 15:18:59 [INFO] Deleting SES Identity: qytzqtr9zk@terraformtesting.com 2020/05/11 15:19:00 [INFO] Deleting SES Identity: --OMITTED-- 2020/05/11 15:19:00 Sweeper Tests ran successfully: - aws_ses_domain_identity - aws_ses_email_identity 2020/05/11 15:19:00 [DEBUG] Running Sweepers for region (us-east-1): 2020/05/11 15:19:00 [DEBUG] Running Sweeper (aws_ses_email_identity) in region (us-east-1) ... 2020/05/11 15:19:02 [DEBUG] Running Sweeper (aws_ses_domain_identity) in region (us-east-1) 2020/05/11 15:19:02 Sweeper Tests ran successfully: - aws_ses_email_identity - aws_ses_domain_identity ``` Output from sweeper in AWS GovCloud (US): ``` 2020/05/11 15:18:57 [INFO] Deleting SES Identity: vi7dnxj3lc.terraformtesting.com 2020/05/11 15:18:58 [INFO] Deleting SES Identity: gy7wq1o1ij.terraformtesting.com 2020/05/11 15:18:58 [INFO] Deleting SES Identity: 0sl0vx0f4i.terraformtesting.com 2020/05/11 15:18:59 [INFO] Deleting SES Identity: ourqxjrhs7.terraformtesting.com 2020/05/11 15:18:59 [INFO] Deleting SES Identity: tve3qppqux.terraformtesting.com 2020/05/11 15:19:00 [INFO] Deleting SES Identity: w6j4ibqw6u.terraformtesting.com 2020/05/11 15:19:00 [INFO] Deleting SES Identity: jtoyaeg044.terraformtesting.com 2020/05/11 15:19:01 [INFO] Deleting SES Identity: mtba3tts7h.terraformtesting.com 2020/05/11 15:19:01 [DEBUG] Running Sweeper (aws_ses_email_identity) in region (us-gov-west-1) 2020/05/11 15:19:02 Sweeper Tests ran successfully: - aws_ses_domain_identity - aws_ses_email_identity ``` --- aws/resource_aws_ses_domain_identity_test.go | 53 ++++++++++++++++++++ aws/resource_aws_ses_email_identity_test.go | 7 +++ 2 files changed, 60 insertions(+) diff --git a/aws/resource_aws_ses_domain_identity_test.go b/aws/resource_aws_ses_domain_identity_test.go index f7249b221d8..60c7991de10 100644 --- a/aws/resource_aws_ses_domain_identity_test.go +++ b/aws/resource_aws_ses_domain_identity_test.go @@ -2,17 +2,70 @@ package aws import ( "fmt" + "log" "strings" "testing" "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/arn" "github.com/aws/aws-sdk-go/service/ses" + "github.com/hashicorp/go-multierror" "github.com/hashicorp/terraform-plugin-sdk/helper/acctest" "github.com/hashicorp/terraform-plugin-sdk/helper/resource" "github.com/hashicorp/terraform-plugin-sdk/terraform" ) +func init() { + resource.AddTestSweepers("aws_ses_domain_identity", &resource.Sweeper{ + Name: "aws_ses_domain_identity", + F: func(region string) error { return testSweepSesIdentities(region, ses.IdentityTypeDomain) }, + }) +} + +func testSweepSesIdentities(region, identityType string) error { + client, err := sharedClientForRegion(region) + if err != nil { + return fmt.Errorf("error getting client: %w", err) + } + conn := client.(*AWSClient).sesconn + input := &ses.ListIdentitiesInput{ + IdentityType: aws.String(identityType), + } + var sweeperErrs *multierror.Error + + err = conn.ListIdentitiesPages(input, func(page *ses.ListIdentitiesOutput, isLast bool) bool { + if page == nil { + return !isLast + } + + for _, identity := range page.Identities { + identity := aws.StringValue(identity) + + log.Printf("[INFO] Deleting SES Identity: %s", identity) + _, err = conn.DeleteIdentity(&ses.DeleteIdentityInput{ + Identity: aws.String(identity), + }) + if err != nil { + sweeperErr := fmt.Errorf("error deleting SES Identity (%s): %w", identity, err) + log.Printf("[ERROR] %s", sweeperErr) + sweeperErrs = multierror.Append(sweeperErrs, sweeperErr) + continue + } + } + + return !isLast + }) + if testSweepSkipSweepError(err) { + log.Printf("[WARN] Skipping SES Identities sweep for %s: %s", region, err) + return sweeperErrs.ErrorOrNil() // In case we have completed some pages, but had errors + } + if err != nil { + sweeperErrs = multierror.Append(sweeperErrs, fmt.Errorf("error retrieving SES Identities: %w", err)) + } + + return sweeperErrs.ErrorOrNil() +} + func TestAccAWSSESDomainIdentity_basic(t *testing.T) { domain := fmt.Sprintf( "%s.terraformtesting.com", diff --git a/aws/resource_aws_ses_email_identity_test.go b/aws/resource_aws_ses_email_identity_test.go index 7104cf1b26e..f7a37a5db2b 100644 --- a/aws/resource_aws_ses_email_identity_test.go +++ b/aws/resource_aws_ses_email_identity_test.go @@ -13,6 +13,13 @@ import ( "github.com/hashicorp/terraform-plugin-sdk/terraform" ) +func init() { + resource.AddTestSweepers("aws_ses_email_identity", &resource.Sweeper{ + Name: "aws_ses_email_identity", + F: func(region string) error { return testSweepSesIdentities(region, ses.IdentityTypeEmailAddress) }, + }) +} + func TestAccAWSSESEmailIdentity_basic(t *testing.T) { email := fmt.Sprintf( "%s@terraformtesting.com", From 43e2c8c52e8586e8c4b0b03f9c6c79167a08e236 Mon Sep 17 00:00:00 2001 From: Graham Davison Date: Mon, 11 May 2020 12:24:52 -0700 Subject: [PATCH 099/475] Updates RAM acceptance tests to use ARN testing check functions Addresses: aws/resource_aws_ram_resource_share_accepter_test.go:34:6: AWSAT001: prefer resource.TestCheckResourceAttrPair() or ARN check functions (e.g. testAccMatchResourceAttrRegionalARN) aws/resource_aws_ram_resource_share_accepter_test.go:35:6: AWSAT001: prefer resource.TestCheckResourceAttrPair() or ARN check functions (e.g. testAccMatchResourceAttrRegionalARN) --- ...esource_aws_ram_resource_share_accepter_test.go | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/aws/resource_aws_ram_resource_share_accepter_test.go b/aws/resource_aws_ram_resource_share_accepter_test.go index ec93a33c892..36fe5cd318a 100644 --- a/aws/resource_aws_ram_resource_share_accepter_test.go +++ b/aws/resource_aws_ram_resource_share_accepter_test.go @@ -17,6 +17,8 @@ import ( func TestAccAwsRamResourceShareAccepter_basic(t *testing.T) { var providers []*schema.Provider resourceName := "aws_ram_resource_share_accepter.test" + principalAssociationResourceName := "aws_ram_principal_association.test" + shareName := fmt.Sprintf("tf-%s", acctest.RandStringFromCharSet(10, acctest.CharSetAlphaNum)) resource.ParallelTest(t, resource.TestCase{ @@ -31,8 +33,8 @@ func TestAccAwsRamResourceShareAccepter_basic(t *testing.T) { Config: testAccAwsRamResourceShareAccepterBasic(shareName), Check: resource.ComposeTestCheckFunc( testAccCheckAwsRamResourceShareAccepterExists(resourceName), - resource.TestMatchResourceAttr(resourceName, "share_arn", regexp.MustCompile(`^arn\:aws\:ram\:.*resource-share/.+$`)), - resource.TestMatchResourceAttr(resourceName, "invitation_arn", regexp.MustCompile(`^arn\:aws\:ram\:.*resource-share-invitation/.+$`)), + resource.TestCheckResourceAttrPair(resourceName, "share_arn", principalAssociationResourceName, "resource_share_arn"), + testAccMatchResourceAttrRegionalARN(resourceName, "invitation_arn", "ram", regexp.MustCompile("resource-share-invitation/.+$")), resource.TestMatchResourceAttr(resourceName, "share_id", regexp.MustCompile(`^rs-.+$`)), resource.TestCheckResourceAttr(resourceName, "status", ram.ResourceShareStatusActive), resource.TestMatchResourceAttr(resourceName, "receiver_account_id", regexp.MustCompile(`\d{12}`)), @@ -106,6 +108,10 @@ func testAccCheckAwsRamResourceShareAccepterExists(name string) resource.TestChe func testAccAwsRamResourceShareAccepterBasic(shareName string) string { return testAccAlternateAccountProviderConfig() + fmt.Sprintf(` +resource "aws_ram_resource_share_accepter" "test" { + share_arn = "${aws_ram_principal_association.test.resource_share_arn}" +} + resource "aws_ram_resource_share" "test" { provider = "aws.alternate" @@ -125,9 +131,5 @@ resource "aws_ram_principal_association" "test" { } data "aws_caller_identity" "receiver" {} - -resource "aws_ram_resource_share_accepter" "test" { - share_arn = "${aws_ram_principal_association.test.resource_share_arn}" -} `, shareName) } From 33bf1d8da960eca472004ebf8832b1704ef0bda5 Mon Sep 17 00:00:00 2001 From: Kit Ewbank Date: Mon, 11 May 2020 15:27:02 -0400 Subject: [PATCH 100/475] tests/resource/aws_iot_topic_rule: Add sweeper (#13245) Output from sweeper in AWS Commercial: ``` 2020/05/11 15:25:02 [INFO] Deleting IoT Topic Rule: backup 2020/05/11 15:25:03 [INFO] Deleting IoT Topic Rule: test_rule_nvg4m 2020/05/11 15:25:03 [INFO] Deleting IoT Topic Rule: test_rule_8mrf4 2020/05/11 15:25:04 [INFO] Deleting IoT Topic Rule: test_rule_6au9c 2020/05/11 15:25:04 [INFO] Deleting IoT Topic Rule: test_rule_abbmo 2020/05/11 15:25:05 [INFO] Deleting IoT Topic Rule: test_rule_us4e3 2020/05/11 15:25:05 [INFO] Deleting IoT Topic Rule: test_rule_xsxxn 2020/05/11 15:25:06 [INFO] Deleting IoT Topic Rule: test_rule_j9jba 2020/05/11 15:25:06 Sweeper Tests ran successfully: - aws_iot_topic_rule ``` Output from sweeper in AWS GovCloud (US): ``` 2020/05/11 15:25:12 Sweeper Tests ran successfully: - aws_iot_topic_rule ``` --- aws/resource_aws_iot_topic_rule_test.go | 57 +++++++++++++++++++++++++ 1 file changed, 57 insertions(+) diff --git a/aws/resource_aws_iot_topic_rule_test.go b/aws/resource_aws_iot_topic_rule_test.go index 4ebbed7c95b..60a537753f2 100644 --- a/aws/resource_aws_iot_topic_rule_test.go +++ b/aws/resource_aws_iot_topic_rule_test.go @@ -2,14 +2,71 @@ package aws import ( "fmt" + "log" "testing" + "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/service/iot" + "github.com/hashicorp/go-multierror" "github.com/hashicorp/terraform-plugin-sdk/helper/acctest" "github.com/hashicorp/terraform-plugin-sdk/helper/resource" "github.com/hashicorp/terraform-plugin-sdk/terraform" ) +func init() { + resource.AddTestSweepers("aws_iot_topic_rule", &resource.Sweeper{ + Name: "aws_iot_topic_rule", + F: testSweepIotTopicRules, + }) +} + +func testSweepIotTopicRules(region string) error { + client, err := sharedClientForRegion(region) + if err != nil { + return fmt.Errorf("error getting client: %w", err) + } + conn := client.(*AWSClient).iotconn + input := &iot.ListTopicRulesInput{} + var sweeperErrs *multierror.Error + + for { + output, err := conn.ListTopicRules(input) + if testSweepSkipSweepError(err) { + log.Printf("[WARN] Skipping IoT Topic Rules sweep for %s: %s", region, err) + return sweeperErrs.ErrorOrNil() // In case we have completed some pages, but had errors + } + if err != nil { + sweeperErrs = multierror.Append(sweeperErrs, fmt.Errorf("error retrieving IoT Topic Rules: %w", err)) + return sweeperErrs + } + + for _, rule := range output.Rules { + name := aws.StringValue(rule.RuleName) + + log.Printf("[INFO] Deleting IoT Topic Rule: %s", name) + _, err := conn.DeleteTopicRule(&iot.DeleteTopicRuleInput{ + RuleName: aws.String(name), + }) + if isAWSErr(err, iot.ErrCodeUnauthorizedException, "") { + continue + } + if err != nil { + sweeperErr := fmt.Errorf("error deleting IoT Topic Rule (%s): %w", name, err) + log.Printf("[ERROR] %s", sweeperErr) + sweeperErrs = multierror.Append(sweeperErrs, sweeperErr) + continue + } + } + + if aws.StringValue(output.NextToken) == "" { + break + } + input.NextToken = output.NextToken + } + + return sweeperErrs.ErrorOrNil() +} + func TestAccAWSIoTTopicRule_basic(t *testing.T) { rName := acctest.RandString(5) resourceName := "aws_iot_topic_rule.rule" From 256f50dd6b7358ccf7de46fb867bc383d28208a4 Mon Sep 17 00:00:00 2001 From: Kit Ewbank Date: Mon, 11 May 2020 15:54:47 -0400 Subject: [PATCH 101/475] tests/resource/aws_glacier_vault: Add sweeper (#13184) Output from sweeper in AWS Commercial: ``` 2020/05/11 15:52:25 [DEBUG] Running Sweepers for region (us-west-2): 2020/05/11 15:52:25 [DEBUG] Running Sweeper (aws_glacier_vault) in region (us-west-2) ... 2020/05/11 15:52:28 [INFO] Deleting Glacier Vault (my_test_vault_2971843858825982230) Notifications 2020/05/11 15:52:28 [INFO] Deleting Glacier Vault: my_test_vault_2971843858825982230 2020/05/11 15:52:29 [INFO] Deleting Glacier Vault (my_test_vault_4774217224167628574) Notifications 2020/05/11 15:52:29 [INFO] Deleting Glacier Vault: my_test_vault_4774217224167628574 2020/05/11 15:52:30 [INFO] Deleting Glacier Vault (my_test_vault_5344879983212095753) Notifications 2020/05/11 15:52:30 [INFO] Deleting Glacier Vault: my_test_vault_5344879983212095753 2020/05/11 15:52:30 Sweeper Tests ran successfully: - aws_glacier_vault 2020/05/11 15:52:30 [DEBUG] Running Sweepers for region (us-east-1): 2020/05/11 15:52:30 [DEBUG] Running Sweeper (aws_glacier_vault) in region (us-east-1) ... 2020/05/11 15:52:33 Sweeper Tests ran successfully: - aws_glacier_vault ok github.com/terraform-providers/terraform-provider-aws/aws 10.242s ``` Output from sweeper in AWS GovCloud (US): ``` 2020/05/11 15:52:44 [DEBUG] Running Sweepers for region (us-gov-west-1): 2020/05/11 15:52:44 [DEBUG] Running Sweeper (aws_glacier_vault) in region (us-gov-west-1) ... 2020/05/11 15:52:47 Sweeper Tests ran successfully: - aws_glacier_vault ok github.com/terraform-providers/terraform-provider-aws/aws 4.070s ``` --- aws/resource_aws_glacier_vault_test.go | 62 ++++++++++++++++++++++++++ 1 file changed, 62 insertions(+) diff --git a/aws/resource_aws_glacier_vault_test.go b/aws/resource_aws_glacier_vault_test.go index e97a630f973..6061ea784c1 100644 --- a/aws/resource_aws_glacier_vault_test.go +++ b/aws/resource_aws_glacier_vault_test.go @@ -2,16 +2,78 @@ package aws import ( "fmt" + "log" "testing" "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/awserr" "github.com/aws/aws-sdk-go/service/glacier" + "github.com/hashicorp/go-multierror" "github.com/hashicorp/terraform-plugin-sdk/helper/acctest" "github.com/hashicorp/terraform-plugin-sdk/helper/resource" "github.com/hashicorp/terraform-plugin-sdk/terraform" ) +func init() { + resource.AddTestSweepers("aws_glacier_vault", &resource.Sweeper{ + Name: "aws_glacier_vault", + F: testSweepGlacierVaults, + }) +} + +func testSweepGlacierVaults(region string) error { + client, err := sharedClientForRegion(region) + if err != nil { + return fmt.Errorf("error getting client: %w", err) + } + conn := client.(*AWSClient).glacierconn + var sweeperErrs *multierror.Error + + err = conn.ListVaultsPages(&glacier.ListVaultsInput{}, func(page *glacier.ListVaultsOutput, isLast bool) bool { + if page == nil { + return !isLast + } + + for _, vault := range page.VaultList { + name := aws.StringValue(vault.VaultName) + + // First attempt to delete the vault's notification configuration in case the vault deletion fails. + log.Printf("[INFO] Deleting Glacier Vault (%s) Notifications", name) + _, err := conn.DeleteVaultNotifications(&glacier.DeleteVaultNotificationsInput{ + VaultName: aws.String(name), + }) + if err != nil { + sweeperErr := fmt.Errorf("error deleting Glacier Vault (%s) Notifications: %w", name, err) + log.Printf("[ERROR] %s", sweeperErr) + sweeperErrs = multierror.Append(sweeperErrs, sweeperErr) + continue + } + + log.Printf("[INFO] Deleting Glacier Vault: %s", name) + _, err = conn.DeleteVault(&glacier.DeleteVaultInput{ + VaultName: aws.String(name), + }) + if err != nil { + sweeperErr := fmt.Errorf("error deleting Glacier Vault (%s): %w", name, err) + log.Printf("[ERROR] %s", sweeperErr) + sweeperErrs = multierror.Append(sweeperErrs, sweeperErr) + continue + } + } + + return !isLast + }) + if testSweepSkipSweepError(err) { + log.Printf("[WARN] Skipping Glacier Vaults sweep for %s: %s", region, err) + return sweeperErrs.ErrorOrNil() // In case we have completed some pages, but had errors + } + if err != nil { + sweeperErrs = multierror.Append(sweeperErrs, fmt.Errorf("error retrieving Glacier Vaults: %w", err)) + } + + return sweeperErrs.ErrorOrNil() +} + func TestAccAWSGlacierVault_basic(t *testing.T) { rInt := acctest.RandInt() resourceName := "aws_glacier_vault.test" From 5e80d7899afcde9195c652bbd392450a6f2690ec Mon Sep 17 00:00:00 2001 From: Pascal van Buijtene Date: Mon, 11 May 2020 21:58:12 +0200 Subject: [PATCH 102/475] Remove error message condition --- aws/resource_aws_wafv2_ip_set.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/aws/resource_aws_wafv2_ip_set.go b/aws/resource_aws_wafv2_ip_set.go index 6c95d656642..1daebf2fc49 100644 --- a/aws/resource_aws_wafv2_ip_set.go +++ b/aws/resource_aws_wafv2_ip_set.go @@ -151,7 +151,7 @@ func resourceAwsWafv2IPSetRead(d *schema.ResourceData, meta interface{}) error { resp, err := conn.GetIPSet(params) if err != nil { - if isAWSErr(err, wafv2.ErrCodeWAFNonexistentItemException, "AWS WAF couldn’t perform the operation because your resource doesn’t exist") { + if isAWSErr(err, wafv2.ErrCodeWAFNonexistentItemException, "") { log.Printf("[WARN] WAFv2 IPSet (%s) not found, removing from state", d.Id()) d.SetId("") return nil @@ -235,7 +235,7 @@ func resourceAwsWafv2IPSetDelete(d *schema.ResourceData, meta interface{}) error var err error _, err = conn.DeleteIPSet(params) if err != nil { - if isAWSErr(err, wafv2.ErrCodeWAFAssociatedItemException, "AWS WAF couldn’t perform the operation because your resource is being used by another resource or it’s associated with another resource") { + if isAWSErr(err, wafv2.ErrCodeWAFAssociatedItemException, "") { return resource.RetryableError(err) } return resource.NonRetryableError(err) From 8f83bb20e193d6b67799ce3d4d812f3fef463ae6 Mon Sep 17 00:00:00 2001 From: Kit Ewbank Date: Mon, 11 May 2020 16:57:10 -0400 Subject: [PATCH 103/475] tests/resource/aws_ses_receipt_rule_set: Add sweeper (#13169) Output from sweeper in AWS Commercial: ``` 2020/05/11 16:56:04 [DEBUG] Running Sweepers for region (us-west-2): 2020/05/11 16:56:04 [DEBUG] Running Sweeper (aws_ses_receipt_rule_set) in region (us-west-2) ... 2020/05/11 16:56:07 [INFO] Disabling any currently active SES Receipt Rule Set 2020/05/11 16:56:07 Sweeper Tests ran successfully: - aws_ses_receipt_rule_set 2020/05/11 16:56:07 [DEBUG] Running Sweepers for region (us-east-1): 2020/05/11 16:56:07 [DEBUG] Running Sweeper (aws_ses_receipt_rule_set) in region (us-east-1) ... 2020/05/11 16:56:09 [INFO] Disabling any currently active SES Receipt Rule Set 2020/05/11 16:56:09 Sweeper Tests ran successfully: - aws_ses_receipt_rule_set ok github.com/terraform-providers/terraform-provider-aws/aws 7.008s ``` Output from sweeper in AWS GovCloud (US): ``` 2020/05/11 16:56:19 [DEBUG] Running Sweepers for region (us-gov-west-1): 2020/05/11 16:56:19 [DEBUG] Running Sweeper (aws_ses_receipt_rule_set) in region (us-gov-west-1) ... 2020/05/11 16:56:22 [INFO] Disabling any currently active SES Receipt Rule Set 2020/05/11 16:56:22 [WARN] Skipping SES Receipt Rule Sets sweep for us-gov-west-1: InvalidAction: Unavailable Operation status code: 400, request id: 6b002f42-d212-49a1-9c4d-bb88eab5a319 2020/05/11 16:56:22 Sweeper Tests ran successfully: - aws_ses_receipt_rule_set ok github.com/terraform-providers/terraform-provider-aws/aws 3.653s ``` --- aws/provider_test.go | 4 ++ aws/resource_aws_ses_receipt_rule_set_test.go | 69 +++++++++++++++++++ 2 files changed, 73 insertions(+) diff --git a/aws/provider_test.go b/aws/provider_test.go index c59e7a202e8..cb69efd2e09 100644 --- a/aws/provider_test.go +++ b/aws/provider_test.go @@ -692,6 +692,10 @@ func testSweepSkipSweepError(err error) bool { if isAWSErr(err, "InvalidAction", "is not valid") { return true } + // For example from GovCloud SES.SetActiveReceiptRuleSet. + if isAWSErr(err, "InvalidAction", "Unavailable Operation") { + return true + } return false } diff --git a/aws/resource_aws_ses_receipt_rule_set_test.go b/aws/resource_aws_ses_receipt_rule_set_test.go index 7ed8dabea9b..d6f7b662da5 100644 --- a/aws/resource_aws_ses_receipt_rule_set_test.go +++ b/aws/resource_aws_ses_receipt_rule_set_test.go @@ -2,15 +2,84 @@ package aws import ( "fmt" + "log" "testing" "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/service/ses" + "github.com/hashicorp/go-multierror" "github.com/hashicorp/terraform-plugin-sdk/helper/acctest" "github.com/hashicorp/terraform-plugin-sdk/helper/resource" "github.com/hashicorp/terraform-plugin-sdk/terraform" ) +func init() { + resource.AddTestSweepers("aws_ses_receipt_rule_set", &resource.Sweeper{ + Name: "aws_ses_receipt_rule_set", + F: testSweepSesReceiptRuleSets, + }) +} + +func testSweepSesReceiptRuleSets(region string) error { + client, err := sharedClientForRegion(region) + if err != nil { + return fmt.Errorf("error getting client: %w", err) + } + conn := client.(*AWSClient).sesconn + + // You cannot delete the receipt rule set that is currently active. + // Setting the name of the receipt rule set to make active to null disables all email receiving. + log.Printf("[INFO] Disabling any currently active SES Receipt Rule Set") + _, err = conn.SetActiveReceiptRuleSet(&ses.SetActiveReceiptRuleSetInput{}) + if testSweepSkipSweepError(err) { + log.Printf("[WARN] Skipping SES Receipt Rule Sets sweep for %s: %s", region, err) + return nil + } + if err != nil { + return fmt.Errorf("error disabling any currently active SES Receipt Rule Set: %w", err) + } + + input := &ses.ListReceiptRuleSetsInput{} + var sweeperErrs *multierror.Error + + for { + output, err := conn.ListReceiptRuleSets(input) + if testSweepSkipSweepError(err) { + log.Printf("[WARN] Skipping SES Receipt Rule Sets sweep for %s: %s", region, err) + return sweeperErrs.ErrorOrNil() // In case we have completed some pages, but had errors + } + if err != nil { + sweeperErrs = multierror.Append(sweeperErrs, fmt.Errorf("error retrieving SES Receipt Rule Sets: %w", err)) + return sweeperErrs + } + + for _, ruleSet := range output.RuleSets { + name := aws.StringValue(ruleSet.Name) + + log.Printf("[INFO] Deleting SES Receipt Rule Set: %s", name) + _, err := conn.DeleteReceiptRuleSet(&ses.DeleteReceiptRuleSetInput{ + RuleSetName: aws.String(name), + }) + if isAWSErr(err, ses.ErrCodeRuleSetDoesNotExistException, "") { + continue + } + if err != nil { + sweeperErr := fmt.Errorf("error deleting SES Receipt Rule Set (%s): %w", name, err) + log.Printf("[ERROR] %s", sweeperErr) + sweeperErrs = multierror.Append(sweeperErrs, sweeperErr) + continue + } + } + + if aws.StringValue(output.NextToken) == "" { + break + } + input.NextToken = output.NextToken + } + + return sweeperErrs.ErrorOrNil() +} + func TestAccAWSSESReceiptRuleSet_basic(t *testing.T) { resourceName := "aws_ses_receipt_rule_set.test" rName := acctest.RandomWithPrefix("tf-acc-test") From 8d5ecae7bccb5b4cea2ad21d53241b1869122f3c Mon Sep 17 00:00:00 2001 From: Graham Davison Date: Mon, 11 May 2020 14:10:47 -0700 Subject: [PATCH 104/475] Updates Kinesis Firehose acceptance tests to use ARN testing check functions --- aws/resource_aws_kinesis_firehose_delivery_stream_test.go | 1 + 1 file changed, 1 insertion(+) diff --git a/aws/resource_aws_kinesis_firehose_delivery_stream_test.go b/aws/resource_aws_kinesis_firehose_delivery_stream_test.go index 099f901f27b..2314de76a7e 100644 --- a/aws/resource_aws_kinesis_firehose_delivery_stream_test.go +++ b/aws/resource_aws_kinesis_firehose_delivery_stream_test.go @@ -762,6 +762,7 @@ func TestAccAWSKinesisFirehoseDeliveryStream_ExtendedS3KmsKeyArn(t *testing.T) { testAccCheckKinesisFirehoseDeliveryStreamExists(resourceName, &stream), testAccCheckAWSKinesisFirehoseDeliveryStreamAttributes(&stream, nil, nil, nil, nil, nil), resource.TestMatchResourceAttr(resourceName, "extended_s3_configuration.0.kms_key_arn", regexp.MustCompile(`^arn:[^:]+:kms:[^:]+:[^:]+:key/.+$`)), + resource.TestCheckResourceAttrPair(resourceName, "extended_s3_configuration.0.kms_key_arn", "aws_kms_key.test", "arn"), ), }, { From fa1ac3af9e453fa885bd0e1e190b2921b35eeff6 Mon Sep 17 00:00:00 2001 From: Ilia Lazebnik Date: Tue, 12 May 2020 00:32:12 +0300 Subject: [PATCH 105/475] return original arn in parsing error --- aws/resource_aws_iam_saml_provider.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/aws/resource_aws_iam_saml_provider.go b/aws/resource_aws_iam_saml_provider.go index 41f8213ad42..d33c5a89c72 100644 --- a/aws/resource_aws_iam_saml_provider.go +++ b/aws/resource_aws_iam_saml_provider.go @@ -120,7 +120,7 @@ func resourceAwsIamSamlProviderDelete(d *schema.ResourceData, meta interface{}) func extractNameFromIAMSamlProviderArn(samlArn string) (string, error) { parsedArn, err := arn.Parse(samlArn) if err != nil { - return "", fmt.Errorf("Unable to extract name from a given ARN: %q", parsedArn) + return "", fmt.Errorf("Unable to extract name from a given ARN: %q", samlArn) } name := strings.TrimPrefix(parsedArn.Resource, "saml-provider/") From c818bd09670a873f3a6d41ca89e63f19fd037392 Mon Sep 17 00:00:00 2001 From: Graham Davison Date: Mon, 11 May 2020 14:40:53 -0700 Subject: [PATCH 106/475] Updates Organizations acceptance tests to use ARN testing check functions Addresses: aws/resource_aws_organizations_policy_test.go:31:6: AWSAT001: prefer resource.TestCheckResourceAttrPair() or ARN check functions (e.g. testAccMatchResourceAttrRegionalARN) --- aws/resource_aws_organizations_policy_test.go | 1 + 1 file changed, 1 insertion(+) diff --git a/aws/resource_aws_organizations_policy_test.go b/aws/resource_aws_organizations_policy_test.go index e0d8b9d829b..3fde24bbbc4 100644 --- a/aws/resource_aws_organizations_policy_test.go +++ b/aws/resource_aws_organizations_policy_test.go @@ -29,6 +29,7 @@ func testAccAwsOrganizationsPolicy_basic(t *testing.T) { Check: resource.ComposeTestCheckFunc( testAccCheckAwsOrganizationsPolicyExists(resourceName, &policy), resource.TestMatchResourceAttr(resourceName, "arn", regexp.MustCompile(`^arn:[^:]+:organizations::[^:]+:policy/o-.+/service_control_policy/p-.+$`)), + testAccMatchResourceAttrGlobalARN(resourceName, "arn", "organizations", regexp.MustCompile("policy/o-.+/service_control_policy/p-.+$")), resource.TestCheckResourceAttr(resourceName, "content", content1), resource.TestCheckResourceAttr(resourceName, "description", ""), resource.TestCheckResourceAttr(resourceName, "name", rName), From 63534025495e1b42e5f8ed4485d298769a73a683 Mon Sep 17 00:00:00 2001 From: Kit Ewbank Date: Mon, 11 May 2020 18:20:20 -0400 Subject: [PATCH 107/475] tests/resource/aws_kinesis_analytics_application: Add sweeper (#13153) Output from sweeper in AWS Commercial: ``` 2020/05/11 18:18:54 [DEBUG] Running Sweepers for region (us-west-2): 2020/05/11 18:18:54 [DEBUG] Running Sweeper (aws_kinesis_analytics_application) in region (us-west-2) ... 2020/05/11 18:18:57 [INFO] Deleting Kinesis Analytics Application: testAcc-4080158281457541086 2020/05/11 18:18:57 [DEBUG] Waiting for state to become: [NotFound] 2020/05/11 18:18:59 [INFO] Deleting Kinesis Analytics Application: testAcc-4842219764002843260 2020/05/11 18:18:59 [DEBUG] Waiting for state to become: [NotFound] 2020/05/11 18:19:00 [INFO] Deleting Kinesis Analytics Application: testAcc-5293425581687425252 2020/05/11 18:19:00 [DEBUG] Waiting for state to become: [NotFound] 2020/05/11 18:19:02 [INFO] Deleting Kinesis Analytics Application: testAcc-9212510978665833895 2020/05/11 18:19:02 [DEBUG] Waiting for state to become: [NotFound] 2020/05/11 18:19:03 Sweeper Tests ran successfully: - aws_kinesis_analytics_application 2020/05/11 18:19:03 [DEBUG] Running Sweepers for region (us-east-1): 2020/05/11 18:19:03 [DEBUG] Running Sweeper (aws_kinesis_analytics_application) in region (us-east-1) ... 2020/05/11 18:19:05 Sweeper Tests ran successfully: - aws_kinesis_analytics_application ok github.com/terraform-providers/terraform-provider-aws/aws 13.084s ``` Output from sweeper in AWS GovCloud (US): ``` 2020/05/11 18:19:15 [DEBUG] Running Sweepers for region (us-gov-west-1): 2020/05/11 18:19:15 [DEBUG] Running Sweeper (aws_kinesis_analytics_application) in region (us-gov-west-1) ... 2020/05/11 18:19:18 [WARN] Skipping Kinesis Analytics Application sweep for us-gov-west-1: AccessDeniedException: status code: 400, request id: 2f8867f6-da5b-4f81-807f-fae53353bae1 2020/05/11 18:19:18 Sweeper Tests ran successfully: - aws_kinesis_analytics_application ok github.com/terraform-providers/terraform-provider-aws/aws 3.316s ``` --- .../service/kinesisanalytics/waiter/status.go | 38 ++++++++ .../service/kinesisanalytics/waiter/waiter.go | 31 +++++++ aws/resource_aws_cloudwatch_log_group_test.go | 2 +- ..._aws_kinesis_analytics_application_test.go | 87 +++++++++++++++++++ 4 files changed, 157 insertions(+), 1 deletion(-) create mode 100644 aws/internal/service/kinesisanalytics/waiter/status.go create mode 100644 aws/internal/service/kinesisanalytics/waiter/waiter.go diff --git a/aws/internal/service/kinesisanalytics/waiter/status.go b/aws/internal/service/kinesisanalytics/waiter/status.go new file mode 100644 index 00000000000..3620aa6455b --- /dev/null +++ b/aws/internal/service/kinesisanalytics/waiter/status.go @@ -0,0 +1,38 @@ +package waiter + +import ( + "github.com/aws/aws-sdk-go/aws" + "github.com/aws/aws-sdk-go/service/kinesisanalytics" + "github.com/hashicorp/terraform-plugin-sdk/helper/resource" +) + +const ( + // ApplicationStatus NotFound + ApplicationStatusNotFound = "NotFound" + + // ApplicationStatus Unknown + ApplicationStatusUnknown = "Unknown" +) + +// ApplicationStatus fetches the Application and its Status +func ApplicationStatus(conn *kinesisanalytics.KinesisAnalytics, applicationName string) resource.StateRefreshFunc { + return func() (interface{}, string, error) { + input := &kinesisanalytics.DescribeApplicationInput{ + ApplicationName: aws.String(applicationName), + } + + output, err := conn.DescribeApplication(input) + + if err != nil { + return nil, ApplicationStatusUnknown, err + } + + application := output.ApplicationDetail + + if application == nil { + return application, ApplicationStatusNotFound, nil + } + + return application, aws.StringValue(application.ApplicationStatus), nil + } +} diff --git a/aws/internal/service/kinesisanalytics/waiter/waiter.go b/aws/internal/service/kinesisanalytics/waiter/waiter.go new file mode 100644 index 00000000000..240de251295 --- /dev/null +++ b/aws/internal/service/kinesisanalytics/waiter/waiter.go @@ -0,0 +1,31 @@ +package waiter + +import ( + "time" + + "github.com/aws/aws-sdk-go/service/kinesisanalytics" + "github.com/hashicorp/terraform-plugin-sdk/helper/resource" +) + +const ( + // Maximum amount of time to wait for an Application to be deleted + ApplicationDeletedTimeout = 20 * time.Minute +) + +// ApplicationDeleted waits for an Application to be deleted +func ApplicationDeleted(conn *kinesisanalytics.KinesisAnalytics, applicationName string) (*kinesisanalytics.ApplicationSummary, error) { + stateConf := &resource.StateChangeConf{ + Pending: []string{kinesisanalytics.ApplicationStatusRunning, kinesisanalytics.ApplicationStatusDeleting}, + Target: []string{ApplicationStatusNotFound}, + Refresh: ApplicationStatus(conn, applicationName), + Timeout: ApplicationDeletedTimeout, + } + + outputRaw, err := stateConf.WaitForState() + + if v, ok := outputRaw.(*kinesisanalytics.ApplicationSummary); ok { + return v, err + } + + return nil, err +} diff --git a/aws/resource_aws_cloudwatch_log_group_test.go b/aws/resource_aws_cloudwatch_log_group_test.go index 76b616b87f8..040d0ff1169 100644 --- a/aws/resource_aws_cloudwatch_log_group_test.go +++ b/aws/resource_aws_cloudwatch_log_group_test.go @@ -30,7 +30,7 @@ func init() { "aws_elasticsearch_domain", // Not currently implemented: "aws_flow_log", "aws_glue_job", - // Not currently implemented: "aws_kinesis_analytics_application", + "aws_kinesis_analytics_application", "aws_kinesis_firehose_delivery_stream", "aws_lambda_function", "aws_mq_broker", diff --git a/aws/resource_aws_kinesis_analytics_application_test.go b/aws/resource_aws_kinesis_analytics_application_test.go index 36bf1348106..1ae5e8c1bc2 100644 --- a/aws/resource_aws_kinesis_analytics_application_test.go +++ b/aws/resource_aws_kinesis_analytics_application_test.go @@ -2,15 +2,102 @@ package aws import ( "fmt" + "log" "testing" "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/service/kinesisanalytics" + "github.com/hashicorp/go-multierror" "github.com/hashicorp/terraform-plugin-sdk/helper/acctest" "github.com/hashicorp/terraform-plugin-sdk/helper/resource" "github.com/hashicorp/terraform-plugin-sdk/terraform" + "github.com/terraform-providers/terraform-provider-aws/aws/internal/service/kinesisanalytics/waiter" ) +func init() { + resource.AddTestSweepers("aws_kinesis_analytics_application", &resource.Sweeper{ + Name: "aws_kinesis_analytics_application", + F: testSweepKinesisAnalyticsApplications, + }) +} + +func testSweepKinesisAnalyticsApplications(region string) error { + client, err := sharedClientForRegion(region) + if err != nil { + return fmt.Errorf("error getting client: %w", err) + } + conn := client.(*AWSClient).kinesisanalyticsconn + input := &kinesisanalytics.ListApplicationsInput{} + var sweeperErrs *multierror.Error + + for { + output, err := conn.ListApplications(input) + if testSweepSkipSweepError(err) { + log.Printf("[WARN] Skipping Kinesis Analytics Application sweep for %s: %s", region, err) + return sweeperErrs.ErrorOrNil() // In case we have completed some pages, but had errors + } + if err != nil { + sweeperErrs = multierror.Append(sweeperErrs, fmt.Errorf("error retrieving Kinesis Analytics Applications: %w", err)) + return sweeperErrs + } + + var name string + for _, applicationSummary := range output.ApplicationSummaries { + name = aws.StringValue(applicationSummary.ApplicationName) + + output, err := conn.DescribeApplication(&kinesisanalytics.DescribeApplicationInput{ + ApplicationName: aws.String(name), + }) + if isAWSErr(err, kinesisanalytics.ErrCodeResourceNotFoundException, "") { + continue + } + if err != nil { + sweeperErr := fmt.Errorf("error describing Kinesis Analytics Application (%s): %w", name, err) + log.Printf("[ERROR] %s", sweeperErr) + sweeperErrs = multierror.Append(sweeperErrs, sweeperErr) + continue + } + + if output.ApplicationDetail == nil { + continue + } + + log.Printf("[INFO] Deleting Kinesis Analytics Application: %s", name) + _, err = conn.DeleteApplication(&kinesisanalytics.DeleteApplicationInput{ + ApplicationName: aws.String(name), + CreateTimestamp: output.ApplicationDetail.CreateTimestamp, + }) + if isAWSErr(err, kinesisanalytics.ErrCodeResourceNotFoundException, "") { + continue + } + if err != nil { + sweeperErr := fmt.Errorf("error deleting Kinesis Analytics Application (%s): %w", name, err) + log.Printf("[ERROR] %s", sweeperErr) + sweeperErrs = multierror.Append(sweeperErrs, sweeperErr) + continue + } + + _, err = waiter.ApplicationDeleted(conn, name) + if isAWSErr(err, kinesisanalytics.ErrCodeResourceNotFoundException, "") { + continue + } + if err != nil { + sweeperErr := fmt.Errorf("error waiting for Kinesis Analytics Application (%s) to be deleted: %w", name, err) + log.Printf("[ERROR] %s", sweeperErr) + sweeperErrs = multierror.Append(sweeperErrs, sweeperErr) + continue + } + } + + if !aws.BoolValue(output.HasMoreApplications) { + break + } + input.ExclusiveStartApplicationName = aws.String(name) + } + + return sweeperErrs.ErrorOrNil() +} + func TestAccAWSKinesisAnalyticsApplication_basic(t *testing.T) { var application kinesisanalytics.ApplicationDetail resName := "aws_kinesis_analytics_application.test" From 8f50831fd5b558113abe703feb470d17178a964e Mon Sep 17 00:00:00 2001 From: Kit Ewbank Date: Mon, 11 May 2020 18:25:04 -0400 Subject: [PATCH 108/475] tests/resource/aws_sns_platform_application: Add sweeper (#13168) Output from sweeper in AWS Commercial: ``` 2020/05/11 18:24:00 [DEBUG] Running Sweepers for region (us-west-2): 2020/05/11 18:24:00 [DEBUG] Running Sweeper (aws_sns_platform_application) in region (us-west-2) ... 2020/05/11 18:24:03 Sweeper Tests ran successfully: - aws_sns_platform_application 2020/05/11 18:24:03 [DEBUG] Running Sweepers for region (us-east-1): 2020/05/11 18:24:03 [DEBUG] Running Sweeper (aws_sns_platform_application) in region (us-east-1) ... 2020/05/11 18:24:04 Sweeper Tests ran successfully: - aws_sns_platform_application ok github.com/terraform-providers/terraform-provider-aws/aws 6.433s ``` Output from sweeper in AWS GovCloud (US): ``` 2020/05/11 18:24:15 [DEBUG] Running Sweepers for region (us-gov-west-1): 2020/05/11 18:24:15 [DEBUG] Running Sweeper (aws_sns_platform_application) in region (us-gov-west-1) ... 2020/05/11 18:24:17 Sweeper Tests ran successfully: - aws_sns_platform_application ok github.com/terraform-providers/terraform-provider-aws/aws 3.435s ``` --- ...ource_aws_sns_platform_application_test.go | 58 ++++++++++++++++++- 1 file changed, 55 insertions(+), 3 deletions(-) diff --git a/aws/resource_aws_sns_platform_application_test.go b/aws/resource_aws_sns_platform_application_test.go index 7fc9ed4cce8..960d976a89a 100644 --- a/aws/resource_aws_sns_platform_application_test.go +++ b/aws/resource_aws_sns_platform_application_test.go @@ -9,14 +9,66 @@ import ( "strings" "testing" + "github.com/aws/aws-sdk-go/aws" + "github.com/aws/aws-sdk-go/service/sns" + "github.com/hashicorp/go-multierror" "github.com/hashicorp/terraform-plugin-sdk/helper/acctest" "github.com/hashicorp/terraform-plugin-sdk/helper/resource" "github.com/hashicorp/terraform-plugin-sdk/terraform" - - "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/service/sns" ) +func init() { + resource.AddTestSweepers("aws_sns_platform_application", &resource.Sweeper{ + Name: "aws_sns_platform_application", + F: testSweepSnsPlatformApplications, + }) +} + +func testSweepSnsPlatformApplications(region string) error { + client, err := sharedClientForRegion(region) + if err != nil { + return fmt.Errorf("error getting client: %w", err) + } + conn := client.(*AWSClient).snsconn + var sweeperErrs *multierror.Error + + err = conn.ListPlatformApplicationsPages(&sns.ListPlatformApplicationsInput{}, func(page *sns.ListPlatformApplicationsOutput, isLast bool) bool { + if page == nil { + return !isLast + } + + for _, platformApplication := range page.PlatformApplications { + arn := aws.StringValue(platformApplication.PlatformApplicationArn) + + log.Printf("[INFO] Deleting SNS Platform Application: %s", arn) + _, err := conn.DeletePlatformApplication(&sns.DeletePlatformApplicationInput{ + PlatformApplicationArn: aws.String(arn), + }) + if isAWSErr(err, sns.ErrCodeNotFoundException, "") { + continue + } + if err != nil { + sweeperErr := fmt.Errorf("error deleting SNS Platform Application (%s): %w", arn, err) + log.Printf("[ERROR] %s", sweeperErr) + sweeperErrs = multierror.Append(sweeperErrs, sweeperErr) + continue + } + } + + return !isLast + }) + + if testSweepSkipSweepError(err) { + log.Printf("[WARN] Skipping SNS Platform Applications sweep for %s: %s", region, err) + return sweeperErrs.ErrorOrNil() // In case we have completed some pages, but had errors + } + if err != nil { + sweeperErrs = multierror.Append(sweeperErrs, fmt.Errorf("error retrieving SNS Platform Applications: %w", err)) + } + + return sweeperErrs.ErrorOrNil() +} + /** Before running this test, at least one of these ENV variables combinations must be set: From d639e9dd15017316c3afc2f26ff3e79ee15bcc83 Mon Sep 17 00:00:00 2001 From: Graham Davison Date: Mon, 11 May 2020 15:28:31 -0700 Subject: [PATCH 109/475] Updates IOT acceptance tests to use ARN testing check functions Addresses: aws/resource_aws_iot_role_alias_test.go:65:6: AWSAT001: prefer resource.TestCheckResourceAttrPair() or ARN check functions (e.g. testAccMatchResourceAttrRegionalARN) --- aws/resource_aws_iot_role_alias_test.go | 35 ++++++++++++------------- 1 file changed, 17 insertions(+), 18 deletions(-) diff --git a/aws/resource_aws_iot_role_alias_test.go b/aws/resource_aws_iot_role_alias_test.go index 087574c660f..ea321d97fa9 100644 --- a/aws/resource_aws_iot_role_alias_test.go +++ b/aws/resource_aws_iot_role_alias_test.go @@ -15,6 +15,9 @@ func TestAccAWSIotRoleAlias_basic(t *testing.T) { alias := acctest.RandomWithPrefix("RoleAlias-") alias2 := acctest.RandomWithPrefix("RoleAlias2-") + resourceName := "aws_iot_role_alias.ra" + resourceName2 := "aws_iot_role_alias.ra2" + resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, Providers: testAccProviders, @@ -23,51 +26,47 @@ func TestAccAWSIotRoleAlias_basic(t *testing.T) { { Config: testAccAWSIotRoleAliasConfig(alias), Check: resource.ComposeTestCheckFunc( - testAccCheckAWSIotRoleAliasExists("aws_iot_role_alias.ra"), - testAccCheckResourceAttrRegionalARN("aws_iot_role_alias.ra", "arn", "iot", fmt.Sprintf("rolealias/%s", alias)), - resource.TestCheckResourceAttr( - "aws_iot_role_alias.ra", "credential_duration", "3600"), + testAccCheckAWSIotRoleAliasExists(resourceName), + testAccCheckResourceAttrRegionalARN(resourceName, "arn", "iot", fmt.Sprintf("rolealias/%s", alias)), + resource.TestCheckResourceAttr(resourceName, "credential_duration", "3600"), ), }, { Config: testAccAWSIotRoleAliasConfigUpdate1(alias, alias2), Check: resource.ComposeTestCheckFunc( - testAccCheckAWSIotRoleAliasExists("aws_iot_role_alias.ra"), - testAccCheckAWSIotRoleAliasExists("aws_iot_role_alias.ra2"), - testAccCheckResourceAttrRegionalARN("aws_iot_role_alias.ra", "arn", "iot", fmt.Sprintf("rolealias/%s", alias)), - resource.TestCheckResourceAttr( - "aws_iot_role_alias.ra", "credential_duration", "1800"), + testAccCheckAWSIotRoleAliasExists(resourceName), + testAccCheckAWSIotRoleAliasExists(resourceName2), + testAccCheckResourceAttrRegionalARN(resourceName, "arn", "iot", fmt.Sprintf("rolealias/%s", alias)), + resource.TestCheckResourceAttr(resourceName, "credential_duration", "1800"), ), }, { Config: testAccAWSIotRoleAliasConfigUpdate2(alias2), - Check: resource.ComposeTestCheckFunc( - testAccCheckAWSIotRoleAliasExists("aws_iot_role_alias.ra2"), - ), + Check: resource.ComposeTestCheckFunc(testAccCheckAWSIotRoleAliasExists(resourceName2)), }, { Config: testAccAWSIotRoleAliasConfigUpdate3(alias2), Check: resource.ComposeTestCheckFunc( - testAccCheckAWSIotRoleAliasExists("aws_iot_role_alias.ra2"), + testAccCheckAWSIotRoleAliasExists(resourceName2), ), ExpectError: regexp.MustCompile("Role alias .+? already exists for this account"), }, { Config: testAccAWSIotRoleAliasConfigUpdate4(alias2), Check: resource.ComposeTestCheckFunc( - testAccCheckAWSIotRoleAliasExists("aws_iot_role_alias.ra2"), + testAccCheckAWSIotRoleAliasExists(resourceName2), ), }, { Config: testAccAWSIotRoleAliasConfigUpdate5(alias2), Check: resource.ComposeTestCheckFunc( - testAccCheckAWSIotRoleAliasExists("aws_iot_role_alias.ra2"), - resource.TestMatchResourceAttr( - "aws_iot_role_alias.ra2", "role_arn", regexp.MustCompile(".+?bogus")), + testAccCheckAWSIotRoleAliasExists(resourceName2), + resource.TestMatchResourceAttr(resourceName2, "role_arn", regexp.MustCompile(".+?bogus")), + testAccMatchResourceAttrGlobalARN(resourceName2, "role_arn", "iam", regexp.MustCompile("role/rolebogus")), ), }, { - ResourceName: "aws_iot_role_alias.ra2", + ResourceName: resourceName2, ImportState: true, ImportStateVerify: true, }, From f34c8da7c52add159ff2361390fcecfed9a425b4 Mon Sep 17 00:00:00 2001 From: Graham Davison Date: Mon, 11 May 2020 15:31:52 -0700 Subject: [PATCH 110/475] Updates Glue acceptance tests to use ARN testing check functions Addresses: aws/resource_aws_glue_job_test.go:78:6: AWSAT001: prefer resource.TestCheckResourceAttrPair() or ARN check functions (e.g. testAccMatchResourceAttrRegionalARN) --- aws/resource_aws_glue_job_test.go | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/aws/resource_aws_glue_job_test.go b/aws/resource_aws_glue_job_test.go index 065550c1b11..99c7029afe6 100644 --- a/aws/resource_aws_glue_job_test.go +++ b/aws/resource_aws_glue_job_test.go @@ -60,6 +60,7 @@ func TestAccAWSGlueJob_Basic(t *testing.T) { rName := fmt.Sprintf("tf-acc-test-%s", acctest.RandString(5)) resourceName := "aws_glue_job.test" + roleResourceName := "aws_iam_role.test" resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, @@ -75,7 +76,7 @@ func TestAccAWSGlueJob_Basic(t *testing.T) { resource.TestCheckResourceAttr(resourceName, "command.0.script_location", "testscriptlocation"), resource.TestCheckResourceAttr(resourceName, "default_arguments.%", "0"), resource.TestCheckResourceAttr(resourceName, "name", rName), - resource.TestMatchResourceAttr(resourceName, "role_arn", regexp.MustCompile(fmt.Sprintf("^arn:[^:]+:iam::[^:]+:role/%s", rName))), + resource.TestCheckResourceAttrPair(resourceName, "role_arn", roleResourceName, "arn"), resource.TestCheckResourceAttr(resourceName, "tags.%", "0"), resource.TestCheckResourceAttr(resourceName, "timeout", "2880"), ), From ab7a5c97f2e44cf21a7a94e1b83d3d7b5dd4cf4a Mon Sep 17 00:00:00 2001 From: Brian Flad Date: Mon, 11 May 2020 19:11:09 -0400 Subject: [PATCH 111/475] tests/resource/aws_route53_query_log: Skip SerializationError and AccessDeniedException for sweeper To workaround API and SDK issues in AWS GovCloud (US). Output from sweeper in AWS Commercial: ``` 2020/05/11 19:06:27 [DEBUG] Running Sweepers for region (us-west-2): 2020/05/11 19:06:27 [DEBUG] Running Sweeper (aws_route53_query_log) in region (us-west-2) ... 2020/05/11 19:06:30 Sweeper Tests ran successfully: - aws_route53_query_log 2020/05/11 19:06:30 [DEBUG] Running Sweepers for region (us-east-1): 2020/05/11 19:06:30 [DEBUG] Running Sweeper (aws_route53_query_log) in region (us-east-1) ... 2020/05/11 19:06:31 Sweeper Tests ran successfully: - aws_route53_query_log ok github.com/terraform-providers/terraform-provider-aws/aws 4.962s ``` Output from sweeper in AWS GovCloud (US): ``` 2020/05/11 19:06:42 [DEBUG] Running Sweepers for region (us-gov-west-1): 2020/05/11 19:06:42 [DEBUG] Running Sweeper (aws_route53_query_log) in region (us-gov-west-1) ... 2020/05/11 19:06:47 [WARN] Skipping Route53 query logging configurations sweep for us-gov-west-1: SerializationError: failed to unmarshal error message status code: 403, request id: 3e3de32d-ddfa-4895-9eaf-5cab66edf80f caused by: UnmarshalError: failed to unmarshal error message 00000000 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 |.. | 00000030 3c 4d 65 73 73 61 67 65 3e 55 6e 61 62 6c 65 20 |Unable | 00000040 74 6f 20 64 65 74 65 72 6d 69 6e 65 20 73 65 72 |to determine ser| 00000050 76 69 63 65 2f 6f 70 65 72 61 74 69 6f 6e 20 6e |vice/operation n| 00000060 61 6d 65 20 74 6f 20 62 65 20 61 75 74 68 6f 72 |ame to be author| 00000070 69 7a 65 64 3c 2f 4d 65 73 73 61 67 65 3e 0a 3c |ized.<| 00000080 2f 41 63 63 65 73 73 44 65 6e 69 65 64 45 78 63 |/AccessDeniedExc| 00000090 65 70 74 69 6f 6e 3e 0a |eption>.| caused by: unknown error response tag, {{ AccessDeniedException} []} 2020/05/11 19:06:47 Sweeper Tests ran successfully: - aws_route53_query_log ok github.com/terraform-providers/terraform-provider-aws/aws 6.092s ``` --- aws/resource_aws_route53_query_log_test.go | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/aws/resource_aws_route53_query_log_test.go b/aws/resource_aws_route53_query_log_test.go index 68a21d3d109..8a236e055e5 100644 --- a/aws/resource_aws_route53_query_log_test.go +++ b/aws/resource_aws_route53_query_log_test.go @@ -55,7 +55,9 @@ func testSweepRoute53QueryLogs(region string) error { return !isLast }) - if testSweepSkipSweepError(err) { + // In unsupported AWS partitions, the API may return an error even the SDK cannot handle. + // Reference: https://github.com/aws/aws-sdk-go/issues/3313 + if testSweepSkipSweepError(err) || isAWSErr(err, "SerializationError", "failed to unmarshal error message") || isAWSErr(err, "AccessDeniedException", "Unable to determine service/operation name to be authorized") { log.Printf("[WARN] Skipping Route53 query logging configurations sweep for %s: %s", region, err) return sweeperErrs.ErrorOrNil() // In case we have completed some pages, but had errors } From f6603e5b8e4c5b29b110e7caa9fa1c60d5ae6246 Mon Sep 17 00:00:00 2001 From: Kit Ewbank Date: Mon, 11 May 2020 19:24:14 -0400 Subject: [PATCH 112/475] tests/resource/aws_flow_log: Add sweeper (#13149) Output from sweeper in AWS Commercial: ``` 2020/05/11 19:22:53 [DEBUG] Running Sweepers for region (us-west-2): 2020/05/11 19:22:53 [DEBUG] Running Sweeper (aws_flow_log) in region (us-west-2) ... 2020/05/11 19:22:55 Sweeper Tests ran successfully: - aws_flow_log 2020/05/11 19:22:55 [DEBUG] Running Sweepers for region (us-east-1): 2020/05/11 19:22:55 [DEBUG] Running Sweeper (aws_flow_log) in region (us-east-1) ... 2020/05/11 19:22:57 Sweeper Tests ran successfully: - aws_flow_log ok github.com/terraform-providers/terraform-provider-aws/aws 6.513s ``` Output from sweeper in AWS GovCloud (US): ``` 2020/05/11 19:23:07 [DEBUG] Running Sweepers for region (us-gov-west-1): 2020/05/11 19:23:07 [DEBUG] Running Sweeper (aws_flow_log) in region (us-gov-west-1) ... 2020/05/11 19:23:10 Sweeper Tests ran successfully: - aws_flow_log ok github.com/terraform-providers/terraform-provider-aws/aws 3.671s ``` --- aws/resource_aws_cloudwatch_log_group_test.go | 2 +- aws/resource_aws_flow_log_test.go | 53 +++++++++++++++++++ 2 files changed, 54 insertions(+), 1 deletion(-) diff --git a/aws/resource_aws_cloudwatch_log_group_test.go b/aws/resource_aws_cloudwatch_log_group_test.go index 0aaa8f6de11..cf008bf9d83 100644 --- a/aws/resource_aws_cloudwatch_log_group_test.go +++ b/aws/resource_aws_cloudwatch_log_group_test.go @@ -28,7 +28,7 @@ func init() { "aws_ec2_client_vpn_endpoint", "aws_eks_cluster", "aws_elasticsearch_domain", - // Not currently implemented: "aws_flow_log", + "aws_flow_log", "aws_glue_job", "aws_kinesis_analytics_application", "aws_kinesis_firehose_delivery_stream", diff --git a/aws/resource_aws_flow_log_test.go b/aws/resource_aws_flow_log_test.go index 44c09455775..9b5d912f930 100644 --- a/aws/resource_aws_flow_log_test.go +++ b/aws/resource_aws_flow_log_test.go @@ -2,16 +2,69 @@ package aws import ( "fmt" + "log" "regexp" "testing" "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/service/ec2" + "github.com/hashicorp/go-multierror" "github.com/hashicorp/terraform-plugin-sdk/helper/acctest" "github.com/hashicorp/terraform-plugin-sdk/helper/resource" "github.com/hashicorp/terraform-plugin-sdk/terraform" ) +func init() { + resource.AddTestSweepers("aws_flow_log", &resource.Sweeper{ + Name: "aws_flow_log", + F: testSweepFlowLogs, + }) +} + +func testSweepFlowLogs(region string) error { + client, err := sharedClientForRegion(region) + if err != nil { + return fmt.Errorf("error getting client: %w", err) + } + conn := client.(*AWSClient).ec2conn + var sweeperErrs *multierror.Error + + err = conn.DescribeFlowLogsPages(&ec2.DescribeFlowLogsInput{}, func(page *ec2.DescribeFlowLogsOutput, isLast bool) bool { + if page == nil { + return !isLast + } + + for _, flowLog := range page.FlowLogs { + id := aws.StringValue(flowLog.FlowLogId) + + log.Printf("[INFO] Deleting Flow Log: %s", id) + _, err := conn.DeleteFlowLogs(&ec2.DeleteFlowLogsInput{ + FlowLogIds: aws.StringSlice([]string{id}), + }) + if isAWSErr(err, "InvalidFlowLogId.NotFound", "") { + continue + } + if err != nil { + sweeperErr := fmt.Errorf("error deleting Flow Log (%s): %w", id, err) + log.Printf("[ERROR] %s", sweeperErr) + sweeperErrs = multierror.Append(sweeperErrs, sweeperErr) + continue + } + } + + return !isLast + }) + if testSweepSkipSweepError(err) { + log.Printf("[WARN] Skipping Flow Logs sweep for %s: %s", region, err) + return sweeperErrs.ErrorOrNil() // In case we have completed some pages, but had errors + } + if err != nil { + sweeperErrs = multierror.Append(sweeperErrs, fmt.Errorf("error retrieving Flow Logs: %w", err)) + } + + return sweeperErrs.ErrorOrNil() +} + func TestAccAWSFlowLog_VPCID(t *testing.T) { var flowLog ec2.FlowLog cloudwatchLogGroupResourceName := "aws_cloudwatch_log_group.test" From ea88e1839110afa53b7f039295f11968b48b38b9 Mon Sep 17 00:00:00 2001 From: Kit Ewbank Date: Mon, 11 May 2020 19:29:26 -0400 Subject: [PATCH 113/475] tests/resource/aws_cloudtrail: Add sweeper (#13150) Output from sweeper in AWS Commercial: ``` 2020/05/11 19:28:05 [DEBUG] Running Sweepers for region (us-west-2): 2020/05/11 19:28:05 [DEBUG] Running Sweeper (aws_cloudtrail) in region (us-west-2) ... 2020/05/11 19:28:09 [INFO] Deleting CloudTrail: AWSMacieTrail-DO-NOT-EDIT 2020/05/11 19:28:10 [INFO] Deleting CloudTrail: account-187416307283 2020/05/11 19:28:12 [INFO] CloudTrail (hc-org-trail) not found, skipping 2020/05/11 19:28:13 [INFO] Deleting CloudTrail: tf-trail-foobar-740692971207085083 2020/05/11 19:28:13 Sweeper Tests ran successfully: - aws_cloudtrail 2020/05/11 19:28:13 [DEBUG] Running Sweepers for region (us-east-1): 2020/05/11 19:28:13 [DEBUG] Running Sweeper (aws_cloudtrail) in region (us-east-1) ... 2020/05/11 19:28:15 [INFO] CloudTrail (hc-org-trail) not found, skipping 2020/05/11 19:28:16 [INFO] Deleting CloudTrail: tf-trail-foobar-2250818700904448419 2020/05/11 19:28:16 Sweeper Tests ran successfully: - aws_cloudtrail ok github.com/terraform-providers/terraform-provider-aws/aws 12.816s ``` Output from sweeper in AWS GovCloud (US): ``` 2020/05/11 19:28:26 [DEBUG] Running Sweepers for region (us-gov-west-1): 2020/05/11 19:28:26 [DEBUG] Running Sweeper (aws_cloudtrail) in region (us-gov-west-1) ... 2020/05/11 19:28:28 Sweeper Tests ran successfully: - aws_cloudtrail ok github.com/terraform-providers/terraform-provider-aws/aws 3.375s ``` --- aws/resource_aws_cloudtrail_test.go | 72 +++++++++++++++++++ aws/resource_aws_cloudwatch_log_group_test.go | 2 +- 2 files changed, 73 insertions(+), 1 deletion(-) diff --git a/aws/resource_aws_cloudtrail_test.go b/aws/resource_aws_cloudtrail_test.go index 72b518357b2..ee0786c4d10 100644 --- a/aws/resource_aws_cloudtrail_test.go +++ b/aws/resource_aws_cloudtrail_test.go @@ -9,11 +9,83 @@ import ( "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/service/cloudtrail" + "github.com/hashicorp/go-multierror" "github.com/hashicorp/terraform-plugin-sdk/helper/acctest" "github.com/hashicorp/terraform-plugin-sdk/helper/resource" "github.com/hashicorp/terraform-plugin-sdk/terraform" ) +func init() { + resource.AddTestSweepers("aws_cloudtrail", &resource.Sweeper{ + Name: "aws_cloudtrail", + F: testSweepCloudTrails, + }) +} + +func testSweepCloudTrails(region string) error { + client, err := sharedClientForRegion(region) + if err != nil { + return fmt.Errorf("error getting client: %w", err) + } + conn := client.(*AWSClient).cloudtrailconn + var sweeperErrs *multierror.Error + + err = conn.ListTrailsPages(&cloudtrail.ListTrailsInput{}, func(page *cloudtrail.ListTrailsOutput, isLast bool) bool { + if page == nil { + return !isLast + } + + for _, trail := range page.Trails { + name := aws.StringValue(trail.Name) + + output, err := conn.DescribeTrails(&cloudtrail.DescribeTrailsInput{ + TrailNameList: aws.StringSlice([]string{name}), + }) + if err != nil { + sweeperErr := fmt.Errorf("error describing CloudTrail (%s): %w", name, err) + log.Printf("[ERROR] %s", sweeperErr) + sweeperErrs = multierror.Append(sweeperErrs, sweeperErr) + continue + } + + if len(output.TrailList) == 0 { + log.Printf("[INFO] CloudTrail (%s) not found, skipping", name) + continue + } + + if aws.BoolValue(output.TrailList[0].IsOrganizationTrail) { + log.Printf("[INFO] CloudTrail (%s) is an organization trail, skipping", name) + continue + } + + log.Printf("[INFO] Deleting CloudTrail: %s", name) + _, err = conn.DeleteTrail(&cloudtrail.DeleteTrailInput{ + Name: aws.String(name), + }) + if isAWSErr(err, cloudtrail.ErrCodeTrailNotFoundException, "") { + continue + } + if err != nil { + sweeperErr := fmt.Errorf("error deleting CloudTrail (%s): %w", name, err) + log.Printf("[ERROR] %s", sweeperErr) + sweeperErrs = multierror.Append(sweeperErrs, sweeperErr) + continue + } + } + + return !isLast + }) + if testSweepSkipSweepError(err) { + log.Printf("[WARN] Skipping CloudTrail sweep for %s: %s", region, err) + return sweeperErrs.ErrorOrNil() // In case we have completed some pages, but had errors + } + if err != nil { + sweeperErrs = multierror.Append(sweeperErrs, fmt.Errorf("error retrieving CloudTrails: %w", err)) + } + + return sweeperErrs.ErrorOrNil() +} + func TestAccAWSCloudTrail(t *testing.T) { testCases := map[string]map[string]func(t *testing.T){ "Trail": { diff --git a/aws/resource_aws_cloudwatch_log_group_test.go b/aws/resource_aws_cloudwatch_log_group_test.go index cf008bf9d83..f48d6c68aae 100644 --- a/aws/resource_aws_cloudwatch_log_group_test.go +++ b/aws/resource_aws_cloudwatch_log_group_test.go @@ -21,7 +21,7 @@ func init() { Dependencies: []string{ "aws_api_gateway_rest_api", "aws_cloudhsm_v2_cluster", - // Not currently implemented: "aws_cloudtrail", + "aws_cloudtrail", "aws_datasync_task", "aws_db_instance", "aws_directory_service_directory", From 7df13d0f8c9801b5c3e11b700dca798e7e0670fb Mon Sep 17 00:00:00 2001 From: Micheal Harker Date: Tue, 12 May 2020 00:36:33 +0100 Subject: [PATCH 114/475] tests/resource/aws_ecr_repository: Implement sweeper (#12834) Output from sweeper in AWS Commercial: ``` 2020/05/11 19:35:10 [DEBUG] Running Sweepers for region (us-west-2): 2020/05/11 19:35:10 [DEBUG] Running Sweeper (aws_ecr_repository) in region (us-west-2) ... 2020/05/11 19:35:12 [INFO] Deleting ECR repository: tf-acc-test-ecr-jynnb8fr46 2020/05/11 19:35:13 [INFO] Deleting ECR repository: tf-acc-test-lifecycle-eynj6yvxr7 2020/05/11 19:35:13 [INFO] Deleting ECR repository: tf-acc-test-lifecycle-8c7g6nd8fe 2020/05/11 19:35:13 [INFO] Deleting ECR repository: tf-acc-test-ecr-xkk8bx2mxz 2020/05/11 19:35:14 [INFO] Deleting ECR repository: tf-acc-test-lifecycle-fmlgi1nwzb 2020/05/11 19:35:14 [INFO] Deleting ECR repository: tf-acc-test-lifecycle-vm96ysp8bc 2020/05/11 19:35:15 [INFO] Deleting ECR repository: tf-acc-test-ecr-ba2v8fhova 2020/05/11 19:35:15 [INFO] Deleting ECR repository: tf-acc-test-6050143170194165363 2020/05/11 19:35:16 [INFO] Deleting ECR repository: tf-acc-test-ecr-ff08cszgny 2020/05/11 19:35:16 [INFO] Deleting ECR repository: tf-acc-test-ecr-se3ehbyrhb 2020/05/11 19:35:16 [INFO] Deleting ECR repository: tf-acc-test-6889266986464638074 2020/05/11 19:35:17 [INFO] Deleting ECR repository: tf-acc-test-ecr-o2t30n9cnx 2020/05/11 19:35:17 [INFO] Deleting ECR repository: bar 2020/05/11 19:35:18 [INFO] Deleting ECR repository: tf-acc-test-ecr-04h02y7eg3 2020/05/11 19:35:18 [INFO] Deleting ECR repository: tf-acc-test-4382088656668134051 2020/05/11 19:35:19 [INFO] Deleting ECR repository: tf-acc-test-lifecycle-i7l3dvpph9 2020/05/11 19:35:19 [INFO] Deleting ECR repository: tf-acc-test-1524363012416375905 2020/05/11 19:35:19 Sweeper Tests ran successfully: - aws_ecr_repository 2020/05/11 19:35:19 [DEBUG] Running Sweepers for region (us-east-1): 2020/05/11 19:35:19 [DEBUG] Running Sweeper (aws_ecr_repository) in region (us-east-1) ... 2020/05/11 19:35:21 [INFO] Deleting ECR repository: tf-acc-test-ecr-1lkbnobdkl 2020/05/11 19:35:21 [INFO] Deleting ECR repository: tf-acc-test-ecr-q3ungwfsrb 2020/05/11 19:35:21 Sweeper Tests ran successfully: - aws_ecr_repository ok github.com/terraform-providers/terraform-provider-aws/aws 14.934s ``` Output from sweeper in AWS GovCloud (US): ``` 2020/05/11 19:35:32 [DEBUG] Running Sweepers for region (us-gov-west-1): 2020/05/11 19:35:32 [DEBUG] Running Sweeper (aws_ecr_repository) in region (us-gov-west-1) ... 2020/05/11 19:35:35 Sweeper Tests ran successfully: - aws_ecr_repository ok github.com/terraform-providers/terraform-provider-aws/aws 4.519s ``` --- aws/resource_aws_ecr_repository_test.go | 56 +++++++++++++++++++++++++ 1 file changed, 56 insertions(+) diff --git a/aws/resource_aws_ecr_repository_test.go b/aws/resource_aws_ecr_repository_test.go index 3c54a6476cb..a0bd6dfb695 100644 --- a/aws/resource_aws_ecr_repository_test.go +++ b/aws/resource_aws_ecr_repository_test.go @@ -2,15 +2,71 @@ package aws import ( "fmt" + "log" "testing" "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/service/ecr" + "github.com/hashicorp/go-multierror" "github.com/hashicorp/terraform-plugin-sdk/helper/acctest" "github.com/hashicorp/terraform-plugin-sdk/helper/resource" "github.com/hashicorp/terraform-plugin-sdk/terraform" ) +func init() { + resource.AddTestSweepers("aws_ecr_repository", &resource.Sweeper{ + Name: "aws_ecr_repository", + F: testSweepEcrRepositories, + }) +} + +func testSweepEcrRepositories(region string) error { + client, err := sharedClientForRegion(region) + if err != nil { + return fmt.Errorf("error getting client: %w", err) + } + conn := client.(*AWSClient).ecrconn + + var errors error + err = conn.DescribeRepositoriesPages(&ecr.DescribeRepositoriesInput{}, func(page *ecr.DescribeRepositoriesOutput, isLast bool) bool { + if page == nil { + return !isLast + } + + for _, repository := range page.Repositories { + repositoryName := aws.StringValue(repository.RepositoryName) + log.Printf("[INFO] Deleting ECR repository: %s", repositoryName) + + shouldForce := true + _, err = conn.DeleteRepository(&ecr.DeleteRepositoryInput{ + // We should probably sweep repositories even if there are images. + Force: &shouldForce, + RegistryId: repository.RegistryId, + RepositoryName: repository.RepositoryName, + }) + if err != nil { + if !isAWSErr(err, ecr.ErrCodeRepositoryNotFoundException, "") { + sweeperErr := fmt.Errorf("Error deleting ECR repository (%s): %w", repositoryName, err) + log.Printf("[ERROR] %s", sweeperErr) + errors = multierror.Append(errors, sweeperErr) + } + continue + } + } + + return !isLast + }) + if err != nil { + if testSweepSkipSweepError(err) { + log.Printf("[WARN] Skipping ECR repository sweep for %s: %s", region, err) + return nil + } + errors = multierror.Append(errors, fmt.Errorf("Error retreiving ECR repositories: %w", err)) + } + + return errors +} + func TestAccAWSEcrRepository_basic(t *testing.T) { rName := acctest.RandomWithPrefix("tf-acc-test") resourceName := "aws_ecr_repository.default" From 7fc1f5942794d2386b88945f3823f09e3199a6e8 Mon Sep 17 00:00:00 2001 From: Simon Davis Date: Mon, 11 May 2020 17:22:22 -0700 Subject: [PATCH 115/475] remove GoReport --- README.md | 4 ---- 1 file changed, 4 deletions(-) diff --git a/README.md b/README.md index 8f685f06e21..ae3c4c3fa90 100644 --- a/README.md +++ b/README.md @@ -6,15 +6,11 @@ [![Build Status][travis-badge]][travis] [![Forums][discuss-badge]][discuss] -[![GoReportCard][report-badge]][report] [travis-badge]: https://api.travis-ci.org/terraform-providers/terraform-provider-aws.svg?branch=master [travis]: https://travis-ci.org/github/terraform-providers/terraform-provider-aws [discuss-badge]: https://img.shields.io/badge/discuss-terraform--aws-623CE4.svg?style=flat [discuss]: https://discuss.hashicorp.com/c/terraform-providers/tf-aws/ -[report-badge]: https://goreportcard.com/badge/github.com/terraform-providers/terraform-provider-aws -[report]: https://goreportcard.com/report/github.com/terraform-providers/terraform-provider-aws - - Website: [terraform.io](https://terraform.io) - Tutorials: [learn.hashicorp.com](https://learn.hashicorp.com/terraform?track=getting-started#getting-started) From db1de8d3574c2e80e6f679dfaf8cda7448dbfdde Mon Sep 17 00:00:00 2001 From: Kevin Tham Date: Mon, 11 May 2020 18:23:46 -0700 Subject: [PATCH 116/475] Remove extraneous lines in acc test --- aws/resource_aws_security_group_rule_test.go | 6 ------ 1 file changed, 6 deletions(-) diff --git a/aws/resource_aws_security_group_rule_test.go b/aws/resource_aws_security_group_rule_test.go index 213e7c9d59a..12faae390ad 100644 --- a/aws/resource_aws_security_group_rule_test.go +++ b/aws/resource_aws_security_group_rule_test.go @@ -170,12 +170,6 @@ func TestAccAWSSecurityGroupRule_Ingress_Source_With_Account_Id(t *testing.T) { testAccCheckAWSSecurityGroupRuleExists("aws_security_group.web", &group), ), }, - // Ensure plan shows no difference after state is refreshed - { - Config: testAccAWSSecurityGroupRule_Ingress_Source_with_AccountId(rInt), - PlanOnly: true, - ExpectNonEmptyPlan: false, - }, }, }) } From e9b33d48247d3ace6917e2a38eb390cc3aa50103 Mon Sep 17 00:00:00 2001 From: Kevin Tham Date: Mon, 11 May 2020 18:44:17 -0700 Subject: [PATCH 117/475] Add nil check for s.UserId parameter --- aws/resource_aws_security_group_rule.go | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/aws/resource_aws_security_group_rule.go b/aws/resource_aws_security_group_rule.go index d727c6802b7..4529116f503 100644 --- a/aws/resource_aws_security_group_rule.go +++ b/aws/resource_aws_security_group_rule.go @@ -763,9 +763,9 @@ func setFromIPPerm(d *schema.ResourceData, sg *ec2.SecurityGroup, rule *ec2.IpPe sgIdComponents := strings.Split(existingSourceSgId.(string), "/") hasAccountIdPrefix := len(sgIdComponents) == 2 - if hasAccountIdPrefix { - // then ensure on refresh that we prefix the account id - d.Set("source_security_group_id", *s.UserId+"/"+*s.GroupId) + if hasAccountIdPrefix && s.UserId != nil { + // then ensure on refresh that we preserve the account id prefix + d.Set("source_security_group_id", fmt.Sprintf("%s/%s", aws.StringValue(s.UserId), aws.StringValue(s.GroupId))) } else { d.Set("source_security_group_id", s.GroupId) } From b7291e36c387c3126cfb168fee43b7c4818cfefb Mon Sep 17 00:00:00 2001 From: Graham Davison Date: Mon, 11 May 2020 21:41:48 -0700 Subject: [PATCH 118/475] Fixes ENI deletion by ensuring service role has the needed policy --- aws/resource_aws_subnet.go | 2 +- aws/resource_aws_workspaces_workspace.go | 4 +- aws/resource_aws_workspaces_workspace_test.go | 150 +++++++++--------- .../docs/r/workspaces_workspace.html.markdown | 3 + 4 files changed, 83 insertions(+), 76 deletions(-) diff --git a/aws/resource_aws_subnet.go b/aws/resource_aws_subnet.go index 52ee954b1ef..6d75dcc2e33 100644 --- a/aws/resource_aws_subnet.go +++ b/aws/resource_aws_subnet.go @@ -398,7 +398,7 @@ func resourceAwsSubnetDelete(d *schema.ResourceData, meta interface{}) error { } if _, err := wait.WaitForState(); err != nil { - return fmt.Errorf("Error deleting subnet: %s", err) + return fmt.Errorf("error deleting subnet (%s): %s", d.Id(), err) } return nil diff --git a/aws/resource_aws_workspaces_workspace.go b/aws/resource_aws_workspaces_workspace.go index 0be6179f204..34ab2eb4d09 100644 --- a/aws/resource_aws_workspaces_workspace.go +++ b/aws/resource_aws_workspaces_workspace.go @@ -326,10 +326,10 @@ func workspaceDelete(id string, conn *workspaces.WorkSpaces) error { workspaces.WorkspaceStateUpdating, workspaces.WorkspaceStateStopping, workspaces.WorkspaceStateStopped, + workspaces.WorkspaceStateTerminating, workspaces.WorkspaceStateError, }, Target: []string{ - workspaces.WorkspaceStateTerminating, workspaces.WorkspaceStateTerminated, }, Refresh: workspaceRefreshStateFunc(conn, id), @@ -425,7 +425,7 @@ func workspaceRefreshStateFunc(conn *workspaces.WorkSpaces, workspaceID string) return nil, workspaces.WorkspaceStateError, err } if len(resp.Workspaces) == 0 { - return resp, workspaces.WorkspaceStateTerminated, nil + return nil, workspaces.WorkspaceStateTerminated, nil } workspace := resp.Workspaces[0] return workspace, aws.StringValue(workspace.State), nil diff --git a/aws/resource_aws_workspaces_workspace_test.go b/aws/resource_aws_workspaces_workspace_test.go index a90d9236026..e4adfb38573 100644 --- a/aws/resource_aws_workspaces_workspace_test.go +++ b/aws/resource_aws_workspaces_workspace_test.go @@ -265,86 +265,34 @@ func testAccCheckAwsWorkspacesWorkspaceExists(n string) resource.TestCheckFunc { } func testAccAwsWorkspacesWorkspaceConfig_Prerequisites() string { - return fmt.Sprintf(` -data "aws_region" "current" {} - -data "aws_availability_zones" "available" { - state = "available" -} - -locals { - region_workspaces_az_ids = { - "us-east-1" = formatlist("use1-az%%d", [2, 4, 6]) - } - - workspaces_az_ids = lookup(local.region_workspaces_az_ids, data.aws_region.current.name, data.aws_availability_zones.available.zone_ids) -} - -data "aws_vpc" "default" { - default = true -} - -data "aws_subnet" "default" { - count = length(local.workspaces_az_ids) - availability_zone_id = "${local.workspaces_az_ids[count.index]}" - default_for_az = true -} - -resource "aws_directory_service_directory" "test" { - size = "Small" - name = "tf-acctest.neverland.com" - password = "#S1ncerely" - - vpc_settings { - vpc_id = "${data.aws_vpc.default.id}" - subnet_ids = ["${data.aws_subnet.default.*.id[0]}", "${data.aws_subnet.default.*.id[1]}"] - } -} - -data "aws_iam_policy_document" "workspaces" { - statement { - actions = ["sts:AssumeRole"] - - principals { - type = "Service" - identifiers = ["workspaces.amazonaws.com"] - } - } -} - -resource "aws_iam_role" "workspaces-default" { - name = "workspaces_DefaultRole" - assume_role_policy = data.aws_iam_policy_document.workspaces.json -} - -resource "aws_iam_role_policy_attachment" "workspaces-default-service-access" { - role = aws_iam_role.workspaces-default.name - policy_arn = "arn:aws:iam::aws:policy/AmazonWorkSpacesServiceAccess" -} - -resource "aws_iam_role_policy_attachment" "workspaces-default-self-service-access" { - role = aws_iam_role.workspaces-default.name - policy_arn = "arn:aws:iam::aws:policy/AmazonWorkSpacesSelfServiceAccess" -} - + return composeConfig( + testAccAwsWorkspacesDirectoryConfig_Prerequisites(""), + fmt.Sprintf(` data "aws_workspaces_bundle" "test" { bundle_id = "wsb-bh8rsxt14" # Value with Windows 10 (English) } resource "aws_workspaces_directory" "test" { - directory_id = "${aws_directory_service_directory.test.id}" + directory_id = "${aws_directory_service_directory.main.id}" } -`) +`)) } func testAccWorkspacesWorkspaceConfig() string { return testAccAwsWorkspacesWorkspaceConfig_Prerequisites() + fmt.Sprintf(` resource "aws_workspaces_workspace" "test" { - bundle_id = "${data.aws_workspaces_bundle.test.id}" + bundle_id = "${data.aws_workspaces_bundle.test.id}" directory_id = "${aws_workspaces_directory.test.id}" + # NOTE: WorkSpaces API doesn't allow creating users in the directory. # However, "Administrator"" user is always present in a bare directory. user_name = "Administrator" + + depends_on = [ + # The role "workspaces_DefaultRole" requires the policy arn:aws:iam::aws:policy/AmazonWorkSpacesServiceAccess + # to create and delete the ENI that the Workspaces service creates for the Workspace + aws_iam_role_policy_attachment.workspaces-default-service-access, + ] } `) } @@ -352,8 +300,9 @@ resource "aws_workspaces_workspace" "test" { func testAccWorkspacesWorkspaceConfig_TagsA() string { return testAccAwsWorkspacesWorkspaceConfig_Prerequisites() + fmt.Sprintf(` resource "aws_workspaces_workspace" "test" { - bundle_id = "${data.aws_workspaces_bundle.test.id}" + bundle_id = "${data.aws_workspaces_bundle.test.id}" directory_id = "${aws_workspaces_directory.test.id}" + # NOTE: WorkSpaces API doesn't allow creating users in the directory. # However, "Administrator"" user is always present in a bare directory. user_name = "Administrator" @@ -362,6 +311,12 @@ resource "aws_workspaces_workspace" "test" { TerraformProviderAwsTest = true Alpha = 1 } + + depends_on = [ + # The role "workspaces_DefaultRole" requires the policy arn:aws:iam::aws:policy/AmazonWorkSpacesServiceAccess + # to create and delete the ENI that the Workspaces service creates for the Workspace + aws_iam_role_policy_attachment.workspaces-default-service-access, + ] } `) } @@ -369,8 +324,9 @@ resource "aws_workspaces_workspace" "test" { func testAccWorkspacesWorkspaceConfig_TagsB() string { return testAccAwsWorkspacesWorkspaceConfig_Prerequisites() + fmt.Sprintf(` resource "aws_workspaces_workspace" "test" { - bundle_id = "${data.aws_workspaces_bundle.test.id}" + bundle_id = "${data.aws_workspaces_bundle.test.id}" directory_id = "${aws_workspaces_directory.test.id}" + # NOTE: WorkSpaces API doesn't allow creating users in the directory. # However, "Administrator"" user is always present in a bare directory. user_name = "Administrator" @@ -379,6 +335,12 @@ resource "aws_workspaces_workspace" "test" { TerraformProviderAwsTest = true Beta = 2 } + + depends_on = [ + # The role "workspaces_DefaultRole" requires the policy arn:aws:iam::aws:policy/AmazonWorkSpacesServiceAccess + # to create and delete the ENI that the Workspaces service creates for the Workspace + aws_iam_role_policy_attachment.workspaces-default-service-access, + ] } `) } @@ -386,8 +348,9 @@ resource "aws_workspaces_workspace" "test" { func testAccWorkspacesWorkspaceConfig_TagsC() string { return testAccAwsWorkspacesWorkspaceConfig_Prerequisites() + fmt.Sprintf(` resource "aws_workspaces_workspace" "test" { - bundle_id = "${data.aws_workspaces_bundle.test.id}" + bundle_id = "${data.aws_workspaces_bundle.test.id}" directory_id = "${aws_workspaces_directory.test.id}" + # NOTE: WorkSpaces API doesn't allow creating users in the directory. # However, "Administrator"" user is always present in a bare directory. user_name = "Administrator" @@ -395,6 +358,12 @@ resource "aws_workspaces_workspace" "test" { tags = { TerraformProviderAwsTest = true } + + depends_on = [ + # The role "workspaces_DefaultRole" requires the policy arn:aws:iam::aws:policy/AmazonWorkSpacesServiceAccess + # to create and delete the ENI that the Workspaces service creates for the Workspace + aws_iam_role_policy_attachment.workspaces-default-service-access, + ] } `) } @@ -402,8 +371,9 @@ resource "aws_workspaces_workspace" "test" { func testAccWorkspacesWorkspaceConfig_WorkspacePropertiesA() string { return testAccAwsWorkspacesWorkspaceConfig_Prerequisites() + fmt.Sprintf(` resource "aws_workspaces_workspace" "test" { - bundle_id = "${data.aws_workspaces_bundle.test.id}" + bundle_id = "${data.aws_workspaces_bundle.test.id}" directory_id = "${aws_workspaces_directory.test.id}" + # NOTE: WorkSpaces API doesn't allow creating users in the directory. # However, "Administrator"" user is always present in a bare directory. user_name = "Administrator" @@ -417,6 +387,12 @@ resource "aws_workspaces_workspace" "test" { tags = { TerraformProviderAwsTest = true } + + depends_on = [ + # The role "workspaces_DefaultRole" requires the policy arn:aws:iam::aws:policy/AmazonWorkSpacesServiceAccess + # to create and delete the ENI that the Workspaces service creates for the Workspace + aws_iam_role_policy_attachment.workspaces-default-service-access, + ] } `) } @@ -424,8 +400,9 @@ resource "aws_workspaces_workspace" "test" { func testAccWorkspacesWorkspaceConfig_WorkspacePropertiesB() string { return testAccAwsWorkspacesWorkspaceConfig_Prerequisites() + fmt.Sprintf(` resource "aws_workspaces_workspace" "test" { - bundle_id = "${data.aws_workspaces_bundle.test.id}" + bundle_id = "${data.aws_workspaces_bundle.test.id}" directory_id = "${aws_workspaces_directory.test.id}" + # NOTE: WorkSpaces API doesn't allow creating users in the directory. # However, "Administrator"" user is always present in a bare directory. user_name = "Administrator" @@ -438,6 +415,12 @@ resource "aws_workspaces_workspace" "test" { tags = { TerraformProviderAwsTest = true } + + depends_on = [ + # The role "workspaces_DefaultRole" requires the policy arn:aws:iam::aws:policy/AmazonWorkSpacesServiceAccess + # to create and delete the ENI that the Workspaces service creates for the Workspace + aws_iam_role_policy_attachment.workspaces-default-service-access, + ] } `) } @@ -445,14 +428,21 @@ resource "aws_workspaces_workspace" "test" { func testAccWorkspacesWorkspaceConfig_WorkspacePropertiesC() string { return testAccAwsWorkspacesWorkspaceConfig_Prerequisites() + fmt.Sprintf(` resource "aws_workspaces_workspace" "test" { - bundle_id = "${data.aws_workspaces_bundle.test.id}" + bundle_id = "${data.aws_workspaces_bundle.test.id}" directory_id = "${aws_workspaces_directory.test.id}" + # NOTE: WorkSpaces API doesn't allow creating users in the directory. # However, "Administrator"" user is always present in a bare directory. user_name = "Administrator" workspace_properties { } + + depends_on = [ + # The role "workspaces_DefaultRole" requires the policy arn:aws:iam::aws:policy/AmazonWorkSpacesServiceAccess + # to create and delete the ENI that the Workspaces service creates for the Workspace + aws_iam_role_policy_attachment.workspaces-default-service-access, + ] } `) } @@ -460,8 +450,9 @@ resource "aws_workspaces_workspace" "test" { func testAccWorkspacesWorkspaceConfig_validateRootVolumeSize() string { return testAccAwsWorkspacesWorkspaceConfig_Prerequisites() + fmt.Sprintf(` resource "aws_workspaces_workspace" "test" { - bundle_id = "${data.aws_workspaces_bundle.test.id}" + bundle_id = "${data.aws_workspaces_bundle.test.id}" directory_id = "${aws_workspaces_directory.test.id}" + # NOTE: WorkSpaces API doesn't allow creating users in the directory. # However, "Administrator"" user is always present in a bare directory. user_name = "Administrator" @@ -474,6 +465,12 @@ resource "aws_workspaces_workspace" "test" { tags = { TerraformProviderAwsTest = true } + + depends_on = [ + # The role "workspaces_DefaultRole" requires the policy arn:aws:iam::aws:policy/AmazonWorkSpacesServiceAccess + # to create and delete the ENI that the Workspaces service creates for the Workspace + aws_iam_role_policy_attachment.workspaces-default-service-access, + ] } `) } @@ -481,8 +478,9 @@ resource "aws_workspaces_workspace" "test" { func testAccWorkspacesWorkspaceConfig_validateUserVolumeSize() string { return testAccAwsWorkspacesWorkspaceConfig_Prerequisites() + fmt.Sprintf(` resource "aws_workspaces_workspace" "test" { - bundle_id = "${data.aws_workspaces_bundle.test.id}" + bundle_id = "${data.aws_workspaces_bundle.test.id}" directory_id = "${aws_workspaces_directory.test.id}" + # NOTE: WorkSpaces API doesn't allow creating users in the directory. # However, "Administrator"" user is always present in a bare directory. user_name = "Administrator" @@ -495,6 +493,12 @@ resource "aws_workspaces_workspace" "test" { tags = { TerraformProviderAwsTest = true } + + depends_on = [ + # The role "workspaces_DefaultRole" requires the policy arn:aws:iam::aws:policy/AmazonWorkSpacesServiceAccess + # to create and delete the ENI that the Workspaces service creates for the Workspace + aws_iam_role_policy_attachment.workspaces-default-service-access, + ] } `) } diff --git a/website/docs/r/workspaces_workspace.html.markdown b/website/docs/r/workspaces_workspace.html.markdown index c1563a7db95..4cbf42b6e2e 100644 --- a/website/docs/r/workspaces_workspace.html.markdown +++ b/website/docs/r/workspaces_workspace.html.markdown @@ -10,6 +10,9 @@ description: |- Provides a workspace in [AWS Workspaces](https://docs.aws.amazon.com/workspaces/latest/adminguide/amazon-workspaces.html) Service +~> **NOTE:** During deletion of an `aws_workspaces_workspace` resource, the service role `workspaces_DefaultRole` must be attached to the +policy `arn:aws:iam::aws:policy/AmazonWorkSpacesServiceAccess`, or it will leak the ENI that the Workspaces service creates for the Workspace. + ## Example Usage ```hcl From 4a531855cbad4e4ebb4e91bfd09adf5b338e73be Mon Sep 17 00:00:00 2001 From: Graham Davison Date: Mon, 11 May 2020 22:00:20 -0700 Subject: [PATCH 119/475] Update CHANGELOG for #11608 --- CHANGELOG.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index a9a8e4d25f1..4ee9d4c9626 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,9 @@ ## 2.62.0 (Unreleased) +FEATURES: + +* **New Resource:** `aws_workspaces_workspace` [GH-11608] + ENHANCEMENTS: * resource/aws_appsync_resolver: Add `cache_config` configuration block [GH-12747] From 798593ccfbf83219fdc9bad54abac6b620c0c69d Mon Sep 17 00:00:00 2001 From: Brian Flad Date: Tue, 12 May 2020 10:31:56 -0400 Subject: [PATCH 120/475] resource/aws_iot_topic_rule: Finish dynamodbv2 implementation Output from acceptance testing: ``` --- PASS: TestAccAWSIoTTopicRule_dynamoDbv2 (15.11s) ``` --- aws/resource_aws_iot_topic_rule.go | 53 ++++++++++++++++++--- aws/resource_aws_iot_topic_rule_test.go | 11 ++--- aws/structure.go | 2 +- website/docs/r/iot_topic_rule.html.markdown | 3 +- 4 files changed, 55 insertions(+), 14 deletions(-) diff --git a/aws/resource_aws_iot_topic_rule.go b/aws/resource_aws_iot_topic_rule.go index 38e5fe3ca68..ac9b7a399fc 100644 --- a/aws/resource_aws_iot_topic_rule.go +++ b/aws/resource_aws_iot_topic_rule.go @@ -1,6 +1,7 @@ package aws import ( + "fmt" "log" "github.com/aws/aws-sdk-go/aws" @@ -152,15 +153,24 @@ func resourceAwsIotTopicRule() *schema.Resource { Optional: true, Elem: &schema.Resource{ Schema: map[string]*schema.Schema{ + "put_item": { + Type: schema.TypeList, + Optional: true, + MaxItems: 1, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "table_name": { + Type: schema.TypeString, + Required: true, + }, + }, + }, + }, "role_arn": { Type: schema.TypeString, Required: true, ValidateFunc: validateArn, }, - "table_name": { - Type: schema.TypeString, - Required: true, - }, }, }, }, @@ -429,7 +439,7 @@ func createTopicRulePayload(d *schema.ResourceData) *iot.TopicRulePayload { raw := a.(map[string]interface{}) act := &iot.Action{ DynamoDBv2: &iot.DynamoDBv2Action{ - PutItem: &iot.PutItemInput{TableName: aws.String(raw["table_name"].(string))}, + PutItem: expandIotPutItemInput(raw["put_item"].([]interface{})), RoleArn: aws.String(raw["role_arn"].(string)), }, } @@ -606,7 +616,9 @@ func resourceAwsIotTopicRuleRead(d *schema.ResourceData, meta interface{}) error d.Set("cloudwatch_alarm", flattenIoTRuleCloudWatchAlarmActions(out.Rule.Actions)) d.Set("cloudwatch_metric", flattenIoTRuleCloudWatchMetricActions(out.Rule.Actions)) d.Set("dynamodb", flattenIoTRuleDynamoDbActions(out.Rule.Actions)) - d.Set("dynamodbv2", flattenIoTRuleDynamoDbv2Actions(out.Rule.Actions)) + if err := d.Set("dynamodbv2", flattenIoTRuleDynamoDbv2Actions(out.Rule.Actions)); err != nil { + return fmt.Errorf("error setting dynamodbv2: %w", err) + } d.Set("elasticsearch", flattenIoTRuleElasticSearchActions(out.Rule.Actions)) d.Set("firehose", flattenIoTRuleFirehoseActions(out.Rule.Actions)) d.Set("kinesis", flattenIoTRuleKinesisActions(out.Rule.Actions)) @@ -647,3 +659,32 @@ func resourceAwsIotTopicRuleDelete(d *schema.ResourceData, meta interface{}) err return err } + +func expandIotPutItemInput(tfList []interface{}) *iot.PutItemInput { + if len(tfList) == 0 || tfList[0] == nil { + return nil + } + + apiObject := &iot.PutItemInput{} + tfMap := tfList[0].(map[string]interface{}) + + if v, ok := tfMap["table_name"].(string); ok && v != "" { + apiObject.TableName = aws.String(v) + } + + return apiObject +} + +func flattenIotPutItemInput(apiObject *iot.PutItemInput) []interface{} { + if apiObject == nil { + return nil + } + + tfMap := make(map[string]interface{}) + + if v := apiObject.TableName; v != nil { + tfMap["table_name"] = aws.StringValue(v) + } + + return []interface{}{tfMap} +} diff --git a/aws/resource_aws_iot_topic_rule_test.go b/aws/resource_aws_iot_topic_rule_test.go index 3ccaaff1df4..7a953d3661a 100644 --- a/aws/resource_aws_iot_topic_rule_test.go +++ b/aws/resource_aws_iot_topic_rule_test.go @@ -544,10 +544,6 @@ resource "aws_iot_topic_rule" "rule" { func testAccAWSIoTTopicRule_dynamoDbv2(rName string) string { return fmt.Sprintf(testAccAWSIoTTopicRuleRole+` -data "aws_region" "current" { - current = true -} - resource "aws_iot_topic_rule" "rule" { name = "test_rule_%[1]s" description = "Example rule" @@ -556,8 +552,11 @@ resource "aws_iot_topic_rule" "rule" { sql_version = "2015-10-08" dynamodbv2 { - table_name = "${aws_iam_role.iot_role.arn}" - role_arn = "${aws_dynamodb_table.iot_table.arn}" + put_item { + table_name = "test" + } + + role_arn = aws_iam_role.iot_role.arn } } `, rName) diff --git a/aws/structure.go b/aws/structure.go index 25f48ea38b1..9320a5423f8 100644 --- a/aws/structure.go +++ b/aws/structure.go @@ -2861,7 +2861,7 @@ func flattenIoTRuleDynamoDbv2Actions(actions []*iot.Action) []map[string]interfa v := a.DynamoDBv2 if v != nil { result["role_arn"] = *v.RoleArn - result["table_name"] = *v.PutItem + result["put_item"] = flattenIotPutItemInput(v.PutItem) results = append(results, result) } } diff --git a/website/docs/r/iot_topic_rule.html.markdown b/website/docs/r/iot_topic_rule.html.markdown index b0b961f54ed..dd10a526afb 100644 --- a/website/docs/r/iot_topic_rule.html.markdown +++ b/website/docs/r/iot_topic_rule.html.markdown @@ -107,8 +107,9 @@ The `dynamodb` object takes the following arguments: The `dynamodbv2` object takes the following arguments: +* `put_item` - (Required) Configuration block with DynamoDB Table to which the message will be written. Nested arguments below. + * `table_name` - (Required) The name of the DynamoDB table. * `role_arn` - (Required) The ARN of the IAM role that grants access to the DynamoDB table. -* `table_name` - (Required) The name of the DynamoDB table. The `elasticsearch` object takes the following arguments: From 5b301ff3ca0b99f3436308de3dae94e8607d3a8b Mon Sep 17 00:00:00 2001 From: Brian Flad Date: Tue, 12 May 2020 13:04:32 -0400 Subject: [PATCH 121/475] resource/aws_iot_topic_rule: Refactor for type safety, error checking, and preparation for top level action/error_action configuration blocks Reference: https://github.com/terraform-providers/terraform-provider-aws/issues/7147 Output from acceptance testing: ``` --- PASS: TestAccAWSIoTTopicRule_iot_events (16.31s) --- PASS: TestAccAWSIoTTopicRule_dynamoDbv2 (16.52s) --- PASS: TestAccAWSIoTTopicRule_iot_analytics (16.66s) --- PASS: TestAccAWSIoTTopicRule_basic (17.43s) --- PASS: TestAccAWSIoTTopicRule_lambda (17.95s) --- PASS: TestAccAWSIoTTopicRule_cloudwatchmetric (17.98s) --- PASS: TestAccAWSIoTTopicRule_republish (18.01s) --- PASS: TestAccAWSIoTTopicRule_firehose (18.06s) --- PASS: TestAccAWSIoTTopicRule_sns (18.21s) --- PASS: TestAccAWSIoTTopicRule_kinesis (18.45s) --- PASS: TestAccAWSIoTTopicRule_s3 (18.54s) --- PASS: TestAccAWSIoTTopicRule_sqs (18.72s) --- PASS: TestAccAWSIoTTopicRule_cloudwatchalarm (18.77s) --- PASS: TestAccAWSIoTTopicRule_elasticsearch (21.96s) --- PASS: TestAccAWSIoTTopicRule_firehose_separator (28.42s) --- PASS: TestAccAWSIoTTopicRule_dynamodb (28.75s) ``` --- aws/resource_aws_iot_topic_rule.go | 1610 ++++++++++++++++++----- aws/resource_aws_iot_topic_rule_test.go | 61 +- aws/structure.go | 281 ---- 3 files changed, 1303 insertions(+), 649 deletions(-) diff --git a/aws/resource_aws_iot_topic_rule.go b/aws/resource_aws_iot_topic_rule.go index 9425cddcc03..1ccee80e929 100644 --- a/aws/resource_aws_iot_topic_rule.go +++ b/aws/resource_aws_iot_topic_rule.go @@ -2,7 +2,6 @@ package aws import ( "fmt" - "log" "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/service/iot" @@ -21,27 +20,9 @@ func resourceAwsIotTopicRule() *schema.Resource { }, Schema: map[string]*schema.Schema{ - "name": { - Type: schema.TypeString, - Required: true, - ForceNew: true, - ValidateFunc: validateIoTTopicRuleName, - }, - "description": { - Type: schema.TypeString, - Optional: true, - }, - "enabled": { - Type: schema.TypeBool, - Required: true, - }, - "sql": { - Type: schema.TypeString, - Required: true, - }, - "sql_version": { + "arn": { Type: schema.TypeString, - Required: true, + Computed: true, }, "cloudwatch_alarm": { Type: schema.TypeSet, @@ -103,6 +84,10 @@ func resourceAwsIotTopicRule() *schema.Resource { }, }, }, + "description": { + Type: schema.TypeString, + Optional: true, + }, "dynamodb": { Type: schema.TypeSet, Optional: true, @@ -204,6 +189,10 @@ func resourceAwsIotTopicRule() *schema.Resource { }, }, }, + "enabled": { + Type: schema.TypeBool, + Required: true, + }, "firehose": { Type: schema.TypeSet, Optional: true, @@ -226,6 +215,44 @@ func resourceAwsIotTopicRule() *schema.Resource { }, }, }, + "iot_analytics": { + Type: schema.TypeSet, + Optional: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "channel_name": { + Type: schema.TypeString, + Required: true, + }, + "role_arn": { + Type: schema.TypeString, + Required: true, + ValidateFunc: validateArn, + }, + }, + }, + }, + "iot_events": { + Type: schema.TypeSet, + Optional: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "input_name": { + Type: schema.TypeString, + Required: true, + }, + "message_id": { + Type: schema.TypeString, + Optional: true, + }, + "role_arn": { + Type: schema.TypeString, + Required: true, + ValidateFunc: validateArn, + }, + }, + }, + }, "kinesis": { Type: schema.TypeSet, Optional: true, @@ -260,6 +287,12 @@ func resourceAwsIotTopicRule() *schema.Resource { }, }, }, + "name": { + Type: schema.TypeString, + Required: true, + ForceNew: true, + ValidateFunc: validateIoTTopicRuleName, + }, "republish": { Type: schema.TypeSet, Optional: true, @@ -321,6 +354,14 @@ func resourceAwsIotTopicRule() *schema.Resource { }, }, }, + "sql": { + Type: schema.TypeString, + Required: true, + }, + "sql_version": { + Type: schema.TypeString, + Required: true, + }, "sqs": { Type: schema.TypeSet, Optional: true, @@ -342,362 +383,106 @@ func resourceAwsIotTopicRule() *schema.Resource { }, }, }, - "arn": { - Type: schema.TypeString, - Computed: true, - }, - "iot_analytics": { - Type: schema.TypeSet, - Optional: true, - Elem: &schema.Resource{ - Schema: map[string]*schema.Schema{ - "channel_name": { - Type: schema.TypeString, - Required: true, - }, - "role_arn": { - Type: schema.TypeString, - Required: true, - ValidateFunc: validateArn, - }, - }, - }, - }, - "iot_events": { - Type: schema.TypeSet, - Optional: true, - Elem: &schema.Resource{ - Schema: map[string]*schema.Schema{ - "input_name": { - Type: schema.TypeString, - Required: true, - }, - "message_id": { - Type: schema.TypeString, - Optional: true, - }, - "role_arn": { - Type: schema.TypeString, - Required: true, - }, - }, - }, - }, }, } } -func createTopicRulePayload(d *schema.ResourceData) *iot.TopicRulePayload { - cloudwatchAlarmActions := d.Get("cloudwatch_alarm").(*schema.Set).List() - cloudwatchMetricActions := d.Get("cloudwatch_metric").(*schema.Set).List() - dynamoDbActions := d.Get("dynamodb").(*schema.Set).List() - dynamoDbv2Actions := d.Get("dynamodbv2").(*schema.Set).List() - elasticsearchActions := d.Get("elasticsearch").(*schema.Set).List() - firehoseActions := d.Get("firehose").(*schema.Set).List() - kinesisActions := d.Get("kinesis").(*schema.Set).List() - lambdaActions := d.Get("lambda").(*schema.Set).List() - republishActions := d.Get("republish").(*schema.Set).List() - s3Actions := d.Get("s3").(*schema.Set).List() - snsActions := d.Get("sns").(*schema.Set).List() - sqsActions := d.Get("sqs").(*schema.Set).List() - iotAnalyticsActions := d.Get("iot_analytics").(*schema.Set).List() - iotEventsActions := d.Get("iot_events").(*schema.Set).List() - - numActions := len(cloudwatchAlarmActions) + len(cloudwatchMetricActions) + - len(dynamoDbActions) + len(dynamoDbv2Actions) + len(elasticsearchActions) + - len(firehoseActions) + len(kinesisActions) + len(lambdaActions) + - len(republishActions) + len(s3Actions) + len(snsActions) + len(sqsActions) + len(iotAnalyticsActions) + len(iotEventsActions) - actions := make([]*iot.Action, numActions) - - i := 0 - // Add Cloudwatch Alarm actions - for _, a := range cloudwatchAlarmActions { - raw := a.(map[string]interface{}) - actions[i] = &iot.Action{ - CloudwatchAlarm: &iot.CloudwatchAlarmAction{ - AlarmName: aws.String(raw["alarm_name"].(string)), - RoleArn: aws.String(raw["role_arn"].(string)), - StateReason: aws.String(raw["state_reason"].(string)), - StateValue: aws.String(raw["state_value"].(string)), - }, - } - i++ - } - - // Add Cloudwatch Metric actions - for _, a := range cloudwatchMetricActions { - raw := a.(map[string]interface{}) - act := &iot.Action{ - CloudwatchMetric: &iot.CloudwatchMetricAction{ - MetricName: aws.String(raw["metric_name"].(string)), - MetricNamespace: aws.String(raw["metric_namespace"].(string)), - MetricUnit: aws.String(raw["metric_unit"].(string)), - MetricValue: aws.String(raw["metric_value"].(string)), - RoleArn: aws.String(raw["role_arn"].(string)), - }, - } - if v, ok := raw["metric_timestamp"].(string); ok && v != "" { - act.CloudwatchMetric.MetricTimestamp = aws.String(v) - } - actions[i] = act - i++ - } +func resourceAwsIotTopicRuleCreate(d *schema.ResourceData, meta interface{}) error { + conn := meta.(*AWSClient).iotconn - // Add DynamoDB actions - for _, a := range dynamoDbActions { - raw := a.(map[string]interface{}) - act := &iot.Action{ - DynamoDB: &iot.DynamoDBAction{ - HashKeyField: aws.String(raw["hash_key_field"].(string)), - HashKeyValue: aws.String(raw["hash_key_value"].(string)), - RoleArn: aws.String(raw["role_arn"].(string)), - TableName: aws.String(raw["table_name"].(string)), - }, - } - if v, ok := raw["hash_key_type"].(string); ok && v != "" { - act.DynamoDB.HashKeyType = aws.String(v) - } - if v, ok := raw["range_key_type"].(string); ok && v != "" { - act.DynamoDB.RangeKeyType = aws.String(v) - } - if v, ok := raw["range_key_field"].(string); ok && v != "" { - act.DynamoDB.RangeKeyField = aws.String(v) - } - if v, ok := raw["range_key_value"].(string); ok && v != "" { - act.DynamoDB.RangeKeyValue = aws.String(v) - } - if v, ok := raw["payload_field"].(string); ok && v != "" { - act.DynamoDB.PayloadField = aws.String(v) - } - actions[i] = act - i++ - } + ruleName := d.Get("name").(string) - // Add DynamoDBv2 actions - for _, a := range dynamoDbv2Actions { - raw := a.(map[string]interface{}) - act := &iot.Action{ - DynamoDBv2: &iot.DynamoDBv2Action{ - PutItem: expandIotPutItemInput(raw["put_item"].([]interface{})), - RoleArn: aws.String(raw["role_arn"].(string)), - }, - } - actions[i] = act - i++ + input := &iot.CreateTopicRuleInput{ + RuleName: aws.String(ruleName), + TopicRulePayload: expandIotTopicRulePayload(d), } - // Add Elasticsearch actions + _, err := conn.CreateTopicRule(input) - for _, a := range elasticsearchActions { - raw := a.(map[string]interface{}) - actions[i] = &iot.Action{ - Elasticsearch: &iot.ElasticsearchAction{ - Endpoint: aws.String(raw["endpoint"].(string)), - Id: aws.String(raw["id"].(string)), - Index: aws.String(raw["index"].(string)), - RoleArn: aws.String(raw["role_arn"].(string)), - Type: aws.String(raw["type"].(string)), - }, - } - i++ + if err != nil { + return fmt.Errorf("error creating IoT Topic Rule (%s): %w", ruleName, err) } - // Add Firehose actions + d.SetId(ruleName) - for _, a := range firehoseActions { - raw := a.(map[string]interface{}) - act := &iot.Action{ - Firehose: &iot.FirehoseAction{ - DeliveryStreamName: aws.String(raw["delivery_stream_name"].(string)), - RoleArn: aws.String(raw["role_arn"].(string)), - }, - } - if v, ok := raw["separator"].(string); ok && v != "" { - act.Firehose.Separator = aws.String(raw["separator"].(string)) - } - actions[i] = act - i++ - } + return resourceAwsIotTopicRuleRead(d, meta) +} - // Add Kinesis actions +func resourceAwsIotTopicRuleRead(d *schema.ResourceData, meta interface{}) error { + conn := meta.(*AWSClient).iotconn - for _, a := range kinesisActions { - raw := a.(map[string]interface{}) - act := &iot.Action{ - Kinesis: &iot.KinesisAction{ - RoleArn: aws.String(raw["role_arn"].(string)), - StreamName: aws.String(raw["stream_name"].(string)), - }, - } - if v, ok := raw["partition_key"].(string); ok && v != "" { - act.Kinesis.PartitionKey = aws.String(v) - } - actions[i] = act - i++ + input := &iot.GetTopicRuleInput{ + RuleName: aws.String(d.Id()), } - // Add Lambda actions + out, err := conn.GetTopicRule(input) - for _, a := range lambdaActions { - raw := a.(map[string]interface{}) - actions[i] = &iot.Action{ - Lambda: &iot.LambdaAction{ - FunctionArn: aws.String(raw["function_arn"].(string)), - }, - } - i++ + if err != nil { + return fmt.Errorf("error getting IoT Topic Rule (%s): %w", d.Id(), err) } - // Add Republish actions + d.Set("arn", out.RuleArn) + d.Set("name", out.Rule.RuleName) + d.Set("description", out.Rule.Description) + d.Set("enabled", !aws.BoolValue(out.Rule.RuleDisabled)) + d.Set("sql", out.Rule.Sql) + d.Set("sql_version", out.Rule.AwsIotSqlVersion) - for _, a := range republishActions { - raw := a.(map[string]interface{}) - actions[i] = &iot.Action{ - Republish: &iot.RepublishAction{ - RoleArn: aws.String(raw["role_arn"].(string)), - Topic: aws.String(raw["topic"].(string)), - }, - } - i++ + if err := d.Set("cloudwatch_alarm", flattenIotCloudWatchAlarmActions(out.Rule.Actions)); err != nil { + return fmt.Errorf("error setting cloudwatch_alarm: %w", err) } - // Add S3 actions - - for _, a := range s3Actions { - raw := a.(map[string]interface{}) - actions[i] = &iot.Action{ - S3: &iot.S3Action{ - BucketName: aws.String(raw["bucket_name"].(string)), - Key: aws.String(raw["key"].(string)), - RoleArn: aws.String(raw["role_arn"].(string)), - }, - } - i++ + if err := d.Set("cloudwatch_metric", flattenIotCloudWatchMetricActions(out.Rule.Actions)); err != nil { + return fmt.Errorf("error setting cloudwatch_metric: %w", err) } - // Add SNS actions - - for _, a := range snsActions { - raw := a.(map[string]interface{}) - actions[i] = &iot.Action{ - Sns: &iot.SnsAction{ - RoleArn: aws.String(raw["role_arn"].(string)), - TargetArn: aws.String(raw["target_arn"].(string)), - MessageFormat: aws.String(raw["message_format"].(string)), - }, - } - i++ + if err := d.Set("dynamodb", flattenIotDynamoDbActions(out.Rule.Actions)); err != nil { + return fmt.Errorf("error setting dynamodb: %w", err) } - // Add SQS actions - - for _, a := range sqsActions { - raw := a.(map[string]interface{}) - actions[i] = &iot.Action{ - Sqs: &iot.SqsAction{ - QueueUrl: aws.String(raw["queue_url"].(string)), - RoleArn: aws.String(raw["role_arn"].(string)), - UseBase64: aws.Bool(raw["use_base64"].(bool)), - }, - } - i++ + if err := d.Set("dynamodbv2", flattenIotDynamoDbv2Actions(out.Rule.Actions)); err != nil { + return fmt.Errorf("error setting dynamodbv2: %w", err) } - // Add Analytic actions - - for _, a := range iotAnalyticsActions { - raw := a.(map[string]interface{}) - actions[i] = &iot.Action{ - IotAnalytics: &iot.IotAnalyticsAction{ - ChannelName: aws.String(raw["channel_name"].(string)), - RoleArn: aws.String(raw["role_arn"].(string)), - }, - } - i++ + if err := d.Set("elasticsearch", flattenIotElasticsearchActions(out.Rule.Actions)); err != nil { + return fmt.Errorf("error setting elasticsearch: %w", err) } - // Add IoT Events actions - - for _, a := range iotEventsActions { - raw := a.(map[string]interface{}) - act := &iot.Action{ - IotEvents: &iot.IotEventsAction{ - InputName: aws.String(raw["input_name"].(string)), - RoleArn: aws.String(raw["role_arn"].(string)), - }, - } - if v, ok := raw["message_id"].(string); ok && v != "" { - act.IotEvents.MessageId = aws.String(raw["message_id"].(string)) - } - actions[i] = act - i++ + if err := d.Set("firehose", flattenIotFirehoseActions(out.Rule.Actions)); err != nil { + return fmt.Errorf("error setting firehose: %w", err) } - return &iot.TopicRulePayload{ - Description: aws.String(d.Get("description").(string)), - RuleDisabled: aws.Bool(!d.Get("enabled").(bool)), - Sql: aws.String(d.Get("sql").(string)), - AwsIotSqlVersion: aws.String(d.Get("sql_version").(string)), - Actions: actions, + if err := d.Set("iot_analytics", flattenIotIotAnalyticsActions(out.Rule.Actions)); err != nil { + return fmt.Errorf("error setting iot_analytics: %w", err) } -} - -func resourceAwsIotTopicRuleCreate(d *schema.ResourceData, meta interface{}) error { - conn := meta.(*AWSClient).iotconn - - ruleName := d.Get("name").(string) - params := &iot.CreateTopicRuleInput{ - RuleName: aws.String(ruleName), - TopicRulePayload: createTopicRulePayload(d), + if err := d.Set("iot_events", flattenIotIotEventsActions(out.Rule.Actions)); err != nil { + return fmt.Errorf("error setting iot_events: %w", err) } - log.Printf("[DEBUG] Creating IoT Topic Rule: %s", params) - _, err := conn.CreateTopicRule(params) - if err != nil { - return err + if err := d.Set("kinesis", flattenIotKinesisActions(out.Rule.Actions)); err != nil { + return fmt.Errorf("error setting kinesis: %w", err) } - d.SetId(ruleName) - - return resourceAwsIotTopicRuleRead(d, meta) -} + if err := d.Set("lambda", flattenIotLambdaActions(out.Rule.Actions)); err != nil { + return fmt.Errorf("error setting lambda: %w", err) + } -func resourceAwsIotTopicRuleRead(d *schema.ResourceData, meta interface{}) error { - conn := meta.(*AWSClient).iotconn + if err := d.Set("republish", flattenIotRepublishActions(out.Rule.Actions)); err != nil { + return fmt.Errorf("error setting republish: %w", err) + } - params := &iot.GetTopicRuleInput{ - RuleName: aws.String(d.Id()), + if err := d.Set("s3", flattenIotS3Actions(out.Rule.Actions)); err != nil { + return fmt.Errorf("error setting s3: %w", err) } - log.Printf("[DEBUG] Reading IoT Topic Rule: %s", params) - out, err := conn.GetTopicRule(params) - if err != nil { - return err + if err := d.Set("sns", flattenIotSnsActions(out.Rule.Actions)); err != nil { + return fmt.Errorf("error setting sns: %w", err) } - d.Set("arn", out.RuleArn) - d.Set("name", out.Rule.RuleName) - d.Set("description", out.Rule.Description) - d.Set("enabled", !(*out.Rule.RuleDisabled)) - d.Set("sql", out.Rule.Sql) - d.Set("sql_version", out.Rule.AwsIotSqlVersion) - d.Set("cloudwatch_alarm", flattenIoTRuleCloudWatchAlarmActions(out.Rule.Actions)) - d.Set("cloudwatch_metric", flattenIoTRuleCloudWatchMetricActions(out.Rule.Actions)) - d.Set("dynamodb", flattenIoTRuleDynamoDbActions(out.Rule.Actions)) - if err := d.Set("dynamodbv2", flattenIoTRuleDynamoDbv2Actions(out.Rule.Actions)); err != nil { - return fmt.Errorf("error setting dynamodbv2: %w", err) + if err := d.Set("sqs", flattenIotSqsActions(out.Rule.Actions)); err != nil { + return fmt.Errorf("error setting sqs: %w", err) } - d.Set("elasticsearch", flattenIoTRuleElasticSearchActions(out.Rule.Actions)) - d.Set("firehose", flattenIoTRuleFirehoseActions(out.Rule.Actions)) - d.Set("kinesis", flattenIoTRuleKinesisActions(out.Rule.Actions)) - d.Set("lambda", flattenIoTRuleLambdaActions(out.Rule.Actions)) - d.Set("republish", flattenIoTRuleRepublishActions(out.Rule.Actions)) - d.Set("s3", flattenIoTRuleS3Actions(out.Rule.Actions)) - d.Set("sns", flattenIoTRuleSnsActions(out.Rule.Actions)) - d.Set("sqs", flattenIoTRuleSqsActions(out.Rule.Actions)) - d.Set("iot_analytics", flattenIoTRuleIotAnalyticsActions(out.Rule.Actions)) - d.Set("iot_events", flattenIoTRuleIotEventsActions(out.Rule.Actions)) return nil } @@ -705,15 +490,15 @@ func resourceAwsIotTopicRuleRead(d *schema.ResourceData, meta interface{}) error func resourceAwsIotTopicRuleUpdate(d *schema.ResourceData, meta interface{}) error { conn := meta.(*AWSClient).iotconn - params := &iot.ReplaceTopicRuleInput{ + input := &iot.ReplaceTopicRuleInput{ RuleName: aws.String(d.Get("name").(string)), - TopicRulePayload: createTopicRulePayload(d), + TopicRulePayload: expandIotTopicRulePayload(d), } - log.Printf("[DEBUG] Updating IoT Topic Rule: %s", params) - _, err := conn.ReplaceTopicRule(params) + + _, err := conn.ReplaceTopicRule(input) if err != nil { - return err + return fmt.Errorf("error updating IoT Topic Rule (%s): %w", d.Id(), err) } return resourceAwsIotTopicRuleRead(d, meta) @@ -722,13 +507,17 @@ func resourceAwsIotTopicRuleUpdate(d *schema.ResourceData, meta interface{}) err func resourceAwsIotTopicRuleDelete(d *schema.ResourceData, meta interface{}) error { conn := meta.(*AWSClient).iotconn - params := &iot.DeleteTopicRuleInput{ + input := &iot.DeleteTopicRuleInput{ RuleName: aws.String(d.Id()), } - log.Printf("[DEBUG] Deleting IoT Topic Rule: %s", params) - _, err := conn.DeleteTopicRule(params) - return err + _, err := conn.DeleteTopicRule(input) + + if err != nil { + return fmt.Errorf("error deleting IoT Topic Rule (%s): %w", d.Id(), err) + } + + return nil } func expandIotPutItemInput(tfList []interface{}) *iot.PutItemInput { @@ -746,15 +535,1144 @@ func expandIotPutItemInput(tfList []interface{}) *iot.PutItemInput { return apiObject } -func flattenIotPutItemInput(apiObject *iot.PutItemInput) []interface{} { - if apiObject == nil { +func expandIotCloudwatchAlarmAction(tfList []interface{}) *iot.CloudwatchAlarmAction { + if len(tfList) == 0 || tfList[0] == nil { return nil } - tfMap := make(map[string]interface{}) + apiObject := &iot.CloudwatchAlarmAction{} + tfMap := tfList[0].(map[string]interface{}) - if v := apiObject.TableName; v != nil { - tfMap["table_name"] = aws.StringValue(v) + if v, ok := tfMap["alarm_name"].(string); ok && v != "" { + apiObject.AlarmName = aws.String(v) + } + + if v, ok := tfMap["role_arn"].(string); ok && v != "" { + apiObject.RoleArn = aws.String(v) + } + + if v, ok := tfMap["state_reason"].(string); ok && v != "" { + apiObject.StateReason = aws.String(v) + } + + if v, ok := tfMap["state_value"].(string); ok && v != "" { + apiObject.StateValue = aws.String(v) + } + + return apiObject +} + +func expandIotCloudwatchMetricAction(tfList []interface{}) *iot.CloudwatchMetricAction { + if len(tfList) == 0 || tfList[0] == nil { + return nil + } + + apiObject := &iot.CloudwatchMetricAction{} + tfMap := tfList[0].(map[string]interface{}) + + if v, ok := tfMap["metric_name"].(string); ok && v != "" { + apiObject.MetricName = aws.String(v) + } + + if v, ok := tfMap["metric_namespace"].(string); ok && v != "" { + apiObject.MetricNamespace = aws.String(v) + } + + if v, ok := tfMap["metric_timestamp"].(string); ok && v != "" { + apiObject.MetricTimestamp = aws.String(v) + } + + if v, ok := tfMap["metric_unit"].(string); ok && v != "" { + apiObject.MetricUnit = aws.String(v) + } + + if v, ok := tfMap["metric_value"].(string); ok && v != "" { + apiObject.MetricValue = aws.String(v) + } + + if v, ok := tfMap["role_arn"].(string); ok && v != "" { + apiObject.RoleArn = aws.String(v) + } + + return apiObject +} + +func expandIotDynamoDBAction(tfList []interface{}) *iot.DynamoDBAction { + if len(tfList) == 0 || tfList[0] == nil { + return nil + } + + apiObject := &iot.DynamoDBAction{} + tfMap := tfList[0].(map[string]interface{}) + + if v, ok := tfMap["hash_key_field"].(string); ok && v != "" { + apiObject.HashKeyField = aws.String(v) + } + + if v, ok := tfMap["hash_key_type"].(string); ok && v != "" { + apiObject.HashKeyType = aws.String(v) + } + + if v, ok := tfMap["hash_key_value"].(string); ok && v != "" { + apiObject.HashKeyValue = aws.String(v) + } + + if v, ok := tfMap["payload_field"].(string); ok && v != "" { + apiObject.PayloadField = aws.String(v) + } + + if v, ok := tfMap["range_key_field"].(string); ok && v != "" { + apiObject.RangeKeyField = aws.String(v) + } + + if v, ok := tfMap["range_key_type"].(string); ok && v != "" { + apiObject.RangeKeyType = aws.String(v) + } + + if v, ok := tfMap["range_key_value"].(string); ok && v != "" { + apiObject.RangeKeyValue = aws.String(v) + } + + if v, ok := tfMap["role_arn"].(string); ok && v != "" { + apiObject.RoleArn = aws.String(v) + } + + if v, ok := tfMap["table_name"].(string); ok && v != "" { + apiObject.TableName = aws.String(v) + } + + return apiObject +} + +func expandIotDynamoDBv2Action(tfList []interface{}) *iot.DynamoDBv2Action { + if len(tfList) == 0 || tfList[0] == nil { + return nil + } + + apiObject := &iot.DynamoDBv2Action{} + tfMap := tfList[0].(map[string]interface{}) + + if v, ok := tfMap["put_item"].([]interface{}); ok { + apiObject.PutItem = expandIotPutItemInput(v) + } + + if v, ok := tfMap["role_arn"].(string); ok && v != "" { + apiObject.RoleArn = aws.String(v) + } + + return apiObject +} + +func expandIotElasticsearchAction(tfList []interface{}) *iot.ElasticsearchAction { + if len(tfList) == 0 || tfList[0] == nil { + return nil + } + + apiObject := &iot.ElasticsearchAction{} + tfMap := tfList[0].(map[string]interface{}) + + if v, ok := tfMap["endpoint"].(string); ok && v != "" { + apiObject.Endpoint = aws.String(v) + } + + if v, ok := tfMap["id"].(string); ok && v != "" { + apiObject.Id = aws.String(v) + } + + if v, ok := tfMap["index"].(string); ok && v != "" { + apiObject.Index = aws.String(v) + } + + if v, ok := tfMap["role_arn"].(string); ok && v != "" { + apiObject.RoleArn = aws.String(v) + } + + if v, ok := tfMap["type"].(string); ok && v != "" { + apiObject.Type = aws.String(v) + } + + return apiObject +} + +func expandIotFirehoseAction(tfList []interface{}) *iot.FirehoseAction { + if len(tfList) == 0 || tfList[0] == nil { + return nil + } + + apiObject := &iot.FirehoseAction{} + tfMap := tfList[0].(map[string]interface{}) + + if v, ok := tfMap["delivery_stream_name"].(string); ok && v != "" { + apiObject.DeliveryStreamName = aws.String(v) + } + + if v, ok := tfMap["role_arn"].(string); ok && v != "" { + apiObject.RoleArn = aws.String(v) + } + + if v, ok := tfMap["separator"].(string); ok && v != "" { + apiObject.Separator = aws.String(v) + } + + return apiObject +} + +func expandIotIotAnalyticsAction(tfList []interface{}) *iot.IotAnalyticsAction { + if len(tfList) == 0 || tfList[0] == nil { + return nil + } + + apiObject := &iot.IotAnalyticsAction{} + tfMap := tfList[0].(map[string]interface{}) + + if v, ok := tfMap["channel_name"].(string); ok && v != "" { + apiObject.ChannelName = aws.String(v) + } + + if v, ok := tfMap["role_arn"].(string); ok && v != "" { + apiObject.RoleArn = aws.String(v) + } + + return apiObject +} + +func expandIotIotEventsAction(tfList []interface{}) *iot.IotEventsAction { + if len(tfList) == 0 || tfList[0] == nil { + return nil + } + + apiObject := &iot.IotEventsAction{} + tfMap := tfList[0].(map[string]interface{}) + + if v, ok := tfMap["input_name"].(string); ok && v != "" { + apiObject.InputName = aws.String(v) + } + + if v, ok := tfMap["message_id"].(string); ok && v != "" { + apiObject.MessageId = aws.String(v) + } + + if v, ok := tfMap["role_arn"].(string); ok && v != "" { + apiObject.RoleArn = aws.String(v) + } + + return apiObject +} + +func expandIotKinesisAction(tfList []interface{}) *iot.KinesisAction { + if len(tfList) == 0 || tfList[0] == nil { + return nil + } + + apiObject := &iot.KinesisAction{} + tfMap := tfList[0].(map[string]interface{}) + + if v, ok := tfMap["partition_key"].(string); ok && v != "" { + apiObject.PartitionKey = aws.String(v) + } + + if v, ok := tfMap["role_arn"].(string); ok && v != "" { + apiObject.RoleArn = aws.String(v) + } + + if v, ok := tfMap["stream_name"].(string); ok && v != "" { + apiObject.StreamName = aws.String(v) + } + + return apiObject +} + +func expandIotLambdaAction(tfList []interface{}) *iot.LambdaAction { + if len(tfList) == 0 || tfList[0] == nil { + return nil + } + + apiObject := &iot.LambdaAction{} + tfMap := tfList[0].(map[string]interface{}) + + if v, ok := tfMap["function_arn"].(string); ok && v != "" { + apiObject.FunctionArn = aws.String(v) + } + + return apiObject +} + +func expandIotRepublishAction(tfList []interface{}) *iot.RepublishAction { + if len(tfList) == 0 || tfList[0] == nil { + return nil + } + + apiObject := &iot.RepublishAction{} + tfMap := tfList[0].(map[string]interface{}) + + if v, ok := tfMap["role_arn"].(string); ok && v != "" { + apiObject.RoleArn = aws.String(v) + } + + if v, ok := tfMap["topic"].(string); ok && v != "" { + apiObject.Topic = aws.String(v) + } + + return apiObject +} + +func expandIotS3Action(tfList []interface{}) *iot.S3Action { + if len(tfList) == 0 || tfList[0] == nil { + return nil + } + + apiObject := &iot.S3Action{} + tfMap := tfList[0].(map[string]interface{}) + + if v, ok := tfMap["bucket_name"].(string); ok && v != "" { + apiObject.BucketName = aws.String(v) + } + + if v, ok := tfMap["key"].(string); ok && v != "" { + apiObject.Key = aws.String(v) + } + + if v, ok := tfMap["role_arn"].(string); ok && v != "" { + apiObject.RoleArn = aws.String(v) + } + + return apiObject +} + +func expandIotSnsAction(tfList []interface{}) *iot.SnsAction { + if len(tfList) == 0 || tfList[0] == nil { + return nil + } + + apiObject := &iot.SnsAction{} + tfMap := tfList[0].(map[string]interface{}) + + if v, ok := tfMap["message_format"].(string); ok && v != "" { + apiObject.MessageFormat = aws.String(v) + } + + if v, ok := tfMap["role_arn"].(string); ok && v != "" { + apiObject.RoleArn = aws.String(v) + } + + if v, ok := tfMap["target_arn"].(string); ok && v != "" { + apiObject.TargetArn = aws.String(v) + } + + return apiObject +} +func expandIotSqsAction(tfList []interface{}) *iot.SqsAction { + if len(tfList) == 0 || tfList[0] == nil { + return nil + } + + apiObject := &iot.SqsAction{} + tfMap := tfList[0].(map[string]interface{}) + + if v, ok := tfMap["queue_url"].(string); ok && v != "" { + apiObject.QueueUrl = aws.String(v) + } + + if v, ok := tfMap["role_arn"].(string); ok && v != "" { + apiObject.RoleArn = aws.String(v) + } + + if v, ok := tfMap["use_base64"].(bool); ok { + apiObject.UseBase64 = aws.Bool(v) + } + + return apiObject +} + +func expandIotTopicRulePayload(d *schema.ResourceData) *iot.TopicRulePayload { + var actions []*iot.Action + + // Legacy root attribute handling + for _, tfMapRaw := range d.Get("cloudwatch_alarm").(*schema.Set).List() { + action := expandIotCloudwatchAlarmAction([]interface{}{tfMapRaw}) + + if action == nil { + continue + } + + actions = append(actions, &iot.Action{CloudwatchAlarm: action}) + } + + // Legacy root attribute handling + for _, tfMapRaw := range d.Get("cloudwatch_metric").(*schema.Set).List() { + action := expandIotCloudwatchMetricAction([]interface{}{tfMapRaw}) + + if action == nil { + continue + } + + actions = append(actions, &iot.Action{CloudwatchMetric: action}) + } + + // Legacy root attribute handling + for _, tfMapRaw := range d.Get("dynamodb").(*schema.Set).List() { + action := expandIotDynamoDBAction([]interface{}{tfMapRaw}) + + if action == nil { + continue + } + + actions = append(actions, &iot.Action{DynamoDB: action}) + } + + // Legacy root attribute handling + for _, tfMapRaw := range d.Get("dynamodbv2").(*schema.Set).List() { + action := expandIotDynamoDBv2Action([]interface{}{tfMapRaw}) + + if action == nil { + continue + } + + actions = append(actions, &iot.Action{DynamoDBv2: action}) + } + + // Legacy root attribute handling + for _, tfMapRaw := range d.Get("elasticsearch").(*schema.Set).List() { + action := expandIotElasticsearchAction([]interface{}{tfMapRaw}) + + if action == nil { + continue + } + + actions = append(actions, &iot.Action{Elasticsearch: action}) + } + + // Legacy root attribute handling + for _, tfMapRaw := range d.Get("firehose").(*schema.Set).List() { + action := expandIotFirehoseAction([]interface{}{tfMapRaw}) + + if action == nil { + continue + } + + actions = append(actions, &iot.Action{Firehose: action}) + } + + // Legacy root attribute handling + for _, tfMapRaw := range d.Get("iot_analytics").(*schema.Set).List() { + action := expandIotIotAnalyticsAction([]interface{}{tfMapRaw}) + + if action == nil { + continue + } + + actions = append(actions, &iot.Action{IotAnalytics: action}) + } + + // Legacy root attribute handling + for _, tfMapRaw := range d.Get("iot_events").(*schema.Set).List() { + action := expandIotIotEventsAction([]interface{}{tfMapRaw}) + + if action == nil { + continue + } + + actions = append(actions, &iot.Action{IotEvents: action}) + } + + // Legacy root attribute handling + for _, tfMapRaw := range d.Get("kinesis").(*schema.Set).List() { + action := expandIotKinesisAction([]interface{}{tfMapRaw}) + + if action == nil { + continue + } + + actions = append(actions, &iot.Action{Kinesis: action}) + } + + // Legacy root attribute handling + for _, tfMapRaw := range d.Get("lambda").(*schema.Set).List() { + action := expandIotLambdaAction([]interface{}{tfMapRaw}) + + if action == nil { + continue + } + + actions = append(actions, &iot.Action{Lambda: action}) + } + + // Legacy root attribute handling + for _, tfMapRaw := range d.Get("republish").(*schema.Set).List() { + action := expandIotRepublishAction([]interface{}{tfMapRaw}) + + if action == nil { + continue + } + + actions = append(actions, &iot.Action{Republish: action}) + } + + // Legacy root attribute handling + for _, tfMapRaw := range d.Get("s3").(*schema.Set).List() { + action := expandIotS3Action([]interface{}{tfMapRaw}) + + if action == nil { + continue + } + + actions = append(actions, &iot.Action{S3: action}) + } + + // Legacy root attribute handling + for _, tfMapRaw := range d.Get("sns").(*schema.Set).List() { + action := expandIotSnsAction([]interface{}{tfMapRaw}) + + if action == nil { + continue + } + + actions = append(actions, &iot.Action{Sns: action}) + } + + // Legacy root attribute handling + for _, tfMapRaw := range d.Get("sqs").(*schema.Set).List() { + action := expandIotSqsAction([]interface{}{tfMapRaw}) + + if action == nil { + continue + } + + actions = append(actions, &iot.Action{Sqs: action}) + } + + // Prevent sending empty Actions: + // - missing required field, CreateTopicRuleInput.TopicRulePayload.Actions + if len(actions) == 0 { + actions = []*iot.Action{} + } + + return &iot.TopicRulePayload{ + Actions: actions, + AwsIotSqlVersion: aws.String(d.Get("sql_version").(string)), + Description: aws.String(d.Get("description").(string)), + RuleDisabled: aws.Bool(!d.Get("enabled").(bool)), + Sql: aws.String(d.Get("sql").(string)), + } +} + +func flattenIotCloudwatchAlarmAction(apiObject *iot.CloudwatchAlarmAction) []interface{} { + if apiObject == nil { + return nil + } + + tfMap := make(map[string]interface{}) + + if v := apiObject.AlarmName; v != nil { + tfMap["alarm_name"] = aws.StringValue(v) + } + + if v := apiObject.RoleArn; v != nil { + tfMap["role_arn"] = aws.StringValue(v) + } + + if v := apiObject.StateReason; v != nil { + tfMap["state_reason"] = aws.StringValue(v) + } + + if v := apiObject.StateValue; v != nil { + tfMap["state_value"] = aws.StringValue(v) + } + + return []interface{}{tfMap} +} + +// Legacy root attribute handling +func flattenIotCloudWatchAlarmActions(actions []*iot.Action) []interface{} { + results := make([]interface{}, 0) + + for _, action := range actions { + if action == nil { + continue + } + + if v := action.CloudwatchAlarm; v != nil { + results = append(results, flattenIotCloudwatchAlarmAction(v)...) + } + } + + return results +} + +func flattenIotCloudwatchMetricAction(apiObject *iot.CloudwatchMetricAction) []interface{} { + if apiObject == nil { + return nil + } + + tfMap := make(map[string]interface{}) + + if v := apiObject.MetricName; v != nil { + tfMap["metric_name"] = aws.StringValue(v) + } + + if v := apiObject.MetricNamespace; v != nil { + tfMap["metric_namespace"] = aws.StringValue(v) + } + + if v := apiObject.MetricTimestamp; v != nil { + tfMap["metric_timestamp"] = aws.StringValue(v) + } + + if v := apiObject.MetricUnit; v != nil { + tfMap["metric_unit"] = aws.StringValue(v) + } + + if v := apiObject.MetricValue; v != nil { + tfMap["metric_value"] = aws.StringValue(v) + } + + if v := apiObject.RoleArn; v != nil { + tfMap["role_arn"] = aws.StringValue(v) + } + + return []interface{}{tfMap} +} + +// Legacy root attribute handling +func flattenIotCloudWatchMetricActions(actions []*iot.Action) []interface{} { + results := make([]interface{}, 0) + + for _, action := range actions { + if action == nil { + continue + } + + if v := action.CloudwatchMetric; v != nil { + results = append(results, flattenIotCloudwatchMetricAction(v)...) + } + } + + return results +} + +func flattenIotCloudWatchMetricAction(apiObject *iot.CloudwatchMetricAction) []interface{} { + if apiObject == nil { + return nil + } + + tfMap := make(map[string]interface{}) + + if v := apiObject.MetricName; v != nil { + tfMap["metric_name"] = aws.StringValue(v) + } + + if v := apiObject.MetricNamespace; v != nil { + tfMap["metric_namespace"] = aws.StringValue(v) + } + + if v := apiObject.MetricTimestamp; v != nil { + tfMap["metric_timestamp"] = aws.StringValue(v) + } + + if v := apiObject.MetricUnit; v != nil { + tfMap["metric_unit"] = aws.StringValue(v) + } + + if v := apiObject.MetricValue; v != nil { + tfMap["metric_value"] = aws.StringValue(v) + } + + if v := apiObject.RoleArn; v != nil { + tfMap["role_arn"] = aws.StringValue(v) + } + + return []interface{}{tfMap} +} + +// Legacy root attribute handling +func flattenIotDynamoDbActions(actions []*iot.Action) []interface{} { + results := make([]interface{}, 0) + + for _, action := range actions { + if action == nil { + continue + } + + if v := action.DynamoDB; v != nil { + results = append(results, flattenIotDynamoDBAction(v)...) + } + } + + return results +} + +func flattenIotDynamoDBAction(apiObject *iot.DynamoDBAction) []interface{} { + if apiObject == nil { + return nil + } + + tfMap := make(map[string]interface{}) + + if v := apiObject.HashKeyField; v != nil { + tfMap["hash_key_field"] = aws.StringValue(v) + } + + if v := apiObject.HashKeyType; v != nil { + tfMap["hash_key_type"] = aws.StringValue(v) + } + + if v := apiObject.HashKeyValue; v != nil { + tfMap["hash_key_value"] = aws.StringValue(v) + } + + if v := apiObject.PayloadField; v != nil { + tfMap["payload_field"] = aws.StringValue(v) + } + + if v := apiObject.RangeKeyField; v != nil { + tfMap["range_key_field"] = aws.StringValue(v) + } + + if v := apiObject.RangeKeyType; v != nil { + tfMap["range_key_type"] = aws.StringValue(v) + } + + if v := apiObject.RangeKeyValue; v != nil { + tfMap["range_key_value"] = aws.StringValue(v) + } + + if v := apiObject.RoleArn; v != nil { + tfMap["role_arn"] = aws.StringValue(v) + } + + if v := apiObject.TableName; v != nil { + tfMap["table_name"] = aws.StringValue(v) + } + + return []interface{}{tfMap} +} + +// Legacy root attribute handling +func flattenIotDynamoDbv2Actions(actions []*iot.Action) []interface{} { + results := make([]interface{}, 0) + + for _, action := range actions { + if action == nil { + continue + } + + if v := action.DynamoDBv2; v != nil { + results = append(results, flattenIotDynamoDBv2Action(v)...) + } + } + + return results +} + +func flattenIotDynamoDBv2Action(apiObject *iot.DynamoDBv2Action) []interface{} { + if apiObject == nil { + return nil + } + + tfMap := make(map[string]interface{}) + + if v := apiObject.PutItem; v != nil { + tfMap["put_item"] = flattenIotPutItemInput(v) + } + + if v := apiObject.RoleArn; v != nil { + tfMap["role_arn"] = aws.StringValue(v) + } + + return []interface{}{tfMap} +} + +// Legacy root attribute handling +func flattenIotElasticsearchActions(actions []*iot.Action) []interface{} { + results := make([]interface{}, 0) + + for _, action := range actions { + if action == nil { + continue + } + + if v := action.Elasticsearch; v != nil { + results = append(results, flattenIotElasticsearchAction(v)...) + } + } + + return results +} + +func flattenIotElasticsearchAction(apiObject *iot.ElasticsearchAction) []interface{} { + if apiObject == nil { + return nil + } + + tfMap := make(map[string]interface{}) + + if v := apiObject.Endpoint; v != nil { + tfMap["endpoint"] = aws.StringValue(v) + } + + if v := apiObject.Id; v != nil { + tfMap["id"] = aws.StringValue(v) + } + + if v := apiObject.Index; v != nil { + tfMap["index"] = aws.StringValue(v) + } + + if v := apiObject.Type; v != nil { + tfMap["type"] = aws.StringValue(v) + } + + if v := apiObject.RoleArn; v != nil { + tfMap["role_arn"] = aws.StringValue(v) + } + + return []interface{}{tfMap} +} + +// Legacy root attribute handling +func flattenIotFirehoseActions(actions []*iot.Action) []interface{} { + results := make([]interface{}, 0) + + for _, action := range actions { + if action == nil { + continue + } + + if v := action.Firehose; v != nil { + results = append(results, flattenIotFirehoseAction(v)...) + } + } + + return results +} + +func flattenIotFirehoseAction(apiObject *iot.FirehoseAction) []interface{} { + if apiObject == nil { + return nil + } + + tfMap := make(map[string]interface{}) + + if v := apiObject.DeliveryStreamName; v != nil { + tfMap["delivery_stream_name"] = aws.StringValue(v) + } + + if v := apiObject.RoleArn; v != nil { + tfMap["role_arn"] = aws.StringValue(v) + } + + if v := apiObject.Separator; v != nil { + tfMap["separator"] = aws.StringValue(v) + } + + return []interface{}{tfMap} +} + +// Legacy root attribute handling +func flattenIotIotAnalyticsActions(actions []*iot.Action) []interface{} { + results := make([]interface{}, 0) + + for _, action := range actions { + if action == nil { + continue + } + + if v := action.IotAnalytics; v != nil { + results = append(results, flattenIotIotAnalyticsAction(v)...) + } + } + + return results +} + +func flattenIotIotAnalyticsAction(apiObject *iot.IotAnalyticsAction) []interface{} { + if apiObject == nil { + return nil + } + + tfMap := make(map[string]interface{}) + + if v := apiObject.ChannelName; v != nil { + tfMap["channel_name"] = aws.StringValue(v) + } + + if v := apiObject.RoleArn; v != nil { + tfMap["role_arn"] = aws.StringValue(v) + } + + return []interface{}{tfMap} +} + +// Legacy root attribute handling +func flattenIotIotEventsActions(actions []*iot.Action) []interface{} { + results := make([]interface{}, 0) + + for _, action := range actions { + if action == nil { + continue + } + + if v := action.IotEvents; v != nil { + results = append(results, flattenIotIotEventsAction(v)...) + } + } + + return results +} + +func flattenIotIotEventsAction(apiObject *iot.IotEventsAction) []interface{} { + if apiObject == nil { + return nil + } + + tfMap := make(map[string]interface{}) + + if v := apiObject.InputName; v != nil { + tfMap["input_name"] = aws.StringValue(v) + } + + if v := apiObject.MessageId; v != nil { + tfMap["message_id"] = aws.StringValue(v) + } + + if v := apiObject.RoleArn; v != nil { + tfMap["role_arn"] = aws.StringValue(v) + } + + return []interface{}{tfMap} +} + +// Legacy root attribute handling +func flattenIotKinesisActions(actions []*iot.Action) []interface{} { + results := make([]interface{}, 0) + + for _, action := range actions { + if action == nil { + continue + } + + if v := action.Kinesis; v != nil { + results = append(results, flattenIotKinesisAction(v)...) + } + } + + return results +} + +func flattenIotKinesisAction(apiObject *iot.KinesisAction) []interface{} { + if apiObject == nil { + return nil + } + + tfMap := make(map[string]interface{}) + + if v := apiObject.PartitionKey; v != nil { + tfMap["partition_key"] = aws.StringValue(v) + } + + if v := apiObject.RoleArn; v != nil { + tfMap["role_arn"] = aws.StringValue(v) + } + + if v := apiObject.StreamName; v != nil { + tfMap["stream_name"] = aws.StringValue(v) + } + + return []interface{}{tfMap} +} + +// Legacy root attribute handling +func flattenIotLambdaActions(actions []*iot.Action) []interface{} { + results := make([]interface{}, 0) + + for _, action := range actions { + if action == nil { + continue + } + + if v := action.Lambda; v != nil { + results = append(results, flattenIotLambdaAction(v)...) + } + } + + return results +} + +func flattenIotLambdaAction(apiObject *iot.LambdaAction) []interface{} { + if apiObject == nil { + return nil + } + + tfMap := make(map[string]interface{}) + + if v := apiObject.FunctionArn; v != nil { + tfMap["function_arn"] = aws.StringValue(v) + } + + return []interface{}{tfMap} +} + +func flattenIotPutItemInput(apiObject *iot.PutItemInput) []interface{} { + if apiObject == nil { + return nil + } + + tfMap := make(map[string]interface{}) + + if v := apiObject.TableName; v != nil { + tfMap["table_name"] = aws.StringValue(v) + } + + return []interface{}{tfMap} +} + +// Legacy root attribute handling +func flattenIotRepublishActions(actions []*iot.Action) []interface{} { + results := make([]interface{}, 0) + + for _, action := range actions { + if action == nil { + continue + } + + if v := action.Republish; v != nil { + results = append(results, flattenIotRepublishAction(v)...) + } + } + + return results +} + +func flattenIotRepublishAction(apiObject *iot.RepublishAction) []interface{} { + if apiObject == nil { + return nil + } + + tfMap := make(map[string]interface{}) + + if v := apiObject.RoleArn; v != nil { + tfMap["role_arn"] = aws.StringValue(v) + } + + if v := apiObject.Topic; v != nil { + tfMap["topic"] = aws.StringValue(v) + } + + return []interface{}{tfMap} +} + +// Legacy root attribute handling +func flattenIotS3Actions(actions []*iot.Action) []interface{} { + results := make([]interface{}, 0) + + for _, action := range actions { + if action == nil { + continue + } + + if v := action.S3; v != nil { + results = append(results, flattenIotS3Action(v)...) + } + } + + return results +} + +func flattenIotS3Action(apiObject *iot.S3Action) []interface{} { + if apiObject == nil { + return nil + } + + tfMap := make(map[string]interface{}) + + if v := apiObject.BucketName; v != nil { + tfMap["bucket_name"] = aws.StringValue(v) + } + + if v := apiObject.Key; v != nil { + tfMap["key"] = aws.StringValue(v) + } + + if v := apiObject.RoleArn; v != nil { + tfMap["role_arn"] = aws.StringValue(v) + } + + return []interface{}{tfMap} +} + +// Legacy root attribute handling +func flattenIotSnsActions(actions []*iot.Action) []interface{} { + results := make([]interface{}, 0) + + for _, action := range actions { + if action == nil { + continue + } + + if v := action.Sns; v != nil { + results = append(results, flattenIotSnsAction(v)...) + } + } + + return results +} + +func flattenIotSnsAction(apiObject *iot.SnsAction) []interface{} { + if apiObject == nil { + return nil + } + + tfMap := make(map[string]interface{}) + + if v := apiObject.MessageFormat; v != nil { + tfMap["message_format"] = aws.StringValue(v) + } + + if v := apiObject.RoleArn; v != nil { + tfMap["role_arn"] = aws.StringValue(v) + } + + if v := apiObject.TargetArn; v != nil { + tfMap["target_arn"] = aws.StringValue(v) + } + + return []interface{}{tfMap} +} + +// Legacy root attribute handling +func flattenIotSqsActions(actions []*iot.Action) []interface{} { + results := make([]interface{}, 0) + + for _, action := range actions { + if action == nil { + continue + } + + if v := action.Sqs; v != nil { + results = append(results, flattenIotSqsAction(v)...) + } + } + + return results +} + +func flattenIotSqsAction(apiObject *iot.SqsAction) []interface{} { + if apiObject == nil { + return nil + } + + tfMap := make(map[string]interface{}) + + if v := apiObject.QueueUrl; v != nil { + tfMap["queue_url"] = aws.StringValue(v) + } + + if v := apiObject.RoleArn; v != nil { + tfMap["role_arn"] = aws.StringValue(v) + } + + if v := apiObject.UseBase64; v != nil { + tfMap["use_base64"] = aws.BoolValue(v) } return []interface{}{tfMap} diff --git a/aws/resource_aws_iot_topic_rule_test.go b/aws/resource_aws_iot_topic_rule_test.go index 3ca96c9480e..702ca681554 100644 --- a/aws/resource_aws_iot_topic_rule_test.go +++ b/aws/resource_aws_iot_topic_rule_test.go @@ -79,7 +79,7 @@ func TestAccAWSIoTTopicRule_basic(t *testing.T) { { Config: testAccAWSIoTTopicRule_basic(rName), Check: resource.ComposeTestCheckFunc( - testAccCheckAWSIoTTopicRuleExists_basic("aws_iot_topic_rule.rule"), + testAccCheckAWSIoTTopicRuleExists("aws_iot_topic_rule.rule"), resource.TestCheckResourceAttr("aws_iot_topic_rule.rule", "name", fmt.Sprintf("test_rule_%s", rName)), resource.TestCheckResourceAttr("aws_iot_topic_rule.rule", "description", "Example rule"), resource.TestCheckResourceAttr("aws_iot_topic_rule.rule", "enabled", "true"), @@ -108,7 +108,7 @@ func TestAccAWSIoTTopicRule_cloudwatchalarm(t *testing.T) { { Config: testAccAWSIoTTopicRule_cloudwatchalarm(rName), Check: resource.ComposeTestCheckFunc( - testAccCheckAWSIoTTopicRuleExists_basic("aws_iot_topic_rule.rule"), + testAccCheckAWSIoTTopicRuleExists("aws_iot_topic_rule.rule"), ), }, { @@ -132,7 +132,7 @@ func TestAccAWSIoTTopicRule_cloudwatchmetric(t *testing.T) { { Config: testAccAWSIoTTopicRule_cloudwatchmetric(rName), Check: resource.ComposeTestCheckFunc( - testAccCheckAWSIoTTopicRuleExists_basic("aws_iot_topic_rule.rule"), + testAccCheckAWSIoTTopicRuleExists("aws_iot_topic_rule.rule"), ), }, { @@ -156,7 +156,7 @@ func TestAccAWSIoTTopicRule_dynamodb(t *testing.T) { { Config: testAccAWSIoTTopicRule_dynamodb(rName), Check: resource.ComposeTestCheckFunc( - testAccCheckAWSIoTTopicRuleExists_basic("aws_iot_topic_rule.rule"), + testAccCheckAWSIoTTopicRuleExists("aws_iot_topic_rule.rule"), ), }, { @@ -167,7 +167,7 @@ func TestAccAWSIoTTopicRule_dynamodb(t *testing.T) { { Config: testAccAWSIoTTopicRule_dynamodb_rangekeys(rName), Check: resource.ComposeTestCheckFunc( - testAccCheckAWSIoTTopicRuleExists_basic("aws_iot_topic_rule.rule"), + testAccCheckAWSIoTTopicRuleExists("aws_iot_topic_rule.rule"), ), }, }, @@ -185,7 +185,7 @@ func TestAccAWSIoTTopicRule_dynamoDbv2(t *testing.T) { { Config: testAccAWSIoTTopicRule_dynamoDbv2(rName), Check: resource.ComposeTestCheckFunc( - testAccCheckAWSIoTTopicRuleExists_basic("aws_iot_topic_rule.rule"), + testAccCheckAWSIoTTopicRuleExists("aws_iot_topic_rule.rule"), ), }, }, @@ -204,7 +204,7 @@ func TestAccAWSIoTTopicRule_elasticsearch(t *testing.T) { { Config: testAccAWSIoTTopicRule_elasticsearch(rName), Check: resource.ComposeTestCheckFunc( - testAccCheckAWSIoTTopicRuleExists_basic("aws_iot_topic_rule.rule"), + testAccCheckAWSIoTTopicRuleExists("aws_iot_topic_rule.rule"), ), }, { @@ -228,7 +228,7 @@ func TestAccAWSIoTTopicRule_firehose(t *testing.T) { { Config: testAccAWSIoTTopicRule_firehose(rName), Check: resource.ComposeTestCheckFunc( - testAccCheckAWSIoTTopicRuleExists_basic("aws_iot_topic_rule.rule"), + testAccCheckAWSIoTTopicRuleExists("aws_iot_topic_rule.rule"), ), }, { @@ -252,7 +252,7 @@ func TestAccAWSIoTTopicRule_firehose_separator(t *testing.T) { { Config: testAccAWSIoTTopicRule_firehose_separator(rName, "\n"), Check: resource.ComposeTestCheckFunc( - testAccCheckAWSIoTTopicRuleExists_basic("aws_iot_topic_rule.rule"), + testAccCheckAWSIoTTopicRuleExists("aws_iot_topic_rule.rule"), ), }, { @@ -263,7 +263,7 @@ func TestAccAWSIoTTopicRule_firehose_separator(t *testing.T) { { Config: testAccAWSIoTTopicRule_firehose_separator(rName, ","), Check: resource.ComposeTestCheckFunc( - testAccCheckAWSIoTTopicRuleExists_basic("aws_iot_topic_rule.rule"), + testAccCheckAWSIoTTopicRuleExists("aws_iot_topic_rule.rule"), ), }, }, @@ -282,7 +282,7 @@ func TestAccAWSIoTTopicRule_kinesis(t *testing.T) { { Config: testAccAWSIoTTopicRule_kinesis(rName), Check: resource.ComposeTestCheckFunc( - testAccCheckAWSIoTTopicRuleExists_basic("aws_iot_topic_rule.rule"), + testAccCheckAWSIoTTopicRuleExists("aws_iot_topic_rule.rule"), ), }, { @@ -306,7 +306,7 @@ func TestAccAWSIoTTopicRule_lambda(t *testing.T) { { Config: testAccAWSIoTTopicRule_lambda(rName), Check: resource.ComposeTestCheckFunc( - testAccCheckAWSIoTTopicRuleExists_basic("aws_iot_topic_rule.rule"), + testAccCheckAWSIoTTopicRuleExists("aws_iot_topic_rule.rule"), ), }, { @@ -330,7 +330,7 @@ func TestAccAWSIoTTopicRule_republish(t *testing.T) { { Config: testAccAWSIoTTopicRule_republish(rName), Check: resource.ComposeTestCheckFunc( - testAccCheckAWSIoTTopicRuleExists_basic("aws_iot_topic_rule.rule"), + testAccCheckAWSIoTTopicRuleExists("aws_iot_topic_rule.rule"), ), }, { @@ -354,7 +354,7 @@ func TestAccAWSIoTTopicRule_s3(t *testing.T) { { Config: testAccAWSIoTTopicRule_s3(rName), Check: resource.ComposeTestCheckFunc( - testAccCheckAWSIoTTopicRuleExists_basic("aws_iot_topic_rule.rule"), + testAccCheckAWSIoTTopicRuleExists("aws_iot_topic_rule.rule"), ), }, { @@ -378,7 +378,7 @@ func TestAccAWSIoTTopicRule_sns(t *testing.T) { { Config: testAccAWSIoTTopicRule_sns(rName), Check: resource.ComposeTestCheckFunc( - testAccCheckAWSIoTTopicRuleExists_basic("aws_iot_topic_rule.rule"), + testAccCheckAWSIoTTopicRuleExists("aws_iot_topic_rule.rule"), ), }, { @@ -402,7 +402,7 @@ func TestAccAWSIoTTopicRule_sqs(t *testing.T) { { Config: testAccAWSIoTTopicRule_sqs(rName), Check: resource.ComposeTestCheckFunc( - testAccCheckAWSIoTTopicRuleExists_basic("aws_iot_topic_rule.rule"), + testAccCheckAWSIoTTopicRuleExists("aws_iot_topic_rule.rule"), ), }, { @@ -425,7 +425,7 @@ func TestAccAWSIoTTopicRule_iot_analytics(t *testing.T) { { Config: testAccAWSIoTTopicRule_iot_analytics(rName), Check: resource.ComposeTestCheckFunc( - testAccCheckAWSIoTTopicRuleExists_basic("aws_iot_topic_rule.rule"), + testAccCheckAWSIoTTopicRuleExists("aws_iot_topic_rule.rule"), ), }, }, @@ -443,7 +443,7 @@ func TestAccAWSIoTTopicRule_iot_events(t *testing.T) { { Config: testAccAWSIoTTopicRule_iot_events(rName), Check: resource.ComposeTestCheckFunc( - testAccCheckAWSIoTTopicRuleExists_basic("aws_iot_topic_rule.rule"), + testAccCheckAWSIoTTopicRuleExists("aws_iot_topic_rule.rule"), ), }, }, @@ -458,7 +458,9 @@ func testAccCheckAWSIoTTopicRuleDestroy(s *terraform.State) error { continue } - out, err := conn.ListTopicRules(&iot.ListTopicRulesInput{}) + input := &iot.ListTopicRulesInput{} + + out, err := conn.ListTopicRules(input) if err != nil { return err @@ -475,14 +477,29 @@ func testAccCheckAWSIoTTopicRuleDestroy(s *terraform.State) error { return nil } -func testAccCheckAWSIoTTopicRuleExists_basic(name string) resource.TestCheckFunc { +func testAccCheckAWSIoTTopicRuleExists(name string) resource.TestCheckFunc { return func(s *terraform.State) error { - _, ok := s.RootModule().Resources[name] + rs, ok := s.RootModule().Resources[name] if !ok { return fmt.Errorf("Not found: %s", name) } - return nil + conn := testAccProvider.Meta().(*AWSClient).iotconn + input := &iot.ListTopicRulesInput{} + + output, err := conn.ListTopicRules(input) + + if err != nil { + return err + } + + for _, rule := range output.Rules { + if aws.StringValue(rule.RuleName) == rs.Primary.ID { + return nil + } + } + + return fmt.Errorf("IoT Topic Rule (%s) not found", rs.Primary.ID) } } diff --git a/aws/structure.go b/aws/structure.go index 1e2dc6abc00..6ebb5317484 100644 --- a/aws/structure.go +++ b/aws/structure.go @@ -2771,287 +2771,6 @@ func flattenCognitoUserPoolUserPoolAddOns(s *cognitoidentityprovider.UserPoolAdd return []map[string]interface{}{config} } -func flattenIoTRuleCloudWatchAlarmActions(actions []*iot.Action) []map[string]interface{} { - results := make([]map[string]interface{}, 0) - - for _, a := range actions { - result := make(map[string]interface{}) - v := a.CloudwatchAlarm - if v != nil { - result["alarm_name"] = *v.AlarmName - result["role_arn"] = *v.RoleArn - result["state_reason"] = *v.StateReason - result["state_value"] = *v.StateValue - - results = append(results, result) - } - } - - return results -} - -func flattenIoTRuleCloudWatchMetricActions(actions []*iot.Action) []map[string]interface{} { - results := make([]map[string]interface{}, 0) - - for _, a := range actions { - result := make(map[string]interface{}) - v := a.CloudwatchMetric - if v != nil { - result["metric_name"] = *v.MetricName - result["role_arn"] = *v.RoleArn - result["metric_namespace"] = *v.MetricNamespace - result["metric_unit"] = *v.MetricUnit - result["metric_value"] = *v.MetricValue - - if v.MetricTimestamp != nil { - result["metric_timestamp"] = *v.MetricTimestamp - } - - results = append(results, result) - } - } - - return results -} - -func flattenIoTRuleDynamoDbActions(actions []*iot.Action) []map[string]interface{} { - items := make([]map[string]interface{}, 0, len(actions)) - - for _, a := range actions { - m := make(map[string]interface{}) - v := a.DynamoDB - if v != nil { - m["hash_key_field"] = aws.StringValue(v.HashKeyField) - m["hash_key_value"] = aws.StringValue(v.HashKeyValue) - m["role_arn"] = aws.StringValue(v.RoleArn) - m["table_name"] = aws.StringValue(v.TableName) - - if v.HashKeyType != nil { - m["hash_key_type"] = aws.StringValue(v.HashKeyType) - } - - if v.PayloadField != nil { - m["payload_field"] = aws.StringValue(v.PayloadField) - } - - if v.RangeKeyField != nil { - m["range_key_field"] = aws.StringValue(v.RangeKeyField) - } - - if v.RangeKeyType != nil { - m["range_key_type"] = aws.StringValue(v.RangeKeyType) - } - - if v.RangeKeyValue != nil { - m["range_key_value"] = aws.StringValue(v.RangeKeyValue) - } - - items = append(items, m) - } - } - - return items -} - -func flattenIoTRuleDynamoDbv2Actions(actions []*iot.Action) []map[string]interface{} { - results := make([]map[string]interface{}, 0) - - for _, a := range actions { - result := make(map[string]interface{}) - v := a.DynamoDBv2 - if v != nil { - result["role_arn"] = *v.RoleArn - result["put_item"] = flattenIotPutItemInput(v.PutItem) - results = append(results, result) - } - } - - return results -} - -func flattenIoTRuleElasticSearchActions(actions []*iot.Action) []map[string]interface{} { - results := make([]map[string]interface{}, 0) - - for _, a := range actions { - result := make(map[string]interface{}) - v := a.Elasticsearch - if v != nil { - result["role_arn"] = *v.RoleArn - result["endpoint"] = *v.Endpoint - result["id"] = *v.Id - result["index"] = *v.Index - result["type"] = *v.Type - - results = append(results, result) - } - } - - return results -} - -func flattenIoTRuleFirehoseActions(actions []*iot.Action) []map[string]interface{} { - results := make([]map[string]interface{}, 0) - - for _, a := range actions { - result := make(map[string]interface{}) - v := a.Firehose - if v != nil { - result["role_arn"] = aws.StringValue(v.RoleArn) - result["delivery_stream_name"] = aws.StringValue(v.DeliveryStreamName) - result["separator"] = aws.StringValue(v.Separator) - - results = append(results, result) - } - } - - return results -} - -func flattenIoTRuleKinesisActions(actions []*iot.Action) []map[string]interface{} { - results := make([]map[string]interface{}, 0) - - for _, a := range actions { - result := make(map[string]interface{}) - v := a.Kinesis - if v != nil { - result["role_arn"] = *v.RoleArn - result["stream_name"] = *v.StreamName - - if v.PartitionKey != nil { - result["partition_key"] = *v.PartitionKey - } - - results = append(results, result) - } - } - - return results -} - -func flattenIoTRuleLambdaActions(actions []*iot.Action) []map[string]interface{} { - results := make([]map[string]interface{}, 0) - - for _, a := range actions { - result := make(map[string]interface{}) - v := a.Lambda - if v != nil { - result["function_arn"] = *v.FunctionArn - - results = append(results, result) - } - } - - return results -} - -func flattenIoTRuleRepublishActions(actions []*iot.Action) []map[string]interface{} { - results := make([]map[string]interface{}, 0) - - for _, a := range actions { - result := make(map[string]interface{}) - v := a.Republish - if v != nil { - result["role_arn"] = *v.RoleArn - result["topic"] = *v.Topic - - results = append(results, result) - } - } - - return results -} - -func flattenIoTRuleS3Actions(actions []*iot.Action) []map[string]interface{} { - results := make([]map[string]interface{}, 0) - - for _, a := range actions { - result := make(map[string]interface{}) - v := a.S3 - if v != nil { - result["role_arn"] = *v.RoleArn - result["bucket_name"] = *v.BucketName - result["key"] = *v.Key - - results = append(results, result) - } - } - - return results -} - -func flattenIoTRuleSnsActions(actions []*iot.Action) []map[string]interface{} { - results := make([]map[string]interface{}, 0) - - for _, a := range actions { - result := make(map[string]interface{}) - v := a.Sns - if v != nil { - result["message_format"] = *v.MessageFormat - result["role_arn"] = *v.RoleArn - result["target_arn"] = *v.TargetArn - - results = append(results, result) - } - } - - return results -} - -func flattenIoTRuleSqsActions(actions []*iot.Action) []map[string]interface{} { - results := make([]map[string]interface{}, 0) - - for _, a := range actions { - result := make(map[string]interface{}) - v := a.Sqs - if v != nil { - result["role_arn"] = aws.StringValue(v.RoleArn) - result["use_base64"] = aws.BoolValue(v.UseBase64) - result["queue_url"] = aws.StringValue(v.QueueUrl) - - results = append(results, result) - } - } - - return results -} - -func flattenIoTRuleIotAnalyticsActions(actions []*iot.Action) []map[string]interface{} { - results := make([]map[string]interface{}, 0) - - for _, a := range actions { - result := make(map[string]interface{}) - v := a.IotAnalytics - if v != nil { - result["role_arn"] = aws.StringValue(v.RoleArn) - result["channel_name"] = aws.StringValue(v.ChannelName) - - results = append(results, result) - } - } - - return results -} - -func flattenIoTRuleIotEventsActions(actions []*iot.Action) []map[string]interface{} { - results := make([]map[string]interface{}, 0) - - for _, a := range actions { - result := make(map[string]interface{}) - v := a.IotEvents - if v != nil { - result["role_arn"] = aws.StringValue(v.RoleArn) - result["input_name"] = aws.StringValue(v.InputName) - if v.MessageId != nil { - result["message_id"] = aws.StringValue(v.MessageId) - } - - results = append(results, result) - } - } - - return results -} - func flattenCognitoUserPoolPasswordPolicy(s *cognitoidentityprovider.PasswordPolicyType) []map[string]interface{} { m := map[string]interface{}{} From 06890a03f5b6d15f5a9ff5deda0cac56718c1427 Mon Sep 17 00:00:00 2001 From: Brian Flad Date: Tue, 12 May 2020 13:58:52 -0400 Subject: [PATCH 122/475] resource/aws_iot_topic_rule: Remove unused function Output from acceptance testing: ``` --- PASS: TestAccAWSIoTTopicRule_iot_analytics (15.68s) --- PASS: TestAccAWSIoTTopicRule_dynamoDbv2 (15.75s) --- PASS: TestAccAWSIoTTopicRule_iot_events (15.78s) --- PASS: TestAccAWSIoTTopicRule_lambda (16.45s) --- PASS: TestAccAWSIoTTopicRule_basic (16.57s) --- PASS: TestAccAWSIoTTopicRule_kinesis (16.92s) --- PASS: TestAccAWSIoTTopicRule_republish (16.98s) --- PASS: TestAccAWSIoTTopicRule_s3 (17.13s) --- PASS: TestAccAWSIoTTopicRule_sns (17.18s) --- PASS: TestAccAWSIoTTopicRule_cloudwatchmetric (17.20s) --- PASS: TestAccAWSIoTTopicRule_sqs (17.33s) --- PASS: TestAccAWSIoTTopicRule_cloudwatchalarm (17.44s) --- PASS: TestAccAWSIoTTopicRule_firehose (17.46s) --- PASS: TestAccAWSIoTTopicRule_elasticsearch (20.91s) --- PASS: TestAccAWSIoTTopicRule_firehose_separator (26.71s) --- PASS: TestAccAWSIoTTopicRule_dynamodb (26.79s) ``` --- aws/resource_aws_iot_topic_rule.go | 40 +++--------------------------- 1 file changed, 3 insertions(+), 37 deletions(-) diff --git a/aws/resource_aws_iot_topic_rule.go b/aws/resource_aws_iot_topic_rule.go index ee1f20be346..a2a59b05f1f 100644 --- a/aws/resource_aws_iot_topic_rule.go +++ b/aws/resource_aws_iot_topic_rule.go @@ -442,7 +442,7 @@ func resourceAwsIotTopicRuleRead(d *schema.ResourceData, meta interface{}) error return fmt.Errorf("error setting cloudwatch_alarm: %w", err) } - if err := d.Set("cloudwatch_metric", flattenIotCloudWatchMetricActions(out.Rule.Actions)); err != nil { + if err := d.Set("cloudwatch_metric", flattenIotCloudwatchMetricActions(out.Rule.Actions)); err != nil { return fmt.Errorf("error setting cloudwatch_metric: %w", err) } @@ -1113,42 +1113,8 @@ func flattenIotCloudWatchAlarmActions(actions []*iot.Action) []interface{} { return results } -func flattenIotCloudwatchMetricAction(apiObject *iot.CloudwatchMetricAction) []interface{} { - if apiObject == nil { - return nil - } - - tfMap := make(map[string]interface{}) - - if v := apiObject.MetricName; v != nil { - tfMap["metric_name"] = aws.StringValue(v) - } - - if v := apiObject.MetricNamespace; v != nil { - tfMap["metric_namespace"] = aws.StringValue(v) - } - - if v := apiObject.MetricTimestamp; v != nil { - tfMap["metric_timestamp"] = aws.StringValue(v) - } - - if v := apiObject.MetricUnit; v != nil { - tfMap["metric_unit"] = aws.StringValue(v) - } - - if v := apiObject.MetricValue; v != nil { - tfMap["metric_value"] = aws.StringValue(v) - } - - if v := apiObject.RoleArn; v != nil { - tfMap["role_arn"] = aws.StringValue(v) - } - - return []interface{}{tfMap} -} - // Legacy root attribute handling -func flattenIotCloudWatchMetricActions(actions []*iot.Action) []interface{} { +func flattenIotCloudwatchMetricActions(actions []*iot.Action) []interface{} { results := make([]interface{}, 0) for _, action := range actions { @@ -1164,7 +1130,7 @@ func flattenIotCloudWatchMetricActions(actions []*iot.Action) []interface{} { return results } -func flattenIotCloudWatchMetricAction(apiObject *iot.CloudwatchMetricAction) []interface{} { +func flattenIotCloudwatchMetricAction(apiObject *iot.CloudwatchMetricAction) []interface{} { if apiObject == nil { return nil } From f6fb08ba7e40199037e4044edb7553505a1a43d7 Mon Sep 17 00:00:00 2001 From: Brian Flad Date: Tue, 12 May 2020 14:00:35 -0400 Subject: [PATCH 123/475] Update CHANGELOG for #7469, #9859, #9890, and #12714 --- CHANGELOG.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 4ee9d4c9626..333425d8670 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -7,6 +7,10 @@ FEATURES: ENHANCEMENTS: * resource/aws_appsync_resolver: Add `cache_config` configuration block [GH-12747] +* resource/aws_iot_topic_rule: Add `dynamodbv2` configuration block [GH-7469] +* resource/aws_iot_topic_rule: Add `iot_analytics` configuration block [GH-9859] +* resource/aws_iot_topic_rule: Add `iot_events` configuration block [GH-9890] +* resource/aws_iot_topic_rule: Add `operation` argument to `dynamodb` configuration block [GH-12714] ## 2.61.0 (May 08, 2020) From 68a302dc51fcccdf7e8808938e7d7fbac89d1740 Mon Sep 17 00:00:00 2001 From: Brian Flad Date: Tue, 12 May 2020 14:17:54 -0400 Subject: [PATCH 124/475] Update CHANGELOG for #12869 --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 333425d8670..47d4274891d 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -11,6 +11,7 @@ ENHANCEMENTS: * resource/aws_iot_topic_rule: Add `iot_analytics` configuration block [GH-9859] * resource/aws_iot_topic_rule: Add `iot_events` configuration block [GH-9890] * resource/aws_iot_topic_rule: Add `operation` argument to `dynamodb` configuration block [GH-12714] +* resource/aws_iot_topic_rule: Add `qos` argument `republish` configuration block [GH-12869] ## 2.61.0 (May 08, 2020) From e5754a567e2578d86c4e098ae29ceb7da21d4b86 Mon Sep 17 00:00:00 2001 From: Adam Surak Date: Wed, 13 May 2020 13:25:13 +0200 Subject: [PATCH 125/475] docs/resource/aws_lb_listener_rule: fix "-" to "_" (#13299) Fix for `query_string` and `http_header` --- website/docs/r/lb_listener_rule.html.markdown | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/website/docs/r/lb_listener_rule.html.markdown b/website/docs/r/lb_listener_rule.html.markdown index c3939e4db73..ff9e2cf5ad9 100644 --- a/website/docs/r/lb_listener_rule.html.markdown +++ b/website/docs/r/lb_listener_rule.html.markdown @@ -249,9 +249,9 @@ Condition Blocks (for `condition`) support the following: * `host_header` - (Optional) Contains a single `values` item which is a list of host header patterns to match. The maximum size of each pattern is 128 characters. Comparison is case insensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). Only one pattern needs to match for the condition to be satisfied. * `http_header` - (Optional) HTTP headers to match. [HTTP Header block](#http-header-blocks) fields documented below. * `http_request_method` - (Optional) Contains a single `values` item which is a list of HTTP request methods or verbs to match. Maximum size is 40 characters. Only allowed characters are A-Z, hyphen (-) and underscore (\_). Comparison is case sensitive. Wildcards are not supported. Only one needs to match for the condition to be satisfied. AWS recommends that GET and HEAD requests are routed in the same way because the response to a HEAD request may be cached. -* `path_pattern` - (Optional) Contains a single `values` item which is a list of path patterns to match against the request URL. Maximum size of each pattern is 128 characters. Comparison is case sensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). Only one pattern needs to match for the condition to be satisfied. Path pattern is compared only to the path of the URL, not to its query string. To compare against the query string, use a `query-string` condition. +* `path_pattern` - (Optional) Contains a single `values` item which is a list of path patterns to match against the request URL. Maximum size of each pattern is 128 characters. Comparison is case sensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). Only one pattern needs to match for the condition to be satisfied. Path pattern is compared only to the path of the URL, not to its query string. To compare against the query string, use a `query_string` condition. * `query_string` - (Optional) Query strings to match. [Query String block](#query-string-blocks) fields documented below. -* `source_ip` - (Optional) Contains a single `values` item which is a list of source IP CIDR notations to match. You can use both IPv4 and IPv6 addresses. Wildcards are not supported. Condition is satisfied if the source IP address of the request matches one of the CIDR blocks. Condition is not satisfied by the addresses in the `X-Forwarded-For` header, use `http-header` condition instead. +* `source_ip` - (Optional) Contains a single `values` item which is a list of source IP CIDR notations to match. You can use both IPv4 and IPv6 addresses. Wildcards are not supported. Condition is satisfied if the source IP address of the request matches one of the CIDR blocks. Condition is not satisfied by the addresses in the `X-Forwarded-For` header, use `http_header` condition instead. ~> **NOTE::** Exactly one of `field`, `host_header`, `http_header`, `http_request_method`, `path_pattern`, `query_string` or `source_ip` must be set per condition. From fff1d65fa8611fc8b151fb096287bcf00359696d Mon Sep 17 00:00:00 2001 From: jamiesonio Date: Wed, 13 May 2020 07:50:51 -0400 Subject: [PATCH 126/475] docs/resource/aws_nat_gateway: Fix for misleading subnet name (#13273) --- website/docs/r/nat_gateway.html.markdown | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/website/docs/r/nat_gateway.html.markdown b/website/docs/r/nat_gateway.html.markdown index afd3c04f8bf..6c24f9055fb 100644 --- a/website/docs/r/nat_gateway.html.markdown +++ b/website/docs/r/nat_gateway.html.markdown @@ -15,7 +15,7 @@ Provides a resource to create a VPC NAT Gateway. ```hcl resource "aws_nat_gateway" "gw" { allocation_id = "${aws_eip.nat.id}" - subnet_id = "${aws_subnet.public.id}" + subnet_id = "${aws_subnet.example.id}" } ``` @@ -24,7 +24,7 @@ Usage with tags: ```hcl resource "aws_nat_gateway" "gw" { allocation_id = "${aws_eip.nat.id}" - subnet_id = "${aws_subnet.public.id}" + subnet_id = "${aws_subnet.example.id}" tags = { Name = "gw NAT" From 5e576da470b523d64a81dc125892113f957f3c22 Mon Sep 17 00:00:00 2001 From: Kit Ewbank Date: Wed, 13 May 2020 10:44:39 -0400 Subject: [PATCH 127/475] Fix Examples Check linting error (#13300) Error: Invalid resource name on main.tf line 40, in resource "aws_workspaces_workspace" "jhon.doe": 40: resource "aws_workspaces_workspace" "jhon.doe" { A name must start with a letter or underscore and may contain only letters, digits, underscores, and dashes. --- examples/workspaces/main.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/examples/workspaces/main.tf b/examples/workspaces/main.tf index f552833303a..74f05db8649 100644 --- a/examples/workspaces/main.tf +++ b/examples/workspaces/main.tf @@ -37,7 +37,7 @@ data "aws_workspaces_bundle" "value_windows" { bundle_id = "wsb-bh8rsxt14" # Value with Windows 10 (English) } -resource "aws_workspaces_workspace" "jhon.doe" { +resource "aws_workspaces_workspace" "jhon_doe" { directory_id = "${aws_workspaces_directory.main.id}" bundle_id = "${data.aws_workspaces_bundle.value_windows.id}" user_name = "jhon.doe" From 69e357b9daae3a7c2bb451db0b8ca52274a8800f Mon Sep 17 00:00:00 2001 From: Kit Ewbank Date: Wed, 13 May 2020 10:57:26 -0400 Subject: [PATCH 128/475] tests/resource/aws_sns_topic: Add sweeper (#13167) Output from sweeper in AWS Commercial: ``` 2020/05/13 10:50:29 [DEBUG] Running Sweepers for region (us-west-2): 2020/05/13 10:50:29 [DEBUG] Running Sweeper (aws_ses_email_identity) in region (us-west-2) ... 2020/05/13 10:52:04 [INFO] Deleting SNS Topic: arn:aws:sns:us-west-2:--OMITTED--:user-updates-topic20200109135219738500000001 2020/05/13 10:52:04 Sweeper Tests ran successfully: - aws_autoscaling_group - aws_config_configuration_recorder - aws_config_delivery_channel - aws_db_event_subscription - aws_ses_domain_identity - aws_ses_email_identity - aws_elasticache_cluster - aws_glacier_vault - aws_s3_bucket_object - aws_ses_configuration_set - aws_sns_platform_application - aws_elasticache_replication_group - aws_redshift_event_subscription - aws_ses_receipt_rule_set - aws_sns_topic - aws_s3_bucket - aws_iot_topic_rule - aws_s3_access_point - aws_budgets_budget - aws_dax_cluster - aws_neptune_event_subscription 2020/05/13 10:52:04 [DEBUG] Running Sweepers for region (us-east-1): 2020/05/13 10:52:04 [DEBUG] Running Sweeper (aws_redshift_event_subscription) in region (us-east-1) ... 2020/05/13 10:52:17 [INFO] Deleting SNS Topic: arn:aws:sns:us-east-1:--OMITTED--:tf-acc-test-rds-event-subs-sns-topic-9207950827952522213 2020/05/13 10:52:17 Sweeper Tests ran successfully: - aws_s3_access_point - aws_sns_platform_application - aws_dax_cluster - aws_glacier_vault - aws_config_delivery_channel - aws_s3_bucket_object - aws_ses_configuration_set - aws_ses_domain_identity - aws_iot_topic_rule - aws_autoscaling_group - aws_config_configuration_recorder - aws_s3_bucket - aws_ses_email_identity - aws_ses_receipt_rule_set - aws_sns_topic - aws_redshift_event_subscription - aws_elasticache_replication_group - aws_elasticache_cluster - aws_neptune_event_subscription - aws_budgets_budget - aws_db_event_subscription ok github.com/terraform-providers/terraform-provider-aws/aws 110.192s ``` Output from sweeper in AWS GovCloud (US): ``` 2020/05/13 10:52:32 [DEBUG] Running Sweepers for region (us-gov-west-1): 2020/05/13 10:52:32 [DEBUG] Running Sweeper (aws_neptune_event_subscription) in region (us-gov-west-1) ... 2020/05/13 10:52:46 [DEBUG] Running Sweeper (aws_sns_topic) in region (us-gov-west-1) 2020/05/13 10:52:46 [INFO] Deleting SNS Topic: arn:aws-us-gov:sns:us-gov-west-1:--OMITTED--:foo-topic-ioyhd ... 2020/05/13 10:53:15 [INFO] Deleting SNS Topic: arn:aws-us-gov:sns:us-gov-west-1:--OMITTED--:user-updates-topic-f3ogm 2020/05/13 10:53:15 Sweeper Tests ran successfully: - aws_elasticache_replication_group - aws_elasticache_cluster - aws_iot_topic_rule - aws_neptune_event_subscription - aws_autoscaling_group - aws_s3_bucket - aws_ses_email_identity - aws_budgets_budget - aws_redshift_event_subscription - aws_config_configuration_recorder - aws_db_event_subscription - aws_sns_topic - aws_s3_bucket_object - aws_ses_configuration_set - aws_config_delivery_channel - aws_ses_domain_identity - aws_ses_receipt_rule_set - aws_s3_access_point - aws_dax_cluster - aws_glacier_vault - aws_sns_platform_application ok github.com/terraform-providers/terraform-provider-aws/aws 44.400s ``` --- aws/resource_aws_sns_topic_test.go | 73 +++++++++++++++++++++++++++++- 1 file changed, 72 insertions(+), 1 deletion(-) diff --git a/aws/resource_aws_sns_topic_test.go b/aws/resource_aws_sns_topic_test.go index 229b1125335..2f196e7fedc 100644 --- a/aws/resource_aws_sns_topic_test.go +++ b/aws/resource_aws_sns_topic_test.go @@ -2,18 +2,89 @@ package aws import ( "fmt" + "log" "regexp" "testing" "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/service/sns" - multierror "github.com/hashicorp/go-multierror" + "github.com/hashicorp/go-multierror" "github.com/hashicorp/terraform-plugin-sdk/helper/acctest" "github.com/hashicorp/terraform-plugin-sdk/helper/resource" "github.com/hashicorp/terraform-plugin-sdk/terraform" awspolicy "github.com/jen20/awspolicyequivalence" ) +func init() { + resource.AddTestSweepers("aws_sns_topic", &resource.Sweeper{ + Name: "aws_sns_topic", + F: testSweepSnsTopics, + Dependencies: []string{ + "aws_autoscaling_group", + "aws_budgets_budget", + "aws_config_delivery_channel", + "aws_dax_cluster", + "aws_db_event_subscription", + "aws_elasticache_cluster", + "aws_elasticache_replication_group", + "aws_glacier_vault", + "aws_iot_topic_rule", + "aws_neptune_event_subscription", + "aws_redshift_event_subscription", + "aws_s3_bucket", + "aws_ses_configuration_set", + "aws_ses_domain_identity", + "aws_ses_email_identity", + "aws_ses_receipt_rule_set", + "aws_sns_platform_application", + }, + }) +} + +func testSweepSnsTopics(region string) error { + client, err := sharedClientForRegion(region) + if err != nil { + return fmt.Errorf("error getting client: %w", err) + } + conn := client.(*AWSClient).snsconn + var sweeperErrs *multierror.Error + + err = conn.ListTopicsPages(&sns.ListTopicsInput{}, func(page *sns.ListTopicsOutput, isLast bool) bool { + if page == nil { + return !isLast + } + + for _, topic := range page.Topics { + arn := aws.StringValue(topic.TopicArn) + + log.Printf("[INFO] Deleting SNS Topic: %s", arn) + _, err := conn.DeleteTopic(&sns.DeleteTopicInput{ + TopicArn: aws.String(arn), + }) + if isAWSErr(err, sns.ErrCodeNotFoundException, "") { + continue + } + if err != nil { + sweeperErr := fmt.Errorf("error deleting SNS Topic (%s): %w", arn, err) + log.Printf("[ERROR] %s", sweeperErr) + sweeperErrs = multierror.Append(sweeperErrs, sweeperErr) + continue + } + } + + return !isLast + }) + if testSweepSkipSweepError(err) { + log.Printf("[WARN] Skipping SNS Topics sweep for %s: %s", region, err) + return sweeperErrs.ErrorOrNil() // In case we have completed some pages, but had errors + } + if err != nil { + sweeperErrs = multierror.Append(sweeperErrs, fmt.Errorf("error retrieving SNS Topics: %w", err)) + } + + return sweeperErrs.ErrorOrNil() +} + func TestAccAWSSNSTopic_basic(t *testing.T) { attributes := make(map[string]string) resourceName := "aws_sns_topic.test" From 8cf982166361b6079446778ea9218a05c57c65c1 Mon Sep 17 00:00:00 2001 From: Kit Ewbank Date: Wed, 13 May 2020 11:15:01 -0400 Subject: [PATCH 129/475] tests/resource/aws_sqs_queue: Add sweeper (#13244) Output from sweeper in AWS Commercial: ``` 2020/05/13 11:05:38 [DEBUG] Running Sweepers for region (us-west-2): 2020/05/13 11:05:38 [DEBUG] Running Sweeper (aws_dax_cluster) in region (us-west-2) ... 2020/05/13 11:06:56 [INFO] Deleting SQS Queue: https://sqs.us-west-2.amazonaws.com/--OMITTED--/tf_acc_stream_lambda_sqs_basic_1rkj4ge6 2020/05/13 11:06:56 Sweeper Tests ran successfully: - aws_config_configuration_recorder - aws_neptune_event_subscription - aws_ses_receipt_rule_set - aws_sqs_queue - aws_dax_cluster - aws_budgets_budget - aws_ses_email_identity - aws_lambda_function - aws_autoscaling_group - aws_redshift_event_subscription - aws_sns_platform_application - aws_ses_domain_identity - aws_s3_access_point - aws_s3_bucket_object - aws_glacier_vault - aws_cloudwatch_event_rule - aws_config_delivery_channel - aws_sns_topic - aws_iot_topic_rule - aws_db_event_subscription - aws_s3_bucket - aws_elastic_beanstalk_environment - aws_cloudwatch_event_target - aws_ses_configuration_set - aws_elasticache_replication_group - aws_elasticache_cluster 2020/05/13 11:06:56 [DEBUG] Running Sweepers for region (us-east-1): 2020/05/13 11:06:56 [DEBUG] Running Sweeper (aws_elasticache_replication_group) in region (us-east-1) ... 2020/05/13 11:07:07 [INFO] Deleting SQS Queue: https://sqs.us-east-1.amazonaws.com/--OMITTED--/tf_acc_test_-3506094436347960811_wrong 2020/05/13 11:07:07 Sweeper Tests ran successfully: - aws_s3_access_point - aws_elastic_beanstalk_environment - aws_glacier_vault - aws_ses_domain_identity - aws_sqs_queue - aws_elasticache_replication_group - aws_cloudwatch_event_target - aws_ses_configuration_set - aws_budgets_budget - aws_dax_cluster - aws_redshift_event_subscription - aws_sns_topic - aws_elasticache_cluster - aws_s3_bucket_object - aws_s3_bucket - aws_iot_topic_rule - aws_cloudwatch_event_rule - aws_config_delivery_channel - aws_db_event_subscription - aws_sns_platform_application - aws_ses_email_identity - aws_neptune_event_subscription - aws_lambda_function - aws_ses_receipt_rule_set - aws_autoscaling_group - aws_config_configuration_recorder ok github.com/terraform-providers/terraform-provider-aws/aws 90.904s ``` Output from sweeper in AWS GovCloud (US): ``` 2020/05/13 11:07:18 [DEBUG] Running Sweepers for region (us-gov-west-1): 2020/05/13 11:07:18 [DEBUG] Running Sweeper (aws_autoscaling_group) in region (us-gov-west-1) ... 2020/05/13 11:10:11 [INFO] Deleting SQS Queue: https://sqs.us-gov-west-1.amazonaws.com/--OMITTED--/tf_acc_test_-984412753739955459 2020/05/13 11:10:11 Sweeper Tests ran successfully: - aws_cloudwatch_event_rule - aws_elastic_beanstalk_environment - aws_s3_access_point - aws_sns_topic - aws_config_delivery_channel - aws_sns_platform_application - aws_autoscaling_group - aws_elasticache_replication_group - aws_iot_topic_rule - aws_ses_domain_identity - aws_cloudwatch_event_target - aws_s3_bucket_object - aws_redshift_event_subscription - aws_ses_configuration_set - aws_s3_bucket - aws_glacier_vault - aws_ses_receipt_rule_set - aws_sqs_queue - aws_neptune_event_subscription - aws_ses_email_identity - aws_elasticache_cluster - aws_dax_cluster - aws_db_event_subscription - aws_budgets_budget - aws_lambda_function - aws_config_configuration_recorder ok github.com/terraform-providers/terraform-provider-aws/aws 174.395s ``` --- aws/resource_aws_sqs_queue_test.go | 58 ++++++++++++++++++++++++++++++ 1 file changed, 58 insertions(+) diff --git a/aws/resource_aws_sqs_queue_test.go b/aws/resource_aws_sqs_queue_test.go index 0e09388c28c..faf343599a0 100644 --- a/aws/resource_aws_sqs_queue_test.go +++ b/aws/resource_aws_sqs_queue_test.go @@ -2,18 +2,76 @@ package aws import ( "fmt" + "log" "regexp" "testing" "time" "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/service/sqs" + "github.com/hashicorp/go-multierror" "github.com/hashicorp/terraform-plugin-sdk/helper/acctest" "github.com/hashicorp/terraform-plugin-sdk/helper/resource" "github.com/hashicorp/terraform-plugin-sdk/terraform" awspolicy "github.com/jen20/awspolicyequivalence" ) +func init() { + resource.AddTestSweepers("aws_sqs_queue", &resource.Sweeper{ + Name: "aws_sqs_queue", + F: testSweepSqsQueues, + Dependencies: []string{ + "aws_autoscaling_group", + "aws_cloudwatch_event_rule", + "aws_elastic_beanstalk_environment", + "aws_iot_topic_rule", + "aws_lambda_function", + "aws_s3_bucket", + "aws_sns_topic", + }, + }) +} + +func testSweepSqsQueues(region string) error { + client, err := sharedClientForRegion(region) + if err != nil { + return fmt.Errorf("error getting client: %w", err) + } + conn := client.(*AWSClient).sqsconn + input := &sqs.ListQueuesInput{} + var sweeperErrs *multierror.Error + + output, err := conn.ListQueues(input) + if testSweepSkipSweepError(err) { + log.Printf("[WARN] Skipping SQS Queues sweep for %s: %s", region, err) + return sweeperErrs.ErrorOrNil() + } + if err != nil { + sweeperErrs = multierror.Append(sweeperErrs, fmt.Errorf("error retrieving SQS Queues: %w", err)) + return sweeperErrs + } + + for _, queueUrl := range output.QueueUrls { + url := aws.StringValue(queueUrl) + + log.Printf("[INFO] Deleting SQS Queue: %s", url) + _, err := conn.DeleteQueue(&sqs.DeleteQueueInput{ + QueueUrl: aws.String(url), + }) + if isAWSErr(err, sqs.ErrCodeQueueDoesNotExist, "") { + continue + } + if err != nil { + sweeperErr := fmt.Errorf("error deleting SQS Queue (%s): %w", url, err) + log.Printf("[ERROR] %s", sweeperErr) + sweeperErrs = multierror.Append(sweeperErrs, sweeperErr) + continue + } + } + + return sweeperErrs.ErrorOrNil() +} + func TestAccAWSSQSQueue_basic(t *testing.T) { var queueAttributes map[string]*string From 2afecdcb451842a0c7c23715599d35d0a1083fc4 Mon Sep 17 00:00:00 2001 From: Pascal van Buijtene Date: Wed, 13 May 2020 22:03:55 +0200 Subject: [PATCH 130/475] Add extra error checking --- aws/resource_aws_wafv2_ip_set.go | 10 +++++++--- aws/resource_aws_wafv2_ip_set_test.go | 18 ++++++++---------- 2 files changed, 15 insertions(+), 13 deletions(-) diff --git a/aws/resource_aws_wafv2_ip_set.go b/aws/resource_aws_wafv2_ip_set.go index 1daebf2fc49..83e7c53dfd8 100644 --- a/aws/resource_aws_wafv2_ip_set.go +++ b/aws/resource_aws_wafv2_ip_set.go @@ -130,11 +130,11 @@ func resourceAwsWafv2IPSetCreate(d *schema.ResourceData, meta interface{}) error resp, err := conn.CreateIPSet(params) - if err != nil { + if err != nil || resp == nil || resp.Summary == nil { return fmt.Errorf("Error creating WAFv2 IPSet: %s", err) } - d.SetId(*resp.Summary.Id) + d.SetId(aws.StringValue(resp.Summary.Id)) return resourceAwsWafv2IPSetRead(d, meta) } @@ -160,6 +160,10 @@ func resourceAwsWafv2IPSetRead(d *schema.ResourceData, meta interface{}) error { return err } + if resp == nil || resp.IPSet == nil { + return fmt.Errorf("Error reading WAFv2 IPSet") + } + d.Set("name", resp.IPSet.Name) d.Set("description", resp.IPSet.Description) d.Set("ip_address_version", resp.IPSet.IPAddressVersion) @@ -170,7 +174,7 @@ func resourceAwsWafv2IPSetRead(d *schema.ResourceData, meta interface{}) error { return fmt.Errorf("Error setting addresses: %s", err) } - tags, err := keyvaluetags.Wafv2ListTags(conn, *resp.IPSet.ARN) + tags, err := keyvaluetags.Wafv2ListTags(conn, aws.StringValue(resp.IPSet.ARN)) if err != nil { return fmt.Errorf("Error listing tags for WAFv2 IpSet (%s): %s", *resp.IPSet.ARN, err) } diff --git a/aws/resource_aws_wafv2_ip_set_test.go b/aws/resource_aws_wafv2_ip_set_test.go index 4d12fb832f3..0787f145a8d 100644 --- a/aws/resource_aws_wafv2_ip_set_test.go +++ b/aws/resource_aws_wafv2_ip_set_test.go @@ -6,7 +6,6 @@ import ( "testing" "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/aws/awserr" "github.com/aws/aws-sdk-go/service/wafv2" "github.com/hashicorp/terraform-plugin-sdk/helper/acctest" "github.com/hashicorp/terraform-plugin-sdk/helper/resource" @@ -251,16 +250,15 @@ func testAccCheckAWSWafv2IPSetDestroy(s *terraform.State) error { }) if err == nil { - if *resp.IPSet.Id == rs.Primary.ID { - return fmt.Errorf("WAFV2 IPSet %s still exists", rs.Primary.ID) + if aws.StringValue(resp.IPSet.Id) == rs.Primary.ID && resp != nil && resp.IPSet != nil { + return fmt.Errorf("WAFv2 IPSet %s still exists", rs.Primary.ID) } + return nil } // Return nil if the IPSet is already destroyed - if awsErr, ok := err.(awserr.Error); ok { - if awsErr.Code() == wafv2.ErrCodeWAFNonexistentItemException { - return nil - } + if isAWSErr(err, wafv2.ErrCodeWAFNonexistentItemException, "") { + return nil } return err @@ -277,7 +275,7 @@ func testAccCheckAWSWafv2IPSetExists(n string, v *wafv2.IPSet) resource.TestChec } if rs.Primary.ID == "" { - return fmt.Errorf("No WAFV2 IPSet ID is set") + return fmt.Errorf("No WAFv2 IPSet ID is set") } conn := testAccProvider.Meta().(*AWSClient).wafv2conn @@ -291,12 +289,12 @@ func testAccCheckAWSWafv2IPSetExists(n string, v *wafv2.IPSet) resource.TestChec return err } - if *resp.IPSet.Id == rs.Primary.ID { + if aws.StringValue(resp.IPSet.Id) == rs.Primary.ID && resp != nil && resp.IPSet != nil { *v = *resp.IPSet return nil } - return fmt.Errorf("WAFV2 IPSet (%s) not found", rs.Primary.ID) + return fmt.Errorf("WAFv2 IPSet (%s) not found", rs.Primary.ID) } } From e04396fdb98affa017618133bb3c251f319fa50b Mon Sep 17 00:00:00 2001 From: Simon Davis Date: Wed, 13 May 2020 13:16:17 -0700 Subject: [PATCH 131/475] add branch prefix section --- .../pullrequest-submission-and-lifecycle.md | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/docs/contributing/pullrequest-submission-and-lifecycle.md b/docs/contributing/pullrequest-submission-and-lifecycle.md index 1608624805b..4b380826e26 100644 --- a/docs/contributing/pullrequest-submission-and-lifecycle.md +++ b/docs/contributing/pullrequest-submission-and-lifecycle.md @@ -1,6 +1,7 @@ # Pull Request Submission and Lifecycle - [Pull Request Lifecycle](#pull-request-lifecycle) +- [Branch Prefixes](#branch-prefixes) - [Common Review Items](#common-review-items) - [Go Coding Style](#go-coding-style) - [Resource Contribution Guidelines](#resource-contribution-guidelines) @@ -44,6 +45,18 @@ expect: 1. In some cases, we might decide that a PR should be closed without merging. We'll make sure to provide clear reasoning when this happens. +## Branch Prefixes + +We try to use a common set of branch name prefixes when submitting pull requests. Prefixes give us an idea of what the branch is for. For example, `td-staticcheck-st1008` would let us know the branch was created to fix a technical debt issue, and `f-aws_emr_instance_group-refactor` would indicate a feature request for the `aws_emr_instance_group` resource that’s being refactored. These are the prefixes we currently use: + +- f = feature +- b = bug fix +- d = documentation +- td = technical debt +- v = "vendoring"/dependencies + +Conventions across non-AWS providers varies so when working with other providers please check the names of previously created branches and conform to their standard practices. + ## Common Review Items The Terraform AWS Provider follows common practices to ensure consistent and From 8ddf33975df741d10a5b86e374b04e5207a5134e Mon Sep 17 00:00:00 2001 From: Graham Davison Date: Tue, 12 May 2020 11:46:31 -0700 Subject: [PATCH 132/475] Enables AWSAT001 linter for ARN attribute checks in acceptance tests --- GNUmakefile | 1 + 1 file changed, 1 insertion(+) diff --git a/GNUmakefile b/GNUmakefile index feef8d3c111..53380af2ed3 100644 --- a/GNUmakefile +++ b/GNUmakefile @@ -67,6 +67,7 @@ lint: -AT006 \ -AT007 \ -AT008 \ + -AWSAT001 \ -AWSR001 \ -AWSR002 \ -R002 \ From ef570f02fd0b51be14d3065ea8499e955d6e0b07 Mon Sep 17 00:00:00 2001 From: Graham Davison Date: Tue, 12 May 2020 11:51:24 -0700 Subject: [PATCH 133/475] Fixes indentation --- GNUmakefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/GNUmakefile b/GNUmakefile index 53380af2ed3..a4261d40c2f 100644 --- a/GNUmakefile +++ b/GNUmakefile @@ -67,7 +67,7 @@ lint: -AT006 \ -AT007 \ -AT008 \ - -AWSAT001 \ + -AWSAT001 \ -AWSR001 \ -AWSR002 \ -R002 \ From 607ee2939964679ea98911854185b5a74e24f0f3 Mon Sep 17 00:00:00 2001 From: raobystorm Date: Thu, 14 May 2020 07:45:31 +0900 Subject: [PATCH 134/475] resource/aws_codebuild_project: Support `git_submodules_config` with `GITHUB` and `GITHUB_ENTERPRISE` source types (#13285) Output from acceptance testing: ``` --- PASS: TestAccAWSCodeBuildProject_ARMContainer (38.85s) --- PASS: TestAccAWSCodeBuildProject_Artifacts_ArtifactIdentifier (123.86s) --- PASS: TestAccAWSCodeBuildProject_Artifacts_EncryptionDisabled (73.22s) --- PASS: TestAccAWSCodeBuildProject_Artifacts_Location (66.05s) --- PASS: TestAccAWSCodeBuildProject_Artifacts_Name (53.15s) --- PASS: TestAccAWSCodeBuildProject_Artifacts_NamespaceType (104.99s) --- PASS: TestAccAWSCodeBuildProject_Artifacts_OverrideArtifactName (63.90s) --- PASS: TestAccAWSCodeBuildProject_Artifacts_Packaging (47.87s) --- PASS: TestAccAWSCodeBuildProject_Artifacts_Path (76.47s) --- PASS: TestAccAWSCodeBuildProject_Artifacts_Type (52.04s) --- PASS: TestAccAWSCodeBuildProject_BadgeEnabled (64.22s) --- PASS: TestAccAWSCodeBuildProject_basic (66.51s) --- PASS: TestAccAWSCodeBuildProject_BuildTimeout (142.70s) --- PASS: TestAccAWSCodeBuildProject_Cache (492.80s) --- PASS: TestAccAWSCodeBuildProject_Description (118.05s) --- PASS: TestAccAWSCodeBuildProject_EncryptionKey (24.36s) --- PASS: TestAccAWSCodeBuildProject_Environment_Certificate (35.56s) --- PASS: TestAccAWSCodeBuildProject_Environment_EnvironmentVariable (137.21s) --- PASS: TestAccAWSCodeBuildProject_Environment_EnvironmentVariable_Type (125.69s) --- PASS: TestAccAWSCodeBuildProject_Environment_RegistryCredential (42.96s) --- PASS: TestAccAWSCodeBuildProject_LogsConfig_CloudWatchLogs (114.15s) --- PASS: TestAccAWSCodeBuildProject_LogsConfig_S3Logs (127.95s) --- PASS: TestAccAWSCodeBuildProject_QueuedTimeout (59.77s) --- PASS: TestAccAWSCodeBuildProject_SecondaryArtifacts (59.42s) --- PASS: TestAccAWSCodeBuildProject_SecondaryArtifacts_ArtifactIdentifier (121.77s) --- PASS: TestAccAWSCodeBuildProject_SecondaryArtifacts_EncryptionDisabled (59.14s) --- PASS: TestAccAWSCodeBuildProject_SecondaryArtifacts_Location (152.24s) --- PASS: TestAccAWSCodeBuildProject_SecondaryArtifacts_NamespaceType (43.80s) --- PASS: TestAccAWSCodeBuildProject_SecondaryArtifacts_OverrideArtifactName (57.07s) --- PASS: TestAccAWSCodeBuildProject_SecondaryArtifacts_Packaging (52.05s) --- PASS: TestAccAWSCodeBuildProject_SecondaryArtifacts_Path (47.08s) --- PASS: TestAccAWSCodeBuildProject_SecondaryArtifacts_Type (28.57s) --- PASS: TestAccAWSCodeBuildProject_SecondarySources_CodeCommit (42.53s) --- PASS: TestAccAWSCodeBuildProject_SecondarySources_GitSubmodulesConfig_CodeCommit (43.31s) --- PASS: TestAccAWSCodeBuildProject_SecondarySources_GitSubmodulesConfig_GitHub (49.07s) --- PASS: TestAccAWSCodeBuildProject_SecondarySources_GitSubmodulesConfig_GitHubEnterprise (213.67s) --- PASS: TestAccAWSCodeBuildProject_Source_GitCloneDepth (51.10s) --- PASS: TestAccAWSCodeBuildProject_Source_GitSubmodulesConfig_CodeCommit (75.27s) --- PASS: TestAccAWSCodeBuildProject_Source_GitSubmodulesConfig_GitHub (132.44s) --- PASS: TestAccAWSCodeBuildProject_Source_GitSubmodulesConfig_GitHubEnterprise (38.49s) --- PASS: TestAccAWSCodeBuildProject_Source_InsecureSSL (110.79s) --- PASS: TestAccAWSCodeBuildProject_Source_ReportBuildStatus_Bitbucket (112.36s) --- PASS: TestAccAWSCodeBuildProject_Source_ReportBuildStatus_GitHub (263.79s) --- PASS: TestAccAWSCodeBuildProject_Source_ReportBuildStatus_GitHubEnterprise (89.94s) --- PASS: TestAccAWSCodeBuildProject_Source_Type_Bitbucket (63.16s) --- PASS: TestAccAWSCodeBuildProject_Source_Type_CodeCommit (75.09s) --- PASS: TestAccAWSCodeBuildProject_Source_Type_CodePipeline (134.04s) --- PASS: TestAccAWSCodeBuildProject_Source_Type_GitHubEnterprise (68.32s) --- PASS: TestAccAWSCodeBuildProject_Source_Type_NoSource (143.63s) --- PASS: TestAccAWSCodeBuildProject_Source_Type_NoSourceInvalid (12.03s) --- PASS: TestAccAWSCodeBuildProject_Source_Type_S3 (82.56s) --- PASS: TestAccAWSCodeBuildProject_SourceVersion (55.28s) --- PASS: TestAccAWSCodeBuildProject_Tags (59.02s) --- PASS: TestAccAWSCodeBuildProject_WindowsContainer (31.46s) ``` --- aws/resource_aws_codebuild_project.go | 4 +- aws/resource_aws_codebuild_project_test.go | 292 +++++++++++++++++- .../docs/r/codebuild_project.html.markdown | 4 +- 3 files changed, 288 insertions(+), 12 deletions(-) diff --git a/aws/resource_aws_codebuild_project.go b/aws/resource_aws_codebuild_project.go index 4fde4c0ee97..8de95e27432 100644 --- a/aws/resource_aws_codebuild_project.go +++ b/aws/resource_aws_codebuild_project.go @@ -1047,8 +1047,8 @@ func expandProjectSourceData(data map[string]interface{}) codebuild.ProjectSourc } } - // Only valid for CODECOMMIT source types. - if sourceType == codebuild.SourceTypeCodecommit { + // Only valid for CODECOMMIT, GITHUB, GITHUB_ENTERPRISE source types. + if sourceType == codebuild.SourceTypeCodecommit || sourceType == codebuild.SourceTypeGithub || sourceType == codebuild.SourceTypeGithubEnterprise { if v, ok := data["git_submodules_config"]; ok && len(v.([]interface{})) > 0 { config := v.([]interface{})[0].(map[string]interface{}) diff --git a/aws/resource_aws_codebuild_project_test.go b/aws/resource_aws_codebuild_project_test.go index 7ddf463f760..02399e29ad8 100644 --- a/aws/resource_aws_codebuild_project_test.go +++ b/aws/resource_aws_codebuild_project_test.go @@ -611,7 +611,7 @@ func TestAccAWSCodeBuildProject_Source_GitCloneDepth(t *testing.T) { }) } -func TestAccAWSCodeBuildProject_Source_GitSubmodulesConfig(t *testing.T) { +func TestAccAWSCodeBuildProject_Source_GitSubmodulesConfig_CodeCommit(t *testing.T) { var project codebuild.Project rName := acctest.RandomWithPrefix("tf-acc-test") resourceName := "aws_codebuild_project.test" @@ -623,7 +623,7 @@ func TestAccAWSCodeBuildProject_Source_GitSubmodulesConfig(t *testing.T) { DisableBinaryDriver: true, Steps: []resource.TestStep{ { - Config: testAccAWSCodeBuildProjectConfig_Source_GitSubmodulesConfig(rName, true), + Config: testAccAWSCodeBuildProjectConfig_Source_GitSubmodulesConfig_CodeCommit(rName, true), Check: resource.ComposeTestCheckFunc( testAccCheckAWSCodeBuildProjectExists(resourceName, &project), resource.TestCheckResourceAttr(resourceName, "source.3389748318.git_submodules_config.#", "1"), @@ -636,7 +636,7 @@ func TestAccAWSCodeBuildProject_Source_GitSubmodulesConfig(t *testing.T) { ImportStateVerify: true, }, { - Config: testAccAWSCodeBuildProjectConfig_Source_GitSubmodulesConfig(rName, false), + Config: testAccAWSCodeBuildProjectConfig_Source_GitSubmodulesConfig_CodeCommit(rName, false), Check: resource.ComposeTestCheckFunc( testAccCheckAWSCodeBuildProjectExists(resourceName, &project), resource.TestCheckResourceAttr(resourceName, "source.3338377709.git_submodules_config.#", "1"), @@ -647,7 +647,69 @@ func TestAccAWSCodeBuildProject_Source_GitSubmodulesConfig(t *testing.T) { }) } -func TestAccAWSCodeBuildProject_SecondarySources_GitSubmodulesConfig(t *testing.T) { +func TestAccAWSCodeBuildProject_Source_GitSubmodulesConfig_GitHub(t *testing.T) { + var project codebuild.Project + rName := acctest.RandomWithPrefix("tf-acc-test") + resourceName := "aws_codebuild_project.test" + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSCodeBuild(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy, + Steps: []resource.TestStep{ + { + Config: testAccAWSCodeBuildProjectConfig_Source_GitSubmodulesConfig_GitHub(rName, true), + Check: resource.ComposeTestCheckFunc( + testAccCheckAWSCodeBuildProjectExists(resourceName, &project), + ), + }, + { + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + }, + { + Config: testAccAWSCodeBuildProjectConfig_Source_GitSubmodulesConfig_GitHub(rName, false), + Check: resource.ComposeTestCheckFunc( + testAccCheckAWSCodeBuildProjectExists(resourceName, &project), + ), + }, + }, + }) +} + +func TestAccAWSCodeBuildProject_Source_GitSubmodulesConfig_GitHubEnterprise(t *testing.T) { + var project codebuild.Project + rName := acctest.RandomWithPrefix("tf-acc-test") + resourceName := "aws_codebuild_project.test" + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSCodeBuild(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy, + Steps: []resource.TestStep{ + { + Config: testAccAWSCodeBuildProjectConfig_Source_GitSubmodulesConfig_GitHubEnterprise(rName, true), + Check: resource.ComposeTestCheckFunc( + testAccCheckAWSCodeBuildProjectExists(resourceName, &project), + ), + }, + { + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + }, + { + Config: testAccAWSCodeBuildProjectConfig_Source_GitSubmodulesConfig_GitHubEnterprise(rName, false), + Check: resource.ComposeTestCheckFunc( + testAccCheckAWSCodeBuildProjectExists(resourceName, &project), + ), + }, + }, + }) +} + +func TestAccAWSCodeBuildProject_SecondarySources_GitSubmodulesConfig_CodeCommit(t *testing.T) { var project codebuild.Project rName := acctest.RandomWithPrefix("tf-acc-test") resourceName := "aws_codebuild_project.test" @@ -659,7 +721,7 @@ func TestAccAWSCodeBuildProject_SecondarySources_GitSubmodulesConfig(t *testing. DisableBinaryDriver: true, Steps: []resource.TestStep{ { - Config: testAccAWSCodeBuildProjectConfig_SecondarySources_GitSubmodulesConfig(rName, true), + Config: testAccAWSCodeBuildProjectConfig_SecondarySources_GitSubmodulesConfig_CodeCommit(rName, true), Check: resource.ComposeTestCheckFunc( testAccCheckAWSCodeBuildProjectExists(resourceName, &project), resource.TestCheckResourceAttr(resourceName, "secondary_sources.2336845252.git_submodules_config.#", "1"), @@ -674,7 +736,7 @@ func TestAccAWSCodeBuildProject_SecondarySources_GitSubmodulesConfig(t *testing. ImportStateVerify: true, }, { - Config: testAccAWSCodeBuildProjectConfig_SecondarySources_GitSubmodulesConfig(rName, false), + Config: testAccAWSCodeBuildProjectConfig_SecondarySources_GitSubmodulesConfig_CodeCommit(rName, false), Check: resource.ComposeTestCheckFunc( testAccCheckAWSCodeBuildProjectExists(resourceName, &project), resource.TestCheckResourceAttr(resourceName, "secondary_sources.3511868825.git_submodules_config.#", "1"), @@ -687,6 +749,68 @@ func TestAccAWSCodeBuildProject_SecondarySources_GitSubmodulesConfig(t *testing. }) } +func TestAccAWSCodeBuildProject_SecondarySources_GitSubmodulesConfig_GitHub(t *testing.T) { + var project codebuild.Project + rName := acctest.RandomWithPrefix("tf-acc-test") + resourceName := "aws_codebuild_project.test" + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSCodeBuild(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy, + Steps: []resource.TestStep{ + { + Config: testAccAWSCodeBuildProjectConfig_SecondarySources_GitSubmodulesConfig_GitHub(rName, true), + Check: resource.ComposeTestCheckFunc( + testAccCheckAWSCodeBuildProjectExists(resourceName, &project), + ), + }, + { + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + }, + { + Config: testAccAWSCodeBuildProjectConfig_SecondarySources_GitSubmodulesConfig_GitHub(rName, false), + Check: resource.ComposeTestCheckFunc( + testAccCheckAWSCodeBuildProjectExists(resourceName, &project), + ), + }, + }, + }) +} + +func TestAccAWSCodeBuildProject_SecondarySources_GitSubmodulesConfig_GitHubEnterprise(t *testing.T) { + var project codebuild.Project + rName := acctest.RandomWithPrefix("tf-acc-test") + resourceName := "aws_codebuild_project.test" + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSCodeBuild(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy, + Steps: []resource.TestStep{ + { + Config: testAccAWSCodeBuildProjectConfig_SecondarySources_GitSubmodulesConfig_GitHubEnterprise(rName, true), + Check: resource.ComposeTestCheckFunc( + testAccCheckAWSCodeBuildProjectExists(resourceName, &project), + ), + }, + { + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + }, + { + Config: testAccAWSCodeBuildProjectConfig_SecondarySources_GitSubmodulesConfig_GitHubEnterprise(rName, false), + Check: resource.ComposeTestCheckFunc( + testAccCheckAWSCodeBuildProjectExists(resourceName, &project), + ), + }, + }, + }) +} + func TestAccAWSCodeBuildProject_Source_InsecureSSL(t *testing.T) { var project codebuild.Project rName := acctest.RandomWithPrefix("tf-acc-test") @@ -2707,7 +2831,7 @@ resource "aws_codebuild_project" "test" { `, rName, gitCloneDepth) } -func testAccAWSCodeBuildProjectConfig_Source_GitSubmodulesConfig(rName string, fetchSubmodules bool) string { +func testAccAWSCodeBuildProjectConfig_Source_GitSubmodulesConfig_CodeCommit(rName string, fetchSubmodules bool) string { return testAccAWSCodeBuildProjectConfig_Base_ServiceRole(rName) + fmt.Sprintf(` resource "aws_codebuild_project" "test" { name = "%s" @@ -2735,7 +2859,63 @@ resource "aws_codebuild_project" "test" { `, rName, fetchSubmodules) } -func testAccAWSCodeBuildProjectConfig_SecondarySources_GitSubmodulesConfig(rName string, fetchSubmodules bool) string { +func testAccAWSCodeBuildProjectConfig_Source_GitSubmodulesConfig_GitHub(rName string, fetchSubmodules bool) string { + return testAccAWSCodeBuildProjectConfig_Base_ServiceRole(rName) + fmt.Sprintf(` +resource "aws_codebuild_project" "test" { + name = "%s" + service_role = "${aws_iam_role.test.arn}" + + artifacts { + type = "NO_ARTIFACTS" + } + + environment { + compute_type = "BUILD_GENERAL1_SMALL" + image = "2" + type = "LINUX_CONTAINER" + } + + source { + location = "https://github.com/hashicorp/packer.git" + type = "GITHUB" + + git_submodules_config { + fetch_submodules = %t + } + } +} +`, rName, fetchSubmodules) +} + +func testAccAWSCodeBuildProjectConfig_Source_GitSubmodulesConfig_GitHubEnterprise(rName string, fetchSubmodules bool) string { + return testAccAWSCodeBuildProjectConfig_Base_ServiceRole(rName) + fmt.Sprintf(` +resource "aws_codebuild_project" "test" { + name = "%s" + service_role = "${aws_iam_role.test.arn}" + + artifacts { + type = "NO_ARTIFACTS" + } + + environment { + compute_type = "BUILD_GENERAL1_SMALL" + image = "2" + type = "LINUX_CONTAINER" + } + + source { + location = "https://example.com/organization/repository.git" + type = "GITHUB_ENTERPRISE" + + git_submodules_config { + fetch_submodules = %t + } + } +} +`, rName, fetchSubmodules) +} + +func testAccAWSCodeBuildProjectConfig_SecondarySources_GitSubmodulesConfig_CodeCommit(rName string, fetchSubmodules bool) string { return testAccAWSCodeBuildProjectConfig_Base_ServiceRole(rName) + fmt.Sprintf(` resource "aws_codebuild_project" "test" { name = "%[1]s" @@ -2783,6 +2963,102 @@ resource "aws_codebuild_project" "test" { `, rName, fetchSubmodules) } +func testAccAWSCodeBuildProjectConfig_SecondarySources_GitSubmodulesConfig_GitHub(rName string, fetchSubmodules bool) string { + return testAccAWSCodeBuildProjectConfig_Base_ServiceRole(rName) + fmt.Sprintf(` +resource "aws_codebuild_project" "test" { + name = "%[1]s" + service_role = "${aws_iam_role.test.arn}" + + artifacts { + type = "NO_ARTIFACTS" + } + + environment { + compute_type = "BUILD_GENERAL1_SMALL" + image = "2" + type = "LINUX_CONTAINER" + } + + source { + location = "https://github.com/hashicorp/packer.git" + type = "GITHUB" + + git_submodules_config { + fetch_submodules = %[2]t + } + } + + secondary_sources { + location = "https://github.com/hashicorp/terraform.git" + type = "GITHUB" + source_identifier = "secondarySource1" + + git_submodules_config { + fetch_submodules = %[2]t + } + } + + secondary_sources { + location = "https://github.com/hashicorp/vault.git" + type = "GITHUB" + source_identifier = "secondarySource2" + + git_submodules_config { + fetch_submodules = %[2]t + } + } +} +`, rName, fetchSubmodules) +} + +func testAccAWSCodeBuildProjectConfig_SecondarySources_GitSubmodulesConfig_GitHubEnterprise(rName string, fetchSubmodules bool) string { + return testAccAWSCodeBuildProjectConfig_Base_ServiceRole(rName) + fmt.Sprintf(` +resource "aws_codebuild_project" "test" { + name = "%[1]s" + service_role = "${aws_iam_role.test.arn}" + + artifacts { + type = "NO_ARTIFACTS" + } + + environment { + compute_type = "BUILD_GENERAL1_SMALL" + image = "2" + type = "LINUX_CONTAINER" + } + + source { + location = "https://example.com/organization/repository-1.git" + type = "GITHUB_ENTERPRISE" + + git_submodules_config { + fetch_submodules = %[2]t + } + } + + secondary_sources { + location = "https://example.com/organization/repository-2.git" + type = "GITHUB_ENTERPRISE" + source_identifier = "secondarySource1" + + git_submodules_config { + fetch_submodules = %[2]t + } + } + + secondary_sources { + location = "https://example.com/organization/repository-3.git" + type = "GITHUB_ENTERPRISE" + source_identifier = "secondarySource2" + + git_submodules_config { + fetch_submodules = %[2]t + } + } +} +`, rName, fetchSubmodules) +} + func testAccAWSCodeBuildProjectConfig_Source_InsecureSSL(rName string, insecureSSL bool) string { return testAccAWSCodeBuildProjectConfig_Base_ServiceRole(rName) + fmt.Sprintf(` resource "aws_codebuild_project" "test" { diff --git a/website/docs/r/codebuild_project.html.markdown b/website/docs/r/codebuild_project.html.markdown index 8df9443a4da..838dc0060c1 100755 --- a/website/docs/r/codebuild_project.html.markdown +++ b/website/docs/r/codebuild_project.html.markdown @@ -298,7 +298,7 @@ The following arguments are supported: * `auth` - (Optional) Information about the authorization settings for AWS CodeBuild to access the source code to be built. Auth blocks are documented below. * `buildspec` - (Optional) The build spec declaration to use for this build project's related builds. This must be set when `type` is `NO_SOURCE`. * `git_clone_depth` - (Optional) Truncate git history to this many commits. -* `git_submodules_config` - (Optional) Information about the Git submodules configuration for an AWS CodeBuild build project. Git submodules config blocks are documented below. This option is only valid when the `type` is `CODECOMMIT`. +* `git_submodules_config` - (Optional) Information about the Git submodules configuration for an AWS CodeBuild build project. Git submodules config blocks are documented below. This option is only valid when the `type` is `CODECOMMIT`, `GITHUB` or `GITHUB_ENTERPRISE`. * `insecure_ssl` - (Optional) Ignore SSL warnings when connecting to source control. * `location` - (Optional) The location of the source code from git or s3. * `report_build_status` - (Optional) Set to `true` to report the status of a build's start and finish to your source provider. This option is only valid when the `type` is `BITBUCKET` or `GITHUB`. @@ -343,7 +343,7 @@ The following arguments are supported: * `auth` - (Optional) Information about the authorization settings for AWS CodeBuild to access the source code to be built. Auth blocks are documented below. * `buildspec` - (Optional) The build spec declaration to use for this build project's related builds. * `git_clone_depth` - (Optional) Truncate git history to this many commits. -* `git_submodules_config` - (Optional) Information about the Git submodules configuration for an AWS CodeBuild build project. Git submodules config blocks are documented below. This option is only valid when the `type` is `CODECOMMIT`. +* `git_submodules_config` - (Optional) Information about the Git submodules configuration for an AWS CodeBuild build project. Git submodules config blocks are documented below. This option is only valid when the `type` is `CODECOMMIT`, `GITHUB` or `GITHUB_ENTERPRISE`. * `insecure_ssl` - (Optional) Ignore SSL warnings when connecting to source control. * `location` - (Optional) The location of the source code from git or s3. * `report_build_status` - (Optional) Set to `true` to report the status of a build's start and finish to your source provider. This option is only valid when your source provider is `GITHUB`, `BITBUCKET`, or `GITHUB_ENTERPRISE`. From 101e5831e3ff083a96c8be2baaa59d5c8009fc9b Mon Sep 17 00:00:00 2001 From: Brian Flad Date: Wed, 13 May 2020 18:48:40 -0400 Subject: [PATCH 135/475] Update CHANGELOG for #13285 --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 47d4274891d..b8a9533d146 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -7,6 +7,7 @@ FEATURES: ENHANCEMENTS: * resource/aws_appsync_resolver: Add `cache_config` configuration block [GH-12747] +* resource/aws_codebuild_project: Support `git_submodules_config` with `GITHUB` and `GITHUB_ENTERPRISE` source types [GH-13285] * resource/aws_iot_topic_rule: Add `dynamodbv2` configuration block [GH-7469] * resource/aws_iot_topic_rule: Add `iot_analytics` configuration block [GH-9859] * resource/aws_iot_topic_rule: Add `iot_events` configuration block [GH-9890] From a04a87ff508f1d9d35a5b7f359acca76b3fae46c Mon Sep 17 00:00:00 2001 From: Ilia Lazebnik Date: Thu, 14 May 2020 02:35:33 +0300 Subject: [PATCH 136/475] resource/code_build_project: Support `SECRETS_MANAGER` environment variable type (#12572) Output from acceptance testing: ``` --- PASS: TestAccAWSCodeBuildProject_ARMContainer (51.36s) --- PASS: TestAccAWSCodeBuildProject_Artifacts_ArtifactIdentifier (59.59s) --- PASS: TestAccAWSCodeBuildProject_Artifacts_EncryptionDisabled (50.31s) --- PASS: TestAccAWSCodeBuildProject_Artifacts_Location (52.12s) --- PASS: TestAccAWSCodeBuildProject_Artifacts_Name (55.52s) --- PASS: TestAccAWSCodeBuildProject_Artifacts_NamespaceType (71.22s) --- PASS: TestAccAWSCodeBuildProject_Artifacts_OverrideArtifactName (51.42s) --- PASS: TestAccAWSCodeBuildProject_Artifacts_Packaging (66.88s) --- PASS: TestAccAWSCodeBuildProject_Artifacts_Path (136.38s) --- PASS: TestAccAWSCodeBuildProject_Artifacts_Type (57.44s) --- PASS: TestAccAWSCodeBuildProject_BadgeEnabled (139.30s) --- PASS: TestAccAWSCodeBuildProject_basic (213.92s) --- PASS: TestAccAWSCodeBuildProject_BuildTimeout (141.25s) --- PASS: TestAccAWSCodeBuildProject_Cache (131.13s) --- PASS: TestAccAWSCodeBuildProject_Description (255.64s) --- PASS: TestAccAWSCodeBuildProject_EncryptionKey (96.63s) --- PASS: TestAccAWSCodeBuildProject_Environment_Certificate (118.66s) --- PASS: TestAccAWSCodeBuildProject_Environment_EnvironmentVariable (96.55s) --- PASS: TestAccAWSCodeBuildProject_Environment_EnvironmentVariable_Type (89.49s) --- PASS: TestAccAWSCodeBuildProject_Environment_RegistryCredential (45.40s) --- PASS: TestAccAWSCodeBuildProject_LogsConfig_CloudWatchLogs (208.37s) --- PASS: TestAccAWSCodeBuildProject_LogsConfig_S3Logs (60.20s) --- PASS: TestAccAWSCodeBuildProject_QueuedTimeout (191.67s) --- PASS: TestAccAWSCodeBuildProject_SecondaryArtifacts (107.20s) --- PASS: TestAccAWSCodeBuildProject_SecondaryArtifacts_ArtifactIdentifier (107.64s) --- PASS: TestAccAWSCodeBuildProject_SecondaryArtifacts_EncryptionDisabled (59.17s) --- PASS: TestAccAWSCodeBuildProject_SecondaryArtifacts_Location (58.55s) --- PASS: TestAccAWSCodeBuildProject_SecondaryArtifacts_NamespaceType (51.40s) --- PASS: TestAccAWSCodeBuildProject_SecondaryArtifacts_OverrideArtifactName (75.29s) --- PASS: TestAccAWSCodeBuildProject_SecondaryArtifacts_Packaging (60.88s) --- PASS: TestAccAWSCodeBuildProject_SecondaryArtifacts_Path (58.67s) --- PASS: TestAccAWSCodeBuildProject_SecondaryArtifacts_Type (37.54s) --- PASS: TestAccAWSCodeBuildProject_SecondarySources_CodeCommit (29.09s) --- PASS: TestAccAWSCodeBuildProject_SecondarySources_GitSubmodulesConfig_CodeCommit (84.75s) --- PASS: TestAccAWSCodeBuildProject_SecondarySources_GitSubmodulesConfig_GitHub (33.16s) --- PASS: TestAccAWSCodeBuildProject_SecondarySources_GitSubmodulesConfig_GitHubEnterprise (99.87s) --- PASS: TestAccAWSCodeBuildProject_Source_GitCloneDepth (62.26s) --- PASS: TestAccAWSCodeBuildProject_Source_GitSubmodulesConfig_CodeCommit (413.30s) --- PASS: TestAccAWSCodeBuildProject_Source_GitSubmodulesConfig_GitHub (75.20s) --- PASS: TestAccAWSCodeBuildProject_Source_GitSubmodulesConfig_GitHubEnterprise (84.41s) --- PASS: TestAccAWSCodeBuildProject_Source_InsecureSSL (65.06s) --- PASS: TestAccAWSCodeBuildProject_Source_ReportBuildStatus_Bitbucket (72.43s) --- PASS: TestAccAWSCodeBuildProject_Source_ReportBuildStatus_GitHub (93.92s) --- PASS: TestAccAWSCodeBuildProject_Source_ReportBuildStatus_GitHubEnterprise (49.30s) --- PASS: TestAccAWSCodeBuildProject_Source_Type_Bitbucket (53.10s) --- PASS: TestAccAWSCodeBuildProject_Source_Type_CodeCommit (59.52s) --- PASS: TestAccAWSCodeBuildProject_Source_Type_CodePipeline (59.35s) --- PASS: TestAccAWSCodeBuildProject_Source_Type_GitHubEnterprise (236.48s) --- PASS: TestAccAWSCodeBuildProject_Source_Type_NoSource (29.16s) --- PASS: TestAccAWSCodeBuildProject_Source_Type_NoSourceInvalid (12.59s) --- PASS: TestAccAWSCodeBuildProject_Source_Type_S3 (155.73s) --- PASS: TestAccAWSCodeBuildProject_SourceVersion (60.28s) --- PASS: TestAccAWSCodeBuildProject_Tags (48.47s) --- PASS: TestAccAWSCodeBuildProject_WindowsContainer (69.49s) ``` --- aws/resource_aws_codebuild_project.go | 1 + aws/resource_aws_codebuild_project_test.go | 8 ++++++++ 2 files changed, 9 insertions(+) diff --git a/aws/resource_aws_codebuild_project.go b/aws/resource_aws_codebuild_project.go index 8de95e27432..c79a09302b6 100644 --- a/aws/resource_aws_codebuild_project.go +++ b/aws/resource_aws_codebuild_project.go @@ -195,6 +195,7 @@ func resourceAwsCodeBuildProject() *schema.Resource { ValidateFunc: validation.StringInSlice([]string{ codebuild.EnvironmentVariableTypePlaintext, codebuild.EnvironmentVariableTypeParameterStore, + codebuild.EnvironmentVariableTypeSecretsManager, }, false), Default: codebuild.EnvironmentVariableTypePlaintext, }, diff --git a/aws/resource_aws_codebuild_project_test.go b/aws/resource_aws_codebuild_project_test.go index 02399e29ad8..9f2f0920233 100644 --- a/aws/resource_aws_codebuild_project_test.go +++ b/aws/resource_aws_codebuild_project_test.go @@ -423,6 +423,14 @@ func TestAccAWSCodeBuildProject_Environment_EnvironmentVariable_Type(t *testing. resource.TestCheckResourceAttr(resourceName, "environment.1701234421.environment_variable.1.type", "PARAMETER_STORE"), ), }, + { + Config: testAccAWSCodeBuildProjectConfig_Environment_EnvironmentVariable_Type(rName, "SECRETS_MANAGER"), + Check: resource.ComposeTestCheckFunc( + testAccCheckAWSCodeBuildProjectExists(resourceName, &project), + resource.TestCheckResourceAttr(resourceName, "environment.198523880.environment_variable.0.type", "PLAINTEXT"), + resource.TestCheckResourceAttr(resourceName, "environment.198523880.environment_variable.1.type", "SECRETS_MANAGER"), + ), + }, }, }) } From bb439fbb99d018005d8b4f8541a4f9cf4131245f Mon Sep 17 00:00:00 2001 From: Brian Flad Date: Wed, 13 May 2020 19:37:55 -0400 Subject: [PATCH 137/475] Update CHANGELOG for #12572 --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index b8a9533d146..6b440912838 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -8,6 +8,7 @@ ENHANCEMENTS: * resource/aws_appsync_resolver: Add `cache_config` configuration block [GH-12747] * resource/aws_codebuild_project: Support `git_submodules_config` with `GITHUB` and `GITHUB_ENTERPRISE` source types [GH-13285] +* resource/aws_codebuild_project: Support `SECRETS_MANAGER` environment variable type [GH-12572] * resource/aws_iot_topic_rule: Add `dynamodbv2` configuration block [GH-7469] * resource/aws_iot_topic_rule: Add `iot_analytics` configuration block [GH-9859] * resource/aws_iot_topic_rule: Add `iot_events` configuration block [GH-9890] From 744813401342b117f12a81fc2c07db937f61b331 Mon Sep 17 00:00:00 2001 From: Graham Davison Date: Tue, 12 May 2020 15:55:21 -0700 Subject: [PATCH 138/475] Fixes errors, adds README, and makes example easier to run out-of-the-box --- examples/workspaces/README.md | 20 ++++++ examples/workspaces/iam.tf | 25 ++++++++ examples/workspaces/main.tf | 102 +++++++++++++++++++++---------- examples/workspaces/variables.tf | 4 ++ 4 files changed, 118 insertions(+), 33 deletions(-) create mode 100644 examples/workspaces/README.md create mode 100644 examples/workspaces/iam.tf create mode 100644 examples/workspaces/variables.tf diff --git a/examples/workspaces/README.md b/examples/workspaces/README.md new file mode 100644 index 00000000000..021b75b46dd --- /dev/null +++ b/examples/workspaces/README.md @@ -0,0 +1,20 @@ +# AWS WorkSpaces Example + +This example demonstrates how to create a WorkSpace and WorkSpace directory using AWS WorkSpaces. + +## Note + +The AWS WorkSpaces service requires an IAM role named `workspaces_DefaultRole`. This example creates this role and attaches policies to it. This will cause an error if the role already exists in the AWS account. + +The IAM resources are defined in the Terraform source file [iam.tf](./iam.tf). If the role exists, remove the IAM resource file. The resources `aws_workspaces_directory.example` and `aws_workspaces_workspace.example` have dependencies on the IAM resources. The `depends_on` blocks can be removed from both. + +## Running this example + +This example can be run by calling + +```shell +terraform init +terraform apply +``` + +By default, resources are created in the `us-west-2` region. To override the region, set the variable `aws_region` to a different value. diff --git a/examples/workspaces/iam.tf b/examples/workspaces/iam.tf new file mode 100644 index 00000000000..a18efb674d5 --- /dev/null +++ b/examples/workspaces/iam.tf @@ -0,0 +1,25 @@ +resource "aws_iam_role" "workspaces-default" { + name = "workspaces_DefaultRole" + assume_role_policy = data.aws_iam_policy_document.workspaces.json +} + +data "aws_iam_policy_document" "workspaces" { + statement { + actions = ["sts:AssumeRole"] + + principals { + type = "Service" + identifiers = ["workspaces.amazonaws.com"] + } + } +} + +resource "aws_iam_role_policy_attachment" "workspaces-default-service-access" { + role = aws_iam_role.workspaces-default.name + policy_arn = "arn:aws:iam::aws:policy/AmazonWorkSpacesServiceAccess" +} + +resource "aws_iam_role_policy_attachment" "workspaces-default-self-service-access" { + role = aws_iam_role.workspaces-default.name + policy_arn = "arn:aws:iam::aws:policy/AmazonWorkSpacesSelfServiceAccess" +} diff --git a/examples/workspaces/main.tf b/examples/workspaces/main.tf index 74f05db8649..0bbdb041c6a 100644 --- a/examples/workspaces/main.tf +++ b/examples/workspaces/main.tf @@ -1,50 +1,30 @@ provider "aws" { - region = "us-east-1" + region = "${var.aws_region}" } -resource "aws_vpc" "main" { - cidr_block = "10.0.0.0/16" -} - -resource "aws_subnet" "private-a" { - vpc_id = "${aws_vpc.main.id}" - availability_zone = "us-east-1a" - cidr_block = "10.0.1.0/24" -} - -resource "aws_subnet" "private-b" { - vpc_id = "${aws_vpc.main.id}" - availability_zone = "us-east-1b" - cidr_block = "10.0.2.0/24" -} - -resource "aws_directory_service_directory" "main" { - name = "tf-acctest.example.com" - password = "#S1ncerely" - size = "Small" - vpc_settings { - vpc_id = "${aws_vpc.main.id}" - subnet_ids = ["${aws_subnet.private-a.id}", "${aws_subnet.private-b.id}"] - } -} - -resource "aws_workspaces_directory" "main" { - directory_id = "${aws_directory_service_directory.main.id}" +resource "aws_workspaces_directory" "example" { + directory_id = "${aws_directory_service_directory.example.id}" subnet_ids = ["${aws_subnet.private-a.id}", "${aws_subnet.private-b.id}"] + + depends_on = [ + aws_iam_role.workspaces-default + ] } data "aws_workspaces_bundle" "value_windows" { bundle_id = "wsb-bh8rsxt14" # Value with Windows 10 (English) } -resource "aws_workspaces_workspace" "jhon_doe" { - directory_id = "${aws_workspaces_directory.main.id}" +resource "aws_workspaces_workspace" "example" { + directory_id = "${aws_workspaces_directory.example.id}" bundle_id = "${data.aws_workspaces_bundle.value_windows.id}" - user_name = "jhon.doe" + + # Administrator is always present in a new directory. + user_name = "Administrator" root_volume_encryption_enabled = true user_volume_encryption_enabled = true - volume_encryption_key = "aws/workspaces" + volume_encryption_key = data.aws_kms_key.workspaces_default.arn workspace_properties { compute_type_name = "VALUE" @@ -57,6 +37,12 @@ resource "aws_workspaces_workspace" "jhon_doe" { tags = { Department = "IT" } + + depends_on = [ + # The role "workspaces_DefaultRole" requires the policy arn:aws:iam::aws:policy/AmazonWorkSpacesServiceAccess + # to create and delete the ENI that the Workspaces service creates for the Workspace + aws_iam_role_policy_attachment.workspaces-default-service-access, + ] } resource "aws_workspaces_ip_group" "main" { @@ -72,3 +58,53 @@ resource "aws_workspaces_ip_group" "main" { description = "Contractors" } } + +data "aws_region" "current" {} + +data "aws_availability_zones" "available" { + state = "available" + + filter { + name = "opt-in-status" + values = ["opt-in-not-required"] + } +} + +locals { + # Workspace instances are not supported in all AZs in some regions + region_workspaces_az_ids = { + "us-east-1" = formatlist("use1-az%d", [2, 4, 6]) + } + + workspaces_az_ids = lookup(local.region_workspaces_az_ids, data.aws_region.current.name, data.aws_availability_zones.available.zone_ids) +} + +resource "aws_vpc" "main" { + cidr_block = "10.0.0.0/16" +} + +resource "aws_subnet" "private-a" { + vpc_id = "${aws_vpc.main.id}" + availability_zone_id = "${local.workspaces_az_ids[0]}" + cidr_block = "10.0.1.0/24" +} + +resource "aws_subnet" "private-b" { + vpc_id = "${aws_vpc.main.id}" + availability_zone_id = "${local.workspaces_az_ids[1]}" + cidr_block = "10.0.2.0/24" +} + +resource "aws_directory_service_directory" "example" { + name = "workspaces.example.com" + password = "#S1ncerely" + size = "Small" + vpc_settings { + vpc_id = "${aws_vpc.main.id}" + subnet_ids = ["${aws_subnet.private-a.id}", "${aws_subnet.private-b.id}"] + } +} + +data "aws_kms_key" "workspaces_default" { + key_id = "alias/aws/workspaces" +} diff --git a/examples/workspaces/variables.tf b/examples/workspaces/variables.tf new file mode 100644 index 00000000000..3c91c693825 --- /dev/null +++ b/examples/workspaces/variables.tf @@ -0,0 +1,4 @@ +variable "aws_region" { + description = "The AWS region to use" + default = "us-west-2" +} From 5e75bda8d9f4ce4a529dcc2a60cd8b2bd2072630 Mon Sep 17 00:00:00 2001 From: Daryl Clarino Date: Thu, 14 May 2020 19:01:56 +0800 Subject: [PATCH 139/475] Update documentation for API gateway integration. --- website/docs/r/api_gateway_integration.html.markdown | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/website/docs/r/api_gateway_integration.html.markdown b/website/docs/r/api_gateway_integration.html.markdown index f28ea2d885d..24c1bcf3f0b 100644 --- a/website/docs/r/api_gateway_integration.html.markdown +++ b/website/docs/r/api_gateway_integration.html.markdown @@ -219,7 +219,7 @@ The following arguments are supported: * `connection_id` - (Optional) The id of the VpcLink used for the integration. **Required** if `connection_type` is `VPC_LINK` * `uri` - (Optional) The input's URI. **Required** if `type` is `AWS`, `AWS_PROXY`, `HTTP` or `HTTP_PROXY`. For HTTP integrations, the URI must be a fully formed, encoded HTTP(S) URL according to the RFC-3986 specification . For AWS integrations, the URI should be of the form `arn:aws:apigateway:{region}:{subdomain.service|service}:{path|action}/{service_api}`. `region`, `subdomain` and `service` are used to determine the right endpoint. - e.g. `arn:aws:apigateway:eu-west-1:lambda:path/2015-03-31/functions/arn:aws:lambda:eu-west-1:012345678901:function:my-func/invocations` + e.g. `arn:aws:apigateway:eu-west-1:lambda:path/2015-03-31/functions/arn:aws:lambda:eu-west-1:012345678901:function:my-func/invocations`. For private integrations, the URI parameter is not used for routing requests to your endpoint, but is used for setting the Host header and for certificate validation. * `credentials` - (Optional) The credentials required for the integration. For `AWS` integrations, 2 options are available. To specify an IAM Role for Amazon API Gateway to assume, use the role's ARN. To require that the caller's identity be passed through from the request, specify the string `arn:aws:iam::\*:user/\*`. * `request_templates` - (Optional) A map of the integration's request templates. * `request_parameters` - (Optional) A map of request query string parameters and headers that should be passed to the backend responder. From 941de448465dd3619fbde6ced64ab4111b1d5fe2 Mon Sep 17 00:00:00 2001 From: Kit Ewbank Date: Thu, 14 May 2020 09:47:17 -0400 Subject: [PATCH 140/475] ROADMAP.md: Fix WAFv2 link (#13240) --- ROADMAP.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ROADMAP.md b/ROADMAP.md index e52eb0cb9b1..c65b2f7cd12 100644 --- a/ROADMAP.md +++ b/ROADMAP.md @@ -22,7 +22,7 @@ We'll be updating the linked milestone as we work to finalize and complete v3.0. ### WAFv2 -Issue: [#11406](https://github.com/terraform-providers/terraform-provider-aws/issues/11406) +Issue: [#11046](https://github.com/terraform-providers/terraform-provider-aws/issues/11046) _AWS WAFv2 is a web application firewall that lets you monitor the HTTP and HTTPS requests that are forwarded to Amazon CloudFront, an Amazon API Gateway API, or an Application Load Balancer._ From 117eb58dbb2883b67581260d895dba84db04a177 Mon Sep 17 00:00:00 2001 From: Brian Flad Date: Thu, 14 May 2020 10:36:51 -0400 Subject: [PATCH 141/475] tests/resource/aws_codebuild_project: Add testing for empty value environment variables Output from acceptance testing: ``` --- PASS: TestAccAWSCodeBuildProject_ARMContainer (39.86s) --- PASS: TestAccAWSCodeBuildProject_Artifacts_ArtifactIdentifier (81.65s) --- PASS: TestAccAWSCodeBuildProject_Artifacts_EncryptionDisabled (70.59s) --- PASS: TestAccAWSCodeBuildProject_Artifacts_Location (87.62s) --- PASS: TestAccAWSCodeBuildProject_Artifacts_Name (91.10s) --- PASS: TestAccAWSCodeBuildProject_Artifacts_NamespaceType (258.73s) --- PASS: TestAccAWSCodeBuildProject_Artifacts_OverrideArtifactName (118.21s) --- PASS: TestAccAWSCodeBuildProject_Artifacts_Packaging (70.05s) --- PASS: TestAccAWSCodeBuildProject_Artifacts_Path (73.74s) --- PASS: TestAccAWSCodeBuildProject_Artifacts_Type (93.82s) --- PASS: TestAccAWSCodeBuildProject_BadgeEnabled (39.29s) --- PASS: TestAccAWSCodeBuildProject_basic (63.85s) --- PASS: TestAccAWSCodeBuildProject_BuildTimeout (59.79s) --- PASS: TestAccAWSCodeBuildProject_Cache (114.45s) --- PASS: TestAccAWSCodeBuildProject_Description (62.95s) --- PASS: TestAccAWSCodeBuildProject_EncryptionKey (35.11s) --- PASS: TestAccAWSCodeBuildProject_Environment_Certificate (42.82s) --- PASS: TestAccAWSCodeBuildProject_Environment_EnvironmentVariable (79.42s) --- PASS: TestAccAWSCodeBuildProject_Environment_EnvironmentVariable_Type (55.91s) --- PASS: TestAccAWSCodeBuildProject_Environment_EnvironmentVariable_Value (74.23s) --- PASS: TestAccAWSCodeBuildProject_Environment_RegistryCredential (73.93s) --- PASS: TestAccAWSCodeBuildProject_LogsConfig_CloudWatchLogs (140.78s) --- PASS: TestAccAWSCodeBuildProject_LogsConfig_S3Logs (95.25s) --- PASS: TestAccAWSCodeBuildProject_QueuedTimeout (52.16s) --- PASS: TestAccAWSCodeBuildProject_SecondaryArtifacts (54.12s) --- PASS: TestAccAWSCodeBuildProject_SecondaryArtifacts_ArtifactIdentifier (73.72s) --- PASS: TestAccAWSCodeBuildProject_SecondaryArtifacts_EncryptionDisabled (108.53s) --- PASS: TestAccAWSCodeBuildProject_SecondaryArtifacts_Location (214.27s) --- PASS: TestAccAWSCodeBuildProject_SecondaryArtifacts_NamespaceType (254.34s) --- PASS: TestAccAWSCodeBuildProject_SecondaryArtifacts_OverrideArtifactName (83.88s) --- PASS: TestAccAWSCodeBuildProject_SecondaryArtifacts_Packaging (84.60s) --- PASS: TestAccAWSCodeBuildProject_SecondaryArtifacts_Path (116.28s) --- PASS: TestAccAWSCodeBuildProject_SecondaryArtifacts_Type (68.43s) --- PASS: TestAccAWSCodeBuildProject_SecondarySources_CodeCommit (67.24s) --- PASS: TestAccAWSCodeBuildProject_SecondarySources_GitSubmodulesConfig_CodeCommit (83.27s) --- PASS: TestAccAWSCodeBuildProject_SecondarySources_GitSubmodulesConfig_GitHub (60.29s) --- PASS: TestAccAWSCodeBuildProject_SecondarySources_GitSubmodulesConfig_GitHubEnterprise (147.52s) --- PASS: TestAccAWSCodeBuildProject_Source_GitCloneDepth (77.52s) --- PASS: TestAccAWSCodeBuildProject_Source_GitSubmodulesConfig_CodeCommit (66.13s) --- PASS: TestAccAWSCodeBuildProject_Source_GitSubmodulesConfig_GitHub (133.77s) --- PASS: TestAccAWSCodeBuildProject_Source_GitSubmodulesConfig_GitHubEnterprise (64.05s) --- PASS: TestAccAWSCodeBuildProject_Source_InsecureSSL (61.09s) --- PASS: TestAccAWSCodeBuildProject_Source_ReportBuildStatus_Bitbucket (95.29s) --- PASS: TestAccAWSCodeBuildProject_Source_ReportBuildStatus_GitHub (77.35s) --- PASS: TestAccAWSCodeBuildProject_Source_ReportBuildStatus_GitHubEnterprise (78.94s) --- PASS: TestAccAWSCodeBuildProject_Source_Type_Bitbucket (49.18s) --- PASS: TestAccAWSCodeBuildProject_Source_Type_CodeCommit (91.76s) --- PASS: TestAccAWSCodeBuildProject_Source_Type_CodePipeline (106.13s) --- PASS: TestAccAWSCodeBuildProject_Source_Type_GitHubEnterprise (46.19s) --- PASS: TestAccAWSCodeBuildProject_Source_Type_NoSource (36.11s) --- PASS: TestAccAWSCodeBuildProject_Source_Type_NoSourceInvalid (13.10s) --- PASS: TestAccAWSCodeBuildProject_Source_Type_S3 (43.01s) --- PASS: TestAccAWSCodeBuildProject_SourceVersion (42.91s) --- PASS: TestAccAWSCodeBuildProject_Tags (48.42s) --- PASS: TestAccAWSCodeBuildProject_WindowsContainer (35.04s) ``` --- aws/resource_aws_codebuild_project_test.go | 80 +++++++++++++++++----- 1 file changed, 62 insertions(+), 18 deletions(-) diff --git a/aws/resource_aws_codebuild_project_test.go b/aws/resource_aws_codebuild_project_test.go index 9f2f0920233..8f36d201484 100644 --- a/aws/resource_aws_codebuild_project_test.go +++ b/aws/resource_aws_codebuild_project_test.go @@ -346,16 +346,14 @@ func TestAccAWSCodeBuildProject_Environment_EnvironmentVariable(t *testing.T) { resourceName := "aws_codebuild_project.test" resource.ParallelTest(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSCodeBuild(t) }, - Providers: testAccProviders, - CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy, - DisableBinaryDriver: true, + PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSCodeBuild(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy, Steps: []resource.TestStep{ { - Config: testAccAWSCodeBuildProjectConfig_Environment_EnvironmentVariable_One(rName), + Config: testAccAWSCodeBuildProjectConfig_Environment_EnvironmentVariable_One(rName, "KEY1", "VALUE1"), Check: resource.ComposeTestCheckFunc( testAccCheckAWSCodeBuildProjectExists(resourceName, &project1), - resource.TestCheckResourceAttr(resourceName, "environment.1380979031.environment_variable.#", "1"), ), }, { @@ -364,10 +362,9 @@ func TestAccAWSCodeBuildProject_Environment_EnvironmentVariable(t *testing.T) { ImportStateVerify: true, }, { - Config: testAccAWSCodeBuildProjectConfig_Environment_EnvironmentVariable_Two(rName), + Config: testAccAWSCodeBuildProjectConfig_Environment_EnvironmentVariable_Two(rName, "KEY1", "VALUE1UPDATED", "KEY2", "VALUE2"), Check: resource.ComposeTestCheckFunc( testAccCheckAWSCodeBuildProjectExists(resourceName, &project2), - resource.TestCheckResourceAttr(resourceName, "environment.4178155002.environment_variable.#", "2"), ), }, { @@ -435,6 +432,53 @@ func TestAccAWSCodeBuildProject_Environment_EnvironmentVariable_Type(t *testing. }) } +func TestAccAWSCodeBuildProject_Environment_EnvironmentVariable_Value(t *testing.T) { + var project1, project2, project3 codebuild.Project + rName := acctest.RandomWithPrefix("tf-acc-test") + resourceName := "aws_codebuild_project.test" + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSCodeBuild(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy, + Steps: []resource.TestStep{ + { + Config: testAccAWSCodeBuildProjectConfig_Environment_EnvironmentVariable_One(rName, "KEY1", ""), + Check: resource.ComposeTestCheckFunc( + testAccCheckAWSCodeBuildProjectExists(resourceName, &project1), + ), + }, + { + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + }, + { + Config: testAccAWSCodeBuildProjectConfig_Environment_EnvironmentVariable_One(rName, "KEY1", "VALUE1"), + Check: resource.ComposeTestCheckFunc( + testAccCheckAWSCodeBuildProjectExists(resourceName, &project2), + ), + }, + { + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + }, + { + Config: testAccAWSCodeBuildProjectConfig_Environment_EnvironmentVariable_One(rName, "KEY1", ""), + Check: resource.ComposeTestCheckFunc( + testAccCheckAWSCodeBuildProjectExists(resourceName, &project3), + ), + }, + { + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + }, + }, + }) +} + func TestAccAWSCodeBuildProject_Environment_Certificate(t *testing.T) { var project codebuild.Project rName := acctest.RandomWithPrefix("tf-acc-test") @@ -2488,7 +2532,7 @@ resource "aws_codebuild_project" "test" { `, rName) } -func testAccAWSCodeBuildProjectConfig_Environment_EnvironmentVariable_One(rName string) string { +func testAccAWSCodeBuildProjectConfig_Environment_EnvironmentVariable_One(rName, key1, value1 string) string { return testAccAWSCodeBuildProjectConfig_Base_ServiceRole(rName) + fmt.Sprintf(` resource "aws_codebuild_project" "test" { name = %[1]q @@ -2504,8 +2548,8 @@ resource "aws_codebuild_project" "test" { type = "LINUX_CONTAINER" environment_variable { - name = "SOME_KEY" - value = "SOME_VALUE" + name = %[2]q + value = %[3]q } } @@ -2514,10 +2558,10 @@ resource "aws_codebuild_project" "test" { location = "https://github.com/hashicorp/packer.git" } } -`, rName) +`, rName, key1, value1) } -func testAccAWSCodeBuildProjectConfig_Environment_EnvironmentVariable_Two(rName string) string { +func testAccAWSCodeBuildProjectConfig_Environment_EnvironmentVariable_Two(rName, key1, value1, key2, value2 string) string { return testAccAWSCodeBuildProjectConfig_Base_ServiceRole(rName) + fmt.Sprintf(` resource "aws_codebuild_project" "test" { name = %[1]q @@ -2533,13 +2577,13 @@ resource "aws_codebuild_project" "test" { type = "LINUX_CONTAINER" environment_variable { - name = "SOME_KEY" - value = "SOME_VALUE" + name = %[2]q + value = %[3]q } environment_variable { - name = "SOME_KEY2" - value = "SOME_VALUE2" + name = %[4]q + value = %[5]q } } @@ -2548,7 +2592,7 @@ resource "aws_codebuild_project" "test" { location = "https://github.com/hashicorp/packer.git" } } -`, rName) +`, rName, key1, value1, key2, value2) } func testAccAWSCodeBuildProjectConfig_Environment_EnvironmentVariable_Zero(rName string) string { From d8c44f598164699d7896507e3f6b1310dbb774f3 Mon Sep 17 00:00:00 2001 From: Brian Flad Date: Thu, 14 May 2020 10:40:09 -0400 Subject: [PATCH 142/475] Update CHANGELOG for #11572 --- CHANGELOG.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 6b440912838..5dc39ae3764 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -15,6 +15,10 @@ ENHANCEMENTS: * resource/aws_iot_topic_rule: Add `operation` argument to `dynamodb` configuration block [GH-12714] * resource/aws_iot_topic_rule: Add `qos` argument `republish` configuration block [GH-12869] +BUG FIXES: + +* resource/aws_codebuild_project: Allow empty value (`""`) environment variables [GH-11572] + ## 2.61.0 (May 08, 2020) FEATURES: From 338fe8bbe20c7e5dae459b54f6f5d0ec45a28826 Mon Sep 17 00:00:00 2001 From: Brian Flad Date: Thu, 14 May 2020 11:25:48 -0400 Subject: [PATCH 143/475] infrastructure/repository: Synchronize recent AWS service labels and bump GitHub provider to latest (#13226) Reference: https://github.com/aws/aws-sdk-go/tree/master/service Now that contributors can add these labels when submitting new services (as documented in the Contributing Guide), this manual bulk process should be less common. --- infrastructure/repository/labels-service.tf | 7 +++++++ infrastructure/repository/main.tf | 2 +- 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/infrastructure/repository/labels-service.tf b/infrastructure/repository/labels-service.tf index 079baf5d5cb..c5472d83e67 100644 --- a/infrastructure/repository/labels-service.tf +++ b/infrastructure/repository/labels-service.tf @@ -45,6 +45,7 @@ variable "service_labels" { "codegurureviewer", "codepipeline", "codestar", + "codestarconnections", "codestarnotifications", "cognito", "comprehend", @@ -53,11 +54,13 @@ variable "service_labels" { "configservice", "connect", "costandusagereportservice", + "costexplorer", "databasemigrationservice", "dataexchange", "datapipeline", "datasync", "dax", + "detective", "devicefarm", "directconnect", "directoryservice", @@ -98,6 +101,7 @@ variable "service_labels" { "iotanalytics", "iotevents", "iotsecuretunneling", + "iotsitewise", "iotthingsgraph", "kafka", "kendra", @@ -171,8 +175,11 @@ variable "service_labels" { "sts", "support", "swf", + "synthetics", + "textract", "transcribeservice", "transfer", + "translate", "waf", "wafv2", "workdocs", diff --git a/infrastructure/repository/main.tf b/infrastructure/repository/main.tf index f2768d87538..4a55664a872 100644 --- a/infrastructure/repository/main.tf +++ b/infrastructure/repository/main.tf @@ -4,7 +4,7 @@ terraform { } required_providers { - github = "2.1.0" + github = "2.7.0" } required_version = "~> 0.12.24" From 6e1e3c01eff21f7225b6f5bfdb2cfccbb7f8a016 Mon Sep 17 00:00:00 2001 From: Kit Ewbank Date: Thu, 14 May 2020 11:35:48 -0400 Subject: [PATCH 144/475] provider: Add Transit Gateway Network Manager service client and resource tagging (#13262) * Add Transit Gateway Network Manager service client. * internal/keyvaluetags: Support network manager * Add list-tags support for Network Manager. Co-authored-by: Omarimcblack --- .hashibot.hcl | 7 + aws/config.go | 3 + .../keyvaluetags/generators/listtags/main.go | 1 + .../generators/servicetags/main.go | 1 + .../generators/updatetags/main.go | 1 + aws/internal/keyvaluetags/list_tags_gen.go | 18 + .../service_generation_customizations.go | 5 + aws/internal/keyvaluetags/service_tags_gen.go | 28 + aws/internal/keyvaluetags/update_tags_gen.go | 37 + aws/provider.go | 1 + .../aws-sdk-go/service/networkmanager/api.go | 7093 +++++++++++++++++ .../aws-sdk-go/service/networkmanager/doc.go | 30 + .../service/networkmanager/errors.go | 63 + .../service/networkmanager/service.go | 104 + vendor/modules.txt | 1 + website/allowed-subcategories.txt | 1 + .../guides/custom-service-endpoints.html.md | 1 + 17 files changed, 7395 insertions(+) create mode 100644 vendor/github.com/aws/aws-sdk-go/service/networkmanager/api.go create mode 100644 vendor/github.com/aws/aws-sdk-go/service/networkmanager/doc.go create mode 100644 vendor/github.com/aws/aws-sdk-go/service/networkmanager/errors.go create mode 100644 vendor/github.com/aws/aws-sdk-go/service/networkmanager/service.go diff --git a/.hashibot.hcl b/.hashibot.hcl index 86dbb9baf67..d1bad0eb7ff 100644 --- a/.hashibot.hcl +++ b/.hashibot.hcl @@ -385,6 +385,9 @@ behavior "regexp_issue_labeler_v2" "service_labels" { "service/neptune" = [ "aws_neptune_", ], + "service/networkmanager" = [ + "aws_networkmanager_", + ], "service/opsworks" = [ "aws_opsworks_", ], @@ -1041,6 +1044,10 @@ behavior "pull_request_path_labeler" "service_labels" { "**/*_neptune_*", "**/neptune_*" ] + "service/networkmanager" = [ + "**/*_networkmanager_*", + "**/networkmanager_*" + ] "service/opsworks" = [ "**/*_opsworks_*", "**/opsworks_*" diff --git a/aws/config.go b/aws/config.go index 0348e71e5d0..fcdc8c6fc2a 100644 --- a/aws/config.go +++ b/aws/config.go @@ -105,6 +105,7 @@ import ( "github.com/aws/aws-sdk-go/service/mediastoredata" "github.com/aws/aws-sdk-go/service/mq" "github.com/aws/aws-sdk-go/service/neptune" + "github.com/aws/aws-sdk-go/service/networkmanager" "github.com/aws/aws-sdk-go/service/opsworks" "github.com/aws/aws-sdk-go/service/organizations" "github.com/aws/aws-sdk-go/service/personalize" @@ -283,6 +284,7 @@ type AWSClient struct { mediastoredataconn *mediastoredata.MediaStoreData mqconn *mq.MQ neptuneconn *neptune.Neptune + networkmanagerconn *networkmanager.NetworkManager opsworksconn *opsworks.OpsWorks organizationsconn *organizations.Organizations partition string @@ -500,6 +502,7 @@ func (c *Config) Client() (interface{}, error) { mediastoredataconn: mediastoredata.New(sess.Copy(&aws.Config{Endpoint: aws.String(c.Endpoints["mediastoredata"])})), mqconn: mq.New(sess.Copy(&aws.Config{Endpoint: aws.String(c.Endpoints["mq"])})), neptuneconn: neptune.New(sess.Copy(&aws.Config{Endpoint: aws.String(c.Endpoints["neptune"])})), + networkmanagerconn: networkmanager.New(sess.Copy(&aws.Config{Endpoint: aws.String(c.Endpoints["networkmanager"])})), opsworksconn: opsworks.New(sess.Copy(&aws.Config{Endpoint: aws.String(c.Endpoints["opsworks"])})), organizationsconn: organizations.New(sess.Copy(&aws.Config{Endpoint: aws.String(c.Endpoints["organizations"])})), partition: partition, diff --git a/aws/internal/keyvaluetags/generators/listtags/main.go b/aws/internal/keyvaluetags/generators/listtags/main.go index d0b4f1cff54..a865a37f219 100644 --- a/aws/internal/keyvaluetags/generators/listtags/main.go +++ b/aws/internal/keyvaluetags/generators/listtags/main.go @@ -88,6 +88,7 @@ var serviceNames = []string{ "mediastore", "mq", "neptune", + "networkmanager", "opsworks", "organizations", "pinpoint", diff --git a/aws/internal/keyvaluetags/generators/servicetags/main.go b/aws/internal/keyvaluetags/generators/servicetags/main.go index 4382879b7a0..79a7a1743bb 100644 --- a/aws/internal/keyvaluetags/generators/servicetags/main.go +++ b/aws/internal/keyvaluetags/generators/servicetags/main.go @@ -71,6 +71,7 @@ var sliceServiceNames = []string{ "lightsail", "mediastore", "neptune", + "networkmanager", "organizations", "quicksight", "ram", diff --git a/aws/internal/keyvaluetags/generators/updatetags/main.go b/aws/internal/keyvaluetags/generators/updatetags/main.go index ee18203bf73..628f8ee646a 100644 --- a/aws/internal/keyvaluetags/generators/updatetags/main.go +++ b/aws/internal/keyvaluetags/generators/updatetags/main.go @@ -92,6 +92,7 @@ var serviceNames = []string{ "mediastore", "mq", "neptune", + "networkmanager", "opsworks", "organizations", "pinpoint", diff --git a/aws/internal/keyvaluetags/list_tags_gen.go b/aws/internal/keyvaluetags/list_tags_gen.go index 0aa7e650a53..5afc6631b3c 100644 --- a/aws/internal/keyvaluetags/list_tags_gen.go +++ b/aws/internal/keyvaluetags/list_tags_gen.go @@ -75,6 +75,7 @@ import ( "github.com/aws/aws-sdk-go/service/mediastore" "github.com/aws/aws-sdk-go/service/mq" "github.com/aws/aws-sdk-go/service/neptune" + "github.com/aws/aws-sdk-go/service/networkmanager" "github.com/aws/aws-sdk-go/service/opsworks" "github.com/aws/aws-sdk-go/service/organizations" "github.com/aws/aws-sdk-go/service/pinpoint" @@ -1306,6 +1307,23 @@ func NeptuneListTags(conn *neptune.Neptune, identifier string) (KeyValueTags, er return NeptuneKeyValueTags(output.TagList), nil } +// NetworkmanagerListTags lists networkmanager service tags. +// The identifier is typically the Amazon Resource Name (ARN), although +// it may also be a different identifier depending on the service. +func NetworkmanagerListTags(conn *networkmanager.NetworkManager, identifier string) (KeyValueTags, error) { + input := &networkmanager.ListTagsForResourceInput{ + ResourceArn: aws.String(identifier), + } + + output, err := conn.ListTagsForResource(input) + + if err != nil { + return New(nil), err + } + + return NetworkmanagerKeyValueTags(output.TagList), nil +} + // OpsworksListTags lists opsworks service tags. // The identifier is typically the Amazon Resource Name (ARN), although // it may also be a different identifier depending on the service. diff --git a/aws/internal/keyvaluetags/service_generation_customizations.go b/aws/internal/keyvaluetags/service_generation_customizations.go index 071ce0d9b5b..c9a11053994 100644 --- a/aws/internal/keyvaluetags/service_generation_customizations.go +++ b/aws/internal/keyvaluetags/service_generation_customizations.go @@ -82,6 +82,7 @@ import ( "github.com/aws/aws-sdk-go/service/mediastore" "github.com/aws/aws-sdk-go/service/mq" "github.com/aws/aws-sdk-go/service/neptune" + "github.com/aws/aws-sdk-go/service/networkmanager" "github.com/aws/aws-sdk-go/service/opsworks" "github.com/aws/aws-sdk-go/service/organizations" "github.com/aws/aws-sdk-go/service/pinpoint" @@ -268,6 +269,8 @@ func ServiceClientType(serviceName string) string { funcType = reflect.TypeOf(mq.New) case "neptune": funcType = reflect.TypeOf(neptune.New) + case "networkmanager": + funcType = reflect.TypeOf(networkmanager.New) case "opsworks": funcType = reflect.TypeOf(opsworks.New) case "organizations": @@ -462,6 +465,8 @@ func ServiceListTagsOutputTagsField(serviceName string) string { return "ResourceTags.Tags" case "neptune": return "TagList" + case "networkmanager": + return "TagList" case "pinpoint": return "TagsModel.Tags" case "rds": diff --git a/aws/internal/keyvaluetags/service_tags_gen.go b/aws/internal/keyvaluetags/service_tags_gen.go index d39d83a52b7..643fd0fc7c3 100644 --- a/aws/internal/keyvaluetags/service_tags_gen.go +++ b/aws/internal/keyvaluetags/service_tags_gen.go @@ -56,6 +56,7 @@ import ( "github.com/aws/aws-sdk-go/service/lightsail" "github.com/aws/aws-sdk-go/service/mediastore" "github.com/aws/aws-sdk-go/service/neptune" + "github.com/aws/aws-sdk-go/service/networkmanager" "github.com/aws/aws-sdk-go/service/organizations" "github.com/aws/aws-sdk-go/service/quicksight" "github.com/aws/aws-sdk-go/service/ram" @@ -1852,6 +1853,33 @@ func NeptuneKeyValueTags(tags []*neptune.Tag) KeyValueTags { return New(m) } +// NetworkmanagerTags returns networkmanager service tags. +func (tags KeyValueTags) NetworkmanagerTags() []*networkmanager.Tag { + result := make([]*networkmanager.Tag, 0, len(tags)) + + for k, v := range tags.Map() { + tag := &networkmanager.Tag{ + Key: aws.String(k), + Value: aws.String(v), + } + + result = append(result, tag) + } + + return result +} + +// NetworkmanagerKeyValueTags creates KeyValueTags from networkmanager service tags. +func NetworkmanagerKeyValueTags(tags []*networkmanager.Tag) KeyValueTags { + m := make(map[string]*string, len(tags)) + + for _, tag := range tags { + m[aws.StringValue(tag.Key)] = tag.Value + } + + return New(m) +} + // OrganizationsTags returns organizations service tags. func (tags KeyValueTags) OrganizationsTags() []*organizations.Tag { result := make([]*organizations.Tag, 0, len(tags)) diff --git a/aws/internal/keyvaluetags/update_tags_gen.go b/aws/internal/keyvaluetags/update_tags_gen.go index ce0a1715fdc..68dc42f29ff 100644 --- a/aws/internal/keyvaluetags/update_tags_gen.go +++ b/aws/internal/keyvaluetags/update_tags_gen.go @@ -81,6 +81,7 @@ import ( "github.com/aws/aws-sdk-go/service/mediastore" "github.com/aws/aws-sdk-go/service/mq" "github.com/aws/aws-sdk-go/service/neptune" + "github.com/aws/aws-sdk-go/service/networkmanager" "github.com/aws/aws-sdk-go/service/opsworks" "github.com/aws/aws-sdk-go/service/organizations" "github.com/aws/aws-sdk-go/service/pinpoint" @@ -2811,6 +2812,42 @@ func NeptuneUpdateTags(conn *neptune.Neptune, identifier string, oldTagsMap inte return nil } +// NetworkmanagerUpdateTags updates networkmanager service tags. +// The identifier is typically the Amazon Resource Name (ARN), although +// it may also be a different identifier depending on the service. +func NetworkmanagerUpdateTags(conn *networkmanager.NetworkManager, identifier string, oldTagsMap interface{}, newTagsMap interface{}) error { + oldTags := New(oldTagsMap) + newTags := New(newTagsMap) + + if removedTags := oldTags.Removed(newTags); len(removedTags) > 0 { + input := &networkmanager.UntagResourceInput{ + ResourceArn: aws.String(identifier), + TagKeys: aws.StringSlice(removedTags.IgnoreAws().Keys()), + } + + _, err := conn.UntagResource(input) + + if err != nil { + return fmt.Errorf("error untagging resource (%s): %w", identifier, err) + } + } + + if updatedTags := oldTags.Updated(newTags); len(updatedTags) > 0 { + input := &networkmanager.TagResourceInput{ + ResourceArn: aws.String(identifier), + Tags: updatedTags.IgnoreAws().NetworkmanagerTags(), + } + + _, err := conn.TagResource(input) + + if err != nil { + return fmt.Errorf("error tagging resource (%s): %w", identifier, err) + } + } + + return nil +} + // OpsworksUpdateTags updates opsworks service tags. // The identifier is typically the Amazon Resource Name (ARN), although // it may also be a different identifier depending on the service. diff --git a/aws/provider.go b/aws/provider.go index d55cf7bbc98..d7eaff110f5 100644 --- a/aws/provider.go +++ b/aws/provider.go @@ -1095,6 +1095,7 @@ func init() { "mediastoredata", "mq", "neptune", + "networkmanager", "opsworks", "organizations", "personalize", diff --git a/vendor/github.com/aws/aws-sdk-go/service/networkmanager/api.go b/vendor/github.com/aws/aws-sdk-go/service/networkmanager/api.go new file mode 100644 index 00000000000..dfc92232d59 --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go/service/networkmanager/api.go @@ -0,0 +1,7093 @@ +// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT. + +package networkmanager + +import ( + "fmt" + "time" + + "github.com/aws/aws-sdk-go/aws" + "github.com/aws/aws-sdk-go/aws/awsutil" + "github.com/aws/aws-sdk-go/aws/request" + "github.com/aws/aws-sdk-go/private/protocol" + "github.com/aws/aws-sdk-go/private/protocol/restjson" +) + +const opAssociateCustomerGateway = "AssociateCustomerGateway" + +// AssociateCustomerGatewayRequest generates a "aws/request.Request" representing the +// client's request for the AssociateCustomerGateway operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See AssociateCustomerGateway for more information on using the AssociateCustomerGateway +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the AssociateCustomerGatewayRequest method. +// req, resp := client.AssociateCustomerGatewayRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/networkmanager-2019-07-05/AssociateCustomerGateway +func (c *NetworkManager) AssociateCustomerGatewayRequest(input *AssociateCustomerGatewayInput) (req *request.Request, output *AssociateCustomerGatewayOutput) { + op := &request.Operation{ + Name: opAssociateCustomerGateway, + HTTPMethod: "POST", + HTTPPath: "/global-networks/{globalNetworkId}/customer-gateway-associations", + } + + if input == nil { + input = &AssociateCustomerGatewayInput{} + } + + output = &AssociateCustomerGatewayOutput{} + req = c.newRequest(op, input, output) + return +} + +// AssociateCustomerGateway API operation for AWS Network Manager. +// +// Associates a customer gateway with a device and optionally, with a link. +// If you specify a link, it must be associated with the specified device. +// +// You can only associate customer gateways that are connected to a VPN attachment +// on a transit gateway. The transit gateway must be registered in your global +// network. When you register a transit gateway, customer gateways that are +// connected to the transit gateway are automatically included in the global +// network. To list customer gateways that are connected to a transit gateway, +// use the DescribeVpnConnections (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpnConnections.html) +// EC2 API and filter by transit-gateway-id. +// +// You cannot associate a customer gateway with more than one device and link. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Network Manager's +// API operation AssociateCustomerGateway for usage and error information. +// +// Returned Error Types: +// * ValidationException +// The input fails to satisfy the constraints. +// +// * ServiceQuotaExceededException +// A service limit was exceeded. +// +// * AccessDeniedException +// You do not have sufficient access to perform this action. +// +// * ResourceNotFoundException +// The specified resource could not be found. +// +// * ConflictException +// There was a conflict processing the request. Updating or deleting the resource +// can cause an inconsistent state. +// +// * ThrottlingException +// The request was denied due to request throttling. +// +// * InternalServerException +// The request has failed due to an internal error. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/networkmanager-2019-07-05/AssociateCustomerGateway +func (c *NetworkManager) AssociateCustomerGateway(input *AssociateCustomerGatewayInput) (*AssociateCustomerGatewayOutput, error) { + req, out := c.AssociateCustomerGatewayRequest(input) + return out, req.Send() +} + +// AssociateCustomerGatewayWithContext is the same as AssociateCustomerGateway with the addition of +// the ability to pass a context and additional request options. +// +// See AssociateCustomerGateway for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *NetworkManager) AssociateCustomerGatewayWithContext(ctx aws.Context, input *AssociateCustomerGatewayInput, opts ...request.Option) (*AssociateCustomerGatewayOutput, error) { + req, out := c.AssociateCustomerGatewayRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opAssociateLink = "AssociateLink" + +// AssociateLinkRequest generates a "aws/request.Request" representing the +// client's request for the AssociateLink operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See AssociateLink for more information on using the AssociateLink +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the AssociateLinkRequest method. +// req, resp := client.AssociateLinkRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/networkmanager-2019-07-05/AssociateLink +func (c *NetworkManager) AssociateLinkRequest(input *AssociateLinkInput) (req *request.Request, output *AssociateLinkOutput) { + op := &request.Operation{ + Name: opAssociateLink, + HTTPMethod: "POST", + HTTPPath: "/global-networks/{globalNetworkId}/link-associations", + } + + if input == nil { + input = &AssociateLinkInput{} + } + + output = &AssociateLinkOutput{} + req = c.newRequest(op, input, output) + return +} + +// AssociateLink API operation for AWS Network Manager. +// +// Associates a link to a device. A device can be associated to multiple links +// and a link can be associated to multiple devices. The device and link must +// be in the same global network and the same site. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Network Manager's +// API operation AssociateLink for usage and error information. +// +// Returned Error Types: +// * ValidationException +// The input fails to satisfy the constraints. +// +// * ServiceQuotaExceededException +// A service limit was exceeded. +// +// * AccessDeniedException +// You do not have sufficient access to perform this action. +// +// * ResourceNotFoundException +// The specified resource could not be found. +// +// * ConflictException +// There was a conflict processing the request. Updating or deleting the resource +// can cause an inconsistent state. +// +// * ThrottlingException +// The request was denied due to request throttling. +// +// * InternalServerException +// The request has failed due to an internal error. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/networkmanager-2019-07-05/AssociateLink +func (c *NetworkManager) AssociateLink(input *AssociateLinkInput) (*AssociateLinkOutput, error) { + req, out := c.AssociateLinkRequest(input) + return out, req.Send() +} + +// AssociateLinkWithContext is the same as AssociateLink with the addition of +// the ability to pass a context and additional request options. +// +// See AssociateLink for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *NetworkManager) AssociateLinkWithContext(ctx aws.Context, input *AssociateLinkInput, opts ...request.Option) (*AssociateLinkOutput, error) { + req, out := c.AssociateLinkRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opCreateDevice = "CreateDevice" + +// CreateDeviceRequest generates a "aws/request.Request" representing the +// client's request for the CreateDevice operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See CreateDevice for more information on using the CreateDevice +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the CreateDeviceRequest method. +// req, resp := client.CreateDeviceRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/networkmanager-2019-07-05/CreateDevice +func (c *NetworkManager) CreateDeviceRequest(input *CreateDeviceInput) (req *request.Request, output *CreateDeviceOutput) { + op := &request.Operation{ + Name: opCreateDevice, + HTTPMethod: "POST", + HTTPPath: "/global-networks/{globalNetworkId}/devices", + } + + if input == nil { + input = &CreateDeviceInput{} + } + + output = &CreateDeviceOutput{} + req = c.newRequest(op, input, output) + return +} + +// CreateDevice API operation for AWS Network Manager. +// +// Creates a new device in a global network. If you specify both a site ID and +// a location, the location of the site is used for visualization in the Network +// Manager console. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Network Manager's +// API operation CreateDevice for usage and error information. +// +// Returned Error Types: +// * ValidationException +// The input fails to satisfy the constraints. +// +// * ServiceQuotaExceededException +// A service limit was exceeded. +// +// * AccessDeniedException +// You do not have sufficient access to perform this action. +// +// * ResourceNotFoundException +// The specified resource could not be found. +// +// * ConflictException +// There was a conflict processing the request. Updating or deleting the resource +// can cause an inconsistent state. +// +// * ThrottlingException +// The request was denied due to request throttling. +// +// * InternalServerException +// The request has failed due to an internal error. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/networkmanager-2019-07-05/CreateDevice +func (c *NetworkManager) CreateDevice(input *CreateDeviceInput) (*CreateDeviceOutput, error) { + req, out := c.CreateDeviceRequest(input) + return out, req.Send() +} + +// CreateDeviceWithContext is the same as CreateDevice with the addition of +// the ability to pass a context and additional request options. +// +// See CreateDevice for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *NetworkManager) CreateDeviceWithContext(ctx aws.Context, input *CreateDeviceInput, opts ...request.Option) (*CreateDeviceOutput, error) { + req, out := c.CreateDeviceRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opCreateGlobalNetwork = "CreateGlobalNetwork" + +// CreateGlobalNetworkRequest generates a "aws/request.Request" representing the +// client's request for the CreateGlobalNetwork operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See CreateGlobalNetwork for more information on using the CreateGlobalNetwork +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the CreateGlobalNetworkRequest method. +// req, resp := client.CreateGlobalNetworkRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/networkmanager-2019-07-05/CreateGlobalNetwork +func (c *NetworkManager) CreateGlobalNetworkRequest(input *CreateGlobalNetworkInput) (req *request.Request, output *CreateGlobalNetworkOutput) { + op := &request.Operation{ + Name: opCreateGlobalNetwork, + HTTPMethod: "POST", + HTTPPath: "/global-networks", + } + + if input == nil { + input = &CreateGlobalNetworkInput{} + } + + output = &CreateGlobalNetworkOutput{} + req = c.newRequest(op, input, output) + return +} + +// CreateGlobalNetwork API operation for AWS Network Manager. +// +// Creates a new, empty global network. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Network Manager's +// API operation CreateGlobalNetwork for usage and error information. +// +// Returned Error Types: +// * ValidationException +// The input fails to satisfy the constraints. +// +// * ServiceQuotaExceededException +// A service limit was exceeded. +// +// * AccessDeniedException +// You do not have sufficient access to perform this action. +// +// * ConflictException +// There was a conflict processing the request. Updating or deleting the resource +// can cause an inconsistent state. +// +// * ThrottlingException +// The request was denied due to request throttling. +// +// * InternalServerException +// The request has failed due to an internal error. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/networkmanager-2019-07-05/CreateGlobalNetwork +func (c *NetworkManager) CreateGlobalNetwork(input *CreateGlobalNetworkInput) (*CreateGlobalNetworkOutput, error) { + req, out := c.CreateGlobalNetworkRequest(input) + return out, req.Send() +} + +// CreateGlobalNetworkWithContext is the same as CreateGlobalNetwork with the addition of +// the ability to pass a context and additional request options. +// +// See CreateGlobalNetwork for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *NetworkManager) CreateGlobalNetworkWithContext(ctx aws.Context, input *CreateGlobalNetworkInput, opts ...request.Option) (*CreateGlobalNetworkOutput, error) { + req, out := c.CreateGlobalNetworkRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opCreateLink = "CreateLink" + +// CreateLinkRequest generates a "aws/request.Request" representing the +// client's request for the CreateLink operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See CreateLink for more information on using the CreateLink +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the CreateLinkRequest method. +// req, resp := client.CreateLinkRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/networkmanager-2019-07-05/CreateLink +func (c *NetworkManager) CreateLinkRequest(input *CreateLinkInput) (req *request.Request, output *CreateLinkOutput) { + op := &request.Operation{ + Name: opCreateLink, + HTTPMethod: "POST", + HTTPPath: "/global-networks/{globalNetworkId}/links", + } + + if input == nil { + input = &CreateLinkInput{} + } + + output = &CreateLinkOutput{} + req = c.newRequest(op, input, output) + return +} + +// CreateLink API operation for AWS Network Manager. +// +// Creates a new link for a specified site. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Network Manager's +// API operation CreateLink for usage and error information. +// +// Returned Error Types: +// * ValidationException +// The input fails to satisfy the constraints. +// +// * ServiceQuotaExceededException +// A service limit was exceeded. +// +// * AccessDeniedException +// You do not have sufficient access to perform this action. +// +// * ResourceNotFoundException +// The specified resource could not be found. +// +// * ConflictException +// There was a conflict processing the request. Updating or deleting the resource +// can cause an inconsistent state. +// +// * ThrottlingException +// The request was denied due to request throttling. +// +// * InternalServerException +// The request has failed due to an internal error. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/networkmanager-2019-07-05/CreateLink +func (c *NetworkManager) CreateLink(input *CreateLinkInput) (*CreateLinkOutput, error) { + req, out := c.CreateLinkRequest(input) + return out, req.Send() +} + +// CreateLinkWithContext is the same as CreateLink with the addition of +// the ability to pass a context and additional request options. +// +// See CreateLink for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *NetworkManager) CreateLinkWithContext(ctx aws.Context, input *CreateLinkInput, opts ...request.Option) (*CreateLinkOutput, error) { + req, out := c.CreateLinkRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opCreateSite = "CreateSite" + +// CreateSiteRequest generates a "aws/request.Request" representing the +// client's request for the CreateSite operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See CreateSite for more information on using the CreateSite +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the CreateSiteRequest method. +// req, resp := client.CreateSiteRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/networkmanager-2019-07-05/CreateSite +func (c *NetworkManager) CreateSiteRequest(input *CreateSiteInput) (req *request.Request, output *CreateSiteOutput) { + op := &request.Operation{ + Name: opCreateSite, + HTTPMethod: "POST", + HTTPPath: "/global-networks/{globalNetworkId}/sites", + } + + if input == nil { + input = &CreateSiteInput{} + } + + output = &CreateSiteOutput{} + req = c.newRequest(op, input, output) + return +} + +// CreateSite API operation for AWS Network Manager. +// +// Creates a new site in a global network. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Network Manager's +// API operation CreateSite for usage and error information. +// +// Returned Error Types: +// * ValidationException +// The input fails to satisfy the constraints. +// +// * ServiceQuotaExceededException +// A service limit was exceeded. +// +// * AccessDeniedException +// You do not have sufficient access to perform this action. +// +// * ResourceNotFoundException +// The specified resource could not be found. +// +// * ConflictException +// There was a conflict processing the request. Updating or deleting the resource +// can cause an inconsistent state. +// +// * ThrottlingException +// The request was denied due to request throttling. +// +// * InternalServerException +// The request has failed due to an internal error. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/networkmanager-2019-07-05/CreateSite +func (c *NetworkManager) CreateSite(input *CreateSiteInput) (*CreateSiteOutput, error) { + req, out := c.CreateSiteRequest(input) + return out, req.Send() +} + +// CreateSiteWithContext is the same as CreateSite with the addition of +// the ability to pass a context and additional request options. +// +// See CreateSite for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *NetworkManager) CreateSiteWithContext(ctx aws.Context, input *CreateSiteInput, opts ...request.Option) (*CreateSiteOutput, error) { + req, out := c.CreateSiteRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opDeleteDevice = "DeleteDevice" + +// DeleteDeviceRequest generates a "aws/request.Request" representing the +// client's request for the DeleteDevice operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DeleteDevice for more information on using the DeleteDevice +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DeleteDeviceRequest method. +// req, resp := client.DeleteDeviceRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/networkmanager-2019-07-05/DeleteDevice +func (c *NetworkManager) DeleteDeviceRequest(input *DeleteDeviceInput) (req *request.Request, output *DeleteDeviceOutput) { + op := &request.Operation{ + Name: opDeleteDevice, + HTTPMethod: "DELETE", + HTTPPath: "/global-networks/{globalNetworkId}/devices/{deviceId}", + } + + if input == nil { + input = &DeleteDeviceInput{} + } + + output = &DeleteDeviceOutput{} + req = c.newRequest(op, input, output) + return +} + +// DeleteDevice API operation for AWS Network Manager. +// +// Deletes an existing device. You must first disassociate the device from any +// links and customer gateways. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Network Manager's +// API operation DeleteDevice for usage and error information. +// +// Returned Error Types: +// * ValidationException +// The input fails to satisfy the constraints. +// +// * AccessDeniedException +// You do not have sufficient access to perform this action. +// +// * ResourceNotFoundException +// The specified resource could not be found. +// +// * ConflictException +// There was a conflict processing the request. Updating or deleting the resource +// can cause an inconsistent state. +// +// * ThrottlingException +// The request was denied due to request throttling. +// +// * InternalServerException +// The request has failed due to an internal error. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/networkmanager-2019-07-05/DeleteDevice +func (c *NetworkManager) DeleteDevice(input *DeleteDeviceInput) (*DeleteDeviceOutput, error) { + req, out := c.DeleteDeviceRequest(input) + return out, req.Send() +} + +// DeleteDeviceWithContext is the same as DeleteDevice with the addition of +// the ability to pass a context and additional request options. +// +// See DeleteDevice for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *NetworkManager) DeleteDeviceWithContext(ctx aws.Context, input *DeleteDeviceInput, opts ...request.Option) (*DeleteDeviceOutput, error) { + req, out := c.DeleteDeviceRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opDeleteGlobalNetwork = "DeleteGlobalNetwork" + +// DeleteGlobalNetworkRequest generates a "aws/request.Request" representing the +// client's request for the DeleteGlobalNetwork operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DeleteGlobalNetwork for more information on using the DeleteGlobalNetwork +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DeleteGlobalNetworkRequest method. +// req, resp := client.DeleteGlobalNetworkRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/networkmanager-2019-07-05/DeleteGlobalNetwork +func (c *NetworkManager) DeleteGlobalNetworkRequest(input *DeleteGlobalNetworkInput) (req *request.Request, output *DeleteGlobalNetworkOutput) { + op := &request.Operation{ + Name: opDeleteGlobalNetwork, + HTTPMethod: "DELETE", + HTTPPath: "/global-networks/{globalNetworkId}", + } + + if input == nil { + input = &DeleteGlobalNetworkInput{} + } + + output = &DeleteGlobalNetworkOutput{} + req = c.newRequest(op, input, output) + return +} + +// DeleteGlobalNetwork API operation for AWS Network Manager. +// +// Deletes an existing global network. You must first delete all global network +// objects (devices, links, and sites) and deregister all transit gateways. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Network Manager's +// API operation DeleteGlobalNetwork for usage and error information. +// +// Returned Error Types: +// * ValidationException +// The input fails to satisfy the constraints. +// +// * AccessDeniedException +// You do not have sufficient access to perform this action. +// +// * ResourceNotFoundException +// The specified resource could not be found. +// +// * ConflictException +// There was a conflict processing the request. Updating or deleting the resource +// can cause an inconsistent state. +// +// * ThrottlingException +// The request was denied due to request throttling. +// +// * InternalServerException +// The request has failed due to an internal error. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/networkmanager-2019-07-05/DeleteGlobalNetwork +func (c *NetworkManager) DeleteGlobalNetwork(input *DeleteGlobalNetworkInput) (*DeleteGlobalNetworkOutput, error) { + req, out := c.DeleteGlobalNetworkRequest(input) + return out, req.Send() +} + +// DeleteGlobalNetworkWithContext is the same as DeleteGlobalNetwork with the addition of +// the ability to pass a context and additional request options. +// +// See DeleteGlobalNetwork for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *NetworkManager) DeleteGlobalNetworkWithContext(ctx aws.Context, input *DeleteGlobalNetworkInput, opts ...request.Option) (*DeleteGlobalNetworkOutput, error) { + req, out := c.DeleteGlobalNetworkRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opDeleteLink = "DeleteLink" + +// DeleteLinkRequest generates a "aws/request.Request" representing the +// client's request for the DeleteLink operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DeleteLink for more information on using the DeleteLink +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DeleteLinkRequest method. +// req, resp := client.DeleteLinkRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/networkmanager-2019-07-05/DeleteLink +func (c *NetworkManager) DeleteLinkRequest(input *DeleteLinkInput) (req *request.Request, output *DeleteLinkOutput) { + op := &request.Operation{ + Name: opDeleteLink, + HTTPMethod: "DELETE", + HTTPPath: "/global-networks/{globalNetworkId}/links/{linkId}", + } + + if input == nil { + input = &DeleteLinkInput{} + } + + output = &DeleteLinkOutput{} + req = c.newRequest(op, input, output) + return +} + +// DeleteLink API operation for AWS Network Manager. +// +// Deletes an existing link. You must first disassociate the link from any devices +// and customer gateways. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Network Manager's +// API operation DeleteLink for usage and error information. +// +// Returned Error Types: +// * ValidationException +// The input fails to satisfy the constraints. +// +// * AccessDeniedException +// You do not have sufficient access to perform this action. +// +// * ResourceNotFoundException +// The specified resource could not be found. +// +// * ConflictException +// There was a conflict processing the request. Updating or deleting the resource +// can cause an inconsistent state. +// +// * ThrottlingException +// The request was denied due to request throttling. +// +// * InternalServerException +// The request has failed due to an internal error. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/networkmanager-2019-07-05/DeleteLink +func (c *NetworkManager) DeleteLink(input *DeleteLinkInput) (*DeleteLinkOutput, error) { + req, out := c.DeleteLinkRequest(input) + return out, req.Send() +} + +// DeleteLinkWithContext is the same as DeleteLink with the addition of +// the ability to pass a context and additional request options. +// +// See DeleteLink for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *NetworkManager) DeleteLinkWithContext(ctx aws.Context, input *DeleteLinkInput, opts ...request.Option) (*DeleteLinkOutput, error) { + req, out := c.DeleteLinkRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opDeleteSite = "DeleteSite" + +// DeleteSiteRequest generates a "aws/request.Request" representing the +// client's request for the DeleteSite operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DeleteSite for more information on using the DeleteSite +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DeleteSiteRequest method. +// req, resp := client.DeleteSiteRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/networkmanager-2019-07-05/DeleteSite +func (c *NetworkManager) DeleteSiteRequest(input *DeleteSiteInput) (req *request.Request, output *DeleteSiteOutput) { + op := &request.Operation{ + Name: opDeleteSite, + HTTPMethod: "DELETE", + HTTPPath: "/global-networks/{globalNetworkId}/sites/{siteId}", + } + + if input == nil { + input = &DeleteSiteInput{} + } + + output = &DeleteSiteOutput{} + req = c.newRequest(op, input, output) + return +} + +// DeleteSite API operation for AWS Network Manager. +// +// Deletes an existing site. The site cannot be associated with any device or +// link. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Network Manager's +// API operation DeleteSite for usage and error information. +// +// Returned Error Types: +// * ValidationException +// The input fails to satisfy the constraints. +// +// * AccessDeniedException +// You do not have sufficient access to perform this action. +// +// * ResourceNotFoundException +// The specified resource could not be found. +// +// * ConflictException +// There was a conflict processing the request. Updating or deleting the resource +// can cause an inconsistent state. +// +// * ThrottlingException +// The request was denied due to request throttling. +// +// * InternalServerException +// The request has failed due to an internal error. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/networkmanager-2019-07-05/DeleteSite +func (c *NetworkManager) DeleteSite(input *DeleteSiteInput) (*DeleteSiteOutput, error) { + req, out := c.DeleteSiteRequest(input) + return out, req.Send() +} + +// DeleteSiteWithContext is the same as DeleteSite with the addition of +// the ability to pass a context and additional request options. +// +// See DeleteSite for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *NetworkManager) DeleteSiteWithContext(ctx aws.Context, input *DeleteSiteInput, opts ...request.Option) (*DeleteSiteOutput, error) { + req, out := c.DeleteSiteRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opDeregisterTransitGateway = "DeregisterTransitGateway" + +// DeregisterTransitGatewayRequest generates a "aws/request.Request" representing the +// client's request for the DeregisterTransitGateway operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DeregisterTransitGateway for more information on using the DeregisterTransitGateway +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DeregisterTransitGatewayRequest method. +// req, resp := client.DeregisterTransitGatewayRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/networkmanager-2019-07-05/DeregisterTransitGateway +func (c *NetworkManager) DeregisterTransitGatewayRequest(input *DeregisterTransitGatewayInput) (req *request.Request, output *DeregisterTransitGatewayOutput) { + op := &request.Operation{ + Name: opDeregisterTransitGateway, + HTTPMethod: "DELETE", + HTTPPath: "/global-networks/{globalNetworkId}/transit-gateway-registrations/{transitGatewayArn}", + } + + if input == nil { + input = &DeregisterTransitGatewayInput{} + } + + output = &DeregisterTransitGatewayOutput{} + req = c.newRequest(op, input, output) + return +} + +// DeregisterTransitGateway API operation for AWS Network Manager. +// +// Deregisters a transit gateway from your global network. This action does +// not delete your transit gateway, or modify any of its attachments. This action +// removes any customer gateway associations. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Network Manager's +// API operation DeregisterTransitGateway for usage and error information. +// +// Returned Error Types: +// * ValidationException +// The input fails to satisfy the constraints. +// +// * AccessDeniedException +// You do not have sufficient access to perform this action. +// +// * ResourceNotFoundException +// The specified resource could not be found. +// +// * ConflictException +// There was a conflict processing the request. Updating or deleting the resource +// can cause an inconsistent state. +// +// * ThrottlingException +// The request was denied due to request throttling. +// +// * InternalServerException +// The request has failed due to an internal error. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/networkmanager-2019-07-05/DeregisterTransitGateway +func (c *NetworkManager) DeregisterTransitGateway(input *DeregisterTransitGatewayInput) (*DeregisterTransitGatewayOutput, error) { + req, out := c.DeregisterTransitGatewayRequest(input) + return out, req.Send() +} + +// DeregisterTransitGatewayWithContext is the same as DeregisterTransitGateway with the addition of +// the ability to pass a context and additional request options. +// +// See DeregisterTransitGateway for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *NetworkManager) DeregisterTransitGatewayWithContext(ctx aws.Context, input *DeregisterTransitGatewayInput, opts ...request.Option) (*DeregisterTransitGatewayOutput, error) { + req, out := c.DeregisterTransitGatewayRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opDescribeGlobalNetworks = "DescribeGlobalNetworks" + +// DescribeGlobalNetworksRequest generates a "aws/request.Request" representing the +// client's request for the DescribeGlobalNetworks operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DescribeGlobalNetworks for more information on using the DescribeGlobalNetworks +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DescribeGlobalNetworksRequest method. +// req, resp := client.DescribeGlobalNetworksRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/networkmanager-2019-07-05/DescribeGlobalNetworks +func (c *NetworkManager) DescribeGlobalNetworksRequest(input *DescribeGlobalNetworksInput) (req *request.Request, output *DescribeGlobalNetworksOutput) { + op := &request.Operation{ + Name: opDescribeGlobalNetworks, + HTTPMethod: "GET", + HTTPPath: "/global-networks", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, + } + + if input == nil { + input = &DescribeGlobalNetworksInput{} + } + + output = &DescribeGlobalNetworksOutput{} + req = c.newRequest(op, input, output) + return +} + +// DescribeGlobalNetworks API operation for AWS Network Manager. +// +// Describes one or more global networks. By default, all global networks are +// described. To describe the objects in your global network, you must use the +// appropriate Get* action. For example, to list the transit gateways in your +// global network, use GetTransitGatewayRegistrations. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Network Manager's +// API operation DescribeGlobalNetworks for usage and error information. +// +// Returned Error Types: +// * ValidationException +// The input fails to satisfy the constraints. +// +// * AccessDeniedException +// You do not have sufficient access to perform this action. +// +// * ResourceNotFoundException +// The specified resource could not be found. +// +// * ThrottlingException +// The request was denied due to request throttling. +// +// * InternalServerException +// The request has failed due to an internal error. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/networkmanager-2019-07-05/DescribeGlobalNetworks +func (c *NetworkManager) DescribeGlobalNetworks(input *DescribeGlobalNetworksInput) (*DescribeGlobalNetworksOutput, error) { + req, out := c.DescribeGlobalNetworksRequest(input) + return out, req.Send() +} + +// DescribeGlobalNetworksWithContext is the same as DescribeGlobalNetworks with the addition of +// the ability to pass a context and additional request options. +// +// See DescribeGlobalNetworks for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *NetworkManager) DescribeGlobalNetworksWithContext(ctx aws.Context, input *DescribeGlobalNetworksInput, opts ...request.Option) (*DescribeGlobalNetworksOutput, error) { + req, out := c.DescribeGlobalNetworksRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +// DescribeGlobalNetworksPages iterates over the pages of a DescribeGlobalNetworks operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeGlobalNetworks method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeGlobalNetworks operation. +// pageNum := 0 +// err := client.DescribeGlobalNetworksPages(params, +// func(page *networkmanager.DescribeGlobalNetworksOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *NetworkManager) DescribeGlobalNetworksPages(input *DescribeGlobalNetworksInput, fn func(*DescribeGlobalNetworksOutput, bool) bool) error { + return c.DescribeGlobalNetworksPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeGlobalNetworksPagesWithContext same as DescribeGlobalNetworksPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *NetworkManager) DescribeGlobalNetworksPagesWithContext(ctx aws.Context, input *DescribeGlobalNetworksInput, fn func(*DescribeGlobalNetworksOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeGlobalNetworksInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeGlobalNetworksRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeGlobalNetworksOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + +const opDisassociateCustomerGateway = "DisassociateCustomerGateway" + +// DisassociateCustomerGatewayRequest generates a "aws/request.Request" representing the +// client's request for the DisassociateCustomerGateway operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DisassociateCustomerGateway for more information on using the DisassociateCustomerGateway +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DisassociateCustomerGatewayRequest method. +// req, resp := client.DisassociateCustomerGatewayRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/networkmanager-2019-07-05/DisassociateCustomerGateway +func (c *NetworkManager) DisassociateCustomerGatewayRequest(input *DisassociateCustomerGatewayInput) (req *request.Request, output *DisassociateCustomerGatewayOutput) { + op := &request.Operation{ + Name: opDisassociateCustomerGateway, + HTTPMethod: "DELETE", + HTTPPath: "/global-networks/{globalNetworkId}/customer-gateway-associations/{customerGatewayArn}", + } + + if input == nil { + input = &DisassociateCustomerGatewayInput{} + } + + output = &DisassociateCustomerGatewayOutput{} + req = c.newRequest(op, input, output) + return +} + +// DisassociateCustomerGateway API operation for AWS Network Manager. +// +// Disassociates a customer gateway from a device and a link. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Network Manager's +// API operation DisassociateCustomerGateway for usage and error information. +// +// Returned Error Types: +// * ValidationException +// The input fails to satisfy the constraints. +// +// * AccessDeniedException +// You do not have sufficient access to perform this action. +// +// * ResourceNotFoundException +// The specified resource could not be found. +// +// * ConflictException +// There was a conflict processing the request. Updating or deleting the resource +// can cause an inconsistent state. +// +// * ThrottlingException +// The request was denied due to request throttling. +// +// * InternalServerException +// The request has failed due to an internal error. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/networkmanager-2019-07-05/DisassociateCustomerGateway +func (c *NetworkManager) DisassociateCustomerGateway(input *DisassociateCustomerGatewayInput) (*DisassociateCustomerGatewayOutput, error) { + req, out := c.DisassociateCustomerGatewayRequest(input) + return out, req.Send() +} + +// DisassociateCustomerGatewayWithContext is the same as DisassociateCustomerGateway with the addition of +// the ability to pass a context and additional request options. +// +// See DisassociateCustomerGateway for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *NetworkManager) DisassociateCustomerGatewayWithContext(ctx aws.Context, input *DisassociateCustomerGatewayInput, opts ...request.Option) (*DisassociateCustomerGatewayOutput, error) { + req, out := c.DisassociateCustomerGatewayRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opDisassociateLink = "DisassociateLink" + +// DisassociateLinkRequest generates a "aws/request.Request" representing the +// client's request for the DisassociateLink operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DisassociateLink for more information on using the DisassociateLink +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DisassociateLinkRequest method. +// req, resp := client.DisassociateLinkRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/networkmanager-2019-07-05/DisassociateLink +func (c *NetworkManager) DisassociateLinkRequest(input *DisassociateLinkInput) (req *request.Request, output *DisassociateLinkOutput) { + op := &request.Operation{ + Name: opDisassociateLink, + HTTPMethod: "DELETE", + HTTPPath: "/global-networks/{globalNetworkId}/link-associations", + } + + if input == nil { + input = &DisassociateLinkInput{} + } + + output = &DisassociateLinkOutput{} + req = c.newRequest(op, input, output) + return +} + +// DisassociateLink API operation for AWS Network Manager. +// +// Disassociates an existing device from a link. You must first disassociate +// any customer gateways that are associated with the link. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Network Manager's +// API operation DisassociateLink for usage and error information. +// +// Returned Error Types: +// * ValidationException +// The input fails to satisfy the constraints. +// +// * AccessDeniedException +// You do not have sufficient access to perform this action. +// +// * ResourceNotFoundException +// The specified resource could not be found. +// +// * ConflictException +// There was a conflict processing the request. Updating or deleting the resource +// can cause an inconsistent state. +// +// * ThrottlingException +// The request was denied due to request throttling. +// +// * InternalServerException +// The request has failed due to an internal error. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/networkmanager-2019-07-05/DisassociateLink +func (c *NetworkManager) DisassociateLink(input *DisassociateLinkInput) (*DisassociateLinkOutput, error) { + req, out := c.DisassociateLinkRequest(input) + return out, req.Send() +} + +// DisassociateLinkWithContext is the same as DisassociateLink with the addition of +// the ability to pass a context and additional request options. +// +// See DisassociateLink for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *NetworkManager) DisassociateLinkWithContext(ctx aws.Context, input *DisassociateLinkInput, opts ...request.Option) (*DisassociateLinkOutput, error) { + req, out := c.DisassociateLinkRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opGetCustomerGatewayAssociations = "GetCustomerGatewayAssociations" + +// GetCustomerGatewayAssociationsRequest generates a "aws/request.Request" representing the +// client's request for the GetCustomerGatewayAssociations operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See GetCustomerGatewayAssociations for more information on using the GetCustomerGatewayAssociations +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the GetCustomerGatewayAssociationsRequest method. +// req, resp := client.GetCustomerGatewayAssociationsRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/networkmanager-2019-07-05/GetCustomerGatewayAssociations +func (c *NetworkManager) GetCustomerGatewayAssociationsRequest(input *GetCustomerGatewayAssociationsInput) (req *request.Request, output *GetCustomerGatewayAssociationsOutput) { + op := &request.Operation{ + Name: opGetCustomerGatewayAssociations, + HTTPMethod: "GET", + HTTPPath: "/global-networks/{globalNetworkId}/customer-gateway-associations", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, + } + + if input == nil { + input = &GetCustomerGatewayAssociationsInput{} + } + + output = &GetCustomerGatewayAssociationsOutput{} + req = c.newRequest(op, input, output) + return +} + +// GetCustomerGatewayAssociations API operation for AWS Network Manager. +// +// Gets the association information for customer gateways that are associated +// with devices and links in your global network. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Network Manager's +// API operation GetCustomerGatewayAssociations for usage and error information. +// +// Returned Error Types: +// * ValidationException +// The input fails to satisfy the constraints. +// +// * AccessDeniedException +// You do not have sufficient access to perform this action. +// +// * ResourceNotFoundException +// The specified resource could not be found. +// +// * ConflictException +// There was a conflict processing the request. Updating or deleting the resource +// can cause an inconsistent state. +// +// * ThrottlingException +// The request was denied due to request throttling. +// +// * InternalServerException +// The request has failed due to an internal error. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/networkmanager-2019-07-05/GetCustomerGatewayAssociations +func (c *NetworkManager) GetCustomerGatewayAssociations(input *GetCustomerGatewayAssociationsInput) (*GetCustomerGatewayAssociationsOutput, error) { + req, out := c.GetCustomerGatewayAssociationsRequest(input) + return out, req.Send() +} + +// GetCustomerGatewayAssociationsWithContext is the same as GetCustomerGatewayAssociations with the addition of +// the ability to pass a context and additional request options. +// +// See GetCustomerGatewayAssociations for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *NetworkManager) GetCustomerGatewayAssociationsWithContext(ctx aws.Context, input *GetCustomerGatewayAssociationsInput, opts ...request.Option) (*GetCustomerGatewayAssociationsOutput, error) { + req, out := c.GetCustomerGatewayAssociationsRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +// GetCustomerGatewayAssociationsPages iterates over the pages of a GetCustomerGatewayAssociations operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See GetCustomerGatewayAssociations method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a GetCustomerGatewayAssociations operation. +// pageNum := 0 +// err := client.GetCustomerGatewayAssociationsPages(params, +// func(page *networkmanager.GetCustomerGatewayAssociationsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *NetworkManager) GetCustomerGatewayAssociationsPages(input *GetCustomerGatewayAssociationsInput, fn func(*GetCustomerGatewayAssociationsOutput, bool) bool) error { + return c.GetCustomerGatewayAssociationsPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// GetCustomerGatewayAssociationsPagesWithContext same as GetCustomerGatewayAssociationsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *NetworkManager) GetCustomerGatewayAssociationsPagesWithContext(ctx aws.Context, input *GetCustomerGatewayAssociationsInput, fn func(*GetCustomerGatewayAssociationsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *GetCustomerGatewayAssociationsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.GetCustomerGatewayAssociationsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*GetCustomerGatewayAssociationsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + +const opGetDevices = "GetDevices" + +// GetDevicesRequest generates a "aws/request.Request" representing the +// client's request for the GetDevices operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See GetDevices for more information on using the GetDevices +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the GetDevicesRequest method. +// req, resp := client.GetDevicesRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/networkmanager-2019-07-05/GetDevices +func (c *NetworkManager) GetDevicesRequest(input *GetDevicesInput) (req *request.Request, output *GetDevicesOutput) { + op := &request.Operation{ + Name: opGetDevices, + HTTPMethod: "GET", + HTTPPath: "/global-networks/{globalNetworkId}/devices", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, + } + + if input == nil { + input = &GetDevicesInput{} + } + + output = &GetDevicesOutput{} + req = c.newRequest(op, input, output) + return +} + +// GetDevices API operation for AWS Network Manager. +// +// Gets information about one or more of your devices in a global network. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Network Manager's +// API operation GetDevices for usage and error information. +// +// Returned Error Types: +// * ValidationException +// The input fails to satisfy the constraints. +// +// * AccessDeniedException +// You do not have sufficient access to perform this action. +// +// * ResourceNotFoundException +// The specified resource could not be found. +// +// * ThrottlingException +// The request was denied due to request throttling. +// +// * InternalServerException +// The request has failed due to an internal error. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/networkmanager-2019-07-05/GetDevices +func (c *NetworkManager) GetDevices(input *GetDevicesInput) (*GetDevicesOutput, error) { + req, out := c.GetDevicesRequest(input) + return out, req.Send() +} + +// GetDevicesWithContext is the same as GetDevices with the addition of +// the ability to pass a context and additional request options. +// +// See GetDevices for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *NetworkManager) GetDevicesWithContext(ctx aws.Context, input *GetDevicesInput, opts ...request.Option) (*GetDevicesOutput, error) { + req, out := c.GetDevicesRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +// GetDevicesPages iterates over the pages of a GetDevices operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See GetDevices method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a GetDevices operation. +// pageNum := 0 +// err := client.GetDevicesPages(params, +// func(page *networkmanager.GetDevicesOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *NetworkManager) GetDevicesPages(input *GetDevicesInput, fn func(*GetDevicesOutput, bool) bool) error { + return c.GetDevicesPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// GetDevicesPagesWithContext same as GetDevicesPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *NetworkManager) GetDevicesPagesWithContext(ctx aws.Context, input *GetDevicesInput, fn func(*GetDevicesOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *GetDevicesInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.GetDevicesRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*GetDevicesOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + +const opGetLinkAssociations = "GetLinkAssociations" + +// GetLinkAssociationsRequest generates a "aws/request.Request" representing the +// client's request for the GetLinkAssociations operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See GetLinkAssociations for more information on using the GetLinkAssociations +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the GetLinkAssociationsRequest method. +// req, resp := client.GetLinkAssociationsRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/networkmanager-2019-07-05/GetLinkAssociations +func (c *NetworkManager) GetLinkAssociationsRequest(input *GetLinkAssociationsInput) (req *request.Request, output *GetLinkAssociationsOutput) { + op := &request.Operation{ + Name: opGetLinkAssociations, + HTTPMethod: "GET", + HTTPPath: "/global-networks/{globalNetworkId}/link-associations", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, + } + + if input == nil { + input = &GetLinkAssociationsInput{} + } + + output = &GetLinkAssociationsOutput{} + req = c.newRequest(op, input, output) + return +} + +// GetLinkAssociations API operation for AWS Network Manager. +// +// Gets the link associations for a device or a link. Either the device ID or +// the link ID must be specified. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Network Manager's +// API operation GetLinkAssociations for usage and error information. +// +// Returned Error Types: +// * ValidationException +// The input fails to satisfy the constraints. +// +// * AccessDeniedException +// You do not have sufficient access to perform this action. +// +// * ResourceNotFoundException +// The specified resource could not be found. +// +// * ThrottlingException +// The request was denied due to request throttling. +// +// * InternalServerException +// The request has failed due to an internal error. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/networkmanager-2019-07-05/GetLinkAssociations +func (c *NetworkManager) GetLinkAssociations(input *GetLinkAssociationsInput) (*GetLinkAssociationsOutput, error) { + req, out := c.GetLinkAssociationsRequest(input) + return out, req.Send() +} + +// GetLinkAssociationsWithContext is the same as GetLinkAssociations with the addition of +// the ability to pass a context and additional request options. +// +// See GetLinkAssociations for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *NetworkManager) GetLinkAssociationsWithContext(ctx aws.Context, input *GetLinkAssociationsInput, opts ...request.Option) (*GetLinkAssociationsOutput, error) { + req, out := c.GetLinkAssociationsRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +// GetLinkAssociationsPages iterates over the pages of a GetLinkAssociations operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See GetLinkAssociations method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a GetLinkAssociations operation. +// pageNum := 0 +// err := client.GetLinkAssociationsPages(params, +// func(page *networkmanager.GetLinkAssociationsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *NetworkManager) GetLinkAssociationsPages(input *GetLinkAssociationsInput, fn func(*GetLinkAssociationsOutput, bool) bool) error { + return c.GetLinkAssociationsPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// GetLinkAssociationsPagesWithContext same as GetLinkAssociationsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *NetworkManager) GetLinkAssociationsPagesWithContext(ctx aws.Context, input *GetLinkAssociationsInput, fn func(*GetLinkAssociationsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *GetLinkAssociationsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.GetLinkAssociationsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*GetLinkAssociationsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + +const opGetLinks = "GetLinks" + +// GetLinksRequest generates a "aws/request.Request" representing the +// client's request for the GetLinks operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See GetLinks for more information on using the GetLinks +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the GetLinksRequest method. +// req, resp := client.GetLinksRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/networkmanager-2019-07-05/GetLinks +func (c *NetworkManager) GetLinksRequest(input *GetLinksInput) (req *request.Request, output *GetLinksOutput) { + op := &request.Operation{ + Name: opGetLinks, + HTTPMethod: "GET", + HTTPPath: "/global-networks/{globalNetworkId}/links", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, + } + + if input == nil { + input = &GetLinksInput{} + } + + output = &GetLinksOutput{} + req = c.newRequest(op, input, output) + return +} + +// GetLinks API operation for AWS Network Manager. +// +// Gets information about one or more links in a specified global network. +// +// If you specify the site ID, you cannot specify the type or provider in the +// same request. You can specify the type and provider in the same request. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Network Manager's +// API operation GetLinks for usage and error information. +// +// Returned Error Types: +// * ValidationException +// The input fails to satisfy the constraints. +// +// * AccessDeniedException +// You do not have sufficient access to perform this action. +// +// * ResourceNotFoundException +// The specified resource could not be found. +// +// * ThrottlingException +// The request was denied due to request throttling. +// +// * InternalServerException +// The request has failed due to an internal error. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/networkmanager-2019-07-05/GetLinks +func (c *NetworkManager) GetLinks(input *GetLinksInput) (*GetLinksOutput, error) { + req, out := c.GetLinksRequest(input) + return out, req.Send() +} + +// GetLinksWithContext is the same as GetLinks with the addition of +// the ability to pass a context and additional request options. +// +// See GetLinks for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *NetworkManager) GetLinksWithContext(ctx aws.Context, input *GetLinksInput, opts ...request.Option) (*GetLinksOutput, error) { + req, out := c.GetLinksRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +// GetLinksPages iterates over the pages of a GetLinks operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See GetLinks method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a GetLinks operation. +// pageNum := 0 +// err := client.GetLinksPages(params, +// func(page *networkmanager.GetLinksOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *NetworkManager) GetLinksPages(input *GetLinksInput, fn func(*GetLinksOutput, bool) bool) error { + return c.GetLinksPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// GetLinksPagesWithContext same as GetLinksPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *NetworkManager) GetLinksPagesWithContext(ctx aws.Context, input *GetLinksInput, fn func(*GetLinksOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *GetLinksInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.GetLinksRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*GetLinksOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + +const opGetSites = "GetSites" + +// GetSitesRequest generates a "aws/request.Request" representing the +// client's request for the GetSites operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See GetSites for more information on using the GetSites +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the GetSitesRequest method. +// req, resp := client.GetSitesRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/networkmanager-2019-07-05/GetSites +func (c *NetworkManager) GetSitesRequest(input *GetSitesInput) (req *request.Request, output *GetSitesOutput) { + op := &request.Operation{ + Name: opGetSites, + HTTPMethod: "GET", + HTTPPath: "/global-networks/{globalNetworkId}/sites", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, + } + + if input == nil { + input = &GetSitesInput{} + } + + output = &GetSitesOutput{} + req = c.newRequest(op, input, output) + return +} + +// GetSites API operation for AWS Network Manager. +// +// Gets information about one or more of your sites in a global network. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Network Manager's +// API operation GetSites for usage and error information. +// +// Returned Error Types: +// * ValidationException +// The input fails to satisfy the constraints. +// +// * AccessDeniedException +// You do not have sufficient access to perform this action. +// +// * ResourceNotFoundException +// The specified resource could not be found. +// +// * ThrottlingException +// The request was denied due to request throttling. +// +// * InternalServerException +// The request has failed due to an internal error. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/networkmanager-2019-07-05/GetSites +func (c *NetworkManager) GetSites(input *GetSitesInput) (*GetSitesOutput, error) { + req, out := c.GetSitesRequest(input) + return out, req.Send() +} + +// GetSitesWithContext is the same as GetSites with the addition of +// the ability to pass a context and additional request options. +// +// See GetSites for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *NetworkManager) GetSitesWithContext(ctx aws.Context, input *GetSitesInput, opts ...request.Option) (*GetSitesOutput, error) { + req, out := c.GetSitesRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +// GetSitesPages iterates over the pages of a GetSites operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See GetSites method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a GetSites operation. +// pageNum := 0 +// err := client.GetSitesPages(params, +// func(page *networkmanager.GetSitesOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *NetworkManager) GetSitesPages(input *GetSitesInput, fn func(*GetSitesOutput, bool) bool) error { + return c.GetSitesPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// GetSitesPagesWithContext same as GetSitesPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *NetworkManager) GetSitesPagesWithContext(ctx aws.Context, input *GetSitesInput, fn func(*GetSitesOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *GetSitesInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.GetSitesRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*GetSitesOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + +const opGetTransitGatewayRegistrations = "GetTransitGatewayRegistrations" + +// GetTransitGatewayRegistrationsRequest generates a "aws/request.Request" representing the +// client's request for the GetTransitGatewayRegistrations operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See GetTransitGatewayRegistrations for more information on using the GetTransitGatewayRegistrations +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the GetTransitGatewayRegistrationsRequest method. +// req, resp := client.GetTransitGatewayRegistrationsRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/networkmanager-2019-07-05/GetTransitGatewayRegistrations +func (c *NetworkManager) GetTransitGatewayRegistrationsRequest(input *GetTransitGatewayRegistrationsInput) (req *request.Request, output *GetTransitGatewayRegistrationsOutput) { + op := &request.Operation{ + Name: opGetTransitGatewayRegistrations, + HTTPMethod: "GET", + HTTPPath: "/global-networks/{globalNetworkId}/transit-gateway-registrations", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, + } + + if input == nil { + input = &GetTransitGatewayRegistrationsInput{} + } + + output = &GetTransitGatewayRegistrationsOutput{} + req = c.newRequest(op, input, output) + return +} + +// GetTransitGatewayRegistrations API operation for AWS Network Manager. +// +// Gets information about the transit gateway registrations in a specified global +// network. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Network Manager's +// API operation GetTransitGatewayRegistrations for usage and error information. +// +// Returned Error Types: +// * ValidationException +// The input fails to satisfy the constraints. +// +// * AccessDeniedException +// You do not have sufficient access to perform this action. +// +// * ResourceNotFoundException +// The specified resource could not be found. +// +// * ThrottlingException +// The request was denied due to request throttling. +// +// * InternalServerException +// The request has failed due to an internal error. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/networkmanager-2019-07-05/GetTransitGatewayRegistrations +func (c *NetworkManager) GetTransitGatewayRegistrations(input *GetTransitGatewayRegistrationsInput) (*GetTransitGatewayRegistrationsOutput, error) { + req, out := c.GetTransitGatewayRegistrationsRequest(input) + return out, req.Send() +} + +// GetTransitGatewayRegistrationsWithContext is the same as GetTransitGatewayRegistrations with the addition of +// the ability to pass a context and additional request options. +// +// See GetTransitGatewayRegistrations for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *NetworkManager) GetTransitGatewayRegistrationsWithContext(ctx aws.Context, input *GetTransitGatewayRegistrationsInput, opts ...request.Option) (*GetTransitGatewayRegistrationsOutput, error) { + req, out := c.GetTransitGatewayRegistrationsRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +// GetTransitGatewayRegistrationsPages iterates over the pages of a GetTransitGatewayRegistrations operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See GetTransitGatewayRegistrations method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a GetTransitGatewayRegistrations operation. +// pageNum := 0 +// err := client.GetTransitGatewayRegistrationsPages(params, +// func(page *networkmanager.GetTransitGatewayRegistrationsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *NetworkManager) GetTransitGatewayRegistrationsPages(input *GetTransitGatewayRegistrationsInput, fn func(*GetTransitGatewayRegistrationsOutput, bool) bool) error { + return c.GetTransitGatewayRegistrationsPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// GetTransitGatewayRegistrationsPagesWithContext same as GetTransitGatewayRegistrationsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *NetworkManager) GetTransitGatewayRegistrationsPagesWithContext(ctx aws.Context, input *GetTransitGatewayRegistrationsInput, fn func(*GetTransitGatewayRegistrationsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *GetTransitGatewayRegistrationsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.GetTransitGatewayRegistrationsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*GetTransitGatewayRegistrationsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + +const opListTagsForResource = "ListTagsForResource" + +// ListTagsForResourceRequest generates a "aws/request.Request" representing the +// client's request for the ListTagsForResource operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See ListTagsForResource for more information on using the ListTagsForResource +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the ListTagsForResourceRequest method. +// req, resp := client.ListTagsForResourceRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/networkmanager-2019-07-05/ListTagsForResource +func (c *NetworkManager) ListTagsForResourceRequest(input *ListTagsForResourceInput) (req *request.Request, output *ListTagsForResourceOutput) { + op := &request.Operation{ + Name: opListTagsForResource, + HTTPMethod: "GET", + HTTPPath: "/tags/{resourceArn}", + } + + if input == nil { + input = &ListTagsForResourceInput{} + } + + output = &ListTagsForResourceOutput{} + req = c.newRequest(op, input, output) + return +} + +// ListTagsForResource API operation for AWS Network Manager. +// +// Lists the tags for a specified resource. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Network Manager's +// API operation ListTagsForResource for usage and error information. +// +// Returned Error Types: +// * ValidationException +// The input fails to satisfy the constraints. +// +// * AccessDeniedException +// You do not have sufficient access to perform this action. +// +// * ResourceNotFoundException +// The specified resource could not be found. +// +// * ThrottlingException +// The request was denied due to request throttling. +// +// * InternalServerException +// The request has failed due to an internal error. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/networkmanager-2019-07-05/ListTagsForResource +func (c *NetworkManager) ListTagsForResource(input *ListTagsForResourceInput) (*ListTagsForResourceOutput, error) { + req, out := c.ListTagsForResourceRequest(input) + return out, req.Send() +} + +// ListTagsForResourceWithContext is the same as ListTagsForResource with the addition of +// the ability to pass a context and additional request options. +// +// See ListTagsForResource for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *NetworkManager) ListTagsForResourceWithContext(ctx aws.Context, input *ListTagsForResourceInput, opts ...request.Option) (*ListTagsForResourceOutput, error) { + req, out := c.ListTagsForResourceRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opRegisterTransitGateway = "RegisterTransitGateway" + +// RegisterTransitGatewayRequest generates a "aws/request.Request" representing the +// client's request for the RegisterTransitGateway operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See RegisterTransitGateway for more information on using the RegisterTransitGateway +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the RegisterTransitGatewayRequest method. +// req, resp := client.RegisterTransitGatewayRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/networkmanager-2019-07-05/RegisterTransitGateway +func (c *NetworkManager) RegisterTransitGatewayRequest(input *RegisterTransitGatewayInput) (req *request.Request, output *RegisterTransitGatewayOutput) { + op := &request.Operation{ + Name: opRegisterTransitGateway, + HTTPMethod: "POST", + HTTPPath: "/global-networks/{globalNetworkId}/transit-gateway-registrations", + } + + if input == nil { + input = &RegisterTransitGatewayInput{} + } + + output = &RegisterTransitGatewayOutput{} + req = c.newRequest(op, input, output) + return +} + +// RegisterTransitGateway API operation for AWS Network Manager. +// +// Registers a transit gateway in your global network. The transit gateway can +// be in any AWS Region, but it must be owned by the same AWS account that owns +// the global network. You cannot register a transit gateway in more than one +// global network. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Network Manager's +// API operation RegisterTransitGateway for usage and error information. +// +// Returned Error Types: +// * ValidationException +// The input fails to satisfy the constraints. +// +// * AccessDeniedException +// You do not have sufficient access to perform this action. +// +// * ResourceNotFoundException +// The specified resource could not be found. +// +// * ConflictException +// There was a conflict processing the request. Updating or deleting the resource +// can cause an inconsistent state. +// +// * ThrottlingException +// The request was denied due to request throttling. +// +// * InternalServerException +// The request has failed due to an internal error. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/networkmanager-2019-07-05/RegisterTransitGateway +func (c *NetworkManager) RegisterTransitGateway(input *RegisterTransitGatewayInput) (*RegisterTransitGatewayOutput, error) { + req, out := c.RegisterTransitGatewayRequest(input) + return out, req.Send() +} + +// RegisterTransitGatewayWithContext is the same as RegisterTransitGateway with the addition of +// the ability to pass a context and additional request options. +// +// See RegisterTransitGateway for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *NetworkManager) RegisterTransitGatewayWithContext(ctx aws.Context, input *RegisterTransitGatewayInput, opts ...request.Option) (*RegisterTransitGatewayOutput, error) { + req, out := c.RegisterTransitGatewayRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opTagResource = "TagResource" + +// TagResourceRequest generates a "aws/request.Request" representing the +// client's request for the TagResource operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See TagResource for more information on using the TagResource +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the TagResourceRequest method. +// req, resp := client.TagResourceRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/networkmanager-2019-07-05/TagResource +func (c *NetworkManager) TagResourceRequest(input *TagResourceInput) (req *request.Request, output *TagResourceOutput) { + op := &request.Operation{ + Name: opTagResource, + HTTPMethod: "POST", + HTTPPath: "/tags/{resourceArn}", + } + + if input == nil { + input = &TagResourceInput{} + } + + output = &TagResourceOutput{} + req = c.newRequest(op, input, output) + req.Handlers.Unmarshal.Swap(restjson.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) + return +} + +// TagResource API operation for AWS Network Manager. +// +// Tags a specified resource. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Network Manager's +// API operation TagResource for usage and error information. +// +// Returned Error Types: +// * ValidationException +// The input fails to satisfy the constraints. +// +// * ServiceQuotaExceededException +// A service limit was exceeded. +// +// * AccessDeniedException +// You do not have sufficient access to perform this action. +// +// * ResourceNotFoundException +// The specified resource could not be found. +// +// * ConflictException +// There was a conflict processing the request. Updating or deleting the resource +// can cause an inconsistent state. +// +// * ThrottlingException +// The request was denied due to request throttling. +// +// * InternalServerException +// The request has failed due to an internal error. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/networkmanager-2019-07-05/TagResource +func (c *NetworkManager) TagResource(input *TagResourceInput) (*TagResourceOutput, error) { + req, out := c.TagResourceRequest(input) + return out, req.Send() +} + +// TagResourceWithContext is the same as TagResource with the addition of +// the ability to pass a context and additional request options. +// +// See TagResource for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *NetworkManager) TagResourceWithContext(ctx aws.Context, input *TagResourceInput, opts ...request.Option) (*TagResourceOutput, error) { + req, out := c.TagResourceRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opUntagResource = "UntagResource" + +// UntagResourceRequest generates a "aws/request.Request" representing the +// client's request for the UntagResource operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See UntagResource for more information on using the UntagResource +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the UntagResourceRequest method. +// req, resp := client.UntagResourceRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/networkmanager-2019-07-05/UntagResource +func (c *NetworkManager) UntagResourceRequest(input *UntagResourceInput) (req *request.Request, output *UntagResourceOutput) { + op := &request.Operation{ + Name: opUntagResource, + HTTPMethod: "DELETE", + HTTPPath: "/tags/{resourceArn}", + } + + if input == nil { + input = &UntagResourceInput{} + } + + output = &UntagResourceOutput{} + req = c.newRequest(op, input, output) + req.Handlers.Unmarshal.Swap(restjson.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) + return +} + +// UntagResource API operation for AWS Network Manager. +// +// Removes tags from a specified resource. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Network Manager's +// API operation UntagResource for usage and error information. +// +// Returned Error Types: +// * ValidationException +// The input fails to satisfy the constraints. +// +// * AccessDeniedException +// You do not have sufficient access to perform this action. +// +// * ResourceNotFoundException +// The specified resource could not be found. +// +// * ConflictException +// There was a conflict processing the request. Updating or deleting the resource +// can cause an inconsistent state. +// +// * ThrottlingException +// The request was denied due to request throttling. +// +// * InternalServerException +// The request has failed due to an internal error. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/networkmanager-2019-07-05/UntagResource +func (c *NetworkManager) UntagResource(input *UntagResourceInput) (*UntagResourceOutput, error) { + req, out := c.UntagResourceRequest(input) + return out, req.Send() +} + +// UntagResourceWithContext is the same as UntagResource with the addition of +// the ability to pass a context and additional request options. +// +// See UntagResource for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *NetworkManager) UntagResourceWithContext(ctx aws.Context, input *UntagResourceInput, opts ...request.Option) (*UntagResourceOutput, error) { + req, out := c.UntagResourceRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opUpdateDevice = "UpdateDevice" + +// UpdateDeviceRequest generates a "aws/request.Request" representing the +// client's request for the UpdateDevice operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See UpdateDevice for more information on using the UpdateDevice +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the UpdateDeviceRequest method. +// req, resp := client.UpdateDeviceRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/networkmanager-2019-07-05/UpdateDevice +func (c *NetworkManager) UpdateDeviceRequest(input *UpdateDeviceInput) (req *request.Request, output *UpdateDeviceOutput) { + op := &request.Operation{ + Name: opUpdateDevice, + HTTPMethod: "PATCH", + HTTPPath: "/global-networks/{globalNetworkId}/devices/{deviceId}", + } + + if input == nil { + input = &UpdateDeviceInput{} + } + + output = &UpdateDeviceOutput{} + req = c.newRequest(op, input, output) + return +} + +// UpdateDevice API operation for AWS Network Manager. +// +// Updates the details for an existing device. To remove information for any +// of the parameters, specify an empty string. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Network Manager's +// API operation UpdateDevice for usage and error information. +// +// Returned Error Types: +// * ValidationException +// The input fails to satisfy the constraints. +// +// * AccessDeniedException +// You do not have sufficient access to perform this action. +// +// * ResourceNotFoundException +// The specified resource could not be found. +// +// * ConflictException +// There was a conflict processing the request. Updating or deleting the resource +// can cause an inconsistent state. +// +// * ThrottlingException +// The request was denied due to request throttling. +// +// * InternalServerException +// The request has failed due to an internal error. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/networkmanager-2019-07-05/UpdateDevice +func (c *NetworkManager) UpdateDevice(input *UpdateDeviceInput) (*UpdateDeviceOutput, error) { + req, out := c.UpdateDeviceRequest(input) + return out, req.Send() +} + +// UpdateDeviceWithContext is the same as UpdateDevice with the addition of +// the ability to pass a context and additional request options. +// +// See UpdateDevice for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *NetworkManager) UpdateDeviceWithContext(ctx aws.Context, input *UpdateDeviceInput, opts ...request.Option) (*UpdateDeviceOutput, error) { + req, out := c.UpdateDeviceRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opUpdateGlobalNetwork = "UpdateGlobalNetwork" + +// UpdateGlobalNetworkRequest generates a "aws/request.Request" representing the +// client's request for the UpdateGlobalNetwork operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See UpdateGlobalNetwork for more information on using the UpdateGlobalNetwork +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the UpdateGlobalNetworkRequest method. +// req, resp := client.UpdateGlobalNetworkRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/networkmanager-2019-07-05/UpdateGlobalNetwork +func (c *NetworkManager) UpdateGlobalNetworkRequest(input *UpdateGlobalNetworkInput) (req *request.Request, output *UpdateGlobalNetworkOutput) { + op := &request.Operation{ + Name: opUpdateGlobalNetwork, + HTTPMethod: "PATCH", + HTTPPath: "/global-networks/{globalNetworkId}", + } + + if input == nil { + input = &UpdateGlobalNetworkInput{} + } + + output = &UpdateGlobalNetworkOutput{} + req = c.newRequest(op, input, output) + return +} + +// UpdateGlobalNetwork API operation for AWS Network Manager. +// +// Updates an existing global network. To remove information for any of the +// parameters, specify an empty string. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Network Manager's +// API operation UpdateGlobalNetwork for usage and error information. +// +// Returned Error Types: +// * ValidationException +// The input fails to satisfy the constraints. +// +// * AccessDeniedException +// You do not have sufficient access to perform this action. +// +// * ResourceNotFoundException +// The specified resource could not be found. +// +// * ConflictException +// There was a conflict processing the request. Updating or deleting the resource +// can cause an inconsistent state. +// +// * ThrottlingException +// The request was denied due to request throttling. +// +// * InternalServerException +// The request has failed due to an internal error. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/networkmanager-2019-07-05/UpdateGlobalNetwork +func (c *NetworkManager) UpdateGlobalNetwork(input *UpdateGlobalNetworkInput) (*UpdateGlobalNetworkOutput, error) { + req, out := c.UpdateGlobalNetworkRequest(input) + return out, req.Send() +} + +// UpdateGlobalNetworkWithContext is the same as UpdateGlobalNetwork with the addition of +// the ability to pass a context and additional request options. +// +// See UpdateGlobalNetwork for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *NetworkManager) UpdateGlobalNetworkWithContext(ctx aws.Context, input *UpdateGlobalNetworkInput, opts ...request.Option) (*UpdateGlobalNetworkOutput, error) { + req, out := c.UpdateGlobalNetworkRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opUpdateLink = "UpdateLink" + +// UpdateLinkRequest generates a "aws/request.Request" representing the +// client's request for the UpdateLink operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See UpdateLink for more information on using the UpdateLink +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the UpdateLinkRequest method. +// req, resp := client.UpdateLinkRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/networkmanager-2019-07-05/UpdateLink +func (c *NetworkManager) UpdateLinkRequest(input *UpdateLinkInput) (req *request.Request, output *UpdateLinkOutput) { + op := &request.Operation{ + Name: opUpdateLink, + HTTPMethod: "PATCH", + HTTPPath: "/global-networks/{globalNetworkId}/links/{linkId}", + } + + if input == nil { + input = &UpdateLinkInput{} + } + + output = &UpdateLinkOutput{} + req = c.newRequest(op, input, output) + return +} + +// UpdateLink API operation for AWS Network Manager. +// +// Updates the details for an existing link. To remove information for any of +// the parameters, specify an empty string. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Network Manager's +// API operation UpdateLink for usage and error information. +// +// Returned Error Types: +// * ValidationException +// The input fails to satisfy the constraints. +// +// * ServiceQuotaExceededException +// A service limit was exceeded. +// +// * AccessDeniedException +// You do not have sufficient access to perform this action. +// +// * ResourceNotFoundException +// The specified resource could not be found. +// +// * ConflictException +// There was a conflict processing the request. Updating or deleting the resource +// can cause an inconsistent state. +// +// * ThrottlingException +// The request was denied due to request throttling. +// +// * InternalServerException +// The request has failed due to an internal error. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/networkmanager-2019-07-05/UpdateLink +func (c *NetworkManager) UpdateLink(input *UpdateLinkInput) (*UpdateLinkOutput, error) { + req, out := c.UpdateLinkRequest(input) + return out, req.Send() +} + +// UpdateLinkWithContext is the same as UpdateLink with the addition of +// the ability to pass a context and additional request options. +// +// See UpdateLink for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *NetworkManager) UpdateLinkWithContext(ctx aws.Context, input *UpdateLinkInput, opts ...request.Option) (*UpdateLinkOutput, error) { + req, out := c.UpdateLinkRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opUpdateSite = "UpdateSite" + +// UpdateSiteRequest generates a "aws/request.Request" representing the +// client's request for the UpdateSite operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See UpdateSite for more information on using the UpdateSite +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the UpdateSiteRequest method. +// req, resp := client.UpdateSiteRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/networkmanager-2019-07-05/UpdateSite +func (c *NetworkManager) UpdateSiteRequest(input *UpdateSiteInput) (req *request.Request, output *UpdateSiteOutput) { + op := &request.Operation{ + Name: opUpdateSite, + HTTPMethod: "PATCH", + HTTPPath: "/global-networks/{globalNetworkId}/sites/{siteId}", + } + + if input == nil { + input = &UpdateSiteInput{} + } + + output = &UpdateSiteOutput{} + req = c.newRequest(op, input, output) + return +} + +// UpdateSite API operation for AWS Network Manager. +// +// Updates the information for an existing site. To remove information for any +// of the parameters, specify an empty string. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Network Manager's +// API operation UpdateSite for usage and error information. +// +// Returned Error Types: +// * ValidationException +// The input fails to satisfy the constraints. +// +// * AccessDeniedException +// You do not have sufficient access to perform this action. +// +// * ResourceNotFoundException +// The specified resource could not be found. +// +// * ConflictException +// There was a conflict processing the request. Updating or deleting the resource +// can cause an inconsistent state. +// +// * ThrottlingException +// The request was denied due to request throttling. +// +// * InternalServerException +// The request has failed due to an internal error. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/networkmanager-2019-07-05/UpdateSite +func (c *NetworkManager) UpdateSite(input *UpdateSiteInput) (*UpdateSiteOutput, error) { + req, out := c.UpdateSiteRequest(input) + return out, req.Send() +} + +// UpdateSiteWithContext is the same as UpdateSite with the addition of +// the ability to pass a context and additional request options. +// +// See UpdateSite for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *NetworkManager) UpdateSiteWithContext(ctx aws.Context, input *UpdateSiteInput, opts ...request.Option) (*UpdateSiteOutput, error) { + req, out := c.UpdateSiteRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +// You do not have sufficient access to perform this action. +type AccessDeniedException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + Message_ *string `locationName:"Message" type:"string"` +} + +// String returns the string representation +func (s AccessDeniedException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s AccessDeniedException) GoString() string { + return s.String() +} + +func newErrorAccessDeniedException(v protocol.ResponseMetadata) error { + return &AccessDeniedException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. +func (s *AccessDeniedException) Code() string { + return "AccessDeniedException" +} + +// Message returns the exception's message. +func (s *AccessDeniedException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *AccessDeniedException) OrigErr() error { + return nil +} + +func (s *AccessDeniedException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *AccessDeniedException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *AccessDeniedException) RequestID() string { + return s.RespMetadata.RequestID +} + +type AssociateCustomerGatewayInput struct { + _ struct{} `type:"structure"` + + // The Amazon Resource Name (ARN) of the customer gateway. For more information, + // see Resources Defined by Amazon EC2 (https://docs.aws.amazon.com/IAM/latest/UserGuide/list_amazonec2.html#amazonec2-resources-for-iam-policies). + // + // CustomerGatewayArn is a required field + CustomerGatewayArn *string `type:"string" required:"true"` + + // The ID of the device. + // + // DeviceId is a required field + DeviceId *string `type:"string" required:"true"` + + // The ID of the global network. + // + // GlobalNetworkId is a required field + GlobalNetworkId *string `location:"uri" locationName:"globalNetworkId" type:"string" required:"true"` + + // The ID of the link. + LinkId *string `type:"string"` +} + +// String returns the string representation +func (s AssociateCustomerGatewayInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s AssociateCustomerGatewayInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *AssociateCustomerGatewayInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "AssociateCustomerGatewayInput"} + if s.CustomerGatewayArn == nil { + invalidParams.Add(request.NewErrParamRequired("CustomerGatewayArn")) + } + if s.DeviceId == nil { + invalidParams.Add(request.NewErrParamRequired("DeviceId")) + } + if s.GlobalNetworkId == nil { + invalidParams.Add(request.NewErrParamRequired("GlobalNetworkId")) + } + if s.GlobalNetworkId != nil && len(*s.GlobalNetworkId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("GlobalNetworkId", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetCustomerGatewayArn sets the CustomerGatewayArn field's value. +func (s *AssociateCustomerGatewayInput) SetCustomerGatewayArn(v string) *AssociateCustomerGatewayInput { + s.CustomerGatewayArn = &v + return s +} + +// SetDeviceId sets the DeviceId field's value. +func (s *AssociateCustomerGatewayInput) SetDeviceId(v string) *AssociateCustomerGatewayInput { + s.DeviceId = &v + return s +} + +// SetGlobalNetworkId sets the GlobalNetworkId field's value. +func (s *AssociateCustomerGatewayInput) SetGlobalNetworkId(v string) *AssociateCustomerGatewayInput { + s.GlobalNetworkId = &v + return s +} + +// SetLinkId sets the LinkId field's value. +func (s *AssociateCustomerGatewayInput) SetLinkId(v string) *AssociateCustomerGatewayInput { + s.LinkId = &v + return s +} + +type AssociateCustomerGatewayOutput struct { + _ struct{} `type:"structure"` + + // The customer gateway association. + CustomerGatewayAssociation *CustomerGatewayAssociation `type:"structure"` +} + +// String returns the string representation +func (s AssociateCustomerGatewayOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s AssociateCustomerGatewayOutput) GoString() string { + return s.String() +} + +// SetCustomerGatewayAssociation sets the CustomerGatewayAssociation field's value. +func (s *AssociateCustomerGatewayOutput) SetCustomerGatewayAssociation(v *CustomerGatewayAssociation) *AssociateCustomerGatewayOutput { + s.CustomerGatewayAssociation = v + return s +} + +type AssociateLinkInput struct { + _ struct{} `type:"structure"` + + // The ID of the device. + // + // DeviceId is a required field + DeviceId *string `type:"string" required:"true"` + + // The ID of the global network. + // + // GlobalNetworkId is a required field + GlobalNetworkId *string `location:"uri" locationName:"globalNetworkId" type:"string" required:"true"` + + // The ID of the link. + // + // LinkId is a required field + LinkId *string `type:"string" required:"true"` +} + +// String returns the string representation +func (s AssociateLinkInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s AssociateLinkInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *AssociateLinkInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "AssociateLinkInput"} + if s.DeviceId == nil { + invalidParams.Add(request.NewErrParamRequired("DeviceId")) + } + if s.GlobalNetworkId == nil { + invalidParams.Add(request.NewErrParamRequired("GlobalNetworkId")) + } + if s.GlobalNetworkId != nil && len(*s.GlobalNetworkId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("GlobalNetworkId", 1)) + } + if s.LinkId == nil { + invalidParams.Add(request.NewErrParamRequired("LinkId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDeviceId sets the DeviceId field's value. +func (s *AssociateLinkInput) SetDeviceId(v string) *AssociateLinkInput { + s.DeviceId = &v + return s +} + +// SetGlobalNetworkId sets the GlobalNetworkId field's value. +func (s *AssociateLinkInput) SetGlobalNetworkId(v string) *AssociateLinkInput { + s.GlobalNetworkId = &v + return s +} + +// SetLinkId sets the LinkId field's value. +func (s *AssociateLinkInput) SetLinkId(v string) *AssociateLinkInput { + s.LinkId = &v + return s +} + +type AssociateLinkOutput struct { + _ struct{} `type:"structure"` + + // The link association. + LinkAssociation *LinkAssociation `type:"structure"` +} + +// String returns the string representation +func (s AssociateLinkOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s AssociateLinkOutput) GoString() string { + return s.String() +} + +// SetLinkAssociation sets the LinkAssociation field's value. +func (s *AssociateLinkOutput) SetLinkAssociation(v *LinkAssociation) *AssociateLinkOutput { + s.LinkAssociation = v + return s +} + +// Describes bandwidth information. +type Bandwidth struct { + _ struct{} `type:"structure"` + + // Download speed in Mbps. + DownloadSpeed *int64 `type:"integer"` + + // Upload speed in Mbps. + UploadSpeed *int64 `type:"integer"` +} + +// String returns the string representation +func (s Bandwidth) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s Bandwidth) GoString() string { + return s.String() +} + +// SetDownloadSpeed sets the DownloadSpeed field's value. +func (s *Bandwidth) SetDownloadSpeed(v int64) *Bandwidth { + s.DownloadSpeed = &v + return s +} + +// SetUploadSpeed sets the UploadSpeed field's value. +func (s *Bandwidth) SetUploadSpeed(v int64) *Bandwidth { + s.UploadSpeed = &v + return s +} + +// There was a conflict processing the request. Updating or deleting the resource +// can cause an inconsistent state. +type ConflictException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + Message_ *string `locationName:"Message" type:"string"` + + // The ID of the resource. + // + // ResourceId is a required field + ResourceId *string `type:"string" required:"true"` + + // The resource type. + // + // ResourceType is a required field + ResourceType *string `type:"string" required:"true"` +} + +// String returns the string representation +func (s ConflictException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ConflictException) GoString() string { + return s.String() +} + +func newErrorConflictException(v protocol.ResponseMetadata) error { + return &ConflictException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. +func (s *ConflictException) Code() string { + return "ConflictException" +} + +// Message returns the exception's message. +func (s *ConflictException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *ConflictException) OrigErr() error { + return nil +} + +func (s *ConflictException) Error() string { + return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *ConflictException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *ConflictException) RequestID() string { + return s.RespMetadata.RequestID +} + +type CreateDeviceInput struct { + _ struct{} `type:"structure"` + + // A description of the device. + // + // Length Constraints: Maximum length of 256 characters. + Description *string `type:"string"` + + // The ID of the global network. + // + // GlobalNetworkId is a required field + GlobalNetworkId *string `location:"uri" locationName:"globalNetworkId" type:"string" required:"true"` + + // The location of the device. + Location *Location `type:"structure"` + + // The model of the device. + // + // Length Constraints: Maximum length of 128 characters. + Model *string `type:"string"` + + // The serial number of the device. + // + // Length Constraints: Maximum length of 128 characters. + SerialNumber *string `type:"string"` + + // The ID of the site. + SiteId *string `type:"string"` + + // The tags to apply to the resource during creation. + Tags []*Tag `type:"list"` + + // The type of the device. + Type *string `type:"string"` + + // The vendor of the device. + // + // Length Constraints: Maximum length of 128 characters. + Vendor *string `type:"string"` +} + +// String returns the string representation +func (s CreateDeviceInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s CreateDeviceInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *CreateDeviceInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "CreateDeviceInput"} + if s.GlobalNetworkId == nil { + invalidParams.Add(request.NewErrParamRequired("GlobalNetworkId")) + } + if s.GlobalNetworkId != nil && len(*s.GlobalNetworkId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("GlobalNetworkId", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDescription sets the Description field's value. +func (s *CreateDeviceInput) SetDescription(v string) *CreateDeviceInput { + s.Description = &v + return s +} + +// SetGlobalNetworkId sets the GlobalNetworkId field's value. +func (s *CreateDeviceInput) SetGlobalNetworkId(v string) *CreateDeviceInput { + s.GlobalNetworkId = &v + return s +} + +// SetLocation sets the Location field's value. +func (s *CreateDeviceInput) SetLocation(v *Location) *CreateDeviceInput { + s.Location = v + return s +} + +// SetModel sets the Model field's value. +func (s *CreateDeviceInput) SetModel(v string) *CreateDeviceInput { + s.Model = &v + return s +} + +// SetSerialNumber sets the SerialNumber field's value. +func (s *CreateDeviceInput) SetSerialNumber(v string) *CreateDeviceInput { + s.SerialNumber = &v + return s +} + +// SetSiteId sets the SiteId field's value. +func (s *CreateDeviceInput) SetSiteId(v string) *CreateDeviceInput { + s.SiteId = &v + return s +} + +// SetTags sets the Tags field's value. +func (s *CreateDeviceInput) SetTags(v []*Tag) *CreateDeviceInput { + s.Tags = v + return s +} + +// SetType sets the Type field's value. +func (s *CreateDeviceInput) SetType(v string) *CreateDeviceInput { + s.Type = &v + return s +} + +// SetVendor sets the Vendor field's value. +func (s *CreateDeviceInput) SetVendor(v string) *CreateDeviceInput { + s.Vendor = &v + return s +} + +type CreateDeviceOutput struct { + _ struct{} `type:"structure"` + + // Information about the device. + Device *Device `type:"structure"` +} + +// String returns the string representation +func (s CreateDeviceOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s CreateDeviceOutput) GoString() string { + return s.String() +} + +// SetDevice sets the Device field's value. +func (s *CreateDeviceOutput) SetDevice(v *Device) *CreateDeviceOutput { + s.Device = v + return s +} + +type CreateGlobalNetworkInput struct { + _ struct{} `type:"structure"` + + // A description of the global network. + // + // Length Constraints: Maximum length of 256 characters. + Description *string `type:"string"` + + // The tags to apply to the resource during creation. + Tags []*Tag `type:"list"` +} + +// String returns the string representation +func (s CreateGlobalNetworkInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s CreateGlobalNetworkInput) GoString() string { + return s.String() +} + +// SetDescription sets the Description field's value. +func (s *CreateGlobalNetworkInput) SetDescription(v string) *CreateGlobalNetworkInput { + s.Description = &v + return s +} + +// SetTags sets the Tags field's value. +func (s *CreateGlobalNetworkInput) SetTags(v []*Tag) *CreateGlobalNetworkInput { + s.Tags = v + return s +} + +type CreateGlobalNetworkOutput struct { + _ struct{} `type:"structure"` + + // Information about the global network object. + GlobalNetwork *GlobalNetwork `type:"structure"` +} + +// String returns the string representation +func (s CreateGlobalNetworkOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s CreateGlobalNetworkOutput) GoString() string { + return s.String() +} + +// SetGlobalNetwork sets the GlobalNetwork field's value. +func (s *CreateGlobalNetworkOutput) SetGlobalNetwork(v *GlobalNetwork) *CreateGlobalNetworkOutput { + s.GlobalNetwork = v + return s +} + +type CreateLinkInput struct { + _ struct{} `type:"structure"` + + // The upload speed and download speed in Mbps. + // + // Bandwidth is a required field + Bandwidth *Bandwidth `type:"structure" required:"true"` + + // A description of the link. + // + // Length Constraints: Maximum length of 256 characters. + Description *string `type:"string"` + + // The ID of the global network. + // + // GlobalNetworkId is a required field + GlobalNetworkId *string `location:"uri" locationName:"globalNetworkId" type:"string" required:"true"` + + // The provider of the link. + // + // Constraints: Cannot include the following characters: | \ ^ + // + // Length Constraints: Maximum length of 128 characters. + Provider *string `type:"string"` + + // The ID of the site. + // + // SiteId is a required field + SiteId *string `type:"string" required:"true"` + + // The tags to apply to the resource during creation. + Tags []*Tag `type:"list"` + + // The type of the link. + // + // Constraints: Cannot include the following characters: | \ ^ + // + // Length Constraints: Maximum length of 128 characters. + Type *string `type:"string"` +} + +// String returns the string representation +func (s CreateLinkInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s CreateLinkInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *CreateLinkInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "CreateLinkInput"} + if s.Bandwidth == nil { + invalidParams.Add(request.NewErrParamRequired("Bandwidth")) + } + if s.GlobalNetworkId == nil { + invalidParams.Add(request.NewErrParamRequired("GlobalNetworkId")) + } + if s.GlobalNetworkId != nil && len(*s.GlobalNetworkId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("GlobalNetworkId", 1)) + } + if s.SiteId == nil { + invalidParams.Add(request.NewErrParamRequired("SiteId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetBandwidth sets the Bandwidth field's value. +func (s *CreateLinkInput) SetBandwidth(v *Bandwidth) *CreateLinkInput { + s.Bandwidth = v + return s +} + +// SetDescription sets the Description field's value. +func (s *CreateLinkInput) SetDescription(v string) *CreateLinkInput { + s.Description = &v + return s +} + +// SetGlobalNetworkId sets the GlobalNetworkId field's value. +func (s *CreateLinkInput) SetGlobalNetworkId(v string) *CreateLinkInput { + s.GlobalNetworkId = &v + return s +} + +// SetProvider sets the Provider field's value. +func (s *CreateLinkInput) SetProvider(v string) *CreateLinkInput { + s.Provider = &v + return s +} + +// SetSiteId sets the SiteId field's value. +func (s *CreateLinkInput) SetSiteId(v string) *CreateLinkInput { + s.SiteId = &v + return s +} + +// SetTags sets the Tags field's value. +func (s *CreateLinkInput) SetTags(v []*Tag) *CreateLinkInput { + s.Tags = v + return s +} + +// SetType sets the Type field's value. +func (s *CreateLinkInput) SetType(v string) *CreateLinkInput { + s.Type = &v + return s +} + +type CreateLinkOutput struct { + _ struct{} `type:"structure"` + + // Information about the link. + Link *Link `type:"structure"` +} + +// String returns the string representation +func (s CreateLinkOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s CreateLinkOutput) GoString() string { + return s.String() +} + +// SetLink sets the Link field's value. +func (s *CreateLinkOutput) SetLink(v *Link) *CreateLinkOutput { + s.Link = v + return s +} + +type CreateSiteInput struct { + _ struct{} `type:"structure"` + + // A description of your site. + // + // Length Constraints: Maximum length of 256 characters. + Description *string `type:"string"` + + // The ID of the global network. + // + // GlobalNetworkId is a required field + GlobalNetworkId *string `location:"uri" locationName:"globalNetworkId" type:"string" required:"true"` + + // The site location. This information is used for visualization in the Network + // Manager console. If you specify the address, the latitude and longitude are + // automatically calculated. + // + // * Address: The physical address of the site. + // + // * Latitude: The latitude of the site. + // + // * Longitude: The longitude of the site. + Location *Location `type:"structure"` + + // The tags to apply to the resource during creation. + Tags []*Tag `type:"list"` +} + +// String returns the string representation +func (s CreateSiteInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s CreateSiteInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *CreateSiteInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "CreateSiteInput"} + if s.GlobalNetworkId == nil { + invalidParams.Add(request.NewErrParamRequired("GlobalNetworkId")) + } + if s.GlobalNetworkId != nil && len(*s.GlobalNetworkId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("GlobalNetworkId", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDescription sets the Description field's value. +func (s *CreateSiteInput) SetDescription(v string) *CreateSiteInput { + s.Description = &v + return s +} + +// SetGlobalNetworkId sets the GlobalNetworkId field's value. +func (s *CreateSiteInput) SetGlobalNetworkId(v string) *CreateSiteInput { + s.GlobalNetworkId = &v + return s +} + +// SetLocation sets the Location field's value. +func (s *CreateSiteInput) SetLocation(v *Location) *CreateSiteInput { + s.Location = v + return s +} + +// SetTags sets the Tags field's value. +func (s *CreateSiteInput) SetTags(v []*Tag) *CreateSiteInput { + s.Tags = v + return s +} + +type CreateSiteOutput struct { + _ struct{} `type:"structure"` + + // Information about the site. + Site *Site `type:"structure"` +} + +// String returns the string representation +func (s CreateSiteOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s CreateSiteOutput) GoString() string { + return s.String() +} + +// SetSite sets the Site field's value. +func (s *CreateSiteOutput) SetSite(v *Site) *CreateSiteOutput { + s.Site = v + return s +} + +// Describes the association between a customer gateway, a device, and a link. +type CustomerGatewayAssociation struct { + _ struct{} `type:"structure"` + + // The Amazon Resource Name (ARN) of the customer gateway. + CustomerGatewayArn *string `type:"string"` + + // The ID of the device. + DeviceId *string `type:"string"` + + // The ID of the global network. + GlobalNetworkId *string `type:"string"` + + // The ID of the link. + LinkId *string `type:"string"` + + // The association state. + State *string `type:"string" enum:"CustomerGatewayAssociationState"` +} + +// String returns the string representation +func (s CustomerGatewayAssociation) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s CustomerGatewayAssociation) GoString() string { + return s.String() +} + +// SetCustomerGatewayArn sets the CustomerGatewayArn field's value. +func (s *CustomerGatewayAssociation) SetCustomerGatewayArn(v string) *CustomerGatewayAssociation { + s.CustomerGatewayArn = &v + return s +} + +// SetDeviceId sets the DeviceId field's value. +func (s *CustomerGatewayAssociation) SetDeviceId(v string) *CustomerGatewayAssociation { + s.DeviceId = &v + return s +} + +// SetGlobalNetworkId sets the GlobalNetworkId field's value. +func (s *CustomerGatewayAssociation) SetGlobalNetworkId(v string) *CustomerGatewayAssociation { + s.GlobalNetworkId = &v + return s +} + +// SetLinkId sets the LinkId field's value. +func (s *CustomerGatewayAssociation) SetLinkId(v string) *CustomerGatewayAssociation { + s.LinkId = &v + return s +} + +// SetState sets the State field's value. +func (s *CustomerGatewayAssociation) SetState(v string) *CustomerGatewayAssociation { + s.State = &v + return s +} + +type DeleteDeviceInput struct { + _ struct{} `type:"structure"` + + // The ID of the device. + // + // DeviceId is a required field + DeviceId *string `location:"uri" locationName:"deviceId" type:"string" required:"true"` + + // The ID of the global network. + // + // GlobalNetworkId is a required field + GlobalNetworkId *string `location:"uri" locationName:"globalNetworkId" type:"string" required:"true"` +} + +// String returns the string representation +func (s DeleteDeviceInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DeleteDeviceInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DeleteDeviceInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DeleteDeviceInput"} + if s.DeviceId == nil { + invalidParams.Add(request.NewErrParamRequired("DeviceId")) + } + if s.DeviceId != nil && len(*s.DeviceId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("DeviceId", 1)) + } + if s.GlobalNetworkId == nil { + invalidParams.Add(request.NewErrParamRequired("GlobalNetworkId")) + } + if s.GlobalNetworkId != nil && len(*s.GlobalNetworkId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("GlobalNetworkId", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDeviceId sets the DeviceId field's value. +func (s *DeleteDeviceInput) SetDeviceId(v string) *DeleteDeviceInput { + s.DeviceId = &v + return s +} + +// SetGlobalNetworkId sets the GlobalNetworkId field's value. +func (s *DeleteDeviceInput) SetGlobalNetworkId(v string) *DeleteDeviceInput { + s.GlobalNetworkId = &v + return s +} + +type DeleteDeviceOutput struct { + _ struct{} `type:"structure"` + + // Information about the device. + Device *Device `type:"structure"` +} + +// String returns the string representation +func (s DeleteDeviceOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DeleteDeviceOutput) GoString() string { + return s.String() +} + +// SetDevice sets the Device field's value. +func (s *DeleteDeviceOutput) SetDevice(v *Device) *DeleteDeviceOutput { + s.Device = v + return s +} + +type DeleteGlobalNetworkInput struct { + _ struct{} `type:"structure"` + + // The ID of the global network. + // + // GlobalNetworkId is a required field + GlobalNetworkId *string `location:"uri" locationName:"globalNetworkId" type:"string" required:"true"` +} + +// String returns the string representation +func (s DeleteGlobalNetworkInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DeleteGlobalNetworkInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DeleteGlobalNetworkInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DeleteGlobalNetworkInput"} + if s.GlobalNetworkId == nil { + invalidParams.Add(request.NewErrParamRequired("GlobalNetworkId")) + } + if s.GlobalNetworkId != nil && len(*s.GlobalNetworkId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("GlobalNetworkId", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetGlobalNetworkId sets the GlobalNetworkId field's value. +func (s *DeleteGlobalNetworkInput) SetGlobalNetworkId(v string) *DeleteGlobalNetworkInput { + s.GlobalNetworkId = &v + return s +} + +type DeleteGlobalNetworkOutput struct { + _ struct{} `type:"structure"` + + // Information about the global network. + GlobalNetwork *GlobalNetwork `type:"structure"` +} + +// String returns the string representation +func (s DeleteGlobalNetworkOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DeleteGlobalNetworkOutput) GoString() string { + return s.String() +} + +// SetGlobalNetwork sets the GlobalNetwork field's value. +func (s *DeleteGlobalNetworkOutput) SetGlobalNetwork(v *GlobalNetwork) *DeleteGlobalNetworkOutput { + s.GlobalNetwork = v + return s +} + +type DeleteLinkInput struct { + _ struct{} `type:"structure"` + + // The ID of the global network. + // + // GlobalNetworkId is a required field + GlobalNetworkId *string `location:"uri" locationName:"globalNetworkId" type:"string" required:"true"` + + // The ID of the link. + // + // LinkId is a required field + LinkId *string `location:"uri" locationName:"linkId" type:"string" required:"true"` +} + +// String returns the string representation +func (s DeleteLinkInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DeleteLinkInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DeleteLinkInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DeleteLinkInput"} + if s.GlobalNetworkId == nil { + invalidParams.Add(request.NewErrParamRequired("GlobalNetworkId")) + } + if s.GlobalNetworkId != nil && len(*s.GlobalNetworkId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("GlobalNetworkId", 1)) + } + if s.LinkId == nil { + invalidParams.Add(request.NewErrParamRequired("LinkId")) + } + if s.LinkId != nil && len(*s.LinkId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("LinkId", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetGlobalNetworkId sets the GlobalNetworkId field's value. +func (s *DeleteLinkInput) SetGlobalNetworkId(v string) *DeleteLinkInput { + s.GlobalNetworkId = &v + return s +} + +// SetLinkId sets the LinkId field's value. +func (s *DeleteLinkInput) SetLinkId(v string) *DeleteLinkInput { + s.LinkId = &v + return s +} + +type DeleteLinkOutput struct { + _ struct{} `type:"structure"` + + // Information about the link. + Link *Link `type:"structure"` +} + +// String returns the string representation +func (s DeleteLinkOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DeleteLinkOutput) GoString() string { + return s.String() +} + +// SetLink sets the Link field's value. +func (s *DeleteLinkOutput) SetLink(v *Link) *DeleteLinkOutput { + s.Link = v + return s +} + +type DeleteSiteInput struct { + _ struct{} `type:"structure"` + + // The ID of the global network. + // + // GlobalNetworkId is a required field + GlobalNetworkId *string `location:"uri" locationName:"globalNetworkId" type:"string" required:"true"` + + // The ID of the site. + // + // SiteId is a required field + SiteId *string `location:"uri" locationName:"siteId" type:"string" required:"true"` +} + +// String returns the string representation +func (s DeleteSiteInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DeleteSiteInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DeleteSiteInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DeleteSiteInput"} + if s.GlobalNetworkId == nil { + invalidParams.Add(request.NewErrParamRequired("GlobalNetworkId")) + } + if s.GlobalNetworkId != nil && len(*s.GlobalNetworkId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("GlobalNetworkId", 1)) + } + if s.SiteId == nil { + invalidParams.Add(request.NewErrParamRequired("SiteId")) + } + if s.SiteId != nil && len(*s.SiteId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("SiteId", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetGlobalNetworkId sets the GlobalNetworkId field's value. +func (s *DeleteSiteInput) SetGlobalNetworkId(v string) *DeleteSiteInput { + s.GlobalNetworkId = &v + return s +} + +// SetSiteId sets the SiteId field's value. +func (s *DeleteSiteInput) SetSiteId(v string) *DeleteSiteInput { + s.SiteId = &v + return s +} + +type DeleteSiteOutput struct { + _ struct{} `type:"structure"` + + // Information about the site. + Site *Site `type:"structure"` +} + +// String returns the string representation +func (s DeleteSiteOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DeleteSiteOutput) GoString() string { + return s.String() +} + +// SetSite sets the Site field's value. +func (s *DeleteSiteOutput) SetSite(v *Site) *DeleteSiteOutput { + s.Site = v + return s +} + +type DeregisterTransitGatewayInput struct { + _ struct{} `type:"structure"` + + // The ID of the global network. + // + // GlobalNetworkId is a required field + GlobalNetworkId *string `location:"uri" locationName:"globalNetworkId" type:"string" required:"true"` + + // The Amazon Resource Name (ARN) of the transit gateway. + // + // TransitGatewayArn is a required field + TransitGatewayArn *string `location:"uri" locationName:"transitGatewayArn" type:"string" required:"true"` +} + +// String returns the string representation +func (s DeregisterTransitGatewayInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DeregisterTransitGatewayInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DeregisterTransitGatewayInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DeregisterTransitGatewayInput"} + if s.GlobalNetworkId == nil { + invalidParams.Add(request.NewErrParamRequired("GlobalNetworkId")) + } + if s.GlobalNetworkId != nil && len(*s.GlobalNetworkId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("GlobalNetworkId", 1)) + } + if s.TransitGatewayArn == nil { + invalidParams.Add(request.NewErrParamRequired("TransitGatewayArn")) + } + if s.TransitGatewayArn != nil && len(*s.TransitGatewayArn) < 1 { + invalidParams.Add(request.NewErrParamMinLen("TransitGatewayArn", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetGlobalNetworkId sets the GlobalNetworkId field's value. +func (s *DeregisterTransitGatewayInput) SetGlobalNetworkId(v string) *DeregisterTransitGatewayInput { + s.GlobalNetworkId = &v + return s +} + +// SetTransitGatewayArn sets the TransitGatewayArn field's value. +func (s *DeregisterTransitGatewayInput) SetTransitGatewayArn(v string) *DeregisterTransitGatewayInput { + s.TransitGatewayArn = &v + return s +} + +type DeregisterTransitGatewayOutput struct { + _ struct{} `type:"structure"` + + // The transit gateway registration information. + TransitGatewayRegistration *TransitGatewayRegistration `type:"structure"` +} + +// String returns the string representation +func (s DeregisterTransitGatewayOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DeregisterTransitGatewayOutput) GoString() string { + return s.String() +} + +// SetTransitGatewayRegistration sets the TransitGatewayRegistration field's value. +func (s *DeregisterTransitGatewayOutput) SetTransitGatewayRegistration(v *TransitGatewayRegistration) *DeregisterTransitGatewayOutput { + s.TransitGatewayRegistration = v + return s +} + +type DescribeGlobalNetworksInput struct { + _ struct{} `type:"structure"` + + // The IDs of one or more global networks. The maximum is 10. + GlobalNetworkIds []*string `location:"querystring" locationName:"globalNetworkIds" type:"list"` + + // The maximum number of results to return. + MaxResults *int64 `location:"querystring" locationName:"maxResults" min:"1" type:"integer"` + + // The token for the next page of results. + NextToken *string `location:"querystring" locationName:"nextToken" type:"string"` +} + +// String returns the string representation +func (s DescribeGlobalNetworksInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeGlobalNetworksInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeGlobalNetworksInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeGlobalNetworksInput"} + if s.MaxResults != nil && *s.MaxResults < 1 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetGlobalNetworkIds sets the GlobalNetworkIds field's value. +func (s *DescribeGlobalNetworksInput) SetGlobalNetworkIds(v []*string) *DescribeGlobalNetworksInput { + s.GlobalNetworkIds = v + return s +} + +// SetMaxResults sets the MaxResults field's value. +func (s *DescribeGlobalNetworksInput) SetMaxResults(v int64) *DescribeGlobalNetworksInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeGlobalNetworksInput) SetNextToken(v string) *DescribeGlobalNetworksInput { + s.NextToken = &v + return s +} + +type DescribeGlobalNetworksOutput struct { + _ struct{} `type:"structure"` + + // Information about the global networks. + GlobalNetworks []*GlobalNetwork `type:"list"` + + // The token for the next page of results. + NextToken *string `type:"string"` +} + +// String returns the string representation +func (s DescribeGlobalNetworksOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeGlobalNetworksOutput) GoString() string { + return s.String() +} + +// SetGlobalNetworks sets the GlobalNetworks field's value. +func (s *DescribeGlobalNetworksOutput) SetGlobalNetworks(v []*GlobalNetwork) *DescribeGlobalNetworksOutput { + s.GlobalNetworks = v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeGlobalNetworksOutput) SetNextToken(v string) *DescribeGlobalNetworksOutput { + s.NextToken = &v + return s +} + +// Describes a device. +type Device struct { + _ struct{} `type:"structure"` + + // The date and time that the site was created. + CreatedAt *time.Time `type:"timestamp"` + + // The description of the device. + Description *string `type:"string"` + + // The Amazon Resource Name (ARN) of the device. + DeviceArn *string `type:"string"` + + // The ID of the device. + DeviceId *string `type:"string"` + + // The ID of the global network. + GlobalNetworkId *string `type:"string"` + + // The site location. + Location *Location `type:"structure"` + + // The device model. + Model *string `type:"string"` + + // The device serial number. + SerialNumber *string `type:"string"` + + // The site ID. + SiteId *string `type:"string"` + + // The device state. + State *string `type:"string" enum:"DeviceState"` + + // The tags for the device. + Tags []*Tag `type:"list"` + + // The device type. + Type *string `type:"string"` + + // The device vendor. + Vendor *string `type:"string"` +} + +// String returns the string representation +func (s Device) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s Device) GoString() string { + return s.String() +} + +// SetCreatedAt sets the CreatedAt field's value. +func (s *Device) SetCreatedAt(v time.Time) *Device { + s.CreatedAt = &v + return s +} + +// SetDescription sets the Description field's value. +func (s *Device) SetDescription(v string) *Device { + s.Description = &v + return s +} + +// SetDeviceArn sets the DeviceArn field's value. +func (s *Device) SetDeviceArn(v string) *Device { + s.DeviceArn = &v + return s +} + +// SetDeviceId sets the DeviceId field's value. +func (s *Device) SetDeviceId(v string) *Device { + s.DeviceId = &v + return s +} + +// SetGlobalNetworkId sets the GlobalNetworkId field's value. +func (s *Device) SetGlobalNetworkId(v string) *Device { + s.GlobalNetworkId = &v + return s +} + +// SetLocation sets the Location field's value. +func (s *Device) SetLocation(v *Location) *Device { + s.Location = v + return s +} + +// SetModel sets the Model field's value. +func (s *Device) SetModel(v string) *Device { + s.Model = &v + return s +} + +// SetSerialNumber sets the SerialNumber field's value. +func (s *Device) SetSerialNumber(v string) *Device { + s.SerialNumber = &v + return s +} + +// SetSiteId sets the SiteId field's value. +func (s *Device) SetSiteId(v string) *Device { + s.SiteId = &v + return s +} + +// SetState sets the State field's value. +func (s *Device) SetState(v string) *Device { + s.State = &v + return s +} + +// SetTags sets the Tags field's value. +func (s *Device) SetTags(v []*Tag) *Device { + s.Tags = v + return s +} + +// SetType sets the Type field's value. +func (s *Device) SetType(v string) *Device { + s.Type = &v + return s +} + +// SetVendor sets the Vendor field's value. +func (s *Device) SetVendor(v string) *Device { + s.Vendor = &v + return s +} + +type DisassociateCustomerGatewayInput struct { + _ struct{} `type:"structure"` + + // The Amazon Resource Name (ARN) of the customer gateway. For more information, + // see Resources Defined by Amazon EC2 (https://docs.aws.amazon.com/IAM/latest/UserGuide/list_amazonec2.html#amazonec2-resources-for-iam-policies). + // + // CustomerGatewayArn is a required field + CustomerGatewayArn *string `location:"uri" locationName:"customerGatewayArn" type:"string" required:"true"` + + // The ID of the global network. + // + // GlobalNetworkId is a required field + GlobalNetworkId *string `location:"uri" locationName:"globalNetworkId" type:"string" required:"true"` +} + +// String returns the string representation +func (s DisassociateCustomerGatewayInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DisassociateCustomerGatewayInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DisassociateCustomerGatewayInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DisassociateCustomerGatewayInput"} + if s.CustomerGatewayArn == nil { + invalidParams.Add(request.NewErrParamRequired("CustomerGatewayArn")) + } + if s.CustomerGatewayArn != nil && len(*s.CustomerGatewayArn) < 1 { + invalidParams.Add(request.NewErrParamMinLen("CustomerGatewayArn", 1)) + } + if s.GlobalNetworkId == nil { + invalidParams.Add(request.NewErrParamRequired("GlobalNetworkId")) + } + if s.GlobalNetworkId != nil && len(*s.GlobalNetworkId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("GlobalNetworkId", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetCustomerGatewayArn sets the CustomerGatewayArn field's value. +func (s *DisassociateCustomerGatewayInput) SetCustomerGatewayArn(v string) *DisassociateCustomerGatewayInput { + s.CustomerGatewayArn = &v + return s +} + +// SetGlobalNetworkId sets the GlobalNetworkId field's value. +func (s *DisassociateCustomerGatewayInput) SetGlobalNetworkId(v string) *DisassociateCustomerGatewayInput { + s.GlobalNetworkId = &v + return s +} + +type DisassociateCustomerGatewayOutput struct { + _ struct{} `type:"structure"` + + // Information about the customer gateway association. + CustomerGatewayAssociation *CustomerGatewayAssociation `type:"structure"` +} + +// String returns the string representation +func (s DisassociateCustomerGatewayOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DisassociateCustomerGatewayOutput) GoString() string { + return s.String() +} + +// SetCustomerGatewayAssociation sets the CustomerGatewayAssociation field's value. +func (s *DisassociateCustomerGatewayOutput) SetCustomerGatewayAssociation(v *CustomerGatewayAssociation) *DisassociateCustomerGatewayOutput { + s.CustomerGatewayAssociation = v + return s +} + +type DisassociateLinkInput struct { + _ struct{} `type:"structure"` + + // The ID of the device. + // + // DeviceId is a required field + DeviceId *string `location:"querystring" locationName:"deviceId" type:"string" required:"true"` + + // The ID of the global network. + // + // GlobalNetworkId is a required field + GlobalNetworkId *string `location:"uri" locationName:"globalNetworkId" type:"string" required:"true"` + + // The ID of the link. + // + // LinkId is a required field + LinkId *string `location:"querystring" locationName:"linkId" type:"string" required:"true"` +} + +// String returns the string representation +func (s DisassociateLinkInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DisassociateLinkInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DisassociateLinkInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DisassociateLinkInput"} + if s.DeviceId == nil { + invalidParams.Add(request.NewErrParamRequired("DeviceId")) + } + if s.GlobalNetworkId == nil { + invalidParams.Add(request.NewErrParamRequired("GlobalNetworkId")) + } + if s.GlobalNetworkId != nil && len(*s.GlobalNetworkId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("GlobalNetworkId", 1)) + } + if s.LinkId == nil { + invalidParams.Add(request.NewErrParamRequired("LinkId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDeviceId sets the DeviceId field's value. +func (s *DisassociateLinkInput) SetDeviceId(v string) *DisassociateLinkInput { + s.DeviceId = &v + return s +} + +// SetGlobalNetworkId sets the GlobalNetworkId field's value. +func (s *DisassociateLinkInput) SetGlobalNetworkId(v string) *DisassociateLinkInput { + s.GlobalNetworkId = &v + return s +} + +// SetLinkId sets the LinkId field's value. +func (s *DisassociateLinkInput) SetLinkId(v string) *DisassociateLinkInput { + s.LinkId = &v + return s +} + +type DisassociateLinkOutput struct { + _ struct{} `type:"structure"` + + // Information about the link association. + LinkAssociation *LinkAssociation `type:"structure"` +} + +// String returns the string representation +func (s DisassociateLinkOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DisassociateLinkOutput) GoString() string { + return s.String() +} + +// SetLinkAssociation sets the LinkAssociation field's value. +func (s *DisassociateLinkOutput) SetLinkAssociation(v *LinkAssociation) *DisassociateLinkOutput { + s.LinkAssociation = v + return s +} + +type GetCustomerGatewayAssociationsInput struct { + _ struct{} `type:"structure"` + + // One or more customer gateway Amazon Resource Names (ARNs). For more information, + // see Resources Defined by Amazon EC2 (https://docs.aws.amazon.com/IAM/latest/UserGuide/list_amazonec2.html#amazonec2-resources-for-iam-policies). + // The maximum is 10. + CustomerGatewayArns []*string `location:"querystring" locationName:"customerGatewayArns" type:"list"` + + // The ID of the global network. + // + // GlobalNetworkId is a required field + GlobalNetworkId *string `location:"uri" locationName:"globalNetworkId" type:"string" required:"true"` + + // The maximum number of results to return. + MaxResults *int64 `location:"querystring" locationName:"maxResults" min:"1" type:"integer"` + + // The token for the next page of results. + NextToken *string `location:"querystring" locationName:"nextToken" type:"string"` +} + +// String returns the string representation +func (s GetCustomerGatewayAssociationsInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s GetCustomerGatewayAssociationsInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *GetCustomerGatewayAssociationsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "GetCustomerGatewayAssociationsInput"} + if s.GlobalNetworkId == nil { + invalidParams.Add(request.NewErrParamRequired("GlobalNetworkId")) + } + if s.GlobalNetworkId != nil && len(*s.GlobalNetworkId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("GlobalNetworkId", 1)) + } + if s.MaxResults != nil && *s.MaxResults < 1 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetCustomerGatewayArns sets the CustomerGatewayArns field's value. +func (s *GetCustomerGatewayAssociationsInput) SetCustomerGatewayArns(v []*string) *GetCustomerGatewayAssociationsInput { + s.CustomerGatewayArns = v + return s +} + +// SetGlobalNetworkId sets the GlobalNetworkId field's value. +func (s *GetCustomerGatewayAssociationsInput) SetGlobalNetworkId(v string) *GetCustomerGatewayAssociationsInput { + s.GlobalNetworkId = &v + return s +} + +// SetMaxResults sets the MaxResults field's value. +func (s *GetCustomerGatewayAssociationsInput) SetMaxResults(v int64) *GetCustomerGatewayAssociationsInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *GetCustomerGatewayAssociationsInput) SetNextToken(v string) *GetCustomerGatewayAssociationsInput { + s.NextToken = &v + return s +} + +type GetCustomerGatewayAssociationsOutput struct { + _ struct{} `type:"structure"` + + // The customer gateway associations. + CustomerGatewayAssociations []*CustomerGatewayAssociation `type:"list"` + + // The token for the next page of results. + NextToken *string `type:"string"` +} + +// String returns the string representation +func (s GetCustomerGatewayAssociationsOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s GetCustomerGatewayAssociationsOutput) GoString() string { + return s.String() +} + +// SetCustomerGatewayAssociations sets the CustomerGatewayAssociations field's value. +func (s *GetCustomerGatewayAssociationsOutput) SetCustomerGatewayAssociations(v []*CustomerGatewayAssociation) *GetCustomerGatewayAssociationsOutput { + s.CustomerGatewayAssociations = v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *GetCustomerGatewayAssociationsOutput) SetNextToken(v string) *GetCustomerGatewayAssociationsOutput { + s.NextToken = &v + return s +} + +type GetDevicesInput struct { + _ struct{} `type:"structure"` + + // One or more device IDs. The maximum is 10. + DeviceIds []*string `location:"querystring" locationName:"deviceIds" type:"list"` + + // The ID of the global network. + // + // GlobalNetworkId is a required field + GlobalNetworkId *string `location:"uri" locationName:"globalNetworkId" type:"string" required:"true"` + + // The maximum number of results to return. + MaxResults *int64 `location:"querystring" locationName:"maxResults" min:"1" type:"integer"` + + // The token for the next page of results. + NextToken *string `location:"querystring" locationName:"nextToken" type:"string"` + + // The ID of the site. + SiteId *string `location:"querystring" locationName:"siteId" type:"string"` +} + +// String returns the string representation +func (s GetDevicesInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s GetDevicesInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *GetDevicesInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "GetDevicesInput"} + if s.GlobalNetworkId == nil { + invalidParams.Add(request.NewErrParamRequired("GlobalNetworkId")) + } + if s.GlobalNetworkId != nil && len(*s.GlobalNetworkId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("GlobalNetworkId", 1)) + } + if s.MaxResults != nil && *s.MaxResults < 1 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDeviceIds sets the DeviceIds field's value. +func (s *GetDevicesInput) SetDeviceIds(v []*string) *GetDevicesInput { + s.DeviceIds = v + return s +} + +// SetGlobalNetworkId sets the GlobalNetworkId field's value. +func (s *GetDevicesInput) SetGlobalNetworkId(v string) *GetDevicesInput { + s.GlobalNetworkId = &v + return s +} + +// SetMaxResults sets the MaxResults field's value. +func (s *GetDevicesInput) SetMaxResults(v int64) *GetDevicesInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *GetDevicesInput) SetNextToken(v string) *GetDevicesInput { + s.NextToken = &v + return s +} + +// SetSiteId sets the SiteId field's value. +func (s *GetDevicesInput) SetSiteId(v string) *GetDevicesInput { + s.SiteId = &v + return s +} + +type GetDevicesOutput struct { + _ struct{} `type:"structure"` + + // The devices. + Devices []*Device `type:"list"` + + // The token for the next page of results. + NextToken *string `type:"string"` +} + +// String returns the string representation +func (s GetDevicesOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s GetDevicesOutput) GoString() string { + return s.String() +} + +// SetDevices sets the Devices field's value. +func (s *GetDevicesOutput) SetDevices(v []*Device) *GetDevicesOutput { + s.Devices = v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *GetDevicesOutput) SetNextToken(v string) *GetDevicesOutput { + s.NextToken = &v + return s +} + +type GetLinkAssociationsInput struct { + _ struct{} `type:"structure"` + + // The ID of the device. + DeviceId *string `location:"querystring" locationName:"deviceId" type:"string"` + + // The ID of the global network. + // + // GlobalNetworkId is a required field + GlobalNetworkId *string `location:"uri" locationName:"globalNetworkId" type:"string" required:"true"` + + // The ID of the link. + LinkId *string `location:"querystring" locationName:"linkId" type:"string"` + + // The maximum number of results to return. + MaxResults *int64 `location:"querystring" locationName:"maxResults" min:"1" type:"integer"` + + // The token for the next page of results. + NextToken *string `location:"querystring" locationName:"nextToken" type:"string"` +} + +// String returns the string representation +func (s GetLinkAssociationsInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s GetLinkAssociationsInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *GetLinkAssociationsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "GetLinkAssociationsInput"} + if s.GlobalNetworkId == nil { + invalidParams.Add(request.NewErrParamRequired("GlobalNetworkId")) + } + if s.GlobalNetworkId != nil && len(*s.GlobalNetworkId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("GlobalNetworkId", 1)) + } + if s.MaxResults != nil && *s.MaxResults < 1 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDeviceId sets the DeviceId field's value. +func (s *GetLinkAssociationsInput) SetDeviceId(v string) *GetLinkAssociationsInput { + s.DeviceId = &v + return s +} + +// SetGlobalNetworkId sets the GlobalNetworkId field's value. +func (s *GetLinkAssociationsInput) SetGlobalNetworkId(v string) *GetLinkAssociationsInput { + s.GlobalNetworkId = &v + return s +} + +// SetLinkId sets the LinkId field's value. +func (s *GetLinkAssociationsInput) SetLinkId(v string) *GetLinkAssociationsInput { + s.LinkId = &v + return s +} + +// SetMaxResults sets the MaxResults field's value. +func (s *GetLinkAssociationsInput) SetMaxResults(v int64) *GetLinkAssociationsInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *GetLinkAssociationsInput) SetNextToken(v string) *GetLinkAssociationsInput { + s.NextToken = &v + return s +} + +type GetLinkAssociationsOutput struct { + _ struct{} `type:"structure"` + + // The link associations. + LinkAssociations []*LinkAssociation `type:"list"` + + // The token for the next page of results. + NextToken *string `type:"string"` +} + +// String returns the string representation +func (s GetLinkAssociationsOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s GetLinkAssociationsOutput) GoString() string { + return s.String() +} + +// SetLinkAssociations sets the LinkAssociations field's value. +func (s *GetLinkAssociationsOutput) SetLinkAssociations(v []*LinkAssociation) *GetLinkAssociationsOutput { + s.LinkAssociations = v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *GetLinkAssociationsOutput) SetNextToken(v string) *GetLinkAssociationsOutput { + s.NextToken = &v + return s +} + +type GetLinksInput struct { + _ struct{} `type:"structure"` + + // The ID of the global network. + // + // GlobalNetworkId is a required field + GlobalNetworkId *string `location:"uri" locationName:"globalNetworkId" type:"string" required:"true"` + + // One or more link IDs. The maximum is 10. + LinkIds []*string `location:"querystring" locationName:"linkIds" type:"list"` + + // The maximum number of results to return. + MaxResults *int64 `location:"querystring" locationName:"maxResults" min:"1" type:"integer"` + + // The token for the next page of results. + NextToken *string `location:"querystring" locationName:"nextToken" type:"string"` + + // The link provider. + Provider *string `location:"querystring" locationName:"provider" type:"string"` + + // The ID of the site. + SiteId *string `location:"querystring" locationName:"siteId" type:"string"` + + // The link type. + Type *string `location:"querystring" locationName:"type" type:"string"` +} + +// String returns the string representation +func (s GetLinksInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s GetLinksInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *GetLinksInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "GetLinksInput"} + if s.GlobalNetworkId == nil { + invalidParams.Add(request.NewErrParamRequired("GlobalNetworkId")) + } + if s.GlobalNetworkId != nil && len(*s.GlobalNetworkId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("GlobalNetworkId", 1)) + } + if s.MaxResults != nil && *s.MaxResults < 1 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetGlobalNetworkId sets the GlobalNetworkId field's value. +func (s *GetLinksInput) SetGlobalNetworkId(v string) *GetLinksInput { + s.GlobalNetworkId = &v + return s +} + +// SetLinkIds sets the LinkIds field's value. +func (s *GetLinksInput) SetLinkIds(v []*string) *GetLinksInput { + s.LinkIds = v + return s +} + +// SetMaxResults sets the MaxResults field's value. +func (s *GetLinksInput) SetMaxResults(v int64) *GetLinksInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *GetLinksInput) SetNextToken(v string) *GetLinksInput { + s.NextToken = &v + return s +} + +// SetProvider sets the Provider field's value. +func (s *GetLinksInput) SetProvider(v string) *GetLinksInput { + s.Provider = &v + return s +} + +// SetSiteId sets the SiteId field's value. +func (s *GetLinksInput) SetSiteId(v string) *GetLinksInput { + s.SiteId = &v + return s +} + +// SetType sets the Type field's value. +func (s *GetLinksInput) SetType(v string) *GetLinksInput { + s.Type = &v + return s +} + +type GetLinksOutput struct { + _ struct{} `type:"structure"` + + // The links. + Links []*Link `type:"list"` + + // The token for the next page of results. + NextToken *string `type:"string"` +} + +// String returns the string representation +func (s GetLinksOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s GetLinksOutput) GoString() string { + return s.String() +} + +// SetLinks sets the Links field's value. +func (s *GetLinksOutput) SetLinks(v []*Link) *GetLinksOutput { + s.Links = v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *GetLinksOutput) SetNextToken(v string) *GetLinksOutput { + s.NextToken = &v + return s +} + +type GetSitesInput struct { + _ struct{} `type:"structure"` + + // The ID of the global network. + // + // GlobalNetworkId is a required field + GlobalNetworkId *string `location:"uri" locationName:"globalNetworkId" type:"string" required:"true"` + + // The maximum number of results to return. + MaxResults *int64 `location:"querystring" locationName:"maxResults" min:"1" type:"integer"` + + // The token for the next page of results. + NextToken *string `location:"querystring" locationName:"nextToken" type:"string"` + + // One or more site IDs. The maximum is 10. + SiteIds []*string `location:"querystring" locationName:"siteIds" type:"list"` +} + +// String returns the string representation +func (s GetSitesInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s GetSitesInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *GetSitesInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "GetSitesInput"} + if s.GlobalNetworkId == nil { + invalidParams.Add(request.NewErrParamRequired("GlobalNetworkId")) + } + if s.GlobalNetworkId != nil && len(*s.GlobalNetworkId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("GlobalNetworkId", 1)) + } + if s.MaxResults != nil && *s.MaxResults < 1 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetGlobalNetworkId sets the GlobalNetworkId field's value. +func (s *GetSitesInput) SetGlobalNetworkId(v string) *GetSitesInput { + s.GlobalNetworkId = &v + return s +} + +// SetMaxResults sets the MaxResults field's value. +func (s *GetSitesInput) SetMaxResults(v int64) *GetSitesInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *GetSitesInput) SetNextToken(v string) *GetSitesInput { + s.NextToken = &v + return s +} + +// SetSiteIds sets the SiteIds field's value. +func (s *GetSitesInput) SetSiteIds(v []*string) *GetSitesInput { + s.SiteIds = v + return s +} + +type GetSitesOutput struct { + _ struct{} `type:"structure"` + + // The token for the next page of results. + NextToken *string `type:"string"` + + // The sites. + Sites []*Site `type:"list"` +} + +// String returns the string representation +func (s GetSitesOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s GetSitesOutput) GoString() string { + return s.String() +} + +// SetNextToken sets the NextToken field's value. +func (s *GetSitesOutput) SetNextToken(v string) *GetSitesOutput { + s.NextToken = &v + return s +} + +// SetSites sets the Sites field's value. +func (s *GetSitesOutput) SetSites(v []*Site) *GetSitesOutput { + s.Sites = v + return s +} + +type GetTransitGatewayRegistrationsInput struct { + _ struct{} `type:"structure"` + + // The ID of the global network. + // + // GlobalNetworkId is a required field + GlobalNetworkId *string `location:"uri" locationName:"globalNetworkId" type:"string" required:"true"` + + // The maximum number of results to return. + MaxResults *int64 `location:"querystring" locationName:"maxResults" min:"1" type:"integer"` + + // The token for the next page of results. + NextToken *string `location:"querystring" locationName:"nextToken" type:"string"` + + // The Amazon Resource Names (ARNs) of one or more transit gateways. The maximum + // is 10. + TransitGatewayArns []*string `location:"querystring" locationName:"transitGatewayArns" type:"list"` +} + +// String returns the string representation +func (s GetTransitGatewayRegistrationsInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s GetTransitGatewayRegistrationsInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *GetTransitGatewayRegistrationsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "GetTransitGatewayRegistrationsInput"} + if s.GlobalNetworkId == nil { + invalidParams.Add(request.NewErrParamRequired("GlobalNetworkId")) + } + if s.GlobalNetworkId != nil && len(*s.GlobalNetworkId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("GlobalNetworkId", 1)) + } + if s.MaxResults != nil && *s.MaxResults < 1 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetGlobalNetworkId sets the GlobalNetworkId field's value. +func (s *GetTransitGatewayRegistrationsInput) SetGlobalNetworkId(v string) *GetTransitGatewayRegistrationsInput { + s.GlobalNetworkId = &v + return s +} + +// SetMaxResults sets the MaxResults field's value. +func (s *GetTransitGatewayRegistrationsInput) SetMaxResults(v int64) *GetTransitGatewayRegistrationsInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *GetTransitGatewayRegistrationsInput) SetNextToken(v string) *GetTransitGatewayRegistrationsInput { + s.NextToken = &v + return s +} + +// SetTransitGatewayArns sets the TransitGatewayArns field's value. +func (s *GetTransitGatewayRegistrationsInput) SetTransitGatewayArns(v []*string) *GetTransitGatewayRegistrationsInput { + s.TransitGatewayArns = v + return s +} + +type GetTransitGatewayRegistrationsOutput struct { + _ struct{} `type:"structure"` + + // The token for the next page of results. + NextToken *string `type:"string"` + + // The transit gateway registrations. + TransitGatewayRegistrations []*TransitGatewayRegistration `type:"list"` +} + +// String returns the string representation +func (s GetTransitGatewayRegistrationsOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s GetTransitGatewayRegistrationsOutput) GoString() string { + return s.String() +} + +// SetNextToken sets the NextToken field's value. +func (s *GetTransitGatewayRegistrationsOutput) SetNextToken(v string) *GetTransitGatewayRegistrationsOutput { + s.NextToken = &v + return s +} + +// SetTransitGatewayRegistrations sets the TransitGatewayRegistrations field's value. +func (s *GetTransitGatewayRegistrationsOutput) SetTransitGatewayRegistrations(v []*TransitGatewayRegistration) *GetTransitGatewayRegistrationsOutput { + s.TransitGatewayRegistrations = v + return s +} + +// Describes a global network. +type GlobalNetwork struct { + _ struct{} `type:"structure"` + + // The date and time that the global network was created. + CreatedAt *time.Time `type:"timestamp"` + + // The description of the global network. + Description *string `type:"string"` + + // The Amazon Resource Name (ARN) of the global network. + GlobalNetworkArn *string `type:"string"` + + // The ID of the global network. + GlobalNetworkId *string `type:"string"` + + // The state of the global network. + State *string `type:"string" enum:"GlobalNetworkState"` + + // The tags for the global network. + Tags []*Tag `type:"list"` +} + +// String returns the string representation +func (s GlobalNetwork) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s GlobalNetwork) GoString() string { + return s.String() +} + +// SetCreatedAt sets the CreatedAt field's value. +func (s *GlobalNetwork) SetCreatedAt(v time.Time) *GlobalNetwork { + s.CreatedAt = &v + return s +} + +// SetDescription sets the Description field's value. +func (s *GlobalNetwork) SetDescription(v string) *GlobalNetwork { + s.Description = &v + return s +} + +// SetGlobalNetworkArn sets the GlobalNetworkArn field's value. +func (s *GlobalNetwork) SetGlobalNetworkArn(v string) *GlobalNetwork { + s.GlobalNetworkArn = &v + return s +} + +// SetGlobalNetworkId sets the GlobalNetworkId field's value. +func (s *GlobalNetwork) SetGlobalNetworkId(v string) *GlobalNetwork { + s.GlobalNetworkId = &v + return s +} + +// SetState sets the State field's value. +func (s *GlobalNetwork) SetState(v string) *GlobalNetwork { + s.State = &v + return s +} + +// SetTags sets the Tags field's value. +func (s *GlobalNetwork) SetTags(v []*Tag) *GlobalNetwork { + s.Tags = v + return s +} + +// The request has failed due to an internal error. +type InternalServerException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + Message_ *string `locationName:"Message" type:"string"` + + // Indicates when to retry the request. + RetryAfterSeconds *int64 `location:"header" locationName:"Retry-After" type:"integer"` +} + +// String returns the string representation +func (s InternalServerException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s InternalServerException) GoString() string { + return s.String() +} + +func newErrorInternalServerException(v protocol.ResponseMetadata) error { + return &InternalServerException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. +func (s *InternalServerException) Code() string { + return "InternalServerException" +} + +// Message returns the exception's message. +func (s *InternalServerException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *InternalServerException) OrigErr() error { + return nil +} + +func (s *InternalServerException) Error() string { + return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *InternalServerException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *InternalServerException) RequestID() string { + return s.RespMetadata.RequestID +} + +// Describes a link. +type Link struct { + _ struct{} `type:"structure"` + + // The bandwidth for the link. + Bandwidth *Bandwidth `type:"structure"` + + // The date and time that the link was created. + CreatedAt *time.Time `type:"timestamp"` + + // The description of the link. + Description *string `type:"string"` + + // The ID of the global network. + GlobalNetworkId *string `type:"string"` + + // The Amazon Resource Name (ARN) of the link. + LinkArn *string `type:"string"` + + // The ID of the link. + LinkId *string `type:"string"` + + // The provider of the link. + Provider *string `type:"string"` + + // The ID of the site. + SiteId *string `type:"string"` + + // The state of the link. + State *string `type:"string" enum:"LinkState"` + + // The tags for the link. + Tags []*Tag `type:"list"` + + // The type of the link. + Type *string `type:"string"` +} + +// String returns the string representation +func (s Link) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s Link) GoString() string { + return s.String() +} + +// SetBandwidth sets the Bandwidth field's value. +func (s *Link) SetBandwidth(v *Bandwidth) *Link { + s.Bandwidth = v + return s +} + +// SetCreatedAt sets the CreatedAt field's value. +func (s *Link) SetCreatedAt(v time.Time) *Link { + s.CreatedAt = &v + return s +} + +// SetDescription sets the Description field's value. +func (s *Link) SetDescription(v string) *Link { + s.Description = &v + return s +} + +// SetGlobalNetworkId sets the GlobalNetworkId field's value. +func (s *Link) SetGlobalNetworkId(v string) *Link { + s.GlobalNetworkId = &v + return s +} + +// SetLinkArn sets the LinkArn field's value. +func (s *Link) SetLinkArn(v string) *Link { + s.LinkArn = &v + return s +} + +// SetLinkId sets the LinkId field's value. +func (s *Link) SetLinkId(v string) *Link { + s.LinkId = &v + return s +} + +// SetProvider sets the Provider field's value. +func (s *Link) SetProvider(v string) *Link { + s.Provider = &v + return s +} + +// SetSiteId sets the SiteId field's value. +func (s *Link) SetSiteId(v string) *Link { + s.SiteId = &v + return s +} + +// SetState sets the State field's value. +func (s *Link) SetState(v string) *Link { + s.State = &v + return s +} + +// SetTags sets the Tags field's value. +func (s *Link) SetTags(v []*Tag) *Link { + s.Tags = v + return s +} + +// SetType sets the Type field's value. +func (s *Link) SetType(v string) *Link { + s.Type = &v + return s +} + +// Describes the association between a device and a link. +type LinkAssociation struct { + _ struct{} `type:"structure"` + + // The device ID for the link association. + DeviceId *string `type:"string"` + + // The ID of the global network. + GlobalNetworkId *string `type:"string"` + + // The state of the association. + LinkAssociationState *string `type:"string" enum:"LinkAssociationState"` + + // The ID of the link. + LinkId *string `type:"string"` +} + +// String returns the string representation +func (s LinkAssociation) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s LinkAssociation) GoString() string { + return s.String() +} + +// SetDeviceId sets the DeviceId field's value. +func (s *LinkAssociation) SetDeviceId(v string) *LinkAssociation { + s.DeviceId = &v + return s +} + +// SetGlobalNetworkId sets the GlobalNetworkId field's value. +func (s *LinkAssociation) SetGlobalNetworkId(v string) *LinkAssociation { + s.GlobalNetworkId = &v + return s +} + +// SetLinkAssociationState sets the LinkAssociationState field's value. +func (s *LinkAssociation) SetLinkAssociationState(v string) *LinkAssociation { + s.LinkAssociationState = &v + return s +} + +// SetLinkId sets the LinkId field's value. +func (s *LinkAssociation) SetLinkId(v string) *LinkAssociation { + s.LinkId = &v + return s +} + +type ListTagsForResourceInput struct { + _ struct{} `type:"structure"` + + // The Amazon Resource Name (ARN) of the resource. + // + // ResourceArn is a required field + ResourceArn *string `location:"uri" locationName:"resourceArn" type:"string" required:"true"` +} + +// String returns the string representation +func (s ListTagsForResourceInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ListTagsForResourceInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *ListTagsForResourceInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ListTagsForResourceInput"} + if s.ResourceArn == nil { + invalidParams.Add(request.NewErrParamRequired("ResourceArn")) + } + if s.ResourceArn != nil && len(*s.ResourceArn) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ResourceArn", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetResourceArn sets the ResourceArn field's value. +func (s *ListTagsForResourceInput) SetResourceArn(v string) *ListTagsForResourceInput { + s.ResourceArn = &v + return s +} + +type ListTagsForResourceOutput struct { + _ struct{} `type:"structure"` + + // The list of tags. + TagList []*Tag `type:"list"` +} + +// String returns the string representation +func (s ListTagsForResourceOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ListTagsForResourceOutput) GoString() string { + return s.String() +} + +// SetTagList sets the TagList field's value. +func (s *ListTagsForResourceOutput) SetTagList(v []*Tag) *ListTagsForResourceOutput { + s.TagList = v + return s +} + +// Describes a location. +type Location struct { + _ struct{} `type:"structure"` + + // The physical address. + Address *string `type:"string"` + + // The latitude. + Latitude *string `type:"string"` + + // The longitude. + Longitude *string `type:"string"` +} + +// String returns the string representation +func (s Location) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s Location) GoString() string { + return s.String() +} + +// SetAddress sets the Address field's value. +func (s *Location) SetAddress(v string) *Location { + s.Address = &v + return s +} + +// SetLatitude sets the Latitude field's value. +func (s *Location) SetLatitude(v string) *Location { + s.Latitude = &v + return s +} + +// SetLongitude sets the Longitude field's value. +func (s *Location) SetLongitude(v string) *Location { + s.Longitude = &v + return s +} + +type RegisterTransitGatewayInput struct { + _ struct{} `type:"structure"` + + // The ID of the global network. + // + // GlobalNetworkId is a required field + GlobalNetworkId *string `location:"uri" locationName:"globalNetworkId" type:"string" required:"true"` + + // The Amazon Resource Name (ARN) of the transit gateway. For more information, + // see Resources Defined by Amazon EC2 (https://docs.aws.amazon.com/IAM/latest/UserGuide/list_amazonec2.html#amazonec2-resources-for-iam-policies). + // + // TransitGatewayArn is a required field + TransitGatewayArn *string `type:"string" required:"true"` +} + +// String returns the string representation +func (s RegisterTransitGatewayInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s RegisterTransitGatewayInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *RegisterTransitGatewayInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "RegisterTransitGatewayInput"} + if s.GlobalNetworkId == nil { + invalidParams.Add(request.NewErrParamRequired("GlobalNetworkId")) + } + if s.GlobalNetworkId != nil && len(*s.GlobalNetworkId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("GlobalNetworkId", 1)) + } + if s.TransitGatewayArn == nil { + invalidParams.Add(request.NewErrParamRequired("TransitGatewayArn")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetGlobalNetworkId sets the GlobalNetworkId field's value. +func (s *RegisterTransitGatewayInput) SetGlobalNetworkId(v string) *RegisterTransitGatewayInput { + s.GlobalNetworkId = &v + return s +} + +// SetTransitGatewayArn sets the TransitGatewayArn field's value. +func (s *RegisterTransitGatewayInput) SetTransitGatewayArn(v string) *RegisterTransitGatewayInput { + s.TransitGatewayArn = &v + return s +} + +type RegisterTransitGatewayOutput struct { + _ struct{} `type:"structure"` + + // Information about the transit gateway registration. + TransitGatewayRegistration *TransitGatewayRegistration `type:"structure"` +} + +// String returns the string representation +func (s RegisterTransitGatewayOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s RegisterTransitGatewayOutput) GoString() string { + return s.String() +} + +// SetTransitGatewayRegistration sets the TransitGatewayRegistration field's value. +func (s *RegisterTransitGatewayOutput) SetTransitGatewayRegistration(v *TransitGatewayRegistration) *RegisterTransitGatewayOutput { + s.TransitGatewayRegistration = v + return s +} + +// The specified resource could not be found. +type ResourceNotFoundException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + Message_ *string `locationName:"Message" type:"string"` + + // The ID of the resource. + // + // ResourceId is a required field + ResourceId *string `type:"string" required:"true"` + + // The resource type. + // + // ResourceType is a required field + ResourceType *string `type:"string" required:"true"` +} + +// String returns the string representation +func (s ResourceNotFoundException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ResourceNotFoundException) GoString() string { + return s.String() +} + +func newErrorResourceNotFoundException(v protocol.ResponseMetadata) error { + return &ResourceNotFoundException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. +func (s *ResourceNotFoundException) Code() string { + return "ResourceNotFoundException" +} + +// Message returns the exception's message. +func (s *ResourceNotFoundException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *ResourceNotFoundException) OrigErr() error { + return nil +} + +func (s *ResourceNotFoundException) Error() string { + return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *ResourceNotFoundException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *ResourceNotFoundException) RequestID() string { + return s.RespMetadata.RequestID +} + +// A service limit was exceeded. +type ServiceQuotaExceededException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + // The limit code. + // + // LimitCode is a required field + LimitCode *string `type:"string" required:"true"` + + // The error message. + Message_ *string `locationName:"Message" type:"string"` + + // The ID of the resource. + ResourceId *string `type:"string"` + + // The resource type. + ResourceType *string `type:"string"` + + // The service code. + // + // ServiceCode is a required field + ServiceCode *string `type:"string" required:"true"` +} + +// String returns the string representation +func (s ServiceQuotaExceededException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ServiceQuotaExceededException) GoString() string { + return s.String() +} + +func newErrorServiceQuotaExceededException(v protocol.ResponseMetadata) error { + return &ServiceQuotaExceededException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. +func (s *ServiceQuotaExceededException) Code() string { + return "ServiceQuotaExceededException" +} + +// Message returns the exception's message. +func (s *ServiceQuotaExceededException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *ServiceQuotaExceededException) OrigErr() error { + return nil +} + +func (s *ServiceQuotaExceededException) Error() string { + return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *ServiceQuotaExceededException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *ServiceQuotaExceededException) RequestID() string { + return s.RespMetadata.RequestID +} + +// Describes a site. +type Site struct { + _ struct{} `type:"structure"` + + // The date and time that the site was created. + CreatedAt *time.Time `type:"timestamp"` + + // The description of the site. + Description *string `type:"string"` + + // The ID of the global network. + GlobalNetworkId *string `type:"string"` + + // The location of the site. + Location *Location `type:"structure"` + + // The Amazon Resource Name (ARN) of the site. + SiteArn *string `type:"string"` + + // The ID of the site. + SiteId *string `type:"string"` + + // The state of the site. + State *string `type:"string" enum:"SiteState"` + + // The tags for the site. + Tags []*Tag `type:"list"` +} + +// String returns the string representation +func (s Site) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s Site) GoString() string { + return s.String() +} + +// SetCreatedAt sets the CreatedAt field's value. +func (s *Site) SetCreatedAt(v time.Time) *Site { + s.CreatedAt = &v + return s +} + +// SetDescription sets the Description field's value. +func (s *Site) SetDescription(v string) *Site { + s.Description = &v + return s +} + +// SetGlobalNetworkId sets the GlobalNetworkId field's value. +func (s *Site) SetGlobalNetworkId(v string) *Site { + s.GlobalNetworkId = &v + return s +} + +// SetLocation sets the Location field's value. +func (s *Site) SetLocation(v *Location) *Site { + s.Location = v + return s +} + +// SetSiteArn sets the SiteArn field's value. +func (s *Site) SetSiteArn(v string) *Site { + s.SiteArn = &v + return s +} + +// SetSiteId sets the SiteId field's value. +func (s *Site) SetSiteId(v string) *Site { + s.SiteId = &v + return s +} + +// SetState sets the State field's value. +func (s *Site) SetState(v string) *Site { + s.State = &v + return s +} + +// SetTags sets the Tags field's value. +func (s *Site) SetTags(v []*Tag) *Site { + s.Tags = v + return s +} + +// Describes a tag. +type Tag struct { + _ struct{} `type:"structure"` + + // The tag key. + // + // Length Constraints: Maximum length of 128 characters. + Key *string `type:"string"` + + // The tag value. + // + // Length Constraints: Maximum length of 256 characters. + Value *string `type:"string"` +} + +// String returns the string representation +func (s Tag) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s Tag) GoString() string { + return s.String() +} + +// SetKey sets the Key field's value. +func (s *Tag) SetKey(v string) *Tag { + s.Key = &v + return s +} + +// SetValue sets the Value field's value. +func (s *Tag) SetValue(v string) *Tag { + s.Value = &v + return s +} + +type TagResourceInput struct { + _ struct{} `type:"structure"` + + // The Amazon Resource Name (ARN) of the resource. + // + // ResourceArn is a required field + ResourceArn *string `location:"uri" locationName:"resourceArn" type:"string" required:"true"` + + // The tags to apply to the specified resource. + // + // Tags is a required field + Tags []*Tag `type:"list" required:"true"` +} + +// String returns the string representation +func (s TagResourceInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s TagResourceInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *TagResourceInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "TagResourceInput"} + if s.ResourceArn == nil { + invalidParams.Add(request.NewErrParamRequired("ResourceArn")) + } + if s.ResourceArn != nil && len(*s.ResourceArn) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ResourceArn", 1)) + } + if s.Tags == nil { + invalidParams.Add(request.NewErrParamRequired("Tags")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetResourceArn sets the ResourceArn field's value. +func (s *TagResourceInput) SetResourceArn(v string) *TagResourceInput { + s.ResourceArn = &v + return s +} + +// SetTags sets the Tags field's value. +func (s *TagResourceInput) SetTags(v []*Tag) *TagResourceInput { + s.Tags = v + return s +} + +type TagResourceOutput struct { + _ struct{} `type:"structure"` +} + +// String returns the string representation +func (s TagResourceOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s TagResourceOutput) GoString() string { + return s.String() +} + +// The request was denied due to request throttling. +type ThrottlingException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + Message_ *string `locationName:"Message" type:"string"` + + // Indicates when to retry the request. + RetryAfterSeconds *int64 `location:"header" locationName:"Retry-After" type:"integer"` +} + +// String returns the string representation +func (s ThrottlingException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ThrottlingException) GoString() string { + return s.String() +} + +func newErrorThrottlingException(v protocol.ResponseMetadata) error { + return &ThrottlingException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. +func (s *ThrottlingException) Code() string { + return "ThrottlingException" +} + +// Message returns the exception's message. +func (s *ThrottlingException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *ThrottlingException) OrigErr() error { + return nil +} + +func (s *ThrottlingException) Error() string { + return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *ThrottlingException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *ThrottlingException) RequestID() string { + return s.RespMetadata.RequestID +} + +// Describes the registration of a transit gateway to a global network. +type TransitGatewayRegistration struct { + _ struct{} `type:"structure"` + + // The ID of the global network. + GlobalNetworkId *string `type:"string"` + + // The state of the transit gateway registration. + State *TransitGatewayRegistrationStateReason `type:"structure"` + + // The Amazon Resource Name (ARN) of the transit gateway. + TransitGatewayArn *string `type:"string"` +} + +// String returns the string representation +func (s TransitGatewayRegistration) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s TransitGatewayRegistration) GoString() string { + return s.String() +} + +// SetGlobalNetworkId sets the GlobalNetworkId field's value. +func (s *TransitGatewayRegistration) SetGlobalNetworkId(v string) *TransitGatewayRegistration { + s.GlobalNetworkId = &v + return s +} + +// SetState sets the State field's value. +func (s *TransitGatewayRegistration) SetState(v *TransitGatewayRegistrationStateReason) *TransitGatewayRegistration { + s.State = v + return s +} + +// SetTransitGatewayArn sets the TransitGatewayArn field's value. +func (s *TransitGatewayRegistration) SetTransitGatewayArn(v string) *TransitGatewayRegistration { + s.TransitGatewayArn = &v + return s +} + +// Describes the status of a transit gateway registration. +type TransitGatewayRegistrationStateReason struct { + _ struct{} `type:"structure"` + + // The code for the state reason. + Code *string `type:"string" enum:"TransitGatewayRegistrationState"` + + // The message for the state reason. + Message *string `type:"string"` +} + +// String returns the string representation +func (s TransitGatewayRegistrationStateReason) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s TransitGatewayRegistrationStateReason) GoString() string { + return s.String() +} + +// SetCode sets the Code field's value. +func (s *TransitGatewayRegistrationStateReason) SetCode(v string) *TransitGatewayRegistrationStateReason { + s.Code = &v + return s +} + +// SetMessage sets the Message field's value. +func (s *TransitGatewayRegistrationStateReason) SetMessage(v string) *TransitGatewayRegistrationStateReason { + s.Message = &v + return s +} + +type UntagResourceInput struct { + _ struct{} `type:"structure"` + + // The Amazon Resource Name (ARN) of the resource. + // + // ResourceArn is a required field + ResourceArn *string `location:"uri" locationName:"resourceArn" type:"string" required:"true"` + + // The tag keys to remove from the specified resource. + // + // TagKeys is a required field + TagKeys []*string `location:"querystring" locationName:"tagKeys" type:"list" required:"true"` +} + +// String returns the string representation +func (s UntagResourceInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s UntagResourceInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *UntagResourceInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "UntagResourceInput"} + if s.ResourceArn == nil { + invalidParams.Add(request.NewErrParamRequired("ResourceArn")) + } + if s.ResourceArn != nil && len(*s.ResourceArn) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ResourceArn", 1)) + } + if s.TagKeys == nil { + invalidParams.Add(request.NewErrParamRequired("TagKeys")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetResourceArn sets the ResourceArn field's value. +func (s *UntagResourceInput) SetResourceArn(v string) *UntagResourceInput { + s.ResourceArn = &v + return s +} + +// SetTagKeys sets the TagKeys field's value. +func (s *UntagResourceInput) SetTagKeys(v []*string) *UntagResourceInput { + s.TagKeys = v + return s +} + +type UntagResourceOutput struct { + _ struct{} `type:"structure"` +} + +// String returns the string representation +func (s UntagResourceOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s UntagResourceOutput) GoString() string { + return s.String() +} + +type UpdateDeviceInput struct { + _ struct{} `type:"structure"` + + // A description of the device. + // + // Length Constraints: Maximum length of 256 characters. + Description *string `type:"string"` + + // The ID of the device. + // + // DeviceId is a required field + DeviceId *string `location:"uri" locationName:"deviceId" type:"string" required:"true"` + + // The ID of the global network. + // + // GlobalNetworkId is a required field + GlobalNetworkId *string `location:"uri" locationName:"globalNetworkId" type:"string" required:"true"` + + // Describes a location. + Location *Location `type:"structure"` + + // The model of the device. + // + // Length Constraints: Maximum length of 128 characters. + Model *string `type:"string"` + + // The serial number of the device. + // + // Length Constraints: Maximum length of 128 characters. + SerialNumber *string `type:"string"` + + // The ID of the site. + SiteId *string `type:"string"` + + // The type of the device. + Type *string `type:"string"` + + // The vendor of the device. + // + // Length Constraints: Maximum length of 128 characters. + Vendor *string `type:"string"` +} + +// String returns the string representation +func (s UpdateDeviceInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s UpdateDeviceInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *UpdateDeviceInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "UpdateDeviceInput"} + if s.DeviceId == nil { + invalidParams.Add(request.NewErrParamRequired("DeviceId")) + } + if s.DeviceId != nil && len(*s.DeviceId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("DeviceId", 1)) + } + if s.GlobalNetworkId == nil { + invalidParams.Add(request.NewErrParamRequired("GlobalNetworkId")) + } + if s.GlobalNetworkId != nil && len(*s.GlobalNetworkId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("GlobalNetworkId", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDescription sets the Description field's value. +func (s *UpdateDeviceInput) SetDescription(v string) *UpdateDeviceInput { + s.Description = &v + return s +} + +// SetDeviceId sets the DeviceId field's value. +func (s *UpdateDeviceInput) SetDeviceId(v string) *UpdateDeviceInput { + s.DeviceId = &v + return s +} + +// SetGlobalNetworkId sets the GlobalNetworkId field's value. +func (s *UpdateDeviceInput) SetGlobalNetworkId(v string) *UpdateDeviceInput { + s.GlobalNetworkId = &v + return s +} + +// SetLocation sets the Location field's value. +func (s *UpdateDeviceInput) SetLocation(v *Location) *UpdateDeviceInput { + s.Location = v + return s +} + +// SetModel sets the Model field's value. +func (s *UpdateDeviceInput) SetModel(v string) *UpdateDeviceInput { + s.Model = &v + return s +} + +// SetSerialNumber sets the SerialNumber field's value. +func (s *UpdateDeviceInput) SetSerialNumber(v string) *UpdateDeviceInput { + s.SerialNumber = &v + return s +} + +// SetSiteId sets the SiteId field's value. +func (s *UpdateDeviceInput) SetSiteId(v string) *UpdateDeviceInput { + s.SiteId = &v + return s +} + +// SetType sets the Type field's value. +func (s *UpdateDeviceInput) SetType(v string) *UpdateDeviceInput { + s.Type = &v + return s +} + +// SetVendor sets the Vendor field's value. +func (s *UpdateDeviceInput) SetVendor(v string) *UpdateDeviceInput { + s.Vendor = &v + return s +} + +type UpdateDeviceOutput struct { + _ struct{} `type:"structure"` + + // Information about the device. + Device *Device `type:"structure"` +} + +// String returns the string representation +func (s UpdateDeviceOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s UpdateDeviceOutput) GoString() string { + return s.String() +} + +// SetDevice sets the Device field's value. +func (s *UpdateDeviceOutput) SetDevice(v *Device) *UpdateDeviceOutput { + s.Device = v + return s +} + +type UpdateGlobalNetworkInput struct { + _ struct{} `type:"structure"` + + // A description of the global network. + // + // Length Constraints: Maximum length of 256 characters. + Description *string `type:"string"` + + // The ID of your global network. + // + // GlobalNetworkId is a required field + GlobalNetworkId *string `location:"uri" locationName:"globalNetworkId" type:"string" required:"true"` +} + +// String returns the string representation +func (s UpdateGlobalNetworkInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s UpdateGlobalNetworkInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *UpdateGlobalNetworkInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "UpdateGlobalNetworkInput"} + if s.GlobalNetworkId == nil { + invalidParams.Add(request.NewErrParamRequired("GlobalNetworkId")) + } + if s.GlobalNetworkId != nil && len(*s.GlobalNetworkId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("GlobalNetworkId", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDescription sets the Description field's value. +func (s *UpdateGlobalNetworkInput) SetDescription(v string) *UpdateGlobalNetworkInput { + s.Description = &v + return s +} + +// SetGlobalNetworkId sets the GlobalNetworkId field's value. +func (s *UpdateGlobalNetworkInput) SetGlobalNetworkId(v string) *UpdateGlobalNetworkInput { + s.GlobalNetworkId = &v + return s +} + +type UpdateGlobalNetworkOutput struct { + _ struct{} `type:"structure"` + + // Information about the global network object. + GlobalNetwork *GlobalNetwork `type:"structure"` +} + +// String returns the string representation +func (s UpdateGlobalNetworkOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s UpdateGlobalNetworkOutput) GoString() string { + return s.String() +} + +// SetGlobalNetwork sets the GlobalNetwork field's value. +func (s *UpdateGlobalNetworkOutput) SetGlobalNetwork(v *GlobalNetwork) *UpdateGlobalNetworkOutput { + s.GlobalNetwork = v + return s +} + +type UpdateLinkInput struct { + _ struct{} `type:"structure"` + + // The upload and download speed in Mbps. + Bandwidth *Bandwidth `type:"structure"` + + // A description of the link. + // + // Length Constraints: Maximum length of 256 characters. + Description *string `type:"string"` + + // The ID of the global network. + // + // GlobalNetworkId is a required field + GlobalNetworkId *string `location:"uri" locationName:"globalNetworkId" type:"string" required:"true"` + + // The ID of the link. + // + // LinkId is a required field + LinkId *string `location:"uri" locationName:"linkId" type:"string" required:"true"` + + // The provider of the link. + // + // Length Constraints: Maximum length of 128 characters. + Provider *string `type:"string"` + + // The type of the link. + // + // Length Constraints: Maximum length of 128 characters. + Type *string `type:"string"` +} + +// String returns the string representation +func (s UpdateLinkInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s UpdateLinkInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *UpdateLinkInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "UpdateLinkInput"} + if s.GlobalNetworkId == nil { + invalidParams.Add(request.NewErrParamRequired("GlobalNetworkId")) + } + if s.GlobalNetworkId != nil && len(*s.GlobalNetworkId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("GlobalNetworkId", 1)) + } + if s.LinkId == nil { + invalidParams.Add(request.NewErrParamRequired("LinkId")) + } + if s.LinkId != nil && len(*s.LinkId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("LinkId", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetBandwidth sets the Bandwidth field's value. +func (s *UpdateLinkInput) SetBandwidth(v *Bandwidth) *UpdateLinkInput { + s.Bandwidth = v + return s +} + +// SetDescription sets the Description field's value. +func (s *UpdateLinkInput) SetDescription(v string) *UpdateLinkInput { + s.Description = &v + return s +} + +// SetGlobalNetworkId sets the GlobalNetworkId field's value. +func (s *UpdateLinkInput) SetGlobalNetworkId(v string) *UpdateLinkInput { + s.GlobalNetworkId = &v + return s +} + +// SetLinkId sets the LinkId field's value. +func (s *UpdateLinkInput) SetLinkId(v string) *UpdateLinkInput { + s.LinkId = &v + return s +} + +// SetProvider sets the Provider field's value. +func (s *UpdateLinkInput) SetProvider(v string) *UpdateLinkInput { + s.Provider = &v + return s +} + +// SetType sets the Type field's value. +func (s *UpdateLinkInput) SetType(v string) *UpdateLinkInput { + s.Type = &v + return s +} + +type UpdateLinkOutput struct { + _ struct{} `type:"structure"` + + // Information about the link. + Link *Link `type:"structure"` +} + +// String returns the string representation +func (s UpdateLinkOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s UpdateLinkOutput) GoString() string { + return s.String() +} + +// SetLink sets the Link field's value. +func (s *UpdateLinkOutput) SetLink(v *Link) *UpdateLinkOutput { + s.Link = v + return s +} + +type UpdateSiteInput struct { + _ struct{} `type:"structure"` + + // A description of your site. + // + // Length Constraints: Maximum length of 256 characters. + Description *string `type:"string"` + + // The ID of the global network. + // + // GlobalNetworkId is a required field + GlobalNetworkId *string `location:"uri" locationName:"globalNetworkId" type:"string" required:"true"` + + // The site location: + // + // * Address: The physical address of the site. + // + // * Latitude: The latitude of the site. + // + // * Longitude: The longitude of the site. + Location *Location `type:"structure"` + + // The ID of your site. + // + // SiteId is a required field + SiteId *string `location:"uri" locationName:"siteId" type:"string" required:"true"` +} + +// String returns the string representation +func (s UpdateSiteInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s UpdateSiteInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *UpdateSiteInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "UpdateSiteInput"} + if s.GlobalNetworkId == nil { + invalidParams.Add(request.NewErrParamRequired("GlobalNetworkId")) + } + if s.GlobalNetworkId != nil && len(*s.GlobalNetworkId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("GlobalNetworkId", 1)) + } + if s.SiteId == nil { + invalidParams.Add(request.NewErrParamRequired("SiteId")) + } + if s.SiteId != nil && len(*s.SiteId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("SiteId", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDescription sets the Description field's value. +func (s *UpdateSiteInput) SetDescription(v string) *UpdateSiteInput { + s.Description = &v + return s +} + +// SetGlobalNetworkId sets the GlobalNetworkId field's value. +func (s *UpdateSiteInput) SetGlobalNetworkId(v string) *UpdateSiteInput { + s.GlobalNetworkId = &v + return s +} + +// SetLocation sets the Location field's value. +func (s *UpdateSiteInput) SetLocation(v *Location) *UpdateSiteInput { + s.Location = v + return s +} + +// SetSiteId sets the SiteId field's value. +func (s *UpdateSiteInput) SetSiteId(v string) *UpdateSiteInput { + s.SiteId = &v + return s +} + +type UpdateSiteOutput struct { + _ struct{} `type:"structure"` + + // Information about the site. + Site *Site `type:"structure"` +} + +// String returns the string representation +func (s UpdateSiteOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s UpdateSiteOutput) GoString() string { + return s.String() +} + +// SetSite sets the Site field's value. +func (s *UpdateSiteOutput) SetSite(v *Site) *UpdateSiteOutput { + s.Site = v + return s +} + +// The input fails to satisfy the constraints. +type ValidationException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + // The fields that caused the error, if applicable. + Fields []*ValidationExceptionField `type:"list"` + + Message_ *string `locationName:"Message" type:"string"` + + // The reason for the error. + Reason *string `type:"string" enum:"ValidationExceptionReason"` +} + +// String returns the string representation +func (s ValidationException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ValidationException) GoString() string { + return s.String() +} + +func newErrorValidationException(v protocol.ResponseMetadata) error { + return &ValidationException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. +func (s *ValidationException) Code() string { + return "ValidationException" +} + +// Message returns the exception's message. +func (s *ValidationException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *ValidationException) OrigErr() error { + return nil +} + +func (s *ValidationException) Error() string { + return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *ValidationException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *ValidationException) RequestID() string { + return s.RespMetadata.RequestID +} + +// Describes a validation exception for a field. +type ValidationExceptionField struct { + _ struct{} `type:"structure"` + + // The message for the field. + // + // Message is a required field + Message *string `type:"string" required:"true"` + + // The name of the field. + // + // Name is a required field + Name *string `type:"string" required:"true"` +} + +// String returns the string representation +func (s ValidationExceptionField) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ValidationExceptionField) GoString() string { + return s.String() +} + +// SetMessage sets the Message field's value. +func (s *ValidationExceptionField) SetMessage(v string) *ValidationExceptionField { + s.Message = &v + return s +} + +// SetName sets the Name field's value. +func (s *ValidationExceptionField) SetName(v string) *ValidationExceptionField { + s.Name = &v + return s +} + +const ( + // CustomerGatewayAssociationStatePending is a CustomerGatewayAssociationState enum value + CustomerGatewayAssociationStatePending = "PENDING" + + // CustomerGatewayAssociationStateAvailable is a CustomerGatewayAssociationState enum value + CustomerGatewayAssociationStateAvailable = "AVAILABLE" + + // CustomerGatewayAssociationStateDeleting is a CustomerGatewayAssociationState enum value + CustomerGatewayAssociationStateDeleting = "DELETING" + + // CustomerGatewayAssociationStateDeleted is a CustomerGatewayAssociationState enum value + CustomerGatewayAssociationStateDeleted = "DELETED" +) + +const ( + // DeviceStatePending is a DeviceState enum value + DeviceStatePending = "PENDING" + + // DeviceStateAvailable is a DeviceState enum value + DeviceStateAvailable = "AVAILABLE" + + // DeviceStateDeleting is a DeviceState enum value + DeviceStateDeleting = "DELETING" + + // DeviceStateUpdating is a DeviceState enum value + DeviceStateUpdating = "UPDATING" +) + +const ( + // GlobalNetworkStatePending is a GlobalNetworkState enum value + GlobalNetworkStatePending = "PENDING" + + // GlobalNetworkStateAvailable is a GlobalNetworkState enum value + GlobalNetworkStateAvailable = "AVAILABLE" + + // GlobalNetworkStateDeleting is a GlobalNetworkState enum value + GlobalNetworkStateDeleting = "DELETING" + + // GlobalNetworkStateUpdating is a GlobalNetworkState enum value + GlobalNetworkStateUpdating = "UPDATING" +) + +const ( + // LinkAssociationStatePending is a LinkAssociationState enum value + LinkAssociationStatePending = "PENDING" + + // LinkAssociationStateAvailable is a LinkAssociationState enum value + LinkAssociationStateAvailable = "AVAILABLE" + + // LinkAssociationStateDeleting is a LinkAssociationState enum value + LinkAssociationStateDeleting = "DELETING" + + // LinkAssociationStateDeleted is a LinkAssociationState enum value + LinkAssociationStateDeleted = "DELETED" +) + +const ( + // LinkStatePending is a LinkState enum value + LinkStatePending = "PENDING" + + // LinkStateAvailable is a LinkState enum value + LinkStateAvailable = "AVAILABLE" + + // LinkStateDeleting is a LinkState enum value + LinkStateDeleting = "DELETING" + + // LinkStateUpdating is a LinkState enum value + LinkStateUpdating = "UPDATING" +) + +const ( + // SiteStatePending is a SiteState enum value + SiteStatePending = "PENDING" + + // SiteStateAvailable is a SiteState enum value + SiteStateAvailable = "AVAILABLE" + + // SiteStateDeleting is a SiteState enum value + SiteStateDeleting = "DELETING" + + // SiteStateUpdating is a SiteState enum value + SiteStateUpdating = "UPDATING" +) + +const ( + // TransitGatewayRegistrationStatePending is a TransitGatewayRegistrationState enum value + TransitGatewayRegistrationStatePending = "PENDING" + + // TransitGatewayRegistrationStateAvailable is a TransitGatewayRegistrationState enum value + TransitGatewayRegistrationStateAvailable = "AVAILABLE" + + // TransitGatewayRegistrationStateDeleting is a TransitGatewayRegistrationState enum value + TransitGatewayRegistrationStateDeleting = "DELETING" + + // TransitGatewayRegistrationStateDeleted is a TransitGatewayRegistrationState enum value + TransitGatewayRegistrationStateDeleted = "DELETED" + + // TransitGatewayRegistrationStateFailed is a TransitGatewayRegistrationState enum value + TransitGatewayRegistrationStateFailed = "FAILED" +) + +const ( + // ValidationExceptionReasonUnknownOperation is a ValidationExceptionReason enum value + ValidationExceptionReasonUnknownOperation = "UnknownOperation" + + // ValidationExceptionReasonCannotParse is a ValidationExceptionReason enum value + ValidationExceptionReasonCannotParse = "CannotParse" + + // ValidationExceptionReasonFieldValidationFailed is a ValidationExceptionReason enum value + ValidationExceptionReasonFieldValidationFailed = "FieldValidationFailed" + + // ValidationExceptionReasonOther is a ValidationExceptionReason enum value + ValidationExceptionReasonOther = "Other" +) diff --git a/vendor/github.com/aws/aws-sdk-go/service/networkmanager/doc.go b/vendor/github.com/aws/aws-sdk-go/service/networkmanager/doc.go new file mode 100644 index 00000000000..65cd8cb7a9e --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go/service/networkmanager/doc.go @@ -0,0 +1,30 @@ +// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT. + +// Package networkmanager provides the client and types for making API +// requests to AWS Network Manager. +// +// Transit Gateway Network Manager (Network Manager) enables you to create a +// global network, in which you can monitor your AWS and on-premises networks +// that are built around transit gateways. +// +// See https://docs.aws.amazon.com/goto/WebAPI/networkmanager-2019-07-05 for more information on this service. +// +// See networkmanager package documentation for more information. +// https://docs.aws.amazon.com/sdk-for-go/api/service/networkmanager/ +// +// Using the Client +// +// To contact AWS Network Manager with the SDK use the New function to create +// a new service client. With that client you can make API requests to the service. +// These clients are safe to use concurrently. +// +// See the SDK's documentation for more information on how to use the SDK. +// https://docs.aws.amazon.com/sdk-for-go/api/ +// +// See aws.Config documentation for more information on configuring SDK clients. +// https://docs.aws.amazon.com/sdk-for-go/api/aws/#Config +// +// See the AWS Network Manager client NetworkManager for more +// information on creating client for this service. +// https://docs.aws.amazon.com/sdk-for-go/api/service/networkmanager/#New +package networkmanager diff --git a/vendor/github.com/aws/aws-sdk-go/service/networkmanager/errors.go b/vendor/github.com/aws/aws-sdk-go/service/networkmanager/errors.go new file mode 100644 index 00000000000..9e9c2bf05e6 --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go/service/networkmanager/errors.go @@ -0,0 +1,63 @@ +// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT. + +package networkmanager + +import ( + "github.com/aws/aws-sdk-go/private/protocol" +) + +const ( + + // ErrCodeAccessDeniedException for service response error code + // "AccessDeniedException". + // + // You do not have sufficient access to perform this action. + ErrCodeAccessDeniedException = "AccessDeniedException" + + // ErrCodeConflictException for service response error code + // "ConflictException". + // + // There was a conflict processing the request. Updating or deleting the resource + // can cause an inconsistent state. + ErrCodeConflictException = "ConflictException" + + // ErrCodeInternalServerException for service response error code + // "InternalServerException". + // + // The request has failed due to an internal error. + ErrCodeInternalServerException = "InternalServerException" + + // ErrCodeResourceNotFoundException for service response error code + // "ResourceNotFoundException". + // + // The specified resource could not be found. + ErrCodeResourceNotFoundException = "ResourceNotFoundException" + + // ErrCodeServiceQuotaExceededException for service response error code + // "ServiceQuotaExceededException". + // + // A service limit was exceeded. + ErrCodeServiceQuotaExceededException = "ServiceQuotaExceededException" + + // ErrCodeThrottlingException for service response error code + // "ThrottlingException". + // + // The request was denied due to request throttling. + ErrCodeThrottlingException = "ThrottlingException" + + // ErrCodeValidationException for service response error code + // "ValidationException". + // + // The input fails to satisfy the constraints. + ErrCodeValidationException = "ValidationException" +) + +var exceptionFromCode = map[string]func(protocol.ResponseMetadata) error{ + "AccessDeniedException": newErrorAccessDeniedException, + "ConflictException": newErrorConflictException, + "InternalServerException": newErrorInternalServerException, + "ResourceNotFoundException": newErrorResourceNotFoundException, + "ServiceQuotaExceededException": newErrorServiceQuotaExceededException, + "ThrottlingException": newErrorThrottlingException, + "ValidationException": newErrorValidationException, +} diff --git a/vendor/github.com/aws/aws-sdk-go/service/networkmanager/service.go b/vendor/github.com/aws/aws-sdk-go/service/networkmanager/service.go new file mode 100644 index 00000000000..56ce4f413be --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go/service/networkmanager/service.go @@ -0,0 +1,104 @@ +// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT. + +package networkmanager + +import ( + "github.com/aws/aws-sdk-go/aws" + "github.com/aws/aws-sdk-go/aws/client" + "github.com/aws/aws-sdk-go/aws/client/metadata" + "github.com/aws/aws-sdk-go/aws/request" + "github.com/aws/aws-sdk-go/aws/signer/v4" + "github.com/aws/aws-sdk-go/private/protocol" + "github.com/aws/aws-sdk-go/private/protocol/restjson" +) + +// NetworkManager provides the API operation methods for making requests to +// AWS Network Manager. See this package's package overview docs +// for details on the service. +// +// NetworkManager methods are safe to use concurrently. It is not safe to +// modify mutate any of the struct's properties though. +type NetworkManager struct { + *client.Client +} + +// Used for custom client initialization logic +var initClient func(*client.Client) + +// Used for custom request initialization logic +var initRequest func(*request.Request) + +// Service information constants +const ( + ServiceName = "NetworkManager" // Name of service. + EndpointsID = "networkmanager" // ID to lookup a service endpoint with. + ServiceID = "NetworkManager" // ServiceID is a unique identifier of a specific service. +) + +// New creates a new instance of the NetworkManager client with a session. +// If additional configuration is needed for the client instance use the optional +// aws.Config parameter to add your extra config. +// +// Example: +// mySession := session.Must(session.NewSession()) +// +// // Create a NetworkManager client from just a session. +// svc := networkmanager.New(mySession) +// +// // Create a NetworkManager client with additional configuration +// svc := networkmanager.New(mySession, aws.NewConfig().WithRegion("us-west-2")) +func New(p client.ConfigProvider, cfgs ...*aws.Config) *NetworkManager { + c := p.ClientConfig(EndpointsID, cfgs...) + if c.SigningNameDerived || len(c.SigningName) == 0 { + c.SigningName = "networkmanager" + } + return newClient(*c.Config, c.Handlers, c.PartitionID, c.Endpoint, c.SigningRegion, c.SigningName) +} + +// newClient creates, initializes and returns a new service client instance. +func newClient(cfg aws.Config, handlers request.Handlers, partitionID, endpoint, signingRegion, signingName string) *NetworkManager { + svc := &NetworkManager{ + Client: client.New( + cfg, + metadata.ClientInfo{ + ServiceName: ServiceName, + ServiceID: ServiceID, + SigningName: signingName, + SigningRegion: signingRegion, + PartitionID: partitionID, + Endpoint: endpoint, + APIVersion: "2019-07-05", + }, + handlers, + ), + } + + // Handlers + svc.Handlers.Sign.PushBackNamed(v4.SignRequestHandler) + svc.Handlers.Build.PushBackNamed(restjson.BuildHandler) + svc.Handlers.Unmarshal.PushBackNamed(restjson.UnmarshalHandler) + svc.Handlers.UnmarshalMeta.PushBackNamed(restjson.UnmarshalMetaHandler) + svc.Handlers.UnmarshalError.PushBackNamed( + protocol.NewUnmarshalErrorHandler(restjson.NewUnmarshalTypedError(exceptionFromCode)).NamedHandler(), + ) + + // Run custom client initialization if present + if initClient != nil { + initClient(svc.Client) + } + + return svc +} + +// newRequest creates a new request for a NetworkManager operation and runs any +// custom request initialization. +func (c *NetworkManager) newRequest(op *request.Operation, params, data interface{}) *request.Request { + req := c.NewRequest(op, params, data) + + // Run custom request initialization if present + if initRequest != nil { + initRequest(req) + } + + return req +} diff --git a/vendor/modules.txt b/vendor/modules.txt index 3459394f6b1..ffdbe2c150a 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -165,6 +165,7 @@ github.com/aws/aws-sdk-go/service/mediastore github.com/aws/aws-sdk-go/service/mediastoredata github.com/aws/aws-sdk-go/service/mq github.com/aws/aws-sdk-go/service/neptune +github.com/aws/aws-sdk-go/service/networkmanager github.com/aws/aws-sdk-go/service/opsworks github.com/aws/aws-sdk-go/service/organizations github.com/aws/aws-sdk-go/service/personalize diff --git a/website/allowed-subcategories.txt b/website/allowed-subcategories.txt index 6a995578b82..fbb7b427f17 100644 --- a/website/allowed-subcategories.txt +++ b/website/allowed-subcategories.txt @@ -103,6 +103,7 @@ SimpleDB Step Function (SFN) Storage Gateway Transfer +Transit Gateway Network Manager VPC WAF Regional WAF diff --git a/website/docs/guides/custom-service-endpoints.html.md b/website/docs/guides/custom-service-endpoints.html.md index cb46a8dd6a2..e186ac084c3 100644 --- a/website/docs/guides/custom-service-endpoints.html.md +++ b/website/docs/guides/custom-service-endpoints.html.md @@ -149,6 +149,7 @@ The Terraform AWS Provider allows the following endpoints to be customized:
  • mediastoredata
  • mq
  • neptune
    • +
  • networkmanager
  • opsworks
  • organizations
  • personalize
    • From 7020ac01484b8a65095d2d685cace6805374c83a Mon Sep 17 00:00:00 2001 From: angie pinilla Date: Thu, 14 May 2020 11:44:23 -0400 Subject: [PATCH 145/475] Update CHANGELOG for #11809 --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 5dc39ae3764..ed7e5e79681 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -18,6 +18,7 @@ ENHANCEMENTS: BUG FIXES: * resource/aws_codebuild_project: Allow empty value (`""`) environment variables [GH-11572] +* resource/aws_security_group_rule: Prevent recreation when `source_security_group_id` refers to a security group across accounts [GH-11809] ## 2.61.0 (May 08, 2020) From 3dd120d57db515e58126b918c2cbdd7d713c4ba0 Mon Sep 17 00:00:00 2001 From: Pascal van Buijtene Date: Thu, 14 May 2020 22:32:08 +0200 Subject: [PATCH 146/475] Improve nil checks --- aws/resource_aws_wafv2_ip_set.go | 17 ++++++++++------- aws/resource_aws_wafv2_ip_set_test.go | 11 +++++++++-- 2 files changed, 19 insertions(+), 9 deletions(-) diff --git a/aws/resource_aws_wafv2_ip_set.go b/aws/resource_aws_wafv2_ip_set.go index 83e7c53dfd8..2019da2293e 100644 --- a/aws/resource_aws_wafv2_ip_set.go +++ b/aws/resource_aws_wafv2_ip_set.go @@ -130,10 +130,14 @@ func resourceAwsWafv2IPSetCreate(d *schema.ResourceData, meta interface{}) error resp, err := conn.CreateIPSet(params) - if err != nil || resp == nil || resp.Summary == nil { + if err != nil { return fmt.Errorf("Error creating WAFv2 IPSet: %s", err) } + if resp == nil || resp.Summary == nil { + return fmt.Errorf("Error creating WAFv2 IPSet") + } + d.SetId(aws.StringValue(resp.Summary.Id)) return resourceAwsWafv2IPSetRead(d, meta) @@ -156,7 +160,6 @@ func resourceAwsWafv2IPSetRead(d *schema.ResourceData, meta interface{}) error { d.SetId("") return nil } - return err } @@ -164,11 +167,11 @@ func resourceAwsWafv2IPSetRead(d *schema.ResourceData, meta interface{}) error { return fmt.Errorf("Error reading WAFv2 IPSet") } - d.Set("name", resp.IPSet.Name) - d.Set("description", resp.IPSet.Description) - d.Set("ip_address_version", resp.IPSet.IPAddressVersion) - d.Set("arn", resp.IPSet.ARN) - d.Set("lock_token", resp.LockToken) + d.Set("name", aws.StringValue(resp.IPSet.Name)) + d.Set("description", aws.StringValue(resp.IPSet.Description)) + d.Set("ip_address_version", aws.StringValue(resp.IPSet.IPAddressVersion)) + d.Set("arn", aws.StringValue(resp.IPSet.ARN)) + d.Set("lock_token", aws.StringValue(resp.LockToken)) if err := d.Set("addresses", flattenStringSet(resp.IPSet.Addresses)); err != nil { return fmt.Errorf("Error setting addresses: %s", err) diff --git a/aws/resource_aws_wafv2_ip_set_test.go b/aws/resource_aws_wafv2_ip_set_test.go index 0787f145a8d..dacd0567f2a 100644 --- a/aws/resource_aws_wafv2_ip_set_test.go +++ b/aws/resource_aws_wafv2_ip_set_test.go @@ -250,7 +250,10 @@ func testAccCheckAWSWafv2IPSetDestroy(s *terraform.State) error { }) if err == nil { - if aws.StringValue(resp.IPSet.Id) == rs.Primary.ID && resp != nil && resp.IPSet != nil { + if resp == nil || resp.IPSet == nil { + return fmt.Errorf("Error getting WAFv2 IPSet") + } + if aws.StringValue(resp.IPSet.Id) == rs.Primary.ID { return fmt.Errorf("WAFv2 IPSet %s still exists", rs.Primary.ID) } return nil @@ -289,7 +292,11 @@ func testAccCheckAWSWafv2IPSetExists(n string, v *wafv2.IPSet) resource.TestChec return err } - if aws.StringValue(resp.IPSet.Id) == rs.Primary.ID && resp != nil && resp.IPSet != nil { + if resp == nil || resp.IPSet == nil { + return fmt.Errorf("Error getting WAFv2 IPSet") + } + + if aws.StringValue(resp.IPSet.Id) == rs.Primary.ID { *v = *resp.IPSet return nil } From 4a296f43be2996350187a0ef3a6afb3c2afe7a1e Mon Sep 17 00:00:00 2001 From: John Barnes Date: Thu, 14 May 2020 19:09:11 -0400 Subject: [PATCH 147/475] resource/aws_datasync_task: Support `ONLY_FILES_TRANSFERRED` value in `verify_mode` argument (#12897) Output from acceptance testing (test failures unrelated): ``` --- PASS: TestAccAWSDataSyncTask_CloudWatchLogGroupARN (232.83s) --- PASS: TestAccAWSDataSyncTask_disappears (248.46s) --- PASS: TestAccAWSDataSyncTask_basic (251.56s) --- PASS: TestAccAWSDataSyncTask_DefaultSyncOptions_AtimeMtime (259.19s) --- PASS: TestAccAWSDataSyncTask_DefaultSyncOptions_VerifyMode (271.49s) --- PASS: TestAccAWSDataSyncTask_DefaultSyncOptions_PreserveDevices (288.71s) --- PASS: TestAccAWSDataSyncTask_DefaultSyncOptions_BytesPerSecond (290.06s) --- PASS: TestAccAWSDataSyncTask_DefaultSyncOptions_Uid (290.59s) --- FAIL: TestAccAWSDataSyncTask_DefaultSyncOptions_PosixPermissions (293.54s) --- FAIL: TestAccAWSDataSyncTask_DefaultSyncOptions_PreserveDeletedFiles (296.27s) --- PASS: TestAccAWSDataSyncTask_DefaultSyncOptions_Gid (321.15s) ``` --- aws/resource_aws_datasync_task.go | 1 + aws/resource_aws_datasync_task_test.go | 11 ++++++++++- website/docs/r/datasync_task.html.markdown | 2 +- 3 files changed, 12 insertions(+), 2 deletions(-) diff --git a/aws/resource_aws_datasync_task.go b/aws/resource_aws_datasync_task.go index 65405532107..9b5a76452a6 100644 --- a/aws/resource_aws_datasync_task.go +++ b/aws/resource_aws_datasync_task.go @@ -139,6 +139,7 @@ func resourceAwsDataSyncTask() *schema.Resource { ValidateFunc: validation.StringInSlice([]string{ datasync.VerifyModeNone, datasync.VerifyModePointInTimeConsistent, + datasync.VerifyModeOnlyFilesTransferred, }, false), }, }, diff --git a/aws/resource_aws_datasync_task_test.go b/aws/resource_aws_datasync_task_test.go index d1471807c44..1e406ed45d2 100644 --- a/aws/resource_aws_datasync_task_test.go +++ b/aws/resource_aws_datasync_task_test.go @@ -421,7 +421,7 @@ func TestAccAWSDataSyncTask_DefaultSyncOptions_Uid(t *testing.T) { } func TestAccAWSDataSyncTask_DefaultSyncOptions_VerifyMode(t *testing.T) { - var task1, task2 datasync.DescribeTaskOutput + var task1, task2, task3 datasync.DescribeTaskOutput rName := acctest.RandomWithPrefix("tf-acc-test") resourceName := "aws_datasync_task.test" @@ -452,6 +452,15 @@ func TestAccAWSDataSyncTask_DefaultSyncOptions_VerifyMode(t *testing.T) { resource.TestCheckResourceAttr(resourceName, "options.0.verify_mode", "POINT_IN_TIME_CONSISTENT"), ), }, + { + Config: testAccAWSDataSyncTaskConfigDefaultSyncOptionsVerifyMode(rName, "ONLY_FILES_TRANSFERRED"), + Check: resource.ComposeTestCheckFunc( + testAccCheckAWSDataSyncTaskExists(resourceName, &task3), + testAccCheckAWSDataSyncTaskNotRecreated(&task2, &task3), + resource.TestCheckResourceAttr(resourceName, "options.#", "1"), + resource.TestCheckResourceAttr(resourceName, "options.0.verify_mode", "ONLY_FILES_TRANSFERRED"), + ), + }, }, }) } diff --git a/website/docs/r/datasync_task.html.markdown b/website/docs/r/datasync_task.html.markdown index c12358e43b6..99e79f05885 100644 --- a/website/docs/r/datasync_task.html.markdown +++ b/website/docs/r/datasync_task.html.markdown @@ -49,7 +49,7 @@ The following arguments are supported inside the `options` configuration block: * `preserve_deleted_files` - (Optional) Whether files deleted in the source should be removed or preserved in the destination file system. Valid values: `PRESERVE`, `REMOVE`. Default: `PRESERVE`. * `preserve_devices` - (Optional) Whether the DataSync Task should preserve the metadata of block and character devices in the source files system, and recreate the files with that device name and metadata on the destination. The DataSync Task can’t sync the actual contents of such devices, because many of the devices are non-terminal and don’t return an end of file (EOF) marker. Valid values: `NONE`, `PRESERVE`. Default: `NONE` (ignore special devices). * `uid` - (Optional) User identifier of the file's owners. Valid values: `BOTH`, `INT_VALUE`, `NAME`, `NONE`. Default: `INT_VALUE` (preserve integer value of the ID). -* `verify_mode` - (Optional) Whether a data integrity verification should be performed at the end of a task execution after all data and metadata have been transferred. Valid values: `NONE`, `POINT_IN_TIME_CONSISTENT`. Default: `POINT_IN_TIME_CONSISTENT`. +* `verify_mode` - (Optional) Whether a data integrity verification should be performed at the end of a task execution after all data and metadata have been transferred. Valid values: `NONE`, `POINT_IN_TIME_CONSISTENT`, `ONLY_FILES_TRANSFERRED`. Default: `POINT_IN_TIME_CONSISTENT`. ## Attribute Reference From 56f5b0ceab959d6fbb0447f1c1337ed3695eae58 Mon Sep 17 00:00:00 2001 From: Brian Flad Date: Thu, 14 May 2020 19:10:23 -0400 Subject: [PATCH 148/475] Update CHANGELOG for #12897 --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index ed7e5e79681..91a99ada950 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -9,6 +9,7 @@ ENHANCEMENTS: * resource/aws_appsync_resolver: Add `cache_config` configuration block [GH-12747] * resource/aws_codebuild_project: Support `git_submodules_config` with `GITHUB` and `GITHUB_ENTERPRISE` source types [GH-13285] * resource/aws_codebuild_project: Support `SECRETS_MANAGER` environment variable type [GH-12572] +* resource/aws_datasync_task: Support `ONLY_FILES_TRANSFERRED` value in `verify_mode` argument [GH-12897] * resource/aws_iot_topic_rule: Add `dynamodbv2` configuration block [GH-7469] * resource/aws_iot_topic_rule: Add `iot_analytics` configuration block [GH-9859] * resource/aws_iot_topic_rule: Add `iot_events` configuration block [GH-9890] From 2152c63f8db245696c3d255e6b920b994cd2ac1c Mon Sep 17 00:00:00 2001 From: tf-release-bot Date: Fri, 15 May 2020 00:05:46 +0000 Subject: [PATCH 149/475] v2.62.0 --- CHANGELOG.md | 26 +++++++++++++------------- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 91a99ada950..f4079933a1a 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,25 +1,25 @@ -## 2.62.0 (Unreleased) +## 2.62.0 (May 15, 2020) FEATURES: -* **New Resource:** `aws_workspaces_workspace` [GH-11608] +* **New Resource:** `aws_workspaces_workspace` ([#11608](https://github.com/terraform-providers/terraform-provider-aws/issues/11608)) ENHANCEMENTS: -* resource/aws_appsync_resolver: Add `cache_config` configuration block [GH-12747] -* resource/aws_codebuild_project: Support `git_submodules_config` with `GITHUB` and `GITHUB_ENTERPRISE` source types [GH-13285] -* resource/aws_codebuild_project: Support `SECRETS_MANAGER` environment variable type [GH-12572] -* resource/aws_datasync_task: Support `ONLY_FILES_TRANSFERRED` value in `verify_mode` argument [GH-12897] -* resource/aws_iot_topic_rule: Add `dynamodbv2` configuration block [GH-7469] -* resource/aws_iot_topic_rule: Add `iot_analytics` configuration block [GH-9859] -* resource/aws_iot_topic_rule: Add `iot_events` configuration block [GH-9890] -* resource/aws_iot_topic_rule: Add `operation` argument to `dynamodb` configuration block [GH-12714] -* resource/aws_iot_topic_rule: Add `qos` argument `republish` configuration block [GH-12869] +* resource/aws_appsync_resolver: Add `cache_config` configuration block ([#12747](https://github.com/terraform-providers/terraform-provider-aws/issues/12747)) +* resource/aws_codebuild_project: Support `git_submodules_config` with `GITHUB` and `GITHUB_ENTERPRISE` source types ([#13285](https://github.com/terraform-providers/terraform-provider-aws/issues/13285)) +* resource/aws_codebuild_project: Support `SECRETS_MANAGER` environment variable type ([#12572](https://github.com/terraform-providers/terraform-provider-aws/issues/12572)) +* resource/aws_datasync_task: Support `ONLY_FILES_TRANSFERRED` value in `verify_mode` argument ([#12897](https://github.com/terraform-providers/terraform-provider-aws/issues/12897)) +* resource/aws_iot_topic_rule: Add `dynamodbv2` configuration block ([#7469](https://github.com/terraform-providers/terraform-provider-aws/issues/7469)) +* resource/aws_iot_topic_rule: Add `iot_analytics` configuration block ([#9859](https://github.com/terraform-providers/terraform-provider-aws/issues/9859)) +* resource/aws_iot_topic_rule: Add `iot_events` configuration block ([#9890](https://github.com/terraform-providers/terraform-provider-aws/issues/9890)) +* resource/aws_iot_topic_rule: Add `operation` argument to `dynamodb` configuration block ([#12714](https://github.com/terraform-providers/terraform-provider-aws/issues/12714)) +* resource/aws_iot_topic_rule: Add `qos` argument `republish` configuration block ([#12869](https://github.com/terraform-providers/terraform-provider-aws/issues/12869)) BUG FIXES: -* resource/aws_codebuild_project: Allow empty value (`""`) environment variables [GH-11572] -* resource/aws_security_group_rule: Prevent recreation when `source_security_group_id` refers to a security group across accounts [GH-11809] +* resource/aws_codebuild_project: Allow empty value (`""`) environment variables ([#11572](https://github.com/terraform-providers/terraform-provider-aws/issues/11572)) +* resource/aws_security_group_rule: Prevent recreation when `source_security_group_id` refers to a security group across accounts ([#11809](https://github.com/terraform-providers/terraform-provider-aws/issues/11809)) ## 2.61.0 (May 08, 2020) From 7fd165ff84fd05cce64bed17d20a69f0c684fd9e Mon Sep 17 00:00:00 2001 From: tf-release-bot Date: Fri, 15 May 2020 00:23:34 +0000 Subject: [PATCH 150/475] Cleanup after v2.62.0 release --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index f4079933a1a..cd7c7351153 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,4 @@ +## 2.63.0 (Unreleased) ## 2.62.0 (May 15, 2020) FEATURES: From 0fb18da4e45f5be3e3a3f0f1a2975a5c81578222 Mon Sep 17 00:00:00 2001 From: Angie Pinilla Date: Fri, 15 May 2020 00:36:31 -0400 Subject: [PATCH 151/475] update to using typelist --- aws/provider.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/aws/provider.go b/aws/provider.go index d7eaff110f5..e164c302d06 100644 --- a/aws/provider.go +++ b/aws/provider.go @@ -1168,7 +1168,7 @@ func providerConfigure(d *schema.ResourceData, terraformVersion string) (interfa } config.CredsFilename = credsPath - assumeRoleList := d.Get("assume_role").(*schema.Set).List() + assumeRoleList := d.Get("assume_role").([]interface{}) if len(assumeRoleList) == 1 { assumeRole := assumeRoleList[0].(map[string]interface{}) config.AssumeRoleARN = assumeRole["role_arn"].(string) @@ -1214,7 +1214,7 @@ var awsMutexKV = mutexkv.NewMutexKV() func assumeRoleSchema() *schema.Schema { return &schema.Schema{ - Type: schema.TypeSet, + Type: schema.TypeList, Optional: true, MaxItems: 1, Elem: &schema.Resource{ From a502a3970d2f5c310d62f89eb585e9e425794bd4 Mon Sep 17 00:00:00 2001 From: Angie Pinilla Date: Fri, 15 May 2020 00:44:29 -0400 Subject: [PATCH 152/475] enable linter --- aws/resource_aws_api_gateway_usage_plan.go | 18 +++++---------- ...esource_aws_api_gateway_usage_plan_test.go | 22 +++++++++---------- aws/resource_aws_api_gateway_vpc_link.go | 4 ++-- 3 files changed, 19 insertions(+), 25 deletions(-) diff --git a/aws/resource_aws_api_gateway_usage_plan.go b/aws/resource_aws_api_gateway_usage_plan.go index a3397dc5886..caa055e8d5c 100644 --- a/aws/resource_aws_api_gateway_usage_plan.go +++ b/aws/resource_aws_api_gateway_usage_plan.go @@ -55,7 +55,7 @@ func resourceAwsApiGatewayUsagePlan() *schema.Resource { }, "quota_settings": { - Type: schema.TypeSet, + Type: schema.TypeList, MaxItems: 1, Optional: true, Elem: &schema.Resource{ @@ -85,7 +85,7 @@ func resourceAwsApiGatewayUsagePlan() *schema.Resource { }, "throttle_settings": { - Type: schema.TypeSet, + Type: schema.TypeList, MaxItems: 1, Optional: true, Elem: &schema.Resource{ @@ -155,7 +155,7 @@ func resourceAwsApiGatewayUsagePlanCreate(d *schema.ResourceData, meta interface } if v, ok := d.GetOk("quota_settings"); ok { - settings := v.(*schema.Set).List() + settings := v.([]interface{}) q, ok := settings[0].(map[string]interface{}) if errors := validateApiGatewayUsagePlanQuotaSettings(q); len(errors) > 0 { @@ -184,7 +184,7 @@ func resourceAwsApiGatewayUsagePlanCreate(d *schema.ResourceData, meta interface } if v, ok := d.GetOk("throttle_settings"); ok { - settings := v.(*schema.Set).List() + settings := v.([]interface{}) q, ok := settings[0].(map[string]interface{}) if !ok { @@ -363,10 +363,7 @@ func resourceAwsApiGatewayUsagePlanUpdate(d *schema.ResourceData, meta interface if d.HasChange("throttle_settings") { o, n := d.GetChange("throttle_settings") - - os := o.(*schema.Set) - ns := n.(*schema.Set) - diff := ns.Difference(os).List() + diff := n.([]interface{}) // Handle Removal if len(diff) == 0 { @@ -411,10 +408,7 @@ func resourceAwsApiGatewayUsagePlanUpdate(d *schema.ResourceData, meta interface if d.HasChange("quota_settings") { o, n := d.GetChange("quota_settings") - - os := o.(*schema.Set) - ns := n.(*schema.Set) - diff := ns.Difference(os).List() + diff := n.([]interface{}) // Handle Removal if len(diff) == 0 { diff --git a/aws/resource_aws_api_gateway_usage_plan_test.go b/aws/resource_aws_api_gateway_usage_plan_test.go index c006ffd4be5..f3884c6f639 100644 --- a/aws/resource_aws_api_gateway_usage_plan_test.go +++ b/aws/resource_aws_api_gateway_usage_plan_test.go @@ -231,8 +231,8 @@ func TestAccAWSAPIGatewayUsagePlan_throttling(t *testing.T) { Check: resource.ComposeTestCheckFunc( testAccCheckAWSAPIGatewayUsagePlanExists(resourceName, &conf), resource.TestCheckResourceAttr(resourceName, "name", rName), - resource.TestCheckResourceAttr(resourceName, "throttle_settings.4173790118.burst_limit", "2"), - resource.TestCheckResourceAttr(resourceName, "throttle_settings.4173790118.rate_limit", "5"), + resource.TestCheckResourceAttr(resourceName, "throttle_settings.0.burst_limit", "2"), + resource.TestCheckResourceAttr(resourceName, "throttle_settings.0.rate_limit", "5"), ), }, { @@ -240,8 +240,8 @@ func TestAccAWSAPIGatewayUsagePlan_throttling(t *testing.T) { Check: resource.ComposeTestCheckFunc( testAccCheckAWSAPIGatewayUsagePlanExists(resourceName, &conf), resource.TestCheckResourceAttr(resourceName, "name", rName), - resource.TestCheckResourceAttr(resourceName, "throttle_settings.1779463053.burst_limit", "3"), - resource.TestCheckResourceAttr(resourceName, "throttle_settings.1779463053.rate_limit", "6"), + resource.TestCheckResourceAttr(resourceName, "throttle_settings.0.burst_limit", "3"), + resource.TestCheckResourceAttr(resourceName, "throttle_settings.0.rate_limit", "6"), ), }, { @@ -272,7 +272,7 @@ func TestAccAWSAPIGatewayUsagePlan_throttlingInitialRateLimit(t *testing.T) { Config: testAccAWSApiGatewayUsagePlanThrottlingConfig(rName), Check: resource.ComposeTestCheckFunc( testAccCheckAWSAPIGatewayUsagePlanExists(resourceName, &conf), - resource.TestCheckResourceAttr(resourceName, "throttle_settings.4173790118.rate_limit", "5"), + resource.TestCheckResourceAttr(resourceName, "throttle_settings.0.rate_limit", "5"), ), }, { @@ -313,9 +313,9 @@ func TestAccAWSAPIGatewayUsagePlan_quota(t *testing.T) { Check: resource.ComposeTestCheckFunc( testAccCheckAWSAPIGatewayUsagePlanExists(resourceName, &conf), resource.TestCheckResourceAttr(resourceName, "name", rName), - resource.TestCheckResourceAttr(resourceName, "quota_settings.1956747625.limit", "100"), - resource.TestCheckResourceAttr(resourceName, "quota_settings.1956747625.offset", "6"), - resource.TestCheckResourceAttr(resourceName, "quota_settings.1956747625.period", "WEEK"), + resource.TestCheckResourceAttr(resourceName, "quota_settings.0.limit", "100"), + resource.TestCheckResourceAttr(resourceName, "quota_settings.0.offset", "6"), + resource.TestCheckResourceAttr(resourceName, "quota_settings.0.period", "WEEK"), ), }, { @@ -323,9 +323,9 @@ func TestAccAWSAPIGatewayUsagePlan_quota(t *testing.T) { Check: resource.ComposeTestCheckFunc( testAccCheckAWSAPIGatewayUsagePlanExists(resourceName, &conf), resource.TestCheckResourceAttr(resourceName, "name", rName), - resource.TestCheckResourceAttr(resourceName, "quota_settings.3909168194.limit", "200"), - resource.TestCheckResourceAttr(resourceName, "quota_settings.3909168194.offset", "20"), - resource.TestCheckResourceAttr(resourceName, "quota_settings.3909168194.period", "MONTH"), + resource.TestCheckResourceAttr(resourceName, "quota_settings.0.limit", "200"), + resource.TestCheckResourceAttr(resourceName, "quota_settings.0.offset", "20"), + resource.TestCheckResourceAttr(resourceName, "quota_settings.0.period", "MONTH"), ), }, { diff --git a/aws/resource_aws_api_gateway_vpc_link.go b/aws/resource_aws_api_gateway_vpc_link.go index 473f59d7828..28720412ebb 100644 --- a/aws/resource_aws_api_gateway_vpc_link.go +++ b/aws/resource_aws_api_gateway_vpc_link.go @@ -33,7 +33,7 @@ func resourceAwsApiGatewayVpcLink() *schema.Resource { Optional: true, }, "target_arns": { - Type: schema.TypeSet, + Type: schema.TypeList, MaxItems: 1, Required: true, ForceNew: true, @@ -54,7 +54,7 @@ func resourceAwsApiGatewayVpcLinkCreate(d *schema.ResourceData, meta interface{} input := &apigateway.CreateVpcLinkInput{ Name: aws.String(d.Get("name").(string)), - TargetArns: expandStringList(d.Get("target_arns").(*schema.Set).List()), + TargetArns: expandStringList(d.Get("target_arns").([]interface{})), Tags: tags, } if v, ok := d.GetOk("description"); ok { From 4604d6098dd82786f2f5c77d105cf25d650ced3f Mon Sep 17 00:00:00 2001 From: Angie Pinilla Date: Fri, 15 May 2020 00:46:59 -0400 Subject: [PATCH 153/475] enable linter --- aws/resource_aws_appmesh_virtual_node.go | 3 +-- aws/resource_aws_appmesh_virtual_router.go | 20 +------------------- 2 files changed, 2 insertions(+), 21 deletions(-) diff --git a/aws/resource_aws_appmesh_virtual_node.go b/aws/resource_aws_appmesh_virtual_node.go index e7ddc3b8263..77c3ba6f00a 100644 --- a/aws/resource_aws_appmesh_virtual_node.go +++ b/aws/resource_aws_appmesh_virtual_node.go @@ -86,7 +86,7 @@ func resourceAwsAppmeshVirtualNode() *schema.Resource { }, "listener": { - Type: schema.TypeSet, + Type: schema.TypeList, Optional: true, MinItems: 0, MaxItems: 1, @@ -173,7 +173,6 @@ func resourceAwsAppmeshVirtualNode() *schema.Resource { }, }, }, - Set: appmeshVirtualNodeListenerHash, }, "logging": { diff --git a/aws/resource_aws_appmesh_virtual_router.go b/aws/resource_aws_appmesh_virtual_router.go index a11d1d3eb51..3d3f9b90e78 100644 --- a/aws/resource_aws_appmesh_virtual_router.go +++ b/aws/resource_aws_appmesh_virtual_router.go @@ -1,7 +1,6 @@ package aws import ( - "bytes" "fmt" "log" "strings" @@ -9,7 +8,6 @@ import ( "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/service/appmesh" - "github.com/hashicorp/terraform-plugin-sdk/helper/hashcode" "github.com/hashicorp/terraform-plugin-sdk/helper/schema" "github.com/hashicorp/terraform-plugin-sdk/helper/validation" "github.com/terraform-providers/terraform-provider-aws/aws/internal/keyvaluetags" @@ -59,7 +57,7 @@ func resourceAwsAppmeshVirtualRouter() *schema.Resource { }, "listener": { - Type: schema.TypeSet, + Type: schema.TypeList, Required: true, MinItems: 1, MaxItems: 1, @@ -91,7 +89,6 @@ func resourceAwsAppmeshVirtualRouter() *schema.Resource { }, }, }, - Set: appmeshVirtualRouterListenerHash, }, }, }, @@ -258,18 +255,3 @@ func resourceAwsAppmeshVirtualRouterImport(d *schema.ResourceData, meta interfac return []*schema.ResourceData{d}, nil } - -func appmeshVirtualRouterListenerHash(vListener interface{}) int { - var buf bytes.Buffer - mListener := vListener.(map[string]interface{}) - if vPortMapping, ok := mListener["port_mapping"].([]interface{}); ok && len(vPortMapping) > 0 && vPortMapping[0] != nil { - mPortMapping := vPortMapping[0].(map[string]interface{}) - if v, ok := mPortMapping["port"].(int); ok { - buf.WriteString(fmt.Sprintf("%d-", v)) - } - if v, ok := mPortMapping["protocol"].(string); ok { - buf.WriteString(fmt.Sprintf("%s-", v)) - } - } - return hashcode.String(buf.String()) -} From 8a681e135fd52bf932098ece18c4801ff4f076b8 Mon Sep 17 00:00:00 2001 From: Angie Pinilla Date: Fri, 15 May 2020 00:48:34 -0400 Subject: [PATCH 154/475] enable linter --- aws/resource_aws_cloudfront_distribution.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/aws/resource_aws_cloudfront_distribution.go b/aws/resource_aws_cloudfront_distribution.go index 827b84b97aa..b55519209ee 100644 --- a/aws/resource_aws_cloudfront_distribution.go +++ b/aws/resource_aws_cloudfront_distribution.go @@ -68,13 +68,13 @@ func resourceAwsCloudFrontDistribution() *schema.Resource { Optional: true, }, "forwarded_values": { - Type: schema.TypeSet, + Type: schema.TypeList, Required: true, MaxItems: 1, Elem: &schema.Resource{ Schema: map[string]*schema.Schema{ "cookies": { - Type: schema.TypeSet, + Type: schema.TypeList, Required: true, MaxItems: 1, Elem: &schema.Resource{ From a9814e2f829a26dc343e7e2df83a58cfebb7056a Mon Sep 17 00:00:00 2001 From: Angie Pinilla Date: Fri, 15 May 2020 00:49:48 -0400 Subject: [PATCH 155/475] enable linter --- aws/resource_aws_ecs_service.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/aws/resource_aws_ecs_service.go b/aws/resource_aws_ecs_service.go index 50f698a5970..ce8437752d4 100644 --- a/aws/resource_aws_ecs_service.go +++ b/aws/resource_aws_ecs_service.go @@ -342,7 +342,7 @@ func resourceAwsEcsService() *schema.Resource { }, "service_registries": { - Type: schema.TypeSet, + Type: schema.TypeList, Optional: true, ForceNew: true, MaxItems: 1, @@ -486,7 +486,7 @@ func resourceAwsEcsServiceCreate(d *schema.ResourceData, meta interface{}) error input.PlacementConstraints = pc } - serviceRegistries := d.Get("service_registries").(*schema.Set).List() + serviceRegistries := d.Get("service_registries").([]interface{}) if len(serviceRegistries) > 0 { srs := make([]*ecs.ServiceRegistry, 0, len(serviceRegistries)) for _, v := range serviceRegistries { From 3da8e17e9c9b14ed6e0943deb015c2325a519c0f Mon Sep 17 00:00:00 2001 From: Angie Pinilla Date: Fri, 15 May 2020 00:51:00 -0400 Subject: [PATCH 156/475] enable linter --- aws/resource_aws_eks_node_group.go | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/aws/resource_aws_eks_node_group.go b/aws/resource_aws_eks_node_group.go index 7c29f24f089..a646912cdaa 100644 --- a/aws/resource_aws_eks_node_group.go +++ b/aws/resource_aws_eks_node_group.go @@ -59,7 +59,7 @@ func resourceAwsEksNodeGroup() *schema.Resource { ForceNew: true, }, "instance_types": { - Type: schema.TypeSet, + Type: schema.TypeList, Optional: true, Computed: true, ForceNew: true, @@ -201,8 +201,8 @@ func resourceAwsEksNodeGroupCreate(d *schema.ResourceData, meta interface{}) err input.DiskSize = aws.Int64(int64(v.(int))) } - if v := d.Get("instance_types").(*schema.Set); v.Len() > 0 { - input.InstanceTypes = expandStringSet(v) + if v := d.Get("instance_types").([]interface{}); len(v) > 0 { + input.InstanceTypes = expandStringList(v) } if v := d.Get("labels").(map[string]interface{}); len(v) > 0 { From 92db9489245ef540c234ddd616d67fa9d95eaeb6 Mon Sep 17 00:00:00 2001 From: Angie Pinilla Date: Fri, 15 May 2020 00:53:06 -0400 Subject: [PATCH 157/475] enable linter --- ...esource_aws_elastic_transcoder_pipeline.go | 26 +++++++------- aws/resource_aws_elastic_transcoder_preset.go | 36 +++++++++---------- 2 files changed, 31 insertions(+), 31 deletions(-) diff --git a/aws/resource_aws_elastic_transcoder_pipeline.go b/aws/resource_aws_elastic_transcoder_pipeline.go index edd1d5c63af..a0aedfecf2b 100644 --- a/aws/resource_aws_elastic_transcoder_pipeline.go +++ b/aws/resource_aws_elastic_transcoder_pipeline.go @@ -35,7 +35,7 @@ func resourceAwsElasticTranscoderPipeline() *schema.Resource { // ContentConfig also requires ThumbnailConfig "content_config": { - Type: schema.TypeSet, + Type: schema.TypeList, Optional: true, Computed: true, MaxItems: 1, @@ -102,7 +102,7 @@ func resourceAwsElasticTranscoderPipeline() *schema.Resource { }, "notifications": { - Type: schema.TypeSet, + Type: schema.TypeList, Optional: true, MaxItems: 1, Elem: &schema.Resource{ @@ -144,7 +144,7 @@ func resourceAwsElasticTranscoderPipeline() *schema.Resource { }, "thumbnail_config": { - Type: schema.TypeSet, + Type: schema.TypeList, Optional: true, Computed: true, MaxItems: 1, @@ -235,22 +235,22 @@ func resourceAwsElasticTranscoderPipelineCreate(d *schema.ResourceData, meta int } func expandETNotifications(d *schema.ResourceData) *elastictranscoder.Notifications { - set, ok := d.GetOk("notifications") + list, ok := d.GetOk("notifications") if !ok { return nil } - s := set.(*schema.Set).List() - if len(s) == 0 { + l := list.([]interface{}) + if len(l) == 0 { return nil } - if s[0] == nil { - log.Printf("[ERR] First element of Notifications set is nil") + if l[0] == nil { + log.Printf("[ERR] First element of Notifications list is nil") return nil } - rN := s[0].(map[string]interface{}) + rN := l[0].(map[string]interface{}) return &elastictranscoder.Notifications{ Completed: aws.String(rN["completed"].(string)), @@ -290,17 +290,17 @@ func flattenETNotifications(n *elastictranscoder.Notifications) []map[string]int } func expandETPiplineOutputConfig(d *schema.ResourceData, key string) *elastictranscoder.PipelineOutputConfig { - set, ok := d.GetOk(key) + list, ok := d.GetOk(key) if !ok { return nil } - s := set.(*schema.Set) - if s == nil || s.Len() == 0 { + l := list.([]interface{}) + if len(l) == 0 { return nil } - cc := s.List()[0].(map[string]interface{}) + cc := l[0].(map[string]interface{}) cfg := &elastictranscoder.PipelineOutputConfig{ Bucket: aws.String(cc["bucket"].(string)), diff --git a/aws/resource_aws_elastic_transcoder_preset.go b/aws/resource_aws_elastic_transcoder_preset.go index ca57e63b119..dfe0777a36c 100644 --- a/aws/resource_aws_elastic_transcoder_preset.go +++ b/aws/resource_aws_elastic_transcoder_preset.go @@ -26,7 +26,7 @@ func resourceAwsElasticTranscoderPreset() *schema.Resource { }, "audio": { - Type: schema.TypeSet, + Type: schema.TypeList, Optional: true, ForceNew: true, MaxItems: 1, @@ -62,7 +62,7 @@ func resourceAwsElasticTranscoderPreset() *schema.Resource { }, }, "audio_codec_options": { - Type: schema.TypeSet, + Type: schema.TypeList, MaxItems: 1, Optional: true, ForceNew: true, @@ -112,7 +112,7 @@ func resourceAwsElasticTranscoderPreset() *schema.Resource { }, "thumbnails": { - Type: schema.TypeSet, + Type: schema.TypeList, MaxItems: 1, Optional: true, ForceNew: true, @@ -170,7 +170,7 @@ func resourceAwsElasticTranscoderPreset() *schema.Resource { }, "video": { - Type: schema.TypeSet, + Type: schema.TypeList, Optional: true, ForceNew: true, MaxItems: 1, @@ -355,16 +355,16 @@ func resourceAwsElasticTranscoderPresetCreate(d *schema.ResourceData, meta inter } func expandETThumbnails(d *schema.ResourceData) *elastictranscoder.Thumbnails { - set, ok := d.GetOk("thumbnails") + list, ok := d.GetOk("thumbnails") if !ok { return nil } - s := set.(*schema.Set) - if s == nil || s.Len() == 0 { + l := list.([]interface{}) + if len(l) == 0 { return nil } - t := s.List()[0].(map[string]interface{}) + t := l[0].(map[string]interface{}) thumbnails := &elastictranscoder.Thumbnails{} @@ -404,16 +404,16 @@ func expandETThumbnails(d *schema.ResourceData) *elastictranscoder.Thumbnails { } func expandETAudioParams(d *schema.ResourceData) *elastictranscoder.AudioParameters { - set, ok := d.GetOk("audio") + list, ok := d.GetOk("audio") if !ok { return nil } - s := set.(*schema.Set) - if s == nil || s.Len() == 0 { + l := list.([]interface{}) + if len(l) == 0 { return nil } - audio := s.List()[0].(map[string]interface{}) + audio := l[0].(map[string]interface{}) return &elastictranscoder.AudioParameters{ AudioPackingMode: aws.String(audio["audio_packing_mode"].(string)), @@ -426,12 +426,12 @@ func expandETAudioParams(d *schema.ResourceData) *elastictranscoder.AudioParamet } func expandETAudioCodecOptions(d *schema.ResourceData) *elastictranscoder.AudioCodecOptions { - s := d.Get("audio_codec_options").(*schema.Set) - if s == nil || s.Len() == 0 { + l := d.Get("audio_codec_options").([]interface{}) + if len(l) == 0 { return nil } - codec := s.List()[0].(map[string]interface{}) + codec := l[0].(map[string]interface{}) codecOpts := &elastictranscoder.AudioCodecOptions{} @@ -455,11 +455,11 @@ func expandETAudioCodecOptions(d *schema.ResourceData) *elastictranscoder.AudioC } func expandETVideoParams(d *schema.ResourceData) *elastictranscoder.VideoParameters { - s := d.Get("video").(*schema.Set) - if s == nil || s.Len() == 0 { + l := d.Get("video").([]interface{}) + if len(l) == 0 { return nil } - p := s.List()[0].(map[string]interface{}) + p := l[0].(map[string]interface{}) etVideoParams := &elastictranscoder.VideoParameters{ Watermarks: expandETVideoWatermarks(d), From 6d2e841dbea4ab7aec50e18b65d0c8071a247e88 Mon Sep 17 00:00:00 2001 From: Angie Pinilla Date: Fri, 15 May 2020 00:54:26 -0400 Subject: [PATCH 158/475] enable linter --- aws/resource_aws_fsx_lustre_file_system.go | 4 ++-- aws/resource_aws_fsx_windows_file_system.go | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/aws/resource_aws_fsx_lustre_file_system.go b/aws/resource_aws_fsx_lustre_file_system.go index 7ab2b555628..619b24dd1ba 100644 --- a/aws/resource_aws_fsx_lustre_file_system.go +++ b/aws/resource_aws_fsx_lustre_file_system.go @@ -87,7 +87,7 @@ func resourceAwsFsxLustreFileSystem() *schema.Resource { ValidateFunc: validation.IntAtLeast(1200), }, "subnet_ids": { - Type: schema.TypeSet, + Type: schema.TypeList, Required: true, ForceNew: true, MinItems: 1, @@ -119,7 +119,7 @@ func resourceAwsFsxLustreFileSystemCreate(d *schema.ResourceData, meta interface ClientRequestToken: aws.String(resource.UniqueId()), FileSystemType: aws.String(fsx.FileSystemTypeLustre), StorageCapacity: aws.Int64(int64(d.Get("storage_capacity").(int))), - SubnetIds: expandStringSet(d.Get("subnet_ids").(*schema.Set)), + SubnetIds: expandStringList(d.Get("subnet_ids").([]interface{})), } if v, ok := d.GetOk("export_path"); ok { diff --git a/aws/resource_aws_fsx_windows_file_system.go b/aws/resource_aws_fsx_windows_file_system.go index c7d3c8485c9..3c63d346747 100644 --- a/aws/resource_aws_fsx_windows_file_system.go +++ b/aws/resource_aws_fsx_windows_file_system.go @@ -147,7 +147,7 @@ func resourceAwsFsxWindowsFileSystem() *schema.Resource { ValidateFunc: validation.IntBetween(32, 65536), }, "subnet_ids": { - Type: schema.TypeSet, + Type: schema.TypeList, Required: true, ForceNew: true, MinItems: 1, @@ -185,7 +185,7 @@ func resourceAwsFsxWindowsFileSystemCreate(d *schema.ResourceData, meta interfac ClientRequestToken: aws.String(resource.UniqueId()), FileSystemType: aws.String(fsx.FileSystemTypeWindows), StorageCapacity: aws.Int64(int64(d.Get("storage_capacity").(int))), - SubnetIds: expandStringSet(d.Get("subnet_ids").(*schema.Set)), + SubnetIds: expandStringList(d.Get("subnet_ids").([]interface{})), WindowsConfiguration: &fsx.CreateFileSystemWindowsConfiguration{ AutomaticBackupRetentionDays: aws.Int64(int64(d.Get("automatic_backup_retention_days").(int))), CopyTagsToBackups: aws.Bool(d.Get("copy_tags_to_backups").(bool)), From 0c73a1a2fdb82f7075e9c5d08127df5ad97ffda7 Mon Sep 17 00:00:00 2001 From: Angie Pinilla Date: Fri, 15 May 2020 00:56:05 -0400 Subject: [PATCH 159/475] enable linter --- ...ce_aws_kinesis_firehose_delivery_stream.go | 23 ++++--------------- 1 file changed, 5 insertions(+), 18 deletions(-) diff --git a/aws/resource_aws_kinesis_firehose_delivery_stream.go b/aws/resource_aws_kinesis_firehose_delivery_stream.go index 09b4b2e6fd4..786d203447a 100644 --- a/aws/resource_aws_kinesis_firehose_delivery_stream.go +++ b/aws/resource_aws_kinesis_firehose_delivery_stream.go @@ -1,7 +1,6 @@ package aws import ( - "bytes" "fmt" "log" "strings" @@ -10,7 +9,6 @@ import ( "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/arn" "github.com/aws/aws-sdk-go/service/firehose" - "github.com/hashicorp/terraform-plugin-sdk/helper/hashcode" "github.com/hashicorp/terraform-plugin-sdk/helper/resource" "github.com/hashicorp/terraform-plugin-sdk/helper/schema" "github.com/hashicorp/terraform-plugin-sdk/helper/validation" @@ -23,7 +21,7 @@ const ( func cloudWatchLoggingOptionsSchema() *schema.Schema { return &schema.Schema{ - Type: schema.TypeSet, + Type: schema.TypeList, MaxItems: 1, Optional: true, Computed: true, @@ -170,20 +168,9 @@ func processingConfigurationSchema() *schema.Schema { } } -func cloudwatchLoggingOptionsHash(v interface{}) int { - var buf bytes.Buffer - m := v.(map[string]interface{}) - buf.WriteString(fmt.Sprintf("%t-", m["enabled"].(bool))) - if m["enabled"].(bool) { - buf.WriteString(fmt.Sprintf("%s-", m["log_group_name"].(string))) - buf.WriteString(fmt.Sprintf("%s-", m["log_stream_name"].(string))) - } - return hashcode.String(buf.String()) -} - -func flattenCloudwatchLoggingOptions(clo *firehose.CloudWatchLoggingOptions) *schema.Set { +func flattenCloudwatchLoggingOptions(clo *firehose.CloudWatchLoggingOptions) []interface{} { if clo == nil { - return schema.NewSet(cloudwatchLoggingOptionsHash, []interface{}{}) + return []interface{}{} } cloudwatchLoggingOptions := map[string]interface{}{ @@ -193,7 +180,7 @@ func flattenCloudwatchLoggingOptions(clo *firehose.CloudWatchLoggingOptions) *sc cloudwatchLoggingOptions["log_group_name"] = aws.StringValue(clo.LogGroupName) cloudwatchLoggingOptions["log_stream_name"] = aws.StringValue(clo.LogStreamName) } - return schema.NewSet(cloudwatchLoggingOptionsHash, []interface{}{cloudwatchLoggingOptions}) + return []interface{}{cloudwatchLoggingOptions} } func flattenFirehoseElasticsearchConfiguration(description *firehose.ElasticsearchDestinationDescription) []map[string]interface{} { @@ -1804,7 +1791,7 @@ func extractEncryptionConfiguration(s3 map[string]interface{}) *firehose.Encrypt } func extractCloudWatchLoggingConfiguration(s3 map[string]interface{}) *firehose.CloudWatchLoggingOptions { - config := s3["cloudwatch_logging_options"].(*schema.Set).List() + config := s3["cloudwatch_logging_options"].([]interface{}) if len(config) == 0 { return nil } From 2cc6bb59d8d78e618daa966f0c7014bf690bdc23 Mon Sep 17 00:00:00 2001 From: Angie Pinilla Date: Fri, 15 May 2020 00:57:09 -0400 Subject: [PATCH 160/475] enable linter --- aws/resource_aws_ses_event_destination.go | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/aws/resource_aws_ses_event_destination.go b/aws/resource_aws_ses_event_destination.go index e82c806f04c..d9685bb09ca 100644 --- a/aws/resource_aws_ses_event_destination.go +++ b/aws/resource_aws_ses_event_destination.go @@ -90,7 +90,7 @@ func resourceAwsSesEventDestination() *schema.Resource { }, "kinesis_destination": { - Type: schema.TypeSet, + Type: schema.TypeList, Optional: true, ForceNew: true, MaxItems: 1, @@ -111,7 +111,7 @@ func resourceAwsSesEventDestination() *schema.Resource { }, "sns_destination": { - Type: schema.TypeSet, + Type: schema.TypeList, MaxItems: 1, Optional: true, ForceNew: true, @@ -155,7 +155,7 @@ func resourceAwsSesEventDestinationCreate(d *schema.ResourceData, meta interface } if v, ok := d.GetOk("kinesis_destination"); ok { - destination := v.(*schema.Set).List() + destination := v.([]interface{}) kinesis := destination[0].(map[string]interface{}) createOpts.EventDestination.KinesisFirehoseDestination = &ses.KinesisFirehoseDestination{ @@ -166,7 +166,7 @@ func resourceAwsSesEventDestinationCreate(d *schema.ResourceData, meta interface } if v, ok := d.GetOk("sns_destination"); ok { - destination := v.(*schema.Set).List() + destination := v.([]interface{}) sns := destination[0].(map[string]interface{}) createOpts.EventDestination.SNSDestination = &ses.SNSDestination{ TopicARN: aws.String(sns["topic_arn"].(string)), From f41e05f575288ca86c834a2e12d6f8cd035cffa9 Mon Sep 17 00:00:00 2001 From: Angie Pinilla Date: Fri, 15 May 2020 00:58:04 -0400 Subject: [PATCH 161/475] enable linter --- aws/resource_aws_vpc_peering_connection.go | 6 ++--- ...esource_aws_vpc_peering_connection_test.go | 24 +++++++++---------- 2 files changed, 15 insertions(+), 15 deletions(-) diff --git a/aws/resource_aws_vpc_peering_connection.go b/aws/resource_aws_vpc_peering_connection.go index 8d5a5c431de..00675448631 100644 --- a/aws/resource_aws_vpc_peering_connection.go +++ b/aws/resource_aws_vpc_peering_connection.go @@ -197,8 +197,8 @@ func resourceAwsVpcPeeringConnectionModifyOptions(d *schema.ResourceData, meta i req := &ec2.ModifyVpcPeeringConnectionOptionsInput{ VpcPeeringConnectionId: aws.String(d.Id()), - AccepterPeeringConnectionOptions: expandVpcPeeringConnectionOptions(d.Get("accepter").(*schema.Set).List(), crossRegionPeering), - RequesterPeeringConnectionOptions: expandVpcPeeringConnectionOptions(d.Get("requester").(*schema.Set).List(), crossRegionPeering), + AccepterPeeringConnectionOptions: expandVpcPeeringConnectionOptions(d.Get("accepter").([]interface{}), crossRegionPeering), + RequesterPeeringConnectionOptions: expandVpcPeeringConnectionOptions(d.Get("requester").([]interface{}), crossRegionPeering), } log.Printf("[DEBUG] Modifying VPC Peering Connection options: %#v", req) @@ -325,7 +325,7 @@ func vpcPeeringConnectionRefreshState(conn *ec2.EC2, id string) resource.StateRe func vpcPeeringConnectionOptionsSchema() *schema.Schema { return &schema.Schema{ - Type: schema.TypeSet, + Type: schema.TypeList, Optional: true, Computed: true, MaxItems: 1, diff --git a/aws/resource_aws_vpc_peering_connection_test.go b/aws/resource_aws_vpc_peering_connection_test.go index 47ac8a62361..61f47780f89 100644 --- a/aws/resource_aws_vpc_peering_connection_test.go +++ b/aws/resource_aws_vpc_peering_connection_test.go @@ -241,17 +241,17 @@ func TestAccAWSVPCPeeringConnection_options(t *testing.T) { ), resource.TestCheckResourceAttr( resourceName, - "requester.41753983.allow_remote_vpc_dns_resolution", + "requester.0.allow_remote_vpc_dns_resolution", "false", ), resource.TestCheckResourceAttr( resourceName, - "requester.41753983.allow_classic_link_to_remote_vpc", + "requester.0.allow_classic_link_to_remote_vpc", "true", ), resource.TestCheckResourceAttr( resourceName, - "requester.41753983.allow_vpc_to_remote_classic_link", + "requester.0.allow_vpc_to_remote_classic_link", "true", ), testAccCheckAWSVpcPeeringConnectionOptions( @@ -270,17 +270,17 @@ func TestAccAWSVPCPeeringConnection_options(t *testing.T) { ), resource.TestCheckResourceAttr( resourceName, - "accepter.1102046665.allow_remote_vpc_dns_resolution", + "accepter.0.allow_remote_vpc_dns_resolution", "true", ), resource.TestCheckResourceAttr( resourceName, - "accepter.1102046665.allow_classic_link_to_remote_vpc", + "accepter.0.allow_classic_link_to_remote_vpc", "false", ), resource.TestCheckResourceAttr( resourceName, - "accepter.1102046665.allow_vpc_to_remote_classic_link", + "accepter.0.allow_vpc_to_remote_classic_link", "false", ), testAccCheckAWSVpcPeeringConnectionOptions( @@ -318,17 +318,17 @@ func TestAccAWSVPCPeeringConnection_options(t *testing.T) { ), resource.TestCheckResourceAttr( resourceName, - "requester.41753983.allow_remote_vpc_dns_resolution", + "requester.0.allow_remote_vpc_dns_resolution", "false", ), resource.TestCheckResourceAttr( resourceName, - "requester.41753983.allow_classic_link_to_remote_vpc", + "requester.0.allow_classic_link_to_remote_vpc", "true", ), resource.TestCheckResourceAttr( resourceName, - "requester.41753983.allow_vpc_to_remote_classic_link", + "requester.0.allow_vpc_to_remote_classic_link", "true", ), testAccCheckAWSVpcPeeringConnectionOptions( @@ -347,17 +347,17 @@ func TestAccAWSVPCPeeringConnection_options(t *testing.T) { ), resource.TestCheckResourceAttr( resourceName, - "accepter.1102046665.allow_remote_vpc_dns_resolution", + "accepter.0.allow_remote_vpc_dns_resolution", "true", ), resource.TestCheckResourceAttr( resourceName, - "accepter.1102046665.allow_classic_link_to_remote_vpc", + "accepter.0.allow_classic_link_to_remote_vpc", "false", ), resource.TestCheckResourceAttr( resourceName, - "accepter.1102046665.allow_vpc_to_remote_classic_link", + "accepter.0.allow_vpc_to_remote_classic_link", "false", ), testAccCheckAWSVpcPeeringConnectionOptions( From d993420954e96aa4e13b65c9dee390962c963d2d Mon Sep 17 00:00:00 2001 From: Angie Pinilla Date: Fri, 15 May 2020 01:05:05 -0400 Subject: [PATCH 162/475] enable linter --- aws/resource_aws_waf_sql_injection_match_set.go | 6 +++--- ...ource_aws_waf_sql_injection_match_set_test.go | 16 ++++++++-------- aws/resource_aws_waf_web_acl.go | 10 +++++----- aws/resource_aws_waf_web_acl_test.go | 16 ++++++++-------- aws/waf_helpers.go | 6 +++--- 5 files changed, 27 insertions(+), 27 deletions(-) diff --git a/aws/resource_aws_waf_sql_injection_match_set.go b/aws/resource_aws_waf_sql_injection_match_set.go index 66aa8e399e0..693088cd68c 100644 --- a/aws/resource_aws_waf_sql_injection_match_set.go +++ b/aws/resource_aws_waf_sql_injection_match_set.go @@ -31,7 +31,7 @@ func resourceAwsWafSqlInjectionMatchSet() *schema.Resource { Elem: &schema.Resource{ Schema: map[string]*schema.Schema{ "field_to_match": { - Type: schema.TypeSet, + Type: schema.TypeList, Required: true, MaxItems: 1, Elem: &schema.Resource{ @@ -198,7 +198,7 @@ func diffWafSqlInjectionMatchTuples(oldT, newT []interface{}) []*waf.SqlInjectio updates = append(updates, &waf.SqlInjectionMatchSetUpdate{ Action: aws.String(waf.ChangeActionDelete), SqlInjectionMatchTuple: &waf.SqlInjectionMatchTuple{ - FieldToMatch: expandFieldToMatch(tuple["field_to_match"].(*schema.Set).List()[0].(map[string]interface{})), + FieldToMatch: expandFieldToMatch(tuple["field_to_match"].([]interface{})[0].(map[string]interface{})), TextTransformation: aws.String(tuple["text_transformation"].(string)), }, }) @@ -210,7 +210,7 @@ func diffWafSqlInjectionMatchTuples(oldT, newT []interface{}) []*waf.SqlInjectio updates = append(updates, &waf.SqlInjectionMatchSetUpdate{ Action: aws.String(waf.ChangeActionInsert), SqlInjectionMatchTuple: &waf.SqlInjectionMatchTuple{ - FieldToMatch: expandFieldToMatch(tuple["field_to_match"].(*schema.Set).List()[0].(map[string]interface{})), + FieldToMatch: expandFieldToMatch(tuple["field_to_match"].([]interface{})[0].(map[string]interface{})), TextTransformation: aws.String(tuple["text_transformation"].(string)), }, }) diff --git a/aws/resource_aws_waf_sql_injection_match_set_test.go b/aws/resource_aws_waf_sql_injection_match_set_test.go index afd330ef8ab..59d3a70bcb4 100644 --- a/aws/resource_aws_waf_sql_injection_match_set_test.go +++ b/aws/resource_aws_waf_sql_injection_match_set_test.go @@ -29,10 +29,10 @@ func TestAccAWSWafSqlInjectionMatchSet_basic(t *testing.T) { testAccCheckAWSWafSqlInjectionMatchSetExists(resourceName, &v), resource.TestCheckResourceAttr(resourceName, "name", rName), resource.TestCheckResourceAttr(resourceName, "sql_injection_match_tuples.#", "1"), - resource.TestCheckResourceAttr(resourceName, "sql_injection_match_tuples.3367958210.field_to_match.#", "1"), - resource.TestCheckResourceAttr(resourceName, "sql_injection_match_tuples.3367958210.field_to_match.2316364334.data", ""), - resource.TestCheckResourceAttr(resourceName, "sql_injection_match_tuples.3367958210.field_to_match.2316364334.type", "QUERY_STRING"), - resource.TestCheckResourceAttr(resourceName, "sql_injection_match_tuples.3367958210.text_transformation", "URL_DECODE"), + resource.TestCheckResourceAttr(resourceName, "sql_injection_match_tuples.2246477904.field_to_match.#", "1"), + resource.TestCheckResourceAttr(resourceName, "sql_injection_match_tuples.2246477904.field_to_match.0.data", ""), + resource.TestCheckResourceAttr(resourceName, "sql_injection_match_tuples.2246477904.field_to_match.0.type", "QUERY_STRING"), + resource.TestCheckResourceAttr(resourceName, "sql_injection_match_tuples.2246477904.text_transformation", "URL_DECODE"), ), }, { @@ -119,10 +119,10 @@ func TestAccAWSWafSqlInjectionMatchSet_changeTuples(t *testing.T) { testAccCheckAWSWafSqlInjectionMatchSetExists(resourceName, &before), resource.TestCheckResourceAttr(resourceName, "name", rName), resource.TestCheckResourceAttr(resourceName, "sql_injection_match_tuples.#", "1"), - resource.TestCheckResourceAttr(resourceName, "sql_injection_match_tuples.3367958210.field_to_match.#", "1"), - resource.TestCheckResourceAttr(resourceName, "sql_injection_match_tuples.3367958210.field_to_match.2316364334.data", ""), - resource.TestCheckResourceAttr(resourceName, "sql_injection_match_tuples.3367958210.field_to_match.2316364334.type", "QUERY_STRING"), - resource.TestCheckResourceAttr(resourceName, "sql_injection_match_tuples.3367958210.text_transformation", "URL_DECODE"), + resource.TestCheckResourceAttr(resourceName, "sql_injection_match_tuples.2246477904.field_to_match.#", "1"), + resource.TestCheckResourceAttr(resourceName, "sql_injection_match_tuples.2246477904.field_to_match.0.data", ""), + resource.TestCheckResourceAttr(resourceName, "sql_injection_match_tuples.2246477904.field_to_match.0.type", "QUERY_STRING"), + resource.TestCheckResourceAttr(resourceName, "sql_injection_match_tuples.2246477904.text_transformation", "URL_DECODE"), ), }, { diff --git a/aws/resource_aws_waf_web_acl.go b/aws/resource_aws_waf_web_acl.go index aca664f62b9..313ff7b1f8b 100644 --- a/aws/resource_aws_waf_web_acl.go +++ b/aws/resource_aws_waf_web_acl.go @@ -33,7 +33,7 @@ func resourceAwsWafWebAcl() *schema.Resource { ForceNew: true, }, "default_action": { - Type: schema.TypeSet, + Type: schema.TypeList, Required: true, MaxItems: 1, Elem: &schema.Resource{ @@ -154,7 +154,7 @@ func resourceAwsWafWebAclCreate(d *schema.ResourceData, meta interface{}) error out, err := wr.RetryWithToken(func(token *string) (interface{}, error) { params := &waf.CreateWebACLInput{ ChangeToken: token, - DefaultAction: expandWafAction(d.Get("default_action").(*schema.Set).List()), + DefaultAction: expandWafAction(d.Get("default_action").([]interface{})), MetricName: aws.String(d.Get("metric_name").(string)), Name: aws.String(d.Get("name").(string)), } @@ -196,7 +196,7 @@ func resourceAwsWafWebAclCreate(d *schema.ResourceData, meta interface{}) error _, err := wr.RetryWithToken(func(token *string) (interface{}, error) { req := &waf.UpdateWebACLInput{ ChangeToken: token, - DefaultAction: expandWafAction(d.Get("default_action").(*schema.Set).List()), + DefaultAction: expandWafAction(d.Get("default_action").([]interface{})), Updates: diffWafWebAclRules([]interface{}{}, rules), WebACLId: aws.String(d.Id()), } @@ -290,7 +290,7 @@ func resourceAwsWafWebAclUpdate(d *schema.ResourceData, meta interface{}) error _, err := wr.RetryWithToken(func(token *string) (interface{}, error) { req := &waf.UpdateWebACLInput{ ChangeToken: token, - DefaultAction: expandWafAction(d.Get("default_action").(*schema.Set).List()), + DefaultAction: expandWafAction(d.Get("default_action").([]interface{})), Updates: diffWafWebAclRules(oldR, newR), WebACLId: aws.String(d.Id()), } @@ -347,7 +347,7 @@ func resourceAwsWafWebAclDelete(d *schema.ResourceData, meta interface{}) error _, err := wr.RetryWithToken(func(token *string) (interface{}, error) { req := &waf.UpdateWebACLInput{ ChangeToken: token, - DefaultAction: expandWafAction(d.Get("default_action").(*schema.Set).List()), + DefaultAction: expandWafAction(d.Get("default_action").([]interface{})), Updates: diffWafWebAclRules(rules, []interface{}{}), WebACLId: aws.String(d.Id()), } diff --git a/aws/resource_aws_waf_web_acl_test.go b/aws/resource_aws_waf_web_acl_test.go index 1309e31d38d..5285126fe4e 100644 --- a/aws/resource_aws_waf_web_acl_test.go +++ b/aws/resource_aws_waf_web_acl_test.go @@ -130,7 +130,7 @@ func TestAccAWSWafWebAcl_basic(t *testing.T) { Check: resource.ComposeTestCheckFunc( testAccCheckAWSWafWebAclExists(resourceName, &webACL), resource.TestCheckResourceAttr(resourceName, "default_action.#", "1"), - resource.TestCheckResourceAttr(resourceName, "default_action.4234791575.type", "ALLOW"), + resource.TestCheckResourceAttr(resourceName, "default_action.0.type", "ALLOW"), resource.TestCheckResourceAttr(resourceName, "metric_name", rName), resource.TestCheckResourceAttr(resourceName, "name", rName), resource.TestCheckResourceAttr(resourceName, "tags.%", "0"), @@ -164,7 +164,7 @@ func TestAccAWSWafWebAcl_changeNameForceNew(t *testing.T) { Check: resource.ComposeTestCheckFunc( testAccCheckAWSWafWebAclExists(resourceName, &webACL), resource.TestCheckResourceAttr(resourceName, "default_action.#", "1"), - resource.TestCheckResourceAttr(resourceName, "default_action.4234791575.type", "ALLOW"), + resource.TestCheckResourceAttr(resourceName, "default_action.0.type", "ALLOW"), resource.TestCheckResourceAttr(resourceName, "metric_name", rName1), resource.TestCheckResourceAttr(resourceName, "name", rName1), resource.TestCheckResourceAttr(resourceName, "tags.%", "0"), @@ -176,7 +176,7 @@ func TestAccAWSWafWebAcl_changeNameForceNew(t *testing.T) { Check: resource.ComposeTestCheckFunc( testAccCheckAWSWafWebAclExists(resourceName, &webACL), resource.TestCheckResourceAttr(resourceName, "default_action.#", "1"), - resource.TestCheckResourceAttr(resourceName, "default_action.4234791575.type", "ALLOW"), + resource.TestCheckResourceAttr(resourceName, "default_action.0.type", "ALLOW"), resource.TestCheckResourceAttr(resourceName, "metric_name", rName2), resource.TestCheckResourceAttr(resourceName, "name", rName2), resource.TestCheckResourceAttr(resourceName, "tags.%", "0"), @@ -208,7 +208,7 @@ func TestAccAWSWafWebAcl_DefaultAction(t *testing.T) { Check: resource.ComposeTestCheckFunc( testAccCheckAWSWafWebAclExists(resourceName, &webACL), resource.TestCheckResourceAttr(resourceName, "default_action.#", "1"), - resource.TestCheckResourceAttr(resourceName, "default_action.4234791575.type", "ALLOW"), + resource.TestCheckResourceAttr(resourceName, "default_action.0.type", "ALLOW"), ), }, { @@ -216,7 +216,7 @@ func TestAccAWSWafWebAcl_DefaultAction(t *testing.T) { Check: resource.ComposeTestCheckFunc( testAccCheckAWSWafWebAclExists(resourceName, &webACL), resource.TestCheckResourceAttr(resourceName, "default_action.#", "1"), - resource.TestCheckResourceAttr(resourceName, "default_action.2267395054.type", "BLOCK"), + resource.TestCheckResourceAttr(resourceName, "default_action.0.type", "BLOCK"), ), }, { @@ -360,7 +360,7 @@ func TestAccAWSWafWebAcl_Tags(t *testing.T) { Check: resource.ComposeTestCheckFunc( testAccCheckAWSWafWebAclExists(resourceName, &webACL), resource.TestCheckResourceAttr(resourceName, "default_action.#", "1"), - resource.TestCheckResourceAttr(resourceName, "default_action.4234791575.type", "ALLOW"), + resource.TestCheckResourceAttr(resourceName, "default_action.0.type", "ALLOW"), resource.TestCheckResourceAttr(resourceName, "metric_name", rName), resource.TestCheckResourceAttr(resourceName, "name", rName), resource.TestCheckResourceAttr(resourceName, "tags.%", "1"), @@ -373,7 +373,7 @@ func TestAccAWSWafWebAcl_Tags(t *testing.T) { Check: resource.ComposeTestCheckFunc( testAccCheckAWSWafWebAclExists(resourceName, &webACL), resource.TestCheckResourceAttr(resourceName, "default_action.#", "1"), - resource.TestCheckResourceAttr(resourceName, "default_action.4234791575.type", "ALLOW"), + resource.TestCheckResourceAttr(resourceName, "default_action.0.type", "ALLOW"), resource.TestCheckResourceAttr(resourceName, "metric_name", rName), resource.TestCheckResourceAttr(resourceName, "name", rName), resource.TestCheckResourceAttr(resourceName, "tags.%", "2"), @@ -387,7 +387,7 @@ func TestAccAWSWafWebAcl_Tags(t *testing.T) { Check: resource.ComposeTestCheckFunc( testAccCheckAWSWafWebAclExists(resourceName, &webACL), resource.TestCheckResourceAttr(resourceName, "default_action.#", "1"), - resource.TestCheckResourceAttr(resourceName, "default_action.4234791575.type", "ALLOW"), + resource.TestCheckResourceAttr(resourceName, "default_action.0.type", "ALLOW"), resource.TestCheckResourceAttr(resourceName, "metric_name", rName), resource.TestCheckResourceAttr(resourceName, "name", rName), resource.TestCheckResourceAttr(resourceName, "tags.%", "1"), diff --git a/aws/waf_helpers.go b/aws/waf_helpers.go index 917f44f480f..221e5a33e37 100644 --- a/aws/waf_helpers.go +++ b/aws/waf_helpers.go @@ -28,7 +28,7 @@ func wafSizeConstraintSetSchema() map[string]*schema.Schema { Elem: &schema.Resource{ Schema: map[string]*schema.Schema{ "field_to_match": { - Type: schema.TypeSet, + Type: schema.TypeList, Required: true, MaxItems: 1, Elem: &schema.Resource{ @@ -76,7 +76,7 @@ func diffWafSizeConstraints(oldS, newS []interface{}) []*waf.SizeConstraintSetUp updates = append(updates, &waf.SizeConstraintSetUpdate{ Action: aws.String(waf.ChangeActionDelete), SizeConstraint: &waf.SizeConstraint{ - FieldToMatch: expandFieldToMatch(constraint["field_to_match"].(*schema.Set).List()[0].(map[string]interface{})), + FieldToMatch: expandFieldToMatch(constraint["field_to_match"].([]interface{})[0].(map[string]interface{})), ComparisonOperator: aws.String(constraint["comparison_operator"].(string)), Size: aws.Int64(int64(constraint["size"].(int))), TextTransformation: aws.String(constraint["text_transformation"].(string)), @@ -90,7 +90,7 @@ func diffWafSizeConstraints(oldS, newS []interface{}) []*waf.SizeConstraintSetUp updates = append(updates, &waf.SizeConstraintSetUpdate{ Action: aws.String(waf.ChangeActionInsert), SizeConstraint: &waf.SizeConstraint{ - FieldToMatch: expandFieldToMatch(constraint["field_to_match"].(*schema.Set).List()[0].(map[string]interface{})), + FieldToMatch: expandFieldToMatch(constraint["field_to_match"].([]interface{})[0].(map[string]interface{})), ComparisonOperator: aws.String(constraint["comparison_operator"].(string)), Size: aws.Int64(int64(constraint["size"].(int))), TextTransformation: aws.String(constraint["text_transformation"].(string)), From ac42d0cb6f6c0d4fb2fd5e6065ca38044bfd2360 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Przemys=C5=82aw=20D=C4=85bek?= Date: Fri, 15 May 2020 13:43:38 +0200 Subject: [PATCH 163/475] Provide examples of placement strategy --- website/docs/r/placement_group.html.markdown | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/website/docs/r/placement_group.html.markdown b/website/docs/r/placement_group.html.markdown index 3c81f79c2ff..d8bd6cfff63 100644 --- a/website/docs/r/placement_group.html.markdown +++ b/website/docs/r/placement_group.html.markdown @@ -25,7 +25,7 @@ resource "aws_placement_group" "web" { The following arguments are supported: * `name` - (Required) The name of the placement group. -* `strategy` - (Required) The placement strategy. +* `strategy` - (Required) The placement strategy. Can be `"cluster"`, `"partition"` or `"spread"`. * `tags` - (Optional) Key-value map of resource tags. From 3b81e607f5142cbe1af895122e1d8a58871bec2f Mon Sep 17 00:00:00 2001 From: Ilia Lazebnik Date: Fri, 15 May 2020 18:08:54 +0300 Subject: [PATCH 164/475] resource/aws_launch_template: Prevent downstream resource errors with unconfigured partition numbers (#13239) Output from acceptance testing: ``` --- PASS: TestAccAWSAutoScalingGroup_ALB_TargetGroups (171.95s) --- PASS: TestAccAWSAutoScalingGroup_ALB_TargetGroups_ELBCapacity (285.70s) --- PASS: TestAccAWSAutoScalingGroup_autoGeneratedName (118.21s) --- PASS: TestAccAWSAutoScalingGroup_basic (289.54s) --- PASS: TestAccAWSAutoScalingGroup_classicVpcZoneIdentifier (126.69s) --- PASS: TestAccAWSAutoScalingGroup_emptyAvailabilityZones (78.93s) --- PASS: TestAccAWSAutoScalingGroup_enablingMetrics (236.84s) --- PASS: TestAccAWSAutoScalingGroup_initialLifecycleHook (254.46s) --- PASS: TestAccAWSAutoScalingGroup_launchTemplate (39.84s) --- PASS: TestAccAWSAutoScalingGroup_LaunchTemplate_IAMInstanceProfile (63.24s) --- PASS: TestAccAWSAutoScalingGroup_launchTemplate_update (196.20s) --- PASS: TestAccAWSAutoScalingGroup_launchTempPartitionNum (170.82s) --- PASS: TestAccAWSAutoScalingGroup_LoadBalancers (693.58s) --- PASS: TestAccAWSAutoScalingGroup_MaxInstanceLifetime (79.29s) --- PASS: TestAccAWSAutoScalingGroup_MixedInstancesPolicy (49.05s) --- PASS: TestAccAWSAutoScalingGroup_MixedInstancesPolicy_InstancesDistribution_OnDemandAllocationStrategy (42.20s) --- PASS: TestAccAWSAutoScalingGroup_MixedInstancesPolicy_InstancesDistribution_OnDemandBaseCapacity (106.01s) --- PASS: TestAccAWSAutoScalingGroup_MixedInstancesPolicy_InstancesDistribution_OnDemandPercentageAboveBaseCapacity (51.32s) --- PASS: TestAccAWSAutoScalingGroup_MixedInstancesPolicy_InstancesDistribution_SpotAllocationStrategy (170.25s) --- PASS: TestAccAWSAutoScalingGroup_MixedInstancesPolicy_InstancesDistribution_SpotInstancePools (74.39s) --- PASS: TestAccAWSAutoScalingGroup_MixedInstancesPolicy_InstancesDistribution_SpotMaxPrice (49.26s) --- PASS: TestAccAWSAutoScalingGroup_MixedInstancesPolicy_LaunchTemplate_LaunchTemplateSpecification_LaunchTemplateName (48.53s) --- PASS: TestAccAWSAutoScalingGroup_MixedInstancesPolicy_LaunchTemplate_LaunchTemplateSpecification_Version (68.41s) --- PASS: TestAccAWSAutoScalingGroup_MixedInstancesPolicy_LaunchTemplate_Override_InstanceType (73.56s) --- PASS: TestAccAWSAutoScalingGroup_MixedInstancesPolicy_LaunchTemplate_Override_WeightedCapacity (142.65s) --- PASS: TestAccAWSAutoScalingGroup_namePrefix (47.08s) --- PASS: TestAccAWSAutoScalingGroup_serviceLinkedRoleARN (76.81s) --- PASS: TestAccAWSAutoScalingGroup_suspendingProcesses (237.62s) --- PASS: TestAccAWSAutoScalingGroup_tags (199.87s) --- PASS: TestAccAWSAutoScalingGroup_TargetGroupArns (341.68s) --- PASS: TestAccAWSAutoScalingGroup_terminationPolicies (114.77s) --- PASS: TestAccAWSAutoScalingGroup_VpcUpdates (78.67s) --- PASS: TestAccAWSAutoScalingGroup_WithLoadBalancer (642.03s) --- PASS: TestAccAWSAutoScalingGroup_WithLoadBalancer_ToTargetGroup (320.77s) --- PASS: TestAccAWSAutoScalingGroup_withMetrics (70.40s) --- PASS: TestAccAWSAutoScalingGroup_withPlacementGroup (166.42s) --- PASS: TestAccAWSLaunchTemplate_associatePublicIPAddress (26.93s) --- PASS: TestAccAWSLaunchTemplate_basic (7.90s) --- PASS: TestAccAWSLaunchTemplate_BlockDeviceMappings_EBS (43.93s) --- PASS: TestAccAWSLaunchTemplate_BlockDeviceMappings_EBS_DeleteOnTermination (70.32s) --- PASS: TestAccAWSLaunchTemplate_capacityReservation_preference (8.37s) --- PASS: TestAccAWSLaunchTemplate_capacityReservation_target (10.16s) --- PASS: TestAccAWSLaunchTemplate_cpuOptions (7.90s) --- PASS: TestAccAWSLaunchTemplate_creditSpecification_nonBurstable (8.79s) --- PASS: TestAccAWSLaunchTemplate_creditSpecification_t2 (8.45s) --- PASS: TestAccAWSLaunchTemplate_creditSpecification_t3 (8.57s) --- PASS: TestAccAWSLaunchTemplate_data (8.40s) --- PASS: TestAccAWSLaunchTemplate_description (13.69s) --- PASS: TestAccAWSLaunchTemplate_disappears (6.42s) --- PASS: TestAccAWSLaunchTemplate_EbsOptimized (30.29s) --- PASS: TestAccAWSLaunchTemplate_ElasticInferenceAccelerator (13.65s) --- PASS: TestAccAWSLaunchTemplate_hibernation (18.80s) --- PASS: TestAccAWSLaunchTemplate_IamInstanceProfile_EmptyConfigurationBlock (7.20s) --- PASS: TestAccAWSLaunchTemplate_instanceMarketOptions (51.48s) --- PASS: TestAccAWSLaunchTemplate_licenseSpecification (8.73s) --- PASS: TestAccAWSLaunchTemplate_metadataOptions (8.15s) --- PASS: TestAccAWSLaunchTemplate_networkInterface (12.63s) --- PASS: TestAccAWSLaunchTemplate_networkInterface_ipv6AddressCount (8.55s) --- PASS: TestAccAWSLaunchTemplate_networkInterface_ipv6Addresses (9.18s) --- PASS: TestAccAWSLaunchTemplate_networkInterfaceAddresses (12.71s) --- PASS: TestAccAWSLaunchTemplate_placement_partitionNum (14.94s) --- PASS: TestAccAWSLaunchTemplate_tags (13.82s) --- PASS: TestAccAWSLaunchTemplate_update (47.24s) --- PASS: TestAccAWSLaunchTemplateDataSource_associatePublicIPAddress (26.16s) --- PASS: TestAccAWSLaunchTemplateDataSource_basic (13.70s) --- PASS: TestAccAWSLaunchTemplateDataSource_filter_basic (13.86s) --- PASS: TestAccAWSLaunchTemplateDataSource_filter_tags (13.62s) --- PASS: TestAccAWSLaunchTemplateDataSource_metadataOptions (13.55s) ``` --- aws/resource_aws_autoscaling_group_test.go | 88 ++++++++++++++++++++++ aws/resource_aws_launch_template.go | 2 +- 2 files changed, 89 insertions(+), 1 deletion(-) diff --git a/aws/resource_aws_autoscaling_group_test.go b/aws/resource_aws_autoscaling_group_test.go index cd8580eadb0..b19d7e5c018 100644 --- a/aws/resource_aws_autoscaling_group_test.go +++ b/aws/resource_aws_autoscaling_group_test.go @@ -2069,6 +2069,41 @@ func TestAccAWSAutoScalingGroup_MixedInstancesPolicy_LaunchTemplate_Override_Wei }) } +func TestAccAWSAutoScalingGroup_launchTempPartitionNum(t *testing.T) { + var group autoscaling.Group + + randName := fmt.Sprintf("terraform-test-%s", acctest.RandString(10)) + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSAutoScalingGroupDestroy, + DisableBinaryDriver: true, + Steps: []resource.TestStep{ + { + Config: testAccAWSAutoScalingGroupPartitionConfig(randName), + Check: resource.ComposeTestCheckFunc( + testAccCheckAWSAutoScalingGroupExists("aws_autoscaling_group.test", &group), + ), + }, + { + ResourceName: "aws_autoscaling_group.test", + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{ + "force_delete", + "initial_lifecycle_hook", + "name_prefix", + "tag", + "tags", + "wait_for_capacity_timeout", + "wait_for_elb_capacity", + }, + }, + }, + }) +} + const testAccAWSAutoScalingGroupConfig_autoGeneratedName = ` data "aws_ami" "test_ami" { most_recent = true @@ -4105,3 +4140,56 @@ resource "aws_autoscaling_group" "test" { } `, rName) } + +func testAccAWSAutoScalingGroupPartitionConfig(rName string) string { + return fmt.Sprintf(` +data "aws_availability_zones" "available" { + # t2.micro is not supported in us-west-2d + blacklisted_zone_ids = ["usw2-az4"] + state = "available" + + filter { + name = "opt-in-status" + values = ["opt-in-not-required"] + } +} + +data "aws_ami" "test_ami" { + most_recent = true + owners = ["amazon"] + + filter { + name = "name" + values = ["amzn-ami-hvm-*-x86_64-gp2"] + } +} + +resource "aws_launch_template" "this" { + name = %[1]q + image_id = data.aws_ami.test_ami.id + instance_type = "m5.large" + + placement { + tenancy = "default" + group_name = aws_placement_group.test.id + } +} + +resource "aws_placement_group" "test" { + name = %[1]q + strategy = "cluster" +} + +resource "aws_autoscaling_group" "test" { + name_prefix = "test" + availability_zones = ["${data.aws_availability_zones.available.names[0]}"] + min_size = 0 + max_size = 0 + + launch_template { + id = aws_launch_template.this.id + version = "$Latest" + } +} +`, rName) +} diff --git a/aws/resource_aws_launch_template.go b/aws/resource_aws_launch_template.go index 3856b416ef0..f1c725599ec 100644 --- a/aws/resource_aws_launch_template.go +++ b/aws/resource_aws_launch_template.go @@ -1707,7 +1707,7 @@ func readPlacementFromConfig(p map[string]interface{}) *ec2.LaunchTemplatePlacem placement.Tenancy = aws.String(v) } - if v, ok := p["partition_number"].(int); ok { + if v, ok := p["partition_number"].(int); ok && v != 0 { placement.PartitionNumber = aws.Int64(int64(v)) } From 0e07b5e36a88199915af1636326ddbdfafc4ff2c Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Fri, 15 May 2020 11:11:50 -0400 Subject: [PATCH 165/475] Update module aws/aws-sdk-go to v1.30.28 (#13190) Co-authored-by: Renovate Bot --- go.mod | 2 +- go.sum | 4 +- .../aws/aws-sdk-go/aws/endpoints/defaults.go | 228 +++++- .../github.com/aws/aws-sdk-go/aws/version.go | 2 +- .../aws-sdk-go/service/cloudwatchlogs/api.go | 602 +++++++++++++++- .../service/cloudwatchlogs/errors.go | 2 +- .../aws/aws-sdk-go/service/codebuild/api.go | 569 ++++++++++++++- .../aws/aws-sdk-go/service/ec2/api.go | 183 ++++- .../aws/aws-sdk-go/service/elasticache/api.go | 105 +-- .../aws-sdk-go/service/elasticache/errors.go | 2 +- .../aws/aws-sdk-go/service/guardduty/api.go | 33 +- .../aws-sdk-go/service/imagebuilder/api.go | 47 ++ .../aws/aws-sdk-go/service/lightsail/api.go | 674 ++++++++++++------ .../aws/aws-sdk-go/service/route53/api.go | 9 + .../aws/aws-sdk-go/service/sagemaker/api.go | 131 ++-- .../aws/aws-sdk-go/service/ssm/api.go | 6 + .../aws/aws-sdk-go/service/workmail/api.go | 9 +- vendor/modules.txt | 2 +- 18 files changed, 2188 insertions(+), 422 deletions(-) diff --git a/go.mod b/go.mod index bb57dafcf6f..064d902dacc 100644 --- a/go.mod +++ b/go.mod @@ -3,7 +3,7 @@ module github.com/terraform-providers/terraform-provider-aws go 1.13 require ( - github.com/aws/aws-sdk-go v1.30.21 + github.com/aws/aws-sdk-go v1.30.28 github.com/beevik/etree v1.1.0 github.com/bflad/tfproviderdocs v0.6.0 github.com/bflad/tfproviderlint v0.14.0 diff --git a/go.sum b/go.sum index ab0868d9339..9eb3b8a5b58 100644 --- a/go.sum +++ b/go.sum @@ -39,8 +39,8 @@ github.com/armon/go-radix v1.0.0 h1:F4z6KzEeeQIMeLFa97iZU6vupzoecKdU5TX24SNppXI= github.com/armon/go-radix v1.0.0/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgIH9cCH8= github.com/aws/aws-sdk-go v1.15.78/go.mod h1:E3/ieXAlvM0XWO57iftYVDLLvQ824smPP3ATZkfNZeM= github.com/aws/aws-sdk-go v1.25.3/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpiN924inxo= -github.com/aws/aws-sdk-go v1.30.21 h1:19EO1Jr80+jLwJyITzH8c79C/6EwY5mMyasqDbBiCuc= -github.com/aws/aws-sdk-go v1.30.21/go.mod h1:5zCpMtNQVjRREroY7sYe8lOMRSxkhG6MZveU8YkpAk0= +github.com/aws/aws-sdk-go v1.30.28 h1:SaPM7dlmp7h3Lj1nJ4jdzOkTdom08+g20k7AU5heZYg= +github.com/aws/aws-sdk-go v1.30.28/go.mod h1:5zCpMtNQVjRREroY7sYe8lOMRSxkhG6MZveU8YkpAk0= github.com/beevik/etree v1.1.0 h1:T0xke/WvNtMoCqgzPhkX2r4rjY3GDZFi+FjpRZY2Jbs= github.com/beevik/etree v1.1.0/go.mod h1:r8Aw8JqVegEf0w2fDnATrX9VpkMcyFeM0FhwO62wh+A= github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= diff --git a/vendor/github.com/aws/aws-sdk-go/aws/endpoints/defaults.go b/vendor/github.com/aws/aws-sdk-go/aws/endpoints/defaults.go index 9b50e10b4bd..be3ad80e135 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/endpoints/defaults.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/endpoints/defaults.go @@ -25,12 +25,12 @@ const ( ApSoutheast1RegionID = "ap-southeast-1" // Asia Pacific (Singapore). ApSoutheast2RegionID = "ap-southeast-2" // Asia Pacific (Sydney). CaCentral1RegionID = "ca-central-1" // Canada (Central). - EuCentral1RegionID = "eu-central-1" // EU (Frankfurt). - EuNorth1RegionID = "eu-north-1" // EU (Stockholm). + EuCentral1RegionID = "eu-central-1" // Europe (Frankfurt). + EuNorth1RegionID = "eu-north-1" // Europe (Stockholm). EuSouth1RegionID = "eu-south-1" // Europe (Milan). - EuWest1RegionID = "eu-west-1" // EU (Ireland). - EuWest2RegionID = "eu-west-2" // EU (London). - EuWest3RegionID = "eu-west-3" // EU (Paris). + EuWest1RegionID = "eu-west-1" // Europe (Ireland). + EuWest2RegionID = "eu-west-2" // Europe (London). + EuWest3RegionID = "eu-west-3" // Europe (Paris). MeSouth1RegionID = "me-south-1" // Middle East (Bahrain). SaEast1RegionID = "sa-east-1" // South America (Sao Paulo). UsEast1RegionID = "us-east-1" // US East (N. Virginia). @@ -48,7 +48,7 @@ const ( // AWS GovCloud (US) partition's regions. const ( UsGovEast1RegionID = "us-gov-east-1" // AWS GovCloud (US-East). - UsGovWest1RegionID = "us-gov-west-1" // AWS GovCloud (US). + UsGovWest1RegionID = "us-gov-west-1" // AWS GovCloud (US-West). ) // AWS ISO (US) partition's regions. @@ -134,22 +134,22 @@ var awsPartition = partition{ Description: "Canada (Central)", }, "eu-central-1": region{ - Description: "EU (Frankfurt)", + Description: "Europe (Frankfurt)", }, "eu-north-1": region{ - Description: "EU (Stockholm)", + Description: "Europe (Stockholm)", }, "eu-south-1": region{ Description: "Europe (Milan)", }, "eu-west-1": region{ - Description: "EU (Ireland)", + Description: "Europe (Ireland)", }, "eu-west-2": region{ - Description: "EU (London)", + Description: "Europe (London)", }, "eu-west-3": region{ - Description: "EU (Paris)", + Description: "Europe (Paris)", }, "me-south-1": region{ Description: "Middle East (Bahrain)", @@ -724,6 +724,7 @@ var awsPartition = partition{ Protocols: []string{"http", "https"}, }, Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, @@ -731,8 +732,12 @@ var awsPartition = partition{ "ap-southeast-2": endpoint{}, "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, + "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, "us-west-1": endpoint{}, @@ -855,6 +860,7 @@ var awsPartition = partition{ "cloud9": service{ Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, @@ -865,8 +871,12 @@ var awsPartition = partition{ "eu-north-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, + "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, + "us-west-1": endpoint{}, "us-west-2": endpoint{}, }, }, @@ -1984,6 +1994,48 @@ var awsPartition = partition{ "us-west-2": endpoint{}, }, }, + "eks": service{ + Defaults: endpoint{ + Protocols: []string{"http", "https"}, + }, + Endpoints: endpoints{ + "ap-east-1": endpoint{}, + "ap-northeast-1": endpoint{}, + "ap-northeast-2": endpoint{}, + "ap-south-1": endpoint{}, + "ap-southeast-1": endpoint{}, + "ap-southeast-2": endpoint{}, + "ca-central-1": endpoint{}, + "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, + "eu-west-1": endpoint{}, + "eu-west-2": endpoint{}, + "eu-west-3": endpoint{}, + "fips-us-east-1": endpoint{ + Hostname: "fips.eks.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + "fips-us-east-2": endpoint{ + Hostname: "fips.eks.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + "fips-us-west-2": endpoint{ + Hostname: "fips.eks.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-2": endpoint{}, + }, + }, "elasticache": service{ Endpoints: endpoints{ @@ -3221,6 +3273,7 @@ var awsPartition = partition{ "eu-central-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, + "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, "us-west-1": endpoint{}, @@ -3373,6 +3426,25 @@ var awsPartition = partition{ "us-east-1": endpoint{}, }, }, + "macie": service{ + + Endpoints: endpoints{ + "fips-us-east-1": endpoint{ + Hostname: "macie-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + "fips-us-west-2": endpoint{ + Hostname: "macie-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + "us-east-1": endpoint{}, + "us-west-2": endpoint{}, + }, + }, "managedblockchain": service{ Endpoints: endpoints{ @@ -3870,11 +3942,41 @@ var awsPartition = partition{ "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, - "me-south-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, + "fips-ca-central-1": endpoint{ + Hostname: "outposts-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + }, + "fips-us-east-1": endpoint{ + Hostname: "outposts-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + "fips-us-east-2": endpoint{ + Hostname: "outposts-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + "fips-us-west-1": endpoint{ + Hostname: "outposts-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, + "fips-us-west-2": endpoint{ + Hostname: "outposts-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + "me-south-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-1": endpoint{}, + "us-west-2": endpoint{}, }, }, "pinpoint": service{ @@ -4632,6 +4734,7 @@ var awsPartition = partition{ "secretsmanager": service{ Endpoints: endpoints{ + "af-south-1": endpoint{}, "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, @@ -4641,6 +4744,7 @@ var awsPartition = partition{ "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, "eu-north-1": endpoint{}, + "eu-south-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, @@ -4679,6 +4783,7 @@ var awsPartition = partition{ "securityhub": service{ Endpoints: endpoints{ + "af-south-1": endpoint{}, "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, @@ -4688,6 +4793,7 @@ var awsPartition = partition{ "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, "eu-north-1": endpoint{}, + "eu-south-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, @@ -5254,6 +5360,7 @@ var awsPartition = partition{ "storagegateway": service{ Endpoints: endpoints{ + "af-south-1": endpoint{}, "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, @@ -5263,6 +5370,7 @@ var awsPartition = partition{ "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, "eu-north-1": endpoint{}, + "eu-south-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, @@ -6155,6 +6263,15 @@ var awscnPartition = partition{ "cn-northwest-1": endpoint{}, }, }, + "eks": service{ + Defaults: endpoint{ + Protocols: []string{"http", "https"}, + }, + Endpoints: endpoints{ + "cn-north-1": endpoint{}, + "cn-northwest-1": endpoint{}, + }, + }, "elasticache": service{ Endpoints: endpoints{ @@ -6612,7 +6729,7 @@ var awsusgovPartition = partition{ Description: "AWS GovCloud (US-East)", }, "us-gov-west-1": region{ - Description: "AWS GovCloud (US)", + Description: "AWS GovCloud (US-West)", }, }, Services: services{ @@ -6745,7 +6862,9 @@ var awsusgovPartition = partition{ "autoscaling": service{ Endpoints: endpoints{ - "us-gov-east-1": endpoint{}, + "us-gov-east-1": endpoint{ + Protocols: []string{"http", "https"}, + }, "us-gov-west-1": endpoint{ Protocols: []string{"http", "https"}, }, @@ -6812,8 +6931,18 @@ var awsusgovPartition = partition{ "cloudtrail": service{ Endpoints: endpoints{ - "us-gov-east-1": endpoint{}, - "us-gov-west-1": endpoint{}, + "us-gov-east-1": endpoint{ + Hostname: "cloudtrail.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + "us-gov-west-1": endpoint{ + Hostname: "cloudtrail.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, }, }, "codebuild": service{ @@ -7101,6 +7230,18 @@ var awsusgovPartition = partition{ "elasticmapreduce": service{ Endpoints: endpoints{ + "fips-us-gov-east-1": endpoint{ + Hostname: "elasticmapreduce.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + "fips-us-gov-west-1": endpoint{ + Hostname: "elasticmapreduce.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, "us-gov-east-1": endpoint{}, "us-gov-west-1": endpoint{ Protocols: []string{"https"}, @@ -7135,8 +7276,18 @@ var awsusgovPartition = partition{ "events": service{ Endpoints: endpoints{ - "us-gov-east-1": endpoint{}, - "us-gov-west-1": endpoint{}, + "us-gov-east-1": endpoint{ + Hostname: "events.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + "us-gov-west-1": endpoint{ + Hostname: "events.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, }, }, "firehose": service{ @@ -7267,6 +7418,13 @@ var awsusgovPartition = partition{ "us-gov-west-1": endpoint{}, }, }, + "kafka": service{ + + Endpoints: endpoints{ + "us-gov-east-1": endpoint{}, + "us-gov-west-1": endpoint{}, + }, + }, "kinesis": service{ Endpoints: endpoints{ @@ -7401,8 +7559,18 @@ var awsusgovPartition = partition{ "outposts": service{ Endpoints: endpoints{ - "us-gov-east-1": endpoint{}, - "us-gov-west-1": endpoint{}, + "us-gov-east-1": endpoint{ + Hostname: "outposts.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + "us-gov-west-1": endpoint{ + Hostname: "outposts.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, }, }, "pinpoint": service{ @@ -7437,6 +7605,18 @@ var awsusgovPartition = partition{ "rds": service{ Endpoints: endpoints{ + "rds.us-gov-east-1": endpoint{ + Hostname: "rds.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + "rds.us-gov-west-1": endpoint{ + Hostname: "rds.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, "us-gov-east-1": endpoint{}, "us-gov-west-1": endpoint{}, }, diff --git a/vendor/github.com/aws/aws-sdk-go/aws/version.go b/vendor/github.com/aws/aws-sdk-go/aws/version.go index 354ef69292d..d23e36e2da2 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/version.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/version.go @@ -5,4 +5,4 @@ package aws const SDKName = "aws-sdk-go" // SDKVersion is the version of this SDK -const SDKVersion = "1.30.21" +const SDKVersion = "1.30.28" diff --git a/vendor/github.com/aws/aws-sdk-go/service/cloudwatchlogs/api.go b/vendor/github.com/aws/aws-sdk-go/service/cloudwatchlogs/api.go index b629ace9dd1..6ea344e5e52 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/cloudwatchlogs/api.go +++ b/vendor/github.com/aws/aws-sdk-go/service/cloudwatchlogs/api.go @@ -258,9 +258,10 @@ func (c *CloudWatchLogs) CreateExportTaskRequest(input *CreateExportTaskInput) ( // // This is an asynchronous call. If all the required information is provided, // this operation initiates an export task and responds with the ID of the task. -// After the task has started, you can use DescribeExportTasks to get the status -// of the export task. Each account can only have one active (RUNNING or PENDING) -// export task at a time. To cancel an export task, use CancelExportTask. +// After the task has started, you can use DescribeExportTasks (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DescribeExportTasks.html) +// to get the status of the export task. Each account can only have one active +// (RUNNING or PENDING) export task at a time. To cancel an export task, use +// CancelExportTask (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_CancelExportTask.html). // // You can export logs from multiple log groups or multiple time ranges to the // same S3 bucket. To separate out log data for each export task, you can specify @@ -896,6 +897,89 @@ func (c *CloudWatchLogs) DeleteMetricFilterWithContext(ctx aws.Context, input *D return out, req.Send() } +const opDeleteQueryDefinition = "DeleteQueryDefinition" + +// DeleteQueryDefinitionRequest generates a "aws/request.Request" representing the +// client's request for the DeleteQueryDefinition operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DeleteQueryDefinition for more information on using the DeleteQueryDefinition +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DeleteQueryDefinitionRequest method. +// req, resp := client.DeleteQueryDefinitionRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DeleteQueryDefinition +func (c *CloudWatchLogs) DeleteQueryDefinitionRequest(input *DeleteQueryDefinitionInput) (req *request.Request, output *DeleteQueryDefinitionOutput) { + op := &request.Operation{ + Name: opDeleteQueryDefinition, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &DeleteQueryDefinitionInput{} + } + + output = &DeleteQueryDefinitionOutput{} + req = c.newRequest(op, input, output) + return +} + +// DeleteQueryDefinition API operation for Amazon CloudWatch Logs. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon CloudWatch Logs's +// API operation DeleteQueryDefinition for usage and error information. +// +// Returned Error Types: +// * InvalidParameterException +// A parameter is specified incorrectly. +// +// * ResourceNotFoundException +// The specified resource does not exist. +// +// * ServiceUnavailableException +// The service cannot complete the request. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DeleteQueryDefinition +func (c *CloudWatchLogs) DeleteQueryDefinition(input *DeleteQueryDefinitionInput) (*DeleteQueryDefinitionOutput, error) { + req, out := c.DeleteQueryDefinitionRequest(input) + return out, req.Send() +} + +// DeleteQueryDefinitionWithContext is the same as DeleteQueryDefinition with the addition of +// the ability to pass a context and additional request options. +// +// See DeleteQueryDefinition for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *CloudWatchLogs) DeleteQueryDefinitionWithContext(ctx aws.Context, input *DeleteQueryDefinitionInput, opts ...request.Option) (*DeleteQueryDefinitionOutput, error) { + req, out := c.DeleteQueryDefinitionRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opDeleteResourcePolicy = "DeleteResourcePolicy" // DeleteResourcePolicyRequest generates a "aws/request.Request" representing the @@ -1914,6 +1998,86 @@ func (c *CloudWatchLogs) DescribeQueriesWithContext(ctx aws.Context, input *Desc return out, req.Send() } +const opDescribeQueryDefinitions = "DescribeQueryDefinitions" + +// DescribeQueryDefinitionsRequest generates a "aws/request.Request" representing the +// client's request for the DescribeQueryDefinitions operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DescribeQueryDefinitions for more information on using the DescribeQueryDefinitions +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DescribeQueryDefinitionsRequest method. +// req, resp := client.DescribeQueryDefinitionsRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DescribeQueryDefinitions +func (c *CloudWatchLogs) DescribeQueryDefinitionsRequest(input *DescribeQueryDefinitionsInput) (req *request.Request, output *DescribeQueryDefinitionsOutput) { + op := &request.Operation{ + Name: opDescribeQueryDefinitions, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &DescribeQueryDefinitionsInput{} + } + + output = &DescribeQueryDefinitionsOutput{} + req = c.newRequest(op, input, output) + return +} + +// DescribeQueryDefinitions API operation for Amazon CloudWatch Logs. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon CloudWatch Logs's +// API operation DescribeQueryDefinitions for usage and error information. +// +// Returned Error Types: +// * InvalidParameterException +// A parameter is specified incorrectly. +// +// * ServiceUnavailableException +// The service cannot complete the request. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DescribeQueryDefinitions +func (c *CloudWatchLogs) DescribeQueryDefinitions(input *DescribeQueryDefinitionsInput) (*DescribeQueryDefinitionsOutput, error) { + req, out := c.DescribeQueryDefinitionsRequest(input) + return out, req.Send() +} + +// DescribeQueryDefinitionsWithContext is the same as DescribeQueryDefinitions with the addition of +// the ability to pass a context and additional request options. +// +// See DescribeQueryDefinitions for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *CloudWatchLogs) DescribeQueryDefinitionsWithContext(ctx aws.Context, input *DescribeQueryDefinitionsInput, opts ...request.Option) (*DescribeQueryDefinitionsOutput, error) { + req, out := c.DescribeQueryDefinitionsRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opDescribeResourcePolicies = "DescribeResourcePolicies" // DescribeResourcePoliciesRequest generates a "aws/request.Request" representing the @@ -2589,7 +2753,9 @@ func (c *CloudWatchLogs) GetLogGroupFieldsRequest(input *GetLogGroupFieldsInput) // The search is limited to a time period that you specify. // // In the results, fields that start with @ are fields generated by CloudWatch -// Logs. For example, @timestamp is the timestamp of each log event. +// Logs. For example, @timestamp is the timestamp of each log event. For more +// information about the fields that are generated by CloudWatch logs, see Supported +// Logs and Discovered Fields (https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CWL_AnalyzeLogData-discoverable-fields.html). // // The response results are sorted by the frequency percentage, starting with // the highest percentage. @@ -2777,9 +2943,11 @@ func (c *CloudWatchLogs) GetQueryResultsRequest(input *GetQueryResultsInput) (re // // Only the fields requested in the query are returned, along with a @ptr field // which is the identifier for the log record. You can use the value of @ptr -// in a operation to get the full log record. +// in a GetLogRecord (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_GetLogRecord.html) +// operation to get the full log record. // -// GetQueryResults does not start a query execution. To run a query, use . +// GetQueryResults does not start a query execution. To run a query, use StartQuery +// (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_StartQuery.html). // // If the value of the Status field in the output is Running, this operation // returns only partial results. If you see a value of Scheduled or Running @@ -2955,12 +3123,13 @@ func (c *CloudWatchLogs) PutDestinationRequest(input *PutDestinationInput) (req // // A destination encapsulates a physical resource (such as an Amazon Kinesis // stream) and enables you to subscribe to a real-time stream of log events -// for a different account, ingested using PutLogEvents. +// for a different account, ingested using PutLogEvents (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutLogEvents.html). // // Through an access policy, a destination controls what is written to it. By // default, PutDestination does not set any access policy with the destination, -// which means a cross-account user cannot call PutSubscriptionFilter against -// this destination. To enable this, the destination owner must call PutDestinationPolicy +// which means a cross-account user cannot call PutSubscriptionFilter (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutSubscriptionFilter.html) +// against this destination. To enable this, the destination owner must call +// PutDestinationPolicy (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutDestinationPolicy.html) // after PutDestination. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -3269,7 +3438,7 @@ func (c *CloudWatchLogs) PutMetricFilterRequest(input *PutMetricFilterInput) (re // // Creates or updates a metric filter and associates it with the specified log // group. Metric filters allow you to configure rules to extract metric data -// from log events ingested through PutLogEvents. +// from log events ingested through PutLogEvents (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutLogEvents.html). // // The maximum number of metric filters that can be associated with a log group // is 100. @@ -3319,6 +3488,89 @@ func (c *CloudWatchLogs) PutMetricFilterWithContext(ctx aws.Context, input *PutM return out, req.Send() } +const opPutQueryDefinition = "PutQueryDefinition" + +// PutQueryDefinitionRequest generates a "aws/request.Request" representing the +// client's request for the PutQueryDefinition operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See PutQueryDefinition for more information on using the PutQueryDefinition +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the PutQueryDefinitionRequest method. +// req, resp := client.PutQueryDefinitionRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/PutQueryDefinition +func (c *CloudWatchLogs) PutQueryDefinitionRequest(input *PutQueryDefinitionInput) (req *request.Request, output *PutQueryDefinitionOutput) { + op := &request.Operation{ + Name: opPutQueryDefinition, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &PutQueryDefinitionInput{} + } + + output = &PutQueryDefinitionOutput{} + req = c.newRequest(op, input, output) + return +} + +// PutQueryDefinition API operation for Amazon CloudWatch Logs. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon CloudWatch Logs's +// API operation PutQueryDefinition for usage and error information. +// +// Returned Error Types: +// * InvalidParameterException +// A parameter is specified incorrectly. +// +// * ResourceNotFoundException +// The specified resource does not exist. +// +// * ServiceUnavailableException +// The service cannot complete the request. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/PutQueryDefinition +func (c *CloudWatchLogs) PutQueryDefinition(input *PutQueryDefinitionInput) (*PutQueryDefinitionOutput, error) { + req, out := c.PutQueryDefinitionRequest(input) + return out, req.Send() +} + +// PutQueryDefinitionWithContext is the same as PutQueryDefinition with the addition of +// the ability to pass a context and additional request options. +// +// See PutQueryDefinition for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *CloudWatchLogs) PutQueryDefinitionWithContext(ctx aws.Context, input *PutQueryDefinitionInput, opts ...request.Option) (*PutQueryDefinitionOutput, error) { + req, out := c.PutQueryDefinitionRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opPutResourcePolicy = "PutResourcePolicy" // PutResourcePolicyRequest generates a "aws/request.Request" representing the @@ -3544,8 +3796,9 @@ func (c *CloudWatchLogs) PutSubscriptionFilterRequest(input *PutSubscriptionFilt // // Creates or updates a subscription filter and associates it with the specified // log group. Subscription filters allow you to subscribe to a real-time stream -// of log events ingested through PutLogEvents and have them delivered to a -// specific destination. Currently, the supported destinations are: +// of log events ingested through PutLogEvents (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutLogEvents.html) +// and have them delivered to a specific destination. Currently, the supported +// destinations are: // // * An Amazon Kinesis stream belonging to the same account as the subscription // filter, for same-account delivery. @@ -3672,7 +3925,7 @@ func (c *CloudWatchLogs) StartQueryRequest(input *StartQueryInput) (req *request // Returned Error Types: // * MalformedQueryException // The query string is not valid. Details about this error are displayed in -// a QueryCompileError object. For more information, see . +// a QueryCompileError object. For more information, see QueryCompileError (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_QueryCompileError.html)"/>. // // For more information about valid query syntax, see CloudWatch Logs Insights // Query Syntax (https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CWL_QuerySyntax.html). @@ -3845,11 +4098,11 @@ func (c *CloudWatchLogs) TagLogGroupRequest(input *TagLogGroupInput) (req *reque // // Adds or updates the specified tags for the specified log group. // -// To list the tags for a log group, use ListTagsLogGroup. To remove tags, use -// UntagLogGroup. +// To list the tags for a log group, use ListTagsLogGroup (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_ListTagsLogGroup.html). +// To remove tags, use UntagLogGroup (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_UntagLogGroup.html). // // For more information about tags, see Tag Log Groups in Amazon CloudWatch -// Logs (https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/log-group-tagging.html) +// Logs (https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/Working-with-log-groups-and-streams.html#log-group-tagging) // in the Amazon CloudWatch Logs User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -4019,8 +4272,8 @@ func (c *CloudWatchLogs) UntagLogGroupRequest(input *UntagLogGroupInput) (req *r // // Removes the specified tags from the specified log group. // -// To list the tags for a log group, use ListTagsLogGroup. To add tags, use -// UntagLogGroup. +// To list the tags for a log group, use ListTagsLogGroup (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_ListTagsLogGroup.html). +// To add tags, use TagLogGroup (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_TagLogGroup.html). // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -4793,6 +5046,64 @@ func (s DeleteMetricFilterOutput) GoString() string { return s.String() } +type DeleteQueryDefinitionInput struct { + _ struct{} `type:"structure"` + + // QueryDefinitionId is a required field + QueryDefinitionId *string `locationName:"queryDefinitionId" type:"string" required:"true"` +} + +// String returns the string representation +func (s DeleteQueryDefinitionInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DeleteQueryDefinitionInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DeleteQueryDefinitionInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DeleteQueryDefinitionInput"} + if s.QueryDefinitionId == nil { + invalidParams.Add(request.NewErrParamRequired("QueryDefinitionId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetQueryDefinitionId sets the QueryDefinitionId field's value. +func (s *DeleteQueryDefinitionInput) SetQueryDefinitionId(v string) *DeleteQueryDefinitionInput { + s.QueryDefinitionId = &v + return s +} + +type DeleteQueryDefinitionOutput struct { + _ struct{} `type:"structure"` + + Success *bool `locationName:"success" type:"boolean"` +} + +// String returns the string representation +func (s DeleteQueryDefinitionOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DeleteQueryDefinitionOutput) GoString() string { + return s.String() +} + +// SetSuccess sets the Success field's value. +func (s *DeleteQueryDefinitionOutput) SetSuccess(v bool) *DeleteQueryDefinitionOutput { + s.Success = &v + return s +} + type DeleteResourcePolicyInput struct { _ struct{} `type:"structure"` @@ -5631,6 +5942,97 @@ func (s *DescribeQueriesOutput) SetQueries(v []*QueryInfo) *DescribeQueriesOutpu return s } +type DescribeQueryDefinitionsInput struct { + _ struct{} `type:"structure"` + + MaxResults *int64 `locationName:"maxResults" min:"1" type:"integer"` + + // The token for the next set of items to return. The token expires after 24 + // hours. + NextToken *string `locationName:"nextToken" min:"1" type:"string"` + + QueryDefinitionNamePrefix *string `locationName:"queryDefinitionNamePrefix" min:"1" type:"string"` +} + +// String returns the string representation +func (s DescribeQueryDefinitionsInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeQueryDefinitionsInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeQueryDefinitionsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeQueryDefinitionsInput"} + if s.MaxResults != nil && *s.MaxResults < 1 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) + } + if s.NextToken != nil && len(*s.NextToken) < 1 { + invalidParams.Add(request.NewErrParamMinLen("NextToken", 1)) + } + if s.QueryDefinitionNamePrefix != nil && len(*s.QueryDefinitionNamePrefix) < 1 { + invalidParams.Add(request.NewErrParamMinLen("QueryDefinitionNamePrefix", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetMaxResults sets the MaxResults field's value. +func (s *DescribeQueryDefinitionsInput) SetMaxResults(v int64) *DescribeQueryDefinitionsInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeQueryDefinitionsInput) SetNextToken(v string) *DescribeQueryDefinitionsInput { + s.NextToken = &v + return s +} + +// SetQueryDefinitionNamePrefix sets the QueryDefinitionNamePrefix field's value. +func (s *DescribeQueryDefinitionsInput) SetQueryDefinitionNamePrefix(v string) *DescribeQueryDefinitionsInput { + s.QueryDefinitionNamePrefix = &v + return s +} + +type DescribeQueryDefinitionsOutput struct { + _ struct{} `type:"structure"` + + // The token for the next set of items to return. The token expires after 24 + // hours. + NextToken *string `locationName:"nextToken" min:"1" type:"string"` + + QueryDefinitions []*QueryDefinition `locationName:"queryDefinitions" type:"list"` +} + +// String returns the string representation +func (s DescribeQueryDefinitionsOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeQueryDefinitionsOutput) GoString() string { + return s.String() +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeQueryDefinitionsOutput) SetNextToken(v string) *DescribeQueryDefinitionsOutput { + s.NextToken = &v + return s +} + +// SetQueryDefinitions sets the QueryDefinitions field's value. +func (s *DescribeQueryDefinitionsOutput) SetQueryDefinitions(v []*QueryDefinition) *DescribeQueryDefinitionsOutput { + s.QueryDefinitions = v + return s +} + type DescribeResourcePoliciesInput struct { _ struct{} `type:"structure"` @@ -7344,7 +7746,7 @@ func (s *LogStream) SetUploadSequenceToken(v string) *LogStream { } // The query string is not valid. Details about this error are displayed in -// a QueryCompileError object. For more information, see . +// a QueryCompileError object. For more information, see QueryCompileError (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_QueryCompileError.html)"/>. // // For more information about valid query syntax, see CloudWatch Logs Insights // Query Syntax (https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CWL_QuerySyntax.html). @@ -7528,7 +7930,9 @@ type MetricTransformation struct { // MetricName is a required field MetricName *string `locationName:"metricName" type:"string" required:"true"` - // The namespace of the CloudWatch metric. + // A custom namespace to contain your metric in CloudWatch. Use namespaces to + // group together metrics that are similar. For more information, see Namespaces + // (https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cloudwatch_concepts.html#Namespace). // // MetricNamespace is a required field MetricNamespace *string `locationName:"metricNamespace" type:"string" required:"true"` @@ -7885,9 +8289,9 @@ type PutLogEventsInput struct { // The sequence token obtained from the response of the previous PutLogEvents // call. An upload in a newly created log stream does not require a sequence - // token. You can also get the sequence token using DescribeLogStreams. If you - // call PutLogEvents twice within a narrow time period using the same value - // for sequenceToken, both calls may be successful, or one may be rejected. + // token. You can also get the sequence token using DescribeLogStreams (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DescribeLogStreams.html). + // If you call PutLogEvents twice within a narrow time period using the same + // value for sequenceToken, both calls may be successful, or one may be rejected. SequenceToken *string `locationName:"sequenceToken" min:"1" type:"string"` } @@ -8111,6 +8515,98 @@ func (s PutMetricFilterOutput) GoString() string { return s.String() } +type PutQueryDefinitionInput struct { + _ struct{} `type:"structure"` + + LogGroupNames []*string `locationName:"logGroupNames" type:"list"` + + // Name is a required field + Name *string `locationName:"name" min:"1" type:"string" required:"true"` + + QueryDefinitionId *string `locationName:"queryDefinitionId" type:"string"` + + // QueryString is a required field + QueryString *string `locationName:"queryString" min:"1" type:"string" required:"true"` +} + +// String returns the string representation +func (s PutQueryDefinitionInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s PutQueryDefinitionInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *PutQueryDefinitionInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "PutQueryDefinitionInput"} + if s.Name == nil { + invalidParams.Add(request.NewErrParamRequired("Name")) + } + if s.Name != nil && len(*s.Name) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Name", 1)) + } + if s.QueryString == nil { + invalidParams.Add(request.NewErrParamRequired("QueryString")) + } + if s.QueryString != nil && len(*s.QueryString) < 1 { + invalidParams.Add(request.NewErrParamMinLen("QueryString", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetLogGroupNames sets the LogGroupNames field's value. +func (s *PutQueryDefinitionInput) SetLogGroupNames(v []*string) *PutQueryDefinitionInput { + s.LogGroupNames = v + return s +} + +// SetName sets the Name field's value. +func (s *PutQueryDefinitionInput) SetName(v string) *PutQueryDefinitionInput { + s.Name = &v + return s +} + +// SetQueryDefinitionId sets the QueryDefinitionId field's value. +func (s *PutQueryDefinitionInput) SetQueryDefinitionId(v string) *PutQueryDefinitionInput { + s.QueryDefinitionId = &v + return s +} + +// SetQueryString sets the QueryString field's value. +func (s *PutQueryDefinitionInput) SetQueryString(v string) *PutQueryDefinitionInput { + s.QueryString = &v + return s +} + +type PutQueryDefinitionOutput struct { + _ struct{} `type:"structure"` + + QueryDefinitionId *string `locationName:"queryDefinitionId" type:"string"` +} + +// String returns the string representation +func (s PutQueryDefinitionOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s PutQueryDefinitionOutput) GoString() string { + return s.String() +} + +// SetQueryDefinitionId sets the QueryDefinitionId field's value. +func (s *PutQueryDefinitionOutput) SetQueryDefinitionId(v string) *PutQueryDefinitionOutput { + s.QueryDefinitionId = &v + return s +} + type PutResourcePolicyInput struct { _ struct{} `type:"structure"` @@ -8290,7 +8786,8 @@ type PutSubscriptionFilterInput struct { // A name for the subscription filter. If you are updating an existing filter, // you must specify the correct name in filterName. Otherwise, the call fails // because you cannot associate a second filter with a log group. To find the - // name of the filter currently associated with a log group, use DescribeSubscriptionFilters. + // name of the filter currently associated with a log group, use DescribeSubscriptionFilters + // (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DescribeSubscriptionFilters.html). // // FilterName is a required field FilterName *string `locationName:"filterName" min:"1" type:"string" required:"true"` @@ -8472,6 +8969,60 @@ func (s *QueryCompileErrorLocation) SetStartCharOffset(v int64) *QueryCompileErr return s } +type QueryDefinition struct { + _ struct{} `type:"structure"` + + LastModified *int64 `locationName:"lastModified" type:"long"` + + LogGroupNames []*string `locationName:"logGroupNames" type:"list"` + + Name *string `locationName:"name" min:"1" type:"string"` + + QueryDefinitionId *string `locationName:"queryDefinitionId" type:"string"` + + QueryString *string `locationName:"queryString" min:"1" type:"string"` +} + +// String returns the string representation +func (s QueryDefinition) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s QueryDefinition) GoString() string { + return s.String() +} + +// SetLastModified sets the LastModified field's value. +func (s *QueryDefinition) SetLastModified(v int64) *QueryDefinition { + s.LastModified = &v + return s +} + +// SetLogGroupNames sets the LogGroupNames field's value. +func (s *QueryDefinition) SetLogGroupNames(v []*string) *QueryDefinition { + s.LogGroupNames = v + return s +} + +// SetName sets the Name field's value. +func (s *QueryDefinition) SetName(v string) *QueryDefinition { + s.Name = &v + return s +} + +// SetQueryDefinitionId sets the QueryDefinitionId field's value. +func (s *QueryDefinition) SetQueryDefinitionId(v string) *QueryDefinition { + s.QueryDefinitionId = &v + return s +} + +// SetQueryString sets the QueryString field's value. +func (s *QueryDefinition) SetQueryString(v string) *QueryDefinition { + s.QueryString = &v + return s +} + // Information about one CloudWatch Logs Insights query that matches the request // in a DescribeQueries operation. type QueryInfo struct { @@ -8778,6 +9329,9 @@ func (s *ResourcePolicy) SetPolicyName(v string) *ResourcePolicy { // Contains one field from one log event returned by a CloudWatch Logs Insights // query, along with the value of that field. +// +// For more information about the fields that are generated by CloudWatch logs, +// see Supported Logs and Discovered Fields (https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CWL_AnalyzeLogData-discoverable-fields.html). type ResultField struct { _ struct{} `type:"structure"` diff --git a/vendor/github.com/aws/aws-sdk-go/service/cloudwatchlogs/errors.go b/vendor/github.com/aws/aws-sdk-go/service/cloudwatchlogs/errors.go index c6e23336d00..39c9cd5eafe 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/cloudwatchlogs/errors.go +++ b/vendor/github.com/aws/aws-sdk-go/service/cloudwatchlogs/errors.go @@ -43,7 +43,7 @@ const ( // "MalformedQueryException". // // The query string is not valid. Details about this error are displayed in - // a QueryCompileError object. For more information, see . + // a QueryCompileError object. For more information, see QueryCompileError (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_QueryCompileError.html)"/>. // // For more information about valid query syntax, see CloudWatch Logs Insights // Query Syntax (https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CWL_QuerySyntax.html). diff --git a/vendor/github.com/aws/aws-sdk-go/service/codebuild/api.go b/vendor/github.com/aws/aws-sdk-go/service/codebuild/api.go index 48ec22795e9..0da13a3c1b1 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/codebuild/api.go +++ b/vendor/github.com/aws/aws-sdk-go/service/codebuild/api.go @@ -1205,6 +1205,12 @@ func (c *CodeBuild) DescribeTestCasesRequest(input *DescribeTestCasesInput) (req Name: opDescribeTestCases, HTTPMethod: "POST", HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"nextToken"}, + OutputTokens: []string{"nextToken"}, + LimitToken: "maxResults", + TruncationToken: "", + }, } if input == nil { @@ -1256,6 +1262,58 @@ func (c *CodeBuild) DescribeTestCasesWithContext(ctx aws.Context, input *Describ return out, req.Send() } +// DescribeTestCasesPages iterates over the pages of a DescribeTestCases operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeTestCases method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeTestCases operation. +// pageNum := 0 +// err := client.DescribeTestCasesPages(params, +// func(page *codebuild.DescribeTestCasesOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *CodeBuild) DescribeTestCasesPages(input *DescribeTestCasesInput, fn func(*DescribeTestCasesOutput, bool) bool) error { + return c.DescribeTestCasesPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeTestCasesPagesWithContext same as DescribeTestCasesPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *CodeBuild) DescribeTestCasesPagesWithContext(ctx aws.Context, input *DescribeTestCasesInput, fn func(*DescribeTestCasesOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeTestCasesInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeTestCasesRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeTestCasesOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opGetResourcePolicy = "GetResourcePolicy" // GetResourcePolicyRequest generates a "aws/request.Request" representing the @@ -1539,6 +1597,12 @@ func (c *CodeBuild) ListBuildsRequest(input *ListBuildsInput) (req *request.Requ Name: opListBuilds, HTTPMethod: "POST", HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"nextToken"}, + OutputTokens: []string{"nextToken"}, + LimitToken: "", + TruncationToken: "", + }, } if input == nil { @@ -1587,6 +1651,58 @@ func (c *CodeBuild) ListBuildsWithContext(ctx aws.Context, input *ListBuildsInpu return out, req.Send() } +// ListBuildsPages iterates over the pages of a ListBuilds operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See ListBuilds method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a ListBuilds operation. +// pageNum := 0 +// err := client.ListBuildsPages(params, +// func(page *codebuild.ListBuildsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *CodeBuild) ListBuildsPages(input *ListBuildsInput, fn func(*ListBuildsOutput, bool) bool) error { + return c.ListBuildsPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// ListBuildsPagesWithContext same as ListBuildsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *CodeBuild) ListBuildsPagesWithContext(ctx aws.Context, input *ListBuildsInput, fn func(*ListBuildsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *ListBuildsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.ListBuildsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*ListBuildsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opListBuildsForProject = "ListBuildsForProject" // ListBuildsForProjectRequest generates a "aws/request.Request" representing the @@ -1618,6 +1734,12 @@ func (c *CodeBuild) ListBuildsForProjectRequest(input *ListBuildsForProjectInput Name: opListBuildsForProject, HTTPMethod: "POST", HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"nextToken"}, + OutputTokens: []string{"nextToken"}, + LimitToken: "", + TruncationToken: "", + }, } if input == nil { @@ -1670,6 +1792,58 @@ func (c *CodeBuild) ListBuildsForProjectWithContext(ctx aws.Context, input *List return out, req.Send() } +// ListBuildsForProjectPages iterates over the pages of a ListBuildsForProject operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See ListBuildsForProject method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a ListBuildsForProject operation. +// pageNum := 0 +// err := client.ListBuildsForProjectPages(params, +// func(page *codebuild.ListBuildsForProjectOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *CodeBuild) ListBuildsForProjectPages(input *ListBuildsForProjectInput, fn func(*ListBuildsForProjectOutput, bool) bool) error { + return c.ListBuildsForProjectPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// ListBuildsForProjectPagesWithContext same as ListBuildsForProjectPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *CodeBuild) ListBuildsForProjectPagesWithContext(ctx aws.Context, input *ListBuildsForProjectInput, fn func(*ListBuildsForProjectOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *ListBuildsForProjectInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.ListBuildsForProjectRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*ListBuildsForProjectOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opListCuratedEnvironmentImages = "ListCuratedEnvironmentImages" // ListCuratedEnvironmentImagesRequest generates a "aws/request.Request" representing the @@ -1775,6 +1949,12 @@ func (c *CodeBuild) ListProjectsRequest(input *ListProjectsInput) (req *request. Name: opListProjects, HTTPMethod: "POST", HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"nextToken"}, + OutputTokens: []string{"nextToken"}, + LimitToken: "", + TruncationToken: "", + }, } if input == nil { @@ -1824,6 +2004,58 @@ func (c *CodeBuild) ListProjectsWithContext(ctx aws.Context, input *ListProjects return out, req.Send() } +// ListProjectsPages iterates over the pages of a ListProjects operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See ListProjects method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a ListProjects operation. +// pageNum := 0 +// err := client.ListProjectsPages(params, +// func(page *codebuild.ListProjectsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *CodeBuild) ListProjectsPages(input *ListProjectsInput, fn func(*ListProjectsOutput, bool) bool) error { + return c.ListProjectsPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// ListProjectsPagesWithContext same as ListProjectsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *CodeBuild) ListProjectsPagesWithContext(ctx aws.Context, input *ListProjectsInput, fn func(*ListProjectsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *ListProjectsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.ListProjectsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*ListProjectsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opListReportGroups = "ListReportGroups" // ListReportGroupsRequest generates a "aws/request.Request" representing the @@ -1855,6 +2087,12 @@ func (c *CodeBuild) ListReportGroupsRequest(input *ListReportGroupsInput) (req * Name: opListReportGroups, HTTPMethod: "POST", HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"nextToken"}, + OutputTokens: []string{"nextToken"}, + LimitToken: "maxResults", + TruncationToken: "", + }, } if input == nil { @@ -1903,6 +2141,58 @@ func (c *CodeBuild) ListReportGroupsWithContext(ctx aws.Context, input *ListRepo return out, req.Send() } +// ListReportGroupsPages iterates over the pages of a ListReportGroups operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See ListReportGroups method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a ListReportGroups operation. +// pageNum := 0 +// err := client.ListReportGroupsPages(params, +// func(page *codebuild.ListReportGroupsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *CodeBuild) ListReportGroupsPages(input *ListReportGroupsInput, fn func(*ListReportGroupsOutput, bool) bool) error { + return c.ListReportGroupsPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// ListReportGroupsPagesWithContext same as ListReportGroupsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *CodeBuild) ListReportGroupsPagesWithContext(ctx aws.Context, input *ListReportGroupsInput, fn func(*ListReportGroupsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *ListReportGroupsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.ListReportGroupsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*ListReportGroupsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opListReports = "ListReports" // ListReportsRequest generates a "aws/request.Request" representing the @@ -1934,6 +2224,12 @@ func (c *CodeBuild) ListReportsRequest(input *ListReportsInput) (req *request.Re Name: opListReports, HTTPMethod: "POST", HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"nextToken"}, + OutputTokens: []string{"nextToken"}, + LimitToken: "maxResults", + TruncationToken: "", + }, } if input == nil { @@ -1982,6 +2278,58 @@ func (c *CodeBuild) ListReportsWithContext(ctx aws.Context, input *ListReportsIn return out, req.Send() } +// ListReportsPages iterates over the pages of a ListReports operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See ListReports method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a ListReports operation. +// pageNum := 0 +// err := client.ListReportsPages(params, +// func(page *codebuild.ListReportsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *CodeBuild) ListReportsPages(input *ListReportsInput, fn func(*ListReportsOutput, bool) bool) error { + return c.ListReportsPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// ListReportsPagesWithContext same as ListReportsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *CodeBuild) ListReportsPagesWithContext(ctx aws.Context, input *ListReportsInput, fn func(*ListReportsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *ListReportsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.ListReportsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*ListReportsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opListReportsForReportGroup = "ListReportsForReportGroup" // ListReportsForReportGroupRequest generates a "aws/request.Request" representing the @@ -2013,6 +2361,12 @@ func (c *CodeBuild) ListReportsForReportGroupRequest(input *ListReportsForReport Name: opListReportsForReportGroup, HTTPMethod: "POST", HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"nextToken"}, + OutputTokens: []string{"nextToken"}, + LimitToken: "maxResults", + TruncationToken: "", + }, } if input == nil { @@ -2064,6 +2418,58 @@ func (c *CodeBuild) ListReportsForReportGroupWithContext(ctx aws.Context, input return out, req.Send() } +// ListReportsForReportGroupPages iterates over the pages of a ListReportsForReportGroup operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See ListReportsForReportGroup method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a ListReportsForReportGroup operation. +// pageNum := 0 +// err := client.ListReportsForReportGroupPages(params, +// func(page *codebuild.ListReportsForReportGroupOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *CodeBuild) ListReportsForReportGroupPages(input *ListReportsForReportGroupInput, fn func(*ListReportsForReportGroupOutput, bool) bool) error { + return c.ListReportsForReportGroupPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// ListReportsForReportGroupPagesWithContext same as ListReportsForReportGroupPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *CodeBuild) ListReportsForReportGroupPagesWithContext(ctx aws.Context, input *ListReportsForReportGroupInput, fn func(*ListReportsForReportGroupOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *ListReportsForReportGroupInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.ListReportsForReportGroupRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*ListReportsForReportGroupOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opListSharedProjects = "ListSharedProjects" // ListSharedProjectsRequest generates a "aws/request.Request" representing the @@ -2095,6 +2501,12 @@ func (c *CodeBuild) ListSharedProjectsRequest(input *ListSharedProjectsInput) (r Name: opListSharedProjects, HTTPMethod: "POST", HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"nextToken"}, + OutputTokens: []string{"nextToken"}, + LimitToken: "maxResults", + TruncationToken: "", + }, } if input == nil { @@ -2143,6 +2555,58 @@ func (c *CodeBuild) ListSharedProjectsWithContext(ctx aws.Context, input *ListSh return out, req.Send() } +// ListSharedProjectsPages iterates over the pages of a ListSharedProjects operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See ListSharedProjects method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a ListSharedProjects operation. +// pageNum := 0 +// err := client.ListSharedProjectsPages(params, +// func(page *codebuild.ListSharedProjectsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *CodeBuild) ListSharedProjectsPages(input *ListSharedProjectsInput, fn func(*ListSharedProjectsOutput, bool) bool) error { + return c.ListSharedProjectsPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// ListSharedProjectsPagesWithContext same as ListSharedProjectsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *CodeBuild) ListSharedProjectsPagesWithContext(ctx aws.Context, input *ListSharedProjectsInput, fn func(*ListSharedProjectsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *ListSharedProjectsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.ListSharedProjectsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*ListSharedProjectsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opListSharedReportGroups = "ListSharedReportGroups" // ListSharedReportGroupsRequest generates a "aws/request.Request" representing the @@ -2174,6 +2638,12 @@ func (c *CodeBuild) ListSharedReportGroupsRequest(input *ListSharedReportGroupsI Name: opListSharedReportGroups, HTTPMethod: "POST", HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"nextToken"}, + OutputTokens: []string{"nextToken"}, + LimitToken: "maxResults", + TruncationToken: "", + }, } if input == nil { @@ -2222,6 +2692,58 @@ func (c *CodeBuild) ListSharedReportGroupsWithContext(ctx aws.Context, input *Li return out, req.Send() } +// ListSharedReportGroupsPages iterates over the pages of a ListSharedReportGroups operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See ListSharedReportGroups method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a ListSharedReportGroups operation. +// pageNum := 0 +// err := client.ListSharedReportGroupsPages(params, +// func(page *codebuild.ListSharedReportGroupsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *CodeBuild) ListSharedReportGroupsPages(input *ListSharedReportGroupsInput, fn func(*ListSharedReportGroupsOutput, bool) bool) error { + return c.ListSharedReportGroupsPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// ListSharedReportGroupsPagesWithContext same as ListSharedReportGroupsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *CodeBuild) ListSharedReportGroupsPagesWithContext(ctx aws.Context, input *ListSharedReportGroupsInput, fn func(*ListSharedReportGroupsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *ListSharedReportGroupsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.ListSharedReportGroupsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*ListSharedReportGroupsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opListSourceCredentials = "ListSourceCredentials" // ListSourceCredentialsRequest generates a "aws/request.Request" representing the @@ -5003,12 +5525,15 @@ type EnvironmentVariable struct { // The type of environment variable. Valid values include: // // * PARAMETER_STORE: An environment variable stored in Amazon EC2 Systems - // Manager Parameter Store. + // Manager Parameter Store. To learn how to specify a parameter store environment + // variable, see parameter store reference-key in the buildspec file (https://docs.aws.amazon.com/codebuild/latest/userguide/build-spec-ref.html#parameter-store-build-spec). // // * PLAINTEXT: An environment variable in plain text format. This is the // default value. // // * SECRETS_MANAGER: An environment variable stored in AWS Secrets Manager. + // To learn how to specify a secrets manager environment variable, see secrets + // manager reference-key in the buildspec file (https://docs.aws.amazon.com/codebuild/latest/userguide/build-spec-ref.html#secrets-manager-build-spec). Type *string `locationName:"type" type:"string" enum:"EnvironmentVariableType"` // The value of the environment variable. @@ -7379,16 +7904,16 @@ type ProjectEnvironment struct { // (Mumbai), Asia Pacific (Tokyo), Asia Pacific (Sydney), and EU (Frankfurt). // // * The environment type LINUX_CONTAINER with compute type build.general1.2xlarge - // is available only in regions US East (N. Virginia), US East (N. Virginia), - // US West (Oregon), Canada (Central), EU (Ireland), EU (London), EU (Frankfurt), + // is available only in regions US East (N. Virginia), US East (Ohio), US + // West (Oregon), Canada (Central), EU (Ireland), EU (London), EU (Frankfurt), // Asia Pacific (Tokyo), Asia Pacific (Seoul), Asia Pacific (Singapore), // Asia Pacific (Sydney), China (Beijing), and China (Ningxia). // // * The environment type LINUX_GPU_CONTAINER is available only in regions - // US East (N. Virginia), US East (N. Virginia), US West (Oregon), Canada - // (Central), EU (Ireland), EU (London), EU (Frankfurt), Asia Pacific (Tokyo), - // Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney) - // , China (Beijing), and China (Ningxia). + // US East (N. Virginia), US East (Ohio), US West (Oregon), Canada (Central), + // EU (Ireland), EU (London), EU (Frankfurt), Asia Pacific (Tokyo), Asia + // Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney) , China + // (Beijing), and China (Ningxia). // // Type is a required field Type *string `locationName:"type" type:"string" required:"true" enum:"EnvironmentType"` @@ -8684,7 +9209,7 @@ type StartBuildInput struct { // A unique, case sensitive identifier you provide to ensure the idempotency // of the StartBuild request. The token is included in the StartBuild request - // and is valid for 12 hours. If you repeat the StartBuild request with the + // and is valid for 5 minutes. If you repeat the StartBuild request with the // same token, but change a parameter, AWS CodeBuild returns a parameter mismatch // error. IdempotencyToken *string `locationName:"idempotencyToken" type:"string"` @@ -10089,16 +10614,16 @@ type WebhookFilter struct { // Pattern is a required field Pattern *string `locationName:"pattern" type:"string" required:"true"` - // The type of webhook filter. There are five webhook filter types: EVENT, ACTOR_ACCOUNT_ID, - // HEAD_REF, BASE_REF, and FILE_PATH. + // The type of webhook filter. There are six webhook filter types: EVENT, ACTOR_ACCOUNT_ID, + // HEAD_REF, BASE_REF, FILE_PATH, and COMMIT_MESSAGE. // // EVENT // // A webhook event triggers a build when the provided pattern matches one of - // four event types: PUSH, PULL_REQUEST_CREATED, PULL_REQUEST_UPDATED, and PULL_REQUEST_REOPENED. - // The EVENT patterns are specified as a comma-separated string. For example, - // PUSH, PULL_REQUEST_CREATED, PULL_REQUEST_UPDATED filters all push, pull request - // created, and pull request updated events. + // five event types: PUSH, PULL_REQUEST_CREATED, PULL_REQUEST_UPDATED, PULL_REQUEST_REOPENED, + // and PULL_REQUEST_MERGED. The EVENT patterns are specified as a comma-separated + // string. For example, PUSH, PULL_REQUEST_CREATED, PULL_REQUEST_UPDATED filters + // all push, pull request created, and pull request updated events. // // The PULL_REQUEST_REOPENED works with GitHub and GitHub Enterprise only. // @@ -10127,7 +10652,18 @@ type WebhookFilter struct { // A webhook triggers a build when the path of a changed file matches the regular // expression pattern. // - // Works with GitHub and GitHub Enterprise push events only. + // Works with GitHub and Bitbucket events push and pull requests events. Also + // works with GitHub Enterprise push events, but does not work with GitHub Enterprise + // pull request events. + // + // COMMIT_MESSAGE + // + // A webhook triggers a build when the head commit message matches the regular + // expression pattern. + // + // Works with GitHub and Bitbucket events push and pull requests events. Also + // works with GitHub Enterprise push events, but does not work with GitHub Enterprise + // pull request events. // // Type is a required field Type *string `locationName:"type" type:"string" required:"true" enum:"WebhookFilterType"` @@ -10517,4 +11053,7 @@ const ( // WebhookFilterTypeFilePath is a WebhookFilterType enum value WebhookFilterTypeFilePath = "FILE_PATH" + + // WebhookFilterTypeCommitMessage is a WebhookFilterType enum value + WebhookFilterTypeCommitMessage = "COMMIT_MESSAGE" ) diff --git a/vendor/github.com/aws/aws-sdk-go/service/ec2/api.go b/vendor/github.com/aws/aws-sdk-go/service/ec2/api.go index 3f68867ee8b..d71efab9be8 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/ec2/api.go +++ b/vendor/github.com/aws/aws-sdk-go/service/ec2/api.go @@ -4678,6 +4678,8 @@ func (c *EC2) CreateLaunchTemplateRequest(input *CreateLaunchTemplateInput) (req // Creates a launch template. A launch template contains the parameters to launch // an instance. When you launch an instance using RunInstances, you can specify // a launch template instead of providing the launch parameters in the request. +// For more information, see Launching an instance from a launch template (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-launch-templates.html)in +// the Amazon Elastic Compute Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -4757,6 +4759,9 @@ func (c *EC2) CreateLaunchTemplateVersionRequest(input *CreateLaunchTemplateVers // Launch template versions are numbered in the order in which they are created. // You cannot specify, change, or replace the numbering of launch template versions. // +// For more information, see Managing launch template versions (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-launch-templates.html#manage-launch-template-versions)in +// the Amazon Elastic Compute Cloud User Guide. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -46592,6 +46597,11 @@ type CreateLaunchTemplateOutput struct { // Information about the launch template. LaunchTemplate *LaunchTemplate `locationName:"launchTemplate" type:"structure"` + + // If the launch template contains parameters or parameter combinations that + // are not valid, an error code and an error message are returned for each issue + // that's found. + Warning *ValidationWarning `locationName:"warning" type:"structure"` } // String returns the string representation @@ -46610,6 +46620,12 @@ func (s *CreateLaunchTemplateOutput) SetLaunchTemplate(v *LaunchTemplate) *Creat return s } +// SetWarning sets the Warning field's value. +func (s *CreateLaunchTemplateOutput) SetWarning(v *ValidationWarning) *CreateLaunchTemplateOutput { + s.Warning = v + return s +} + type CreateLaunchTemplateVersionInput struct { _ struct{} `type:"structure"` @@ -46727,6 +46743,11 @@ type CreateLaunchTemplateVersionOutput struct { // Information about the launch template version. LaunchTemplateVersion *LaunchTemplateVersion `locationName:"launchTemplateVersion" type:"structure"` + + // If the new version of the launch template contains parameters or parameter + // combinations that are not valid, an error code and an error message are returned + // for each issue that's found. + Warning *ValidationWarning `locationName:"warning" type:"structure"` } // String returns the string representation @@ -46745,6 +46766,12 @@ func (s *CreateLaunchTemplateVersionOutput) SetLaunchTemplateVersion(v *LaunchTe return s } +// SetWarning sets the Warning field's value. +func (s *CreateLaunchTemplateVersionOutput) SetWarning(v *ValidationWarning) *CreateLaunchTemplateVersionOutput { + s.Warning = v + return s +} + type CreateLocalGatewayRouteInput struct { _ struct{} `type:"structure"` @@ -46861,6 +46888,9 @@ type CreateLocalGatewayRouteTableVpcAssociationInput struct { // LocalGatewayRouteTableId is a required field LocalGatewayRouteTableId *string `type:"string" required:"true"` + // The tags to assign to the local gateway route table VPC association. + TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` + // The ID of the VPC. // // VpcId is a required field @@ -46905,6 +46935,12 @@ func (s *CreateLocalGatewayRouteTableVpcAssociationInput) SetLocalGatewayRouteTa return s } +// SetTagSpecifications sets the TagSpecifications field's value. +func (s *CreateLocalGatewayRouteTableVpcAssociationInput) SetTagSpecifications(v []*TagSpecification) *CreateLocalGatewayRouteTableVpcAssociationInput { + s.TagSpecifications = v + return s +} + // SetVpcId sets the VpcId field's value. func (s *CreateLocalGatewayRouteTableVpcAssociationInput) SetVpcId(v string) *CreateLocalGatewayRouteTableVpcAssociationInput { s.VpcId = &v @@ -48403,7 +48439,8 @@ type CreateSubnetInput struct { // must use a /64 prefix length. Ipv6CidrBlock *string `type:"string"` - // The Amazon Resource Name (ARN) of the Outpost. + // The Amazon Resource Name (ARN) of the Outpost. If you specify an Outpost + // ARN, you must also specify the Availability Zone of the Outpost subnet. OutpostArn *string `type:"string"` // The ID of the VPC. @@ -61444,6 +61481,18 @@ type DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociationsInput struct DryRun *bool `type:"boolean"` // One or more filters. + // + // * local-gateway-id - The ID of a local gateway. + // + // * local-gateway-route-table-id - The ID of the local gateway route table. + // + // * local-gateway-route-table-virtual-interface-group-association-id - The + // ID of the association. + // + // * local-gateway-route-table-virtual-interface-group-id - The ID of the + // virtual interface group. + // + // * state - The state of the association. Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` // The IDs of the associations. @@ -61553,6 +61602,16 @@ type DescribeLocalGatewayRouteTableVpcAssociationsInput struct { DryRun *bool `type:"boolean"` // One or more filters. + // + // * local-gateway-id - The ID of a local gateway. + // + // * local-gateway-route-table-id - The ID of the local gateway route table. + // + // * local-gateway-route-table-vpc-association-id - The ID of the association. + // + // * state - The state of the association. + // + // * vpc-id - The ID of the VPC. Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` // The IDs of the associations. @@ -61662,6 +61721,14 @@ type DescribeLocalGatewayRouteTablesInput struct { DryRun *bool `type:"boolean"` // One or more filters. + // + // * local-gateway-id - The ID of a local gateway. + // + // * local-gateway-route-table-id - The ID of a local gateway route table. + // + // * outpost-arn - The Amazon Resource Name (ARN) of the Outpost. + // + // * state - The state of the local gateway route table. Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` // The IDs of the local gateway route tables. @@ -61771,6 +61838,13 @@ type DescribeLocalGatewayVirtualInterfaceGroupsInput struct { DryRun *bool `type:"boolean"` // One or more filters. + // + // * local-gateway-id - The ID of a local gateway. + // + // * local-gateway-virtual-interface-id - The ID of the virtual interface. + // + // * local-gateway-virtual-interface-group-id - The ID of the virtual interface + // group. Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` // The IDs of the virtual interface groups. @@ -61991,7 +62065,21 @@ type DescribeLocalGatewaysInput struct { // One or more filters. Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` - // The IDs of the local gateways. + // One or more filters. + // + // * local-gateway-id - The ID of a local gateway. + // + // * local-gateway-route-table-id - The ID of the local gateway route table. + // + // * local-gateway-route-table-virtual-interface-group-association-id - The + // ID of the association. + // + // * local-gateway-route-table-virtual-interface-group-id - The ID of the + // virtual interface group. + // + // * outpost-arn - The Amazon Resource Name (ARN) of the Outpost. + // + // * state - The state of the association. LocalGatewayIds []*string `locationName:"LocalGatewayId" locationNameList:"item" type:"list"` // The maximum number of results to return with a single call. To retrieve the @@ -107275,6 +107363,70 @@ func (s *VCpuInfo) SetValidThreadsPerCore(v []*int64) *VCpuInfo { return s } +// The error code and error message that is returned for a parameter or parameter +// combination that is not valid when a new launch template or new version of +// a launch template is created. +type ValidationError struct { + _ struct{} `type:"structure"` + + // The error code that indicates why the parameter or parameter combination + // is not valid. For more information about error codes, see Error Codes (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/errors-overview.html.html). + Code *string `locationName:"code" type:"string"` + + // The error message that describes why the parameter or parameter combination + // is not valid. For more information about error messages, see Error Codes + // (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/errors-overview.html.html). + Message *string `locationName:"message" type:"string"` +} + +// String returns the string representation +func (s ValidationError) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ValidationError) GoString() string { + return s.String() +} + +// SetCode sets the Code field's value. +func (s *ValidationError) SetCode(v string) *ValidationError { + s.Code = &v + return s +} + +// SetMessage sets the Message field's value. +func (s *ValidationError) SetMessage(v string) *ValidationError { + s.Message = &v + return s +} + +// The error codes and error messages that are returned for the parameters or +// parameter combinations that are not valid when a new launch template or new +// version of a launch template is created. +type ValidationWarning struct { + _ struct{} `type:"structure"` + + // The error codes and error messages. + Errors []*ValidationError `locationName:"errorSet" locationNameList:"item" type:"list"` +} + +// String returns the string representation +func (s ValidationWarning) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ValidationWarning) GoString() string { + return s.String() +} + +// SetErrors sets the Errors field's value. +func (s *ValidationWarning) SetErrors(v []*ValidationError) *ValidationWarning { + s.Errors = v + return s +} + // Describes telemetry for a VPN tunnel. type VgwTelemetry struct { _ struct{} `type:"structure"` @@ -111329,6 +111481,33 @@ const ( // InstanceTypeInf124xlarge is a InstanceType enum value InstanceTypeInf124xlarge = "inf1.24xlarge" + + // InstanceTypeM6gMetal is a InstanceType enum value + InstanceTypeM6gMetal = "m6g.metal" + + // InstanceTypeM6gMedium is a InstanceType enum value + InstanceTypeM6gMedium = "m6g.medium" + + // InstanceTypeM6gLarge is a InstanceType enum value + InstanceTypeM6gLarge = "m6g.large" + + // InstanceTypeM6gXlarge is a InstanceType enum value + InstanceTypeM6gXlarge = "m6g.xlarge" + + // InstanceTypeM6g2xlarge is a InstanceType enum value + InstanceTypeM6g2xlarge = "m6g.2xlarge" + + // InstanceTypeM6g4xlarge is a InstanceType enum value + InstanceTypeM6g4xlarge = "m6g.4xlarge" + + // InstanceTypeM6g8xlarge is a InstanceType enum value + InstanceTypeM6g8xlarge = "m6g.8xlarge" + + // InstanceTypeM6g12xlarge is a InstanceType enum value + InstanceTypeM6g12xlarge = "m6g.12xlarge" + + // InstanceTypeM6g16xlarge is a InstanceType enum value + InstanceTypeM6g16xlarge = "m6g.16xlarge" ) const ( diff --git a/vendor/github.com/aws/aws-sdk-go/service/elasticache/api.go b/vendor/github.com/aws/aws-sdk-go/service/elasticache/api.go index e1e52e34aed..259ff9518e1 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/elasticache/api.go +++ b/vendor/github.com/aws/aws-sdk-go/service/elasticache/api.go @@ -1089,7 +1089,7 @@ func (c *ElastiCache) CreateGlobalReplicationGroupRequest(input *CreateGlobalRep // reads and disaster recovery across regions. For more information, see Replication // Across Regions Using Global Datastore (/AmazonElastiCache/latest/red-ug/Redis-Global-Clusters.html). // -// * The GlobalReplicationGroupId is the name of the Global Datastore. +// * The GlobalReplicationGroupIdSuffix is the name of the Global Datastore. // // * The PrimaryReplicationGroupId represents the name of the primary cluster // that accepts writes and will replicate updates to the secondary cluster. @@ -1273,7 +1273,7 @@ func (c *ElastiCache) CreateReplicationGroupRequest(input *CreateReplicationGrou // The Global Datastore does not exist // // * ErrCodeInvalidGlobalReplicationGroupStateFault "InvalidGlobalReplicationGroupState" -// The Global Datastore is not available +// The Global Datastore is not available or in primary-only state. // // * ErrCodeInvalidParameterValueException "InvalidParameterValue" // The value for a parameter is invalid. @@ -1476,7 +1476,7 @@ func (c *ElastiCache) DecreaseNodeGroupsInGlobalReplicationGroupRequest(input *D // The Global Datastore does not exist // // * ErrCodeInvalidGlobalReplicationGroupStateFault "InvalidGlobalReplicationGroupState" -// The Global Datastore is not available +// The Global Datastore is not available or in primary-only state. // // * ErrCodeInvalidParameterValueException "InvalidParameterValue" // The value for a parameter is invalid. @@ -2078,8 +2078,6 @@ func (c *ElastiCache) DeleteGlobalReplicationGroupRequest(input *DeleteGlobalRep // immediately begins deleting the selected resources; you cannot cancel or // revert this operation. // -// This operation is valid for Redis only. -// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -2092,7 +2090,7 @@ func (c *ElastiCache) DeleteGlobalReplicationGroupRequest(input *DeleteGlobalRep // The Global Datastore does not exist // // * ErrCodeInvalidGlobalReplicationGroupStateFault "InvalidGlobalReplicationGroupState" -// The Global Datastore is not available +// The Global Datastore is not available or in primary-only state. // // * ErrCodeInvalidParameterValueException "InvalidParameterValue" // The value for a parameter is invalid. @@ -4559,7 +4557,7 @@ func (c *ElastiCache) DisassociateGlobalReplicationGroupRequest(input *Disassoci // The Global Datastore does not exist // // * ErrCodeInvalidGlobalReplicationGroupStateFault "InvalidGlobalReplicationGroupState" -// The Global Datastore is not available +// The Global Datastore is not available or in primary-only state. // // * ErrCodeInvalidParameterValueException "InvalidParameterValue" // The value for a parameter is invalid. @@ -4633,7 +4631,9 @@ func (c *ElastiCache) FailoverGlobalReplicationGroupRequest(input *FailoverGloba // FailoverGlobalReplicationGroup API operation for Amazon ElastiCache. // -// Used to failover the primary region to a selected secondary region. +// Used to failover the primary region to a selected secondary region. The selected +// secondary region will be come primary, and all other clusters will become +// secondary. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -4647,7 +4647,7 @@ func (c *ElastiCache) FailoverGlobalReplicationGroupRequest(input *FailoverGloba // The Global Datastore does not exist // // * ErrCodeInvalidGlobalReplicationGroupStateFault "InvalidGlobalReplicationGroupState" -// The Global Datastore is not available +// The Global Datastore is not available or in primary-only state. // // * ErrCodeInvalidParameterValueException "InvalidParameterValue" // The value for a parameter is invalid. @@ -4735,7 +4735,7 @@ func (c *ElastiCache) IncreaseNodeGroupsInGlobalReplicationGroupRequest(input *I // The Global Datastore does not exist // // * ErrCodeInvalidGlobalReplicationGroupStateFault "InvalidGlobalReplicationGroupState" -// The Global Datastore is not available +// The Global Datastore is not available or in primary-only state. // // * ErrCodeInvalidParameterValueException "InvalidParameterValue" // The value for a parameter is invalid. @@ -5258,7 +5258,7 @@ func (c *ElastiCache) ModifyCacheParameterGroupRequest(input *ModifyCacheParamet // Two or more incompatible parameters were specified. // // * ErrCodeInvalidGlobalReplicationGroupStateFault "InvalidGlobalReplicationGroupState" -// The Global Datastore is not available +// The Global Datastore is not available or in primary-only state. // // See also, https://docs.aws.amazon.com/goto/WebAPI/elasticache-2015-02-02/ModifyCacheParameterGroup func (c *ElastiCache) ModifyCacheParameterGroup(input *ModifyCacheParameterGroupInput) (*CacheParameterGroupNameMessage, error) { @@ -5430,7 +5430,7 @@ func (c *ElastiCache) ModifyGlobalReplicationGroupRequest(input *ModifyGlobalRep // The Global Datastore does not exist // // * ErrCodeInvalidGlobalReplicationGroupStateFault "InvalidGlobalReplicationGroupState" -// The Global Datastore is not available +// The Global Datastore is not available or in primary-only state. // // * ErrCodeInvalidParameterValueException "InvalidParameterValue" // The value for a parameter is invalid. @@ -5503,10 +5503,6 @@ func (c *ElastiCache) ModifyReplicationGroupRequest(input *ModifyReplicationGrou // // Modifies the settings for a replication group. // -// For Redis (cluster mode enabled) clusters, this operation cannot be used -// to change a cluster's node type or engine version. For more information, -// see: -// // * Scaling for Amazon ElastiCache for Redis (cluster mode enabled) (https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/scaling-redis-cluster-mode-enabled.html) // in the ElastiCache User Guide // @@ -5841,7 +5837,7 @@ func (c *ElastiCache) RebalanceSlotsInGlobalReplicationGroupRequest(input *Rebal // RebalanceSlotsInGlobalReplicationGroup API operation for Amazon ElastiCache. // -// Redistribute slots to ensure unifirom distribution across existing shards +// Redistribute slots to ensure uniform distribution across existing shards // in the cluster. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -5856,7 +5852,7 @@ func (c *ElastiCache) RebalanceSlotsInGlobalReplicationGroupRequest(input *Rebal // The Global Datastore does not exist // // * ErrCodeInvalidGlobalReplicationGroupStateFault "InvalidGlobalReplicationGroupState" -// The Global Datastore is not available +// The Global Datastore is not available or in primary-only state. // // * ErrCodeInvalidParameterValueException "InvalidParameterValue" // The value for a parameter is invalid. @@ -6141,7 +6137,7 @@ func (c *ElastiCache) ResetCacheParameterGroupRequest(input *ResetCacheParameter // Two or more incompatible parameters were specified. // // * ErrCodeInvalidGlobalReplicationGroupStateFault "InvalidGlobalReplicationGroupState" -// The Global Datastore is not available +// The Global Datastore is not available or in primary-only state. // // See also, https://docs.aws.amazon.com/goto/WebAPI/elasticache-2015-02-02/ResetCacheParameterGroup func (c *ElastiCache) ResetCacheParameterGroup(input *ResetCacheParameterGroupInput) (*CacheParameterGroupNameMessage, error) { @@ -8858,8 +8854,8 @@ type CreateGlobalReplicationGroupInput struct { // Provides details of the Global Datastore GlobalReplicationGroupDescription *string `type:"string"` - // The suffix for name of a Global Datastore. The suffix guarantees uniqueness - // of the Global Datastore name across multiple regions. + // The suffix name of a Global Datastore. The suffix guarantees uniqueness of + // the Global Datastore name across multiple regions. // // GlobalReplicationGroupIdSuffix is a required field GlobalReplicationGroupIdSuffix *string `type:"string" required:"true"` @@ -8923,8 +8919,8 @@ type CreateGlobalReplicationGroupOutput struct { // only reads. The primary cluster automatically replicates updates to the secondary // cluster. // - // * The GlobalReplicationGroupId represents the name of the Global Datastore, - // which is what you use to associate a secondary cluster. + // * The GlobalReplicationGroupIdSuffix represents the name of the Global + // Datastore, which is what you use to associate a secondary cluster. GlobalReplicationGroup *GlobalReplicationGroup `type:"structure"` } @@ -9099,10 +9095,10 @@ type CreateReplicationGroupInput struct { // // If you're creating a Redis (cluster mode disabled) or a Redis (cluster mode // enabled) replication group, you can use this parameter to individually configure - // each node group (shard), or you can omit this parameter. However, when seeding - // a Redis (cluster mode enabled) cluster from a S3 rdb file, you must configure - // each node group (shard) using this parameter because you must specify the - // slots for each node group. + // each node group (shard), or you can omit this parameter. However, it is required + // when seeding a Redis (cluster mode enabled) cluster from a S3 rdb file. You + // must configure each node group (shard) using this parameter because you must + // specify the slots for each node group. NodeGroupConfiguration []*NodeGroupConfiguration `locationNameList:"NodeGroupConfiguration" type:"list"` // The Amazon Resource Name (ARN) of the Amazon Simple Notification Service @@ -9740,8 +9736,8 @@ type DecreaseNodeGroupsInGlobalReplicationGroupOutput struct { // only reads. The primary cluster automatically replicates updates to the secondary // cluster. // - // * The GlobalReplicationGroupId represents the name of the Global Datastore, - // which is what you use to associate a secondary cluster. + // * The GlobalReplicationGroupIdSuffix represents the name of the Global + // Datastore, which is what you use to associate a secondary cluster. GlobalReplicationGroup *GlobalReplicationGroup `type:"structure"` } @@ -10136,8 +10132,7 @@ type DeleteGlobalReplicationGroupInput struct { // GlobalReplicationGroupId is a required field GlobalReplicationGroupId *string `type:"string" required:"true"` - // If set to true, the primary replication is retained as a standalone replication - // group. + // The primary replication group is retained as a standalone replication group. // // RetainPrimaryReplicationGroup is a required field RetainPrimaryReplicationGroup *bool `type:"boolean" required:"true"` @@ -10189,8 +10184,8 @@ type DeleteGlobalReplicationGroupOutput struct { // only reads. The primary cluster automatically replicates updates to the secondary // cluster. // - // * The GlobalReplicationGroupId represents the name of the Global Datastore, - // which is what you use to associate a secondary cluster. + // * The GlobalReplicationGroupIdSuffix represents the name of the Global + // Datastore, which is what you use to associate a secondary cluster. GlobalReplicationGroup *GlobalReplicationGroup `type:"structure"` } @@ -12127,8 +12122,8 @@ type DisassociateGlobalReplicationGroupOutput struct { // only reads. The primary cluster automatically replicates updates to the secondary // cluster. // - // * The GlobalReplicationGroupId represents the name of the Global Datastore, - // which is what you use to associate a secondary cluster. + // * The GlobalReplicationGroupIdSuffix represents the name of the Global + // Datastore, which is what you use to associate a secondary cluster. GlobalReplicationGroup *GlobalReplicationGroup `type:"structure"` } @@ -12409,8 +12404,8 @@ type FailoverGlobalReplicationGroupOutput struct { // only reads. The primary cluster automatically replicates updates to the secondary // cluster. // - // * The GlobalReplicationGroupId represents the name of the Global Datastore, - // which is what you use to associate a secondary cluster. + // * The GlobalReplicationGroupIdSuffix represents the name of the Global + // Datastore, which is what you use to associate a secondary cluster. GlobalReplicationGroup *GlobalReplicationGroup `type:"structure"` } @@ -12468,8 +12463,8 @@ func (s *GlobalNodeGroup) SetSlots(v string) *GlobalNodeGroup { // only reads. The primary cluster automatically replicates updates to the secondary // cluster. // -// * The GlobalReplicationGroupId represents the name of the Global Datastore, -// which is what you use to associate a secondary cluster. +// * The GlobalReplicationGroupIdSuffix represents the name of the Global +// Datastore, which is what you use to associate a secondary cluster. type GlobalReplicationGroup struct { _ struct{} `type:"structure"` @@ -12495,7 +12490,7 @@ type GlobalReplicationGroup struct { // A flag that indicates whether the Global Datastore is cluster enabled. ClusterEnabled *bool `type:"boolean"` - // The Elasticache engine. For preview, it is Redis only. + // The Elasticache engine. For Redis only. Engine *string `type:"string"` // The Elasticache Redis engine version. For preview, it is Redis version 5.0.5 @@ -12797,8 +12792,8 @@ type IncreaseNodeGroupsInGlobalReplicationGroupOutput struct { // only reads. The primary cluster automatically replicates updates to the secondary // cluster. // - // * The GlobalReplicationGroupId represents the name of the Global Datastore, - // which is what you use to associate a secondary cluster. + // * The GlobalReplicationGroupIdSuffix represents the name of the Global + // Datastore, which is what you use to associate a secondary cluster. GlobalReplicationGroup *GlobalReplicationGroup `type:"structure"` } @@ -13603,12 +13598,9 @@ func (s *ModifyCacheSubnetGroupOutput) SetCacheSubnetGroup(v *CacheSubnetGroup) type ModifyGlobalReplicationGroupInput struct { _ struct{} `type:"structure"` - // If true, this parameter causes the modifications in this request and any - // pending modifications to be applied, asynchronously and as soon as possible, - // regardless of the PreferredMaintenanceWindow setting for the replication - // group. If false, changes to the nodes in the replication group are applied - // on the next maintenance reboot, or the next failure reboot, whichever occurs - // first. + // This parameter causes the modifications in this request and any pending modifications + // to be applied, asynchronously and as soon as possible. Modifications to Global + // Replication Groups cannot be requested to be applied in PreferredMaintenceWindow. // // ApplyImmediately is a required field ApplyImmediately *bool `type:"boolean" required:"true"` @@ -13703,8 +13695,8 @@ type ModifyGlobalReplicationGroupOutput struct { // only reads. The primary cluster automatically replicates updates to the secondary // cluster. // - // * The GlobalReplicationGroupId represents the name of the Global Datastore, - // which is what you use to associate a secondary cluster. + // * The GlobalReplicationGroupIdSuffix represents the name of the Global + // Datastore, which is what you use to associate a secondary cluster. GlobalReplicationGroup *GlobalReplicationGroup `type:"structure"` } @@ -15078,8 +15070,8 @@ type RebalanceSlotsInGlobalReplicationGroupOutput struct { // only reads. The primary cluster automatically replicates updates to the secondary // cluster. // - // * The GlobalReplicationGroupId represents the name of the Global Datastore, - // which is what you use to associate a secondary cluster. + // * The GlobalReplicationGroupIdSuffix represents the name of the Global + // Datastore, which is what you use to associate a secondary cluster. GlobalReplicationGroup *GlobalReplicationGroup `type:"structure"` } @@ -17365,4 +17357,13 @@ const ( // UpdateActionStatusComplete is a UpdateActionStatus enum value UpdateActionStatusComplete = "complete" + + // UpdateActionStatusScheduling is a UpdateActionStatus enum value + UpdateActionStatusScheduling = "scheduling" + + // UpdateActionStatusScheduled is a UpdateActionStatus enum value + UpdateActionStatusScheduled = "scheduled" + + // UpdateActionStatusNotApplicable is a UpdateActionStatus enum value + UpdateActionStatusNotApplicable = "not-applicable" ) diff --git a/vendor/github.com/aws/aws-sdk-go/service/elasticache/errors.go b/vendor/github.com/aws/aws-sdk-go/service/elasticache/errors.go index e68e0121ffb..4e78aa9320e 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/elasticache/errors.go +++ b/vendor/github.com/aws/aws-sdk-go/service/elasticache/errors.go @@ -165,7 +165,7 @@ const ( // ErrCodeInvalidGlobalReplicationGroupStateFault for service response error code // "InvalidGlobalReplicationGroupState". // - // The Global Datastore is not available + // The Global Datastore is not available or in primary-only state. ErrCodeInvalidGlobalReplicationGroupStateFault = "InvalidGlobalReplicationGroupState" // ErrCodeInvalidKMSKeyFault for service response error code diff --git a/vendor/github.com/aws/aws-sdk-go/service/guardduty/api.go b/vendor/github.com/aws/aws-sdk-go/service/guardduty/api.go index b1e8e563acc..5eb039eeb01 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/guardduty/api.go +++ b/vendor/github.com/aws/aws-sdk-go/service/guardduty/api.go @@ -1646,8 +1646,8 @@ func (c *GuardDuty) DisableOrganizationAdminAccountRequest(input *DisableOrganiz // DisableOrganizationAdminAccount API operation for Amazon GuardDuty. // -// Disables GuardDuty administrator permissions for an AWS account within the -// Organization. +// Disables an AWS account within the Organization as the GuardDuty delegated +// administrator. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -1896,8 +1896,8 @@ func (c *GuardDuty) EnableOrganizationAdminAccountRequest(input *EnableOrganizat // EnableOrganizationAdminAccount API operation for Amazon GuardDuty. // -// Enables GuardDuty administrator permissions for an AWS account within the -// organization. +// Enables an AWS account within the organization as the GuardDuty delegated +// administrator. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -3655,7 +3655,7 @@ func (c *GuardDuty) ListOrganizationAdminAccountsRequest(input *ListOrganization // ListOrganizationAdminAccounts API operation for Amazon GuardDuty. // -// Lists the accounts configured as AWS Organization delegated administrators. +// Lists the accounts configured as GuardDuty delegated administrators. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -5977,6 +5977,8 @@ type CreateFilterInput struct { // // * service.action.networkConnectionAction.protocol // + // * service.action.networkConnectionAction.localIpDetails.ipAddressV4 + // // * service.action.networkConnectionAction.remoteIpDetails.city.cityName // // * service.action.networkConnectionAction.remoteIpDetails.country.countryName @@ -6160,7 +6162,7 @@ type CreateIPSetInput struct { // Format is a required field Format *string `locationName:"format" min:"1" type:"string" required:"true" enum:"IpSetFormat"` - // The URI of the file that contains the IPSet. For example: https://s3.us-west-2.amazonaws.com/my-bucket/my-object-key. + // The URI of the file that contains the IPSet. For example: . // // Location is a required field Location *string `locationName:"location" min:"1" type:"string" required:"true"` @@ -6585,7 +6587,7 @@ type CreateThreatIntelSetInput struct { // Format is a required field Format *string `locationName:"format" min:"1" type:"string" required:"true" enum:"ThreatIntelSetFormat"` - // The URI of the file that contains the ThreatIntelSet. For example: https://s3.us-west-2.amazonaws.com/my-bucket/my-object-key. + // The URI of the file that contains the ThreatIntelSet. For example: . // // Location is a required field Location *string `locationName:"location" min:"1" type:"string" required:"true"` @@ -7579,7 +7581,7 @@ func (s *DestinationProperties) SetKmsKeyArn(v string) *DestinationProperties { type DisableOrganizationAdminAccountInput struct { _ struct{} `type:"structure"` - // The AWS Account ID for the Organizations account to be disabled as a GuardDuty + // The AWS Account ID for the organizations account to be disabled as a GuardDuty // delegated administrator. // // AdminAccountId is a required field @@ -7821,7 +7823,7 @@ func (s *DomainDetails) SetDomain(v string) *DomainDetails { type EnableOrganizationAdminAccountInput struct { _ struct{} `type:"structure"` - // The AWS Account ID for the Organizations account to be enabled as a GuardDuty + // The AWS Account ID for the organization account to be enabled as a GuardDuty // delegated administrator. // // AdminAccountId is a required field @@ -8642,7 +8644,7 @@ type GetIPSetOutput struct { // Format is a required field Format *string `locationName:"format" min:"1" type:"string" required:"true" enum:"IpSetFormat"` - // The URI of the file that contains the IPSet. For example: https://s3.us-west-2.amazonaws.com/my-bucket/my-object-key. + // The URI of the file that contains the IPSet. For example: . // // Location is a required field Location *string `locationName:"location" min:"1" type:"string" required:"true"` @@ -8966,7 +8968,7 @@ type GetThreatIntelSetOutput struct { // Format is a required field Format *string `locationName:"format" min:"1" type:"string" required:"true" enum:"ThreatIntelSetFormat"` - // The URI of the file that contains the ThreatIntelSet. For example: https://s3.us-west-2.amazonaws.com/my-bucket/my-object-key. + // The URI of the file that contains the ThreatIntelSet. For example: . // // Location is a required field Location *string `locationName:"location" min:"1" type:"string" required:"true"` @@ -9630,6 +9632,8 @@ type ListFindingsInput struct { // // * resource.instanceDetails.instanceId // + // * resource.instanceDetails.outpostArn + // // * resource.instanceDetails.networkInterfaces.ipv6Addresses // // * resource.instanceDetails.networkInterfaces.privateIpAddresses.privateIpAddress @@ -9680,6 +9684,8 @@ type ListFindingsInput struct { // // * service.action.networkConnectionAction.protocol // + // * service.action.networkConnectionAction.localIpDetails.ipAddressV4 + // // * service.action.networkConnectionAction.remoteIpDetails.city.cityName // // * service.action.networkConnectionAction.remoteIpDetails.country.countryName @@ -12147,7 +12153,7 @@ type UpdateIPSetInput struct { // IpSetId is a required field IpSetId *string `location:"uri" locationName:"ipSetId" type:"string" required:"true"` - // The updated URI of the file that contains the IPSet. For example: https://s3.us-west-2.amazonaws.com/my-bucket/my-object-key. + // The updated URI of the file that contains the IPSet. For example: . Location *string `locationName:"location" min:"1" type:"string"` // The unique ID that specifies the IPSet that you want to update. @@ -12400,8 +12406,7 @@ type UpdateThreatIntelSetInput struct { // DetectorId is a required field DetectorId *string `location:"uri" locationName:"detectorId" min:"1" type:"string" required:"true"` - // The updated URI of the file that contains the ThreateIntelSet. For example: - // https://s3.us-west-2.amazonaws.com/my-bucket/my-object-key. + // The updated URI of the file that contains the ThreateIntelSet. For example: . Location *string `locationName:"location" min:"1" type:"string"` // The unique ID that specifies the ThreatIntelSet that you want to update. diff --git a/vendor/github.com/aws/aws-sdk-go/service/imagebuilder/api.go b/vendor/github.com/aws/aws-sdk-go/service/imagebuilder/api.go index 10a6d1a9a06..94d810886bf 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/imagebuilder/api.go +++ b/vendor/github.com/aws/aws-sdk-go/service/imagebuilder/api.go @@ -5135,6 +5135,11 @@ type Component struct { // The platform of the component. Platform *string `locationName:"platform" type:"string" enum:"Platform"` + // The operating system (OS) version supported by the component. If the OS information + // is available, a prefix match is performed against the parent image OS version + // during image recipe creation. + SupportedOsVersions []*string `locationName:"supportedOsVersions" min:"1" type:"list"` + // The tags associated with the component. Tags map[string]*string `locationName:"tags" min:"1" type:"map"` @@ -5216,6 +5221,12 @@ func (s *Component) SetPlatform(v string) *Component { return s } +// SetSupportedOsVersions sets the SupportedOsVersions field's value. +func (s *Component) SetSupportedOsVersions(v []*string) *Component { + s.SupportedOsVersions = v + return s +} + // SetTags sets the Tags field's value. func (s *Component) SetTags(v map[string]*string) *Component { s.Tags = v @@ -5298,6 +5309,11 @@ type ComponentSummary struct { // The platform of the component. Platform *string `locationName:"platform" type:"string" enum:"Platform"` + // The operating system (OS) version supported by the component. If the OS information + // is available, a prefix match is performed against the parent image OS version + // during image recipe creation. + SupportedOsVersions []*string `locationName:"supportedOsVersions" min:"1" type:"list"` + // The tags associated with the component. Tags map[string]*string `locationName:"tags" min:"1" type:"map"` @@ -5361,6 +5377,12 @@ func (s *ComponentSummary) SetPlatform(v string) *ComponentSummary { return s } +// SetSupportedOsVersions sets the SupportedOsVersions field's value. +func (s *ComponentSummary) SetSupportedOsVersions(v []*string) *ComponentSummary { + s.SupportedOsVersions = v + return s +} + // SetTags sets the Tags field's value. func (s *ComponentSummary) SetTags(v map[string]*string) *ComponentSummary { s.Tags = v @@ -5401,6 +5423,11 @@ type ComponentVersion struct { // The platform of the component. Platform *string `locationName:"platform" type:"string" enum:"Platform"` + // The operating system (OS) version supported by the component. If the OS information + // is available, a prefix match is performed against the parent image OS version + // during image recipe creation. + SupportedOsVersions []*string `locationName:"supportedOsVersions" min:"1" type:"list"` + // The type of the component denotes whether the component is used to build // the image or only to test it. Type *string `locationName:"type" type:"string" enum:"ComponentType"` @@ -5455,6 +5482,12 @@ func (s *ComponentVersion) SetPlatform(v string) *ComponentVersion { return s } +// SetSupportedOsVersions sets the SupportedOsVersions field's value. +func (s *ComponentVersion) SetSupportedOsVersions(v []*string) *ComponentVersion { + s.SupportedOsVersions = v + return s +} + // SetType sets the Type field's value. func (s *ComponentVersion) SetType(v string) *ComponentVersion { s.Type = &v @@ -5505,6 +5538,11 @@ type CreateComponentInput struct { // SemanticVersion is a required field SemanticVersion *string `locationName:"semanticVersion" type:"string" required:"true"` + // The operating system (OS) version supported by the component. If the OS information + // is available, a prefix match is performed against the parent image OS version + // during image recipe creation. + SupportedOsVersions []*string `locationName:"supportedOsVersions" min:"1" type:"list"` + // The tags of the component. Tags map[string]*string `locationName:"tags" min:"1" type:"map"` @@ -5552,6 +5590,9 @@ func (s *CreateComponentInput) Validate() error { if s.SemanticVersion == nil { invalidParams.Add(request.NewErrParamRequired("SemanticVersion")) } + if s.SupportedOsVersions != nil && len(s.SupportedOsVersions) < 1 { + invalidParams.Add(request.NewErrParamMinLen("SupportedOsVersions", 1)) + } if s.Tags != nil && len(s.Tags) < 1 { invalidParams.Add(request.NewErrParamMinLen("Tags", 1)) } @@ -5610,6 +5651,12 @@ func (s *CreateComponentInput) SetSemanticVersion(v string) *CreateComponentInpu return s } +// SetSupportedOsVersions sets the SupportedOsVersions field's value. +func (s *CreateComponentInput) SetSupportedOsVersions(v []*string) *CreateComponentInput { + s.SupportedOsVersions = v + return s +} + // SetTags sets the Tags field's value. func (s *CreateComponentInput) SetTags(v map[string]*string) *CreateComponentInput { s.Tags = v diff --git a/vendor/github.com/aws/aws-sdk-go/service/lightsail/api.go b/vendor/github.com/aws/aws-sdk-go/service/lightsail/api.go index 1aacad6e2d3..320025d3071 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/lightsail/api.go +++ b/vendor/github.com/aws/aws-sdk-go/service/lightsail/api.go @@ -599,11 +599,11 @@ func (c *Lightsail) CloseInstancePublicPortsRequest(input *CloseInstancePublicPo // CloseInstancePublicPorts API operation for Amazon Lightsail. // -// Closes the public ports on a specific Amazon Lightsail instance. +// Closes ports for a specific Amazon Lightsail instance. // -// The close instance public ports operation supports tag-based access control -// via resource tags applied to the resource identified by instance name. For -// more information, see the Lightsail Dev Guide (https://lightsail.aws.amazon.com/ls/docs/en/articles/amazon-lightsail-controlling-access-using-tags). +// The CloseInstancePublicPorts action supports tag-based access control via +// resource tags applied to the resource identified by instanceName. For more +// information, see the Lightsail Dev Guide (https://lightsail.aws.amazon.com/ls/docs/en/articles/amazon-lightsail-controlling-access-using-tags). // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -6762,7 +6762,9 @@ func (c *Lightsail) GetInstancePortStatesRequest(input *GetInstancePortStatesInp // GetInstancePortStates API operation for Amazon Lightsail. // -// Returns the port states for a specific virtual private server, or instance. +// Returns the firewall port states for a specific Amazon Lightsail instance, +// the IP addresses allowed to connect to the instance through the ports, and +// the protocol. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -10020,11 +10022,12 @@ func (c *Lightsail) OpenInstancePublicPortsRequest(input *OpenInstancePublicPort // OpenInstancePublicPorts API operation for Amazon Lightsail. // -// Adds public ports to an Amazon Lightsail instance. +// Opens ports for a specific Amazon Lightsail instance, and specifies the IP +// addresses allowed to connect to the instance through the ports, and the protocol. // -// The open instance public ports operation supports tag-based access control -// via resource tags applied to the resource identified by instance name. For -// more information, see the Lightsail Dev Guide (https://lightsail.aws.amazon.com/ls/docs/en/articles/amazon-lightsail-controlling-access-using-tags). +// The OpenInstancePublicPorts action supports tag-based access control via +// resource tags applied to the resource identified by instanceName. For more +// information, see the Lightsail Dev Guide (https://lightsail.aws.amazon.com/ls/docs/en/articles/amazon-lightsail-controlling-access-using-tags). // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -10345,12 +10348,16 @@ func (c *Lightsail) PutInstancePublicPortsRequest(input *PutInstancePublicPortsI // PutInstancePublicPorts API operation for Amazon Lightsail. // -// Sets the specified open ports for an Amazon Lightsail instance, and closes -// all ports for every protocol not included in the current request. +// Opens ports for a specific Amazon Lightsail instance, and specifies the IP +// addresses allowed to connect to the instance through the ports, and the protocol. +// This action also closes all currently open ports that are not included in +// the request. Include all of the ports and the protocols you want to open +// in your PutInstancePublicPortsrequest. Or use the OpenInstancePublicPorts +// action to open ports without closing currently open ports. // -// The put instance public ports operation supports tag-based access control -// via resource tags applied to the resource identified by instance name. For -// more information, see the Lightsail Dev Guide (https://lightsail.aws.amazon.com/ls/docs/en/articles/amazon-lightsail-controlling-access-using-tags). +// The PutInstancePublicPorts action supports tag-based access control via resource +// tags applied to the resource identified by instanceName. For more information, +// see the Lightsail Dev Guide (https://lightsail.aws.amazon.com/ls/docs/en/articles/amazon-lightsail-controlling-access-using-tags). // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -10774,8 +10781,8 @@ func (c *Lightsail) SendContactMethodVerificationRequest(input *SendContactMetho // SendContactMethodVerification API operation for Amazon Lightsail. // -// Sends a verification request to an email contact method to ensure it’s -// owned by the requester. SMS contact methods don’t need to be verified. +// Sends a verification request to an email contact method to ensure it's owned +// by the requester. SMS contact methods don't need to be verified. // // A contact method is used to send you notifications about your Amazon Lightsail // resources. You can add one email address and one mobile phone number contact @@ -12459,35 +12466,35 @@ type Alarm struct { // // An alarm has the following possible states: // - // * ALARM — The metric is outside of the defined threshold. + // * ALARM - The metric is outside of the defined threshold. // - // * INSUFFICIENT_DATA — The alarm has just started, the metric is not - // available, or not enough data is available for the metric to determine - // the alarm state. + // * INSUFFICIENT_DATA - The alarm has just started, the metric is not available, + // or not enough data is available for the metric to determine the alarm + // state. // - // * OK — The metric is within the defined threshold. + // * OK - The metric is within the defined threshold. State *string `locationName:"state" type:"string" enum:"AlarmState"` // The statistic for the metric associated with the alarm. // // The following statistics are available: // - // * Minimum — The lowest value observed during the specified period. Use + // * Minimum - The lowest value observed during the specified period. Use // this value to determine low volumes of activity for your application. // - // * Maximum — The highest value observed during the specified period. - // Use this value to determine high volumes of activity for your application. + // * Maximum - The highest value observed during the specified period. Use + // this value to determine high volumes of activity for your application. // - // * Sum — All values submitted for the matching metric added together. - // You can use this statistic to determine the total volume of a metric. + // * Sum - All values submitted for the matching metric added together. You + // can use this statistic to determine the total volume of a metric. // - // * Average — The value of Sum / SampleCount during the specified period. + // * Average - The value of Sum / SampleCount during the specified period. // By comparing this statistic with the Minimum and Maximum values, you can // determine the full scope of a metric and how close the average use is // to the Minimum and Maximum values. This comparison helps you to know when // to increase or decrease your resources. // - // * SampleCount — The count, or number, of data points used for the statistical + // * SampleCount - The count, or number, of data points used for the statistical // calculation. Statistic *string `locationName:"statistic" type:"string" enum:"MetricStatistic"` @@ -12503,16 +12510,16 @@ type Alarm struct { // // An alarm can treat missing data in the following ways: // - // * breaching — Assume the missing data is not within the threshold. Missing + // * breaching - Assume the missing data is not within the threshold. Missing // data counts towards the number of times the metric is not within the threshold. // - // * notBreaching — Assume the missing data is within the threshold. Missing + // * notBreaching - Assume the missing data is within the threshold. Missing // data does not count towards the number of times the metric is not within // the threshold. // - // * ignore — Ignore the missing data. Maintains the current alarm state. + // * ignore - Ignore the missing data. Maintains the current alarm state. // - // * missing — Missing data is treated as missing. + // * missing - Missing data is treated as missing. TreatMissingData *string `locationName:"treatMissingData" type:"string" enum:"TreatMissingData"` // The unit of the metric associated with the alarm. @@ -12691,7 +12698,7 @@ type AllocateStaticIpOutput struct { _ struct{} `type:"structure"` // An array of objects that describe the result of the action, such as the status - // of the request, the time stamp of the request, and the resources affected + // of the request, the timestamp of the request, and the resources affected // by the request. Operations []*Operation `locationName:"operations" type:"list"` } @@ -12783,7 +12790,7 @@ type AttachDiskOutput struct { _ struct{} `type:"structure"` // An array of objects that describe the result of the action, such as the status - // of the request, the time stamp of the request, and the resources affected + // of the request, the timestamp of the request, and the resources affected // by the request. Operations []*Operation `locationName:"operations" type:"list"` } @@ -12867,7 +12874,7 @@ type AttachInstancesToLoadBalancerOutput struct { _ struct{} `type:"structure"` // An array of objects that describe the result of the action, such as the status - // of the request, the time stamp of the request, and the resources affected + // of the request, the timestamp of the request, and the resources affected // by the request. Operations []*Operation `locationName:"operations" type:"list"` } @@ -12945,7 +12952,7 @@ type AttachLoadBalancerTlsCertificateOutput struct { _ struct{} `type:"structure"` // An array of objects that describe the result of the action, such as the status - // of the request, the time stamp of the request, and the resources affected + // of the request, the timestamp of the request, and the resources affected // by the request. // // These SSL/TLS certificates are only usable by Lightsail load balancers. You @@ -13025,7 +13032,7 @@ type AttachStaticIpOutput struct { _ struct{} `type:"structure"` // An array of objects that describe the result of the action, such as the status - // of the request, the time stamp of the request, and the resources affected + // of the request, the timestamp of the request, and the resources affected // by the request. Operations []*Operation `locationName:"operations" type:"list"` } @@ -13484,12 +13491,12 @@ func (s *Bundle) SetTransferPerMonthInGb(v int64) *Bundle { type CloseInstancePublicPortsInput struct { _ struct{} `type:"structure"` - // The name of the instance on which you're attempting to close the public ports. + // The name of the instance for which to close ports. // // InstanceName is a required field InstanceName *string `locationName:"instanceName" type:"string" required:"true"` - // Information about the public port you are trying to close. + // An object to describe the ports to close for the specified instance. // // PortInfo is a required field PortInfo *PortInfo `locationName:"portInfo" type:"structure" required:"true"` @@ -13514,6 +13521,11 @@ func (s *CloseInstancePublicPortsInput) Validate() error { if s.PortInfo == nil { invalidParams.Add(request.NewErrParamRequired("PortInfo")) } + if s.PortInfo != nil { + if err := s.PortInfo.Validate(); err != nil { + invalidParams.AddNested("PortInfo", err.(request.ErrInvalidParams)) + } + } if invalidParams.Len() > 0 { return invalidParams @@ -13536,9 +13548,9 @@ func (s *CloseInstancePublicPortsInput) SetPortInfo(v *PortInfo) *CloseInstanceP type CloseInstancePublicPortsOutput struct { _ struct{} `type:"structure"` - // An array of objects that describe the result of the action, such as the status - // of the request, the time stamp of the request, and the resources affected - // by the request. + // An object that describes the result of the action, such as the status of + // the request, the timestamp of the request, and the resources affected by + // the request. Operation *Operation `locationName:"operation" type:"structure"` } @@ -13729,12 +13741,12 @@ type ContactMethod struct { // // A contact method has the following possible status: // - // * PendingVerification — The contact method has not yet been verified, + // * PendingVerification - The contact method has not yet been verified, // and the verification has not yet expired. // - // * Valid — The contact method has been verified. + // * Valid - The contact method has been verified. // - // * InValid — An attempt was made to verify the contact method, but the + // * InValid - An attempt was made to verify the contact method, but the // verification has expired. Status *string `locationName:"status" type:"string" enum:"ContactMethodStatus"` @@ -13933,7 +13945,7 @@ type CopySnapshotOutput struct { _ struct{} `type:"structure"` // An array of objects that describe the result of the action, such as the status - // of the request, the time stamp of the request, and the resources affected + // of the request, the timestamp of the request, and the resources affected // by the request. Operations []*Operation `locationName:"operations" type:"list"` } @@ -14009,7 +14021,7 @@ type CreateCloudFormationStackOutput struct { _ struct{} `type:"structure"` // An array of objects that describe the result of the action, such as the status - // of the request, the time stamp of the request, and the resources affected + // of the request, the timestamp of the request, and the resources affected // by the request. Operations []*Operation `locationName:"operations" type:"list"` } @@ -14041,7 +14053,7 @@ type CreateContactMethodInput struct { // Phone numbers that follow this format can have a maximum of 15 digits, and // they are prefixed with the plus character (+) and the country code. For example, // a U.S. phone number in E.164 format would be specified as +1XXX5550100. For - // more information, see E.164 (https://en.wikipedia.org/wiki/E.164) in Wikipedia. + // more information, see E.164 (https://en.wikipedia.org/wiki/E.164) on Wikipedia. // // ContactEndpoint is a required field ContactEndpoint *string `locationName:"contactEndpoint" min:"1" type:"string" required:"true"` @@ -14119,7 +14131,7 @@ type CreateContactMethodOutput struct { _ struct{} `type:"structure"` // An array of objects that describe the result of the action, such as the status - // of the request, the time stamp of the request, and the resources affected + // of the request, the timestamp of the request, and the resources affected // by the request. Operations []*Operation `locationName:"operations" type:"list"` } @@ -14320,7 +14332,7 @@ type CreateDiskFromSnapshotOutput struct { _ struct{} `type:"structure"` // An array of objects that describe the result of the action, such as the status - // of the request, the time stamp of the request, and the resources affected + // of the request, the timestamp of the request, and the resources affected // by the request. Operations []*Operation `locationName:"operations" type:"list"` } @@ -14446,7 +14458,7 @@ type CreateDiskOutput struct { _ struct{} `type:"structure"` // An array of objects that describe the result of the action, such as the status - // of the request, the time stamp of the request, and the resources affected + // of the request, the timestamp of the request, and the resources affected // by the request. Operations []*Operation `locationName:"operations" type:"list"` } @@ -14546,7 +14558,7 @@ type CreateDiskSnapshotOutput struct { _ struct{} `type:"structure"` // An array of objects that describe the result of the action, such as the status - // of the request, the time stamp of the request, and the resources affected + // of the request, the timestamp of the request, and the resources affected // by the request. Operations []*Operation `locationName:"operations" type:"list"` } @@ -14625,7 +14637,7 @@ type CreateDomainEntryOutput struct { _ struct{} `type:"structure"` // An array of objects that describe the result of the action, such as the status - // of the request, the time stamp of the request, and the resources affected + // of the request, the timestamp of the request, and the resources affected // by the request. Operation *Operation `locationName:"operation" type:"structure"` } @@ -14704,7 +14716,7 @@ type CreateDomainOutput struct { _ struct{} `type:"structure"` // An array of objects that describe the result of the action, such as the status - // of the request, the time stamp of the request, and the resources affected + // of the request, the timestamp of the request, and the resources affected // by the request. Operation *Operation `locationName:"operation" type:"structure"` } @@ -14792,7 +14804,7 @@ type CreateInstanceSnapshotOutput struct { _ struct{} `type:"structure"` // An array of objects that describe the result of the action, such as the status - // of the request, the time stamp of the request, and the resources affected + // of the request, the timestamp of the request, and the resources affected // by the request. Operations []*Operation `locationName:"operations" type:"list"` } @@ -15028,7 +15040,7 @@ type CreateInstancesFromSnapshotOutput struct { _ struct{} `type:"structure"` // An array of objects that describe the result of the action, such as the status - // of the request, the time stamp of the request, and the resources affected + // of the request, the timestamp of the request, and the resources affected // by the request. Operations []*Operation `locationName:"operations" type:"list"` } @@ -15214,7 +15226,7 @@ type CreateInstancesOutput struct { _ struct{} `type:"structure"` // An array of objects that describe the result of the action, such as the status - // of the request, the time stamp of the request, and the resources affected + // of the request, the timestamp of the request, and the resources affected // by the request. Operations []*Operation `locationName:"operations" type:"list"` } @@ -15292,7 +15304,7 @@ type CreateKeyPairOutput struct { KeyPair *KeyPair `locationName:"keyPair" type:"structure"` // An array of objects that describe the result of the action, such as the status - // of the request, the time stamp of the request, and the resources affected + // of the request, the timestamp of the request, and the resources affected // by the request. Operation *Operation `locationName:"operation" type:"structure"` @@ -15397,6 +15409,9 @@ func (s *CreateLoadBalancerInput) Validate() error { if s.InstancePort == nil { invalidParams.Add(request.NewErrParamRequired("InstancePort")) } + if s.InstancePort != nil && *s.InstancePort < -1 { + invalidParams.Add(request.NewErrParamMinValue("InstancePort", -1)) + } if s.LoadBalancerName == nil { invalidParams.Add(request.NewErrParamRequired("LoadBalancerName")) } @@ -15453,7 +15468,7 @@ type CreateLoadBalancerOutput struct { _ struct{} `type:"structure"` // An array of objects that describe the result of the action, such as the status - // of the request, the time stamp of the request, and the resources affected + // of the request, the timestamp of the request, and the resources affected // by the request. Operations []*Operation `locationName:"operations" type:"list"` } @@ -15572,7 +15587,7 @@ type CreateLoadBalancerTlsCertificateOutput struct { _ struct{} `type:"structure"` // An array of objects that describe the result of the action, such as the status - // of the request, the time stamp of the request, and the resources affected + // of the request, the timestamp of the request, and the resources affected // by the request. Operations []*Operation `locationName:"operations" type:"list"` } @@ -15747,7 +15762,7 @@ type CreateRelationalDatabaseFromSnapshotOutput struct { _ struct{} `type:"structure"` // An array of objects that describe the result of the action, such as the status - // of the request, the time stamp of the request, and the resources affected + // of the request, the timestamp of the request, and the resources affected // by the request. Operations []*Operation `locationName:"operations" type:"list"` } @@ -15999,7 +16014,7 @@ type CreateRelationalDatabaseOutput struct { _ struct{} `type:"structure"` // An array of objects that describe the result of the action, such as the status - // of the request, the time stamp of the request, and the resources affected + // of the request, the timestamp of the request, and the resources affected // by the request. Operations []*Operation `locationName:"operations" type:"list"` } @@ -16093,7 +16108,7 @@ type CreateRelationalDatabaseSnapshotOutput struct { _ struct{} `type:"structure"` // An array of objects that describe the result of the action, such as the status - // of the request, the time stamp of the request, and the resources affected + // of the request, the timestamp of the request, and the resources affected // by the request. Operations []*Operation `locationName:"operations" type:"list"` } @@ -16156,7 +16171,7 @@ type DeleteAlarmOutput struct { _ struct{} `type:"structure"` // An array of objects that describe the result of the action, such as the status - // of the request, the time stamp of the request, and the resources affected + // of the request, the timestamp of the request, and the resources affected // by the request. Operations []*Operation `locationName:"operations" type:"list"` } @@ -16236,7 +16251,7 @@ type DeleteAutoSnapshotOutput struct { _ struct{} `type:"structure"` // An array of objects that describe the result of the action, such as the status - // of the request, the time stamp of the request, and the resources affected + // of the request, the timestamp of the request, and the resources affected // by the request. Operations []*Operation `locationName:"operations" type:"list"` } @@ -16302,7 +16317,7 @@ type DeleteContactMethodOutput struct { _ struct{} `type:"structure"` // An array of objects that describe the result of the action, such as the status - // of the request, the time stamp of the request, and the resources affected + // of the request, the timestamp of the request, and the resources affected // by the request. Operations []*Operation `locationName:"operations" type:"list"` } @@ -16375,7 +16390,7 @@ type DeleteDiskOutput struct { _ struct{} `type:"structure"` // An array of objects that describe the result of the action, such as the status - // of the request, the time stamp of the request, and the resources affected + // of the request, the timestamp of the request, and the resources affected // by the request. Operations []*Operation `locationName:"operations" type:"list"` } @@ -16438,7 +16453,7 @@ type DeleteDiskSnapshotOutput struct { _ struct{} `type:"structure"` // An array of objects that describe the result of the action, such as the status - // of the request, the time stamp of the request, and the resources affected + // of the request, the timestamp of the request, and the resources affected // by the request. Operations []*Operation `locationName:"operations" type:"list"` } @@ -16515,7 +16530,7 @@ type DeleteDomainEntryOutput struct { _ struct{} `type:"structure"` // An array of objects that describe the result of the action, such as the status - // of the request, the time stamp of the request, and the resources affected + // of the request, the timestamp of the request, and the resources affected // by the request. Operation *Operation `locationName:"operation" type:"structure"` } @@ -16578,7 +16593,7 @@ type DeleteDomainOutput struct { _ struct{} `type:"structure"` // An array of objects that describe the result of the action, such as the status - // of the request, the time stamp of the request, and the resources affected + // of the request, the timestamp of the request, and the resources affected // by the request. Operation *Operation `locationName:"operation" type:"structure"` } @@ -16651,7 +16666,7 @@ type DeleteInstanceOutput struct { _ struct{} `type:"structure"` // An array of objects that describe the result of the action, such as the status - // of the request, the time stamp of the request, and the resources affected + // of the request, the timestamp of the request, and the resources affected // by the request. Operations []*Operation `locationName:"operations" type:"list"` } @@ -16714,7 +16729,7 @@ type DeleteInstanceSnapshotOutput struct { _ struct{} `type:"structure"` // An array of objects that describe the result of the action, such as the status - // of the request, the time stamp of the request, and the resources affected + // of the request, the timestamp of the request, and the resources affected // by the request. Operations []*Operation `locationName:"operations" type:"list"` } @@ -16777,7 +16792,7 @@ type DeleteKeyPairOutput struct { _ struct{} `type:"structure"` // An array of objects that describe the result of the action, such as the status - // of the request, the time stamp of the request, and the resources affected + // of the request, the timestamp of the request, and the resources affected // by the request. Operation *Operation `locationName:"operation" type:"structure"` } @@ -16840,7 +16855,7 @@ type DeleteKnownHostKeysOutput struct { _ struct{} `type:"structure"` // An array of objects that describe the result of the action, such as the status - // of the request, the time stamp of the request, and the resources affected + // of the request, the timestamp of the request, and the resources affected // by the request. Operations []*Operation `locationName:"operations" type:"list"` } @@ -16903,7 +16918,7 @@ type DeleteLoadBalancerOutput struct { _ struct{} `type:"structure"` // An array of objects that describe the result of the action, such as the status - // of the request, the time stamp of the request, and the resources affected + // of the request, the timestamp of the request, and the resources affected // by the request. Operations []*Operation `locationName:"operations" type:"list"` } @@ -16993,7 +17008,7 @@ type DeleteLoadBalancerTlsCertificateOutput struct { _ struct{} `type:"structure"` // An array of objects that describe the result of the action, such as the status - // of the request, the time stamp of the request, and the resources affected + // of the request, the timestamp of the request, and the resources affected // by the request. Operations []*Operation `locationName:"operations" type:"list"` } @@ -17091,7 +17106,7 @@ type DeleteRelationalDatabaseOutput struct { _ struct{} `type:"structure"` // An array of objects that describe the result of the action, such as the status - // of the request, the time stamp of the request, and the resources affected + // of the request, the timestamp of the request, and the resources affected // by the request. Operations []*Operation `locationName:"operations" type:"list"` } @@ -17154,7 +17169,7 @@ type DeleteRelationalDatabaseSnapshotOutput struct { _ struct{} `type:"structure"` // An array of objects that describe the result of the action, such as the status - // of the request, the time stamp of the request, and the resources affected + // of the request, the timestamp of the request, and the resources affected // by the request. Operations []*Operation `locationName:"operations" type:"list"` } @@ -17251,7 +17266,7 @@ type DetachDiskOutput struct { _ struct{} `type:"structure"` // An array of objects that describe the result of the action, such as the status - // of the request, the time stamp of the request, and the resources affected + // of the request, the timestamp of the request, and the resources affected // by the request. Operations []*Operation `locationName:"operations" type:"list"` } @@ -17329,7 +17344,7 @@ type DetachInstancesFromLoadBalancerOutput struct { _ struct{} `type:"structure"` // An array of objects that describe the result of the action, such as the status - // of the request, the time stamp of the request, and the resources affected + // of the request, the timestamp of the request, and the resources affected // by the request. Operations []*Operation `locationName:"operations" type:"list"` } @@ -17392,7 +17407,7 @@ type DetachStaticIpOutput struct { _ struct{} `type:"structure"` // An array of objects that describe the result of the action, such as the status - // of the request, the time stamp of the request, and the resources affected + // of the request, the timestamp of the request, and the resources affected // by the request. Operations []*Operation `locationName:"operations" type:"list"` } @@ -17469,7 +17484,7 @@ type DisableAddOnOutput struct { _ struct{} `type:"structure"` // An array of objects that describe the result of the action, such as the status - // of the request, the time stamp of the request, and the resources affected + // of the request, the timestamp of the request, and the resources affected // by the request. Operations []*Operation `locationName:"operations" type:"list"` } @@ -18235,7 +18250,7 @@ type EnableAddOnOutput struct { _ struct{} `type:"structure"` // An array of objects that describe the result of the action, such as the status - // of the request, the time stamp of the request, and the resources affected + // of the request, the timestamp of the request, and the resources affected // by the request. Operations []*Operation `locationName:"operations" type:"list"` } @@ -18298,7 +18313,7 @@ type ExportSnapshotOutput struct { _ struct{} `type:"structure"` // An array of objects that describe the result of the action, such as the status - // of the request, the time stamp of the request, and the resources affected + // of the request, the timestamp of the request, and the resources affected // by the request. Operations []*Operation `locationName:"operations" type:"list"` } @@ -19556,44 +19571,43 @@ type GetInstanceMetricDataInput struct { // Valid instance metric names are listed below, along with the most useful // statistics to include in your request, and the published unit value. // - // * CPUUtilization — The percentage of allocated compute units that are + // * CPUUtilization - The percentage of allocated compute units that are // currently in use on the instance. This metric identifies the processing // power to run the applications on the instance. Tools in your operating // system can show a lower percentage than Lightsail when the instance is // not allocated a full processor core. Statistics: The most useful statistics // are Maximum and Average. Unit: The published unit is Percent. // - // * NetworkIn — The number of bytes received on all network interfaces - // by the instance. This metric identifies the volume of incoming network - // traffic to the instance. The number reported is the number of bytes received - // during the period. Because this metric is reported in 5-minute intervals, - // divide the reported number by 300 to find Bytes/second. Statistics: The - // most useful statistic is Sum. Unit: The published unit is Bytes. + // * NetworkIn - The number of bytes received on all network interfaces by + // the instance. This metric identifies the volume of incoming network traffic + // to the instance. The number reported is the number of bytes received during + // the period. Because this metric is reported in 5-minute intervals, divide + // the reported number by 300 to find Bytes/second. Statistics: The most + // useful statistic is Sum. Unit: The published unit is Bytes. // - // * NetworkOut — The number of bytes sent out on all network interfaces + // * NetworkOut - The number of bytes sent out on all network interfaces // by the instance. This metric identifies the volume of outgoing network // traffic from the instance. The number reported is the number of bytes // sent during the period. Because this metric is reported in 5-minute intervals, // divide the reported number by 300 to find Bytes/second. Statistics: The // most useful statistic is Sum. Unit: The published unit is Bytes. // - // * StatusCheckFailed — Reports whether the instance passed or failed - // both the instance status check and the system status check. This metric - // can be either 0 (passed) or 1 (failed). This metric data is available - // in 1-minute (60 seconds) granularity. Statistics: The most useful statistic - // is Sum. Unit: The published unit is Count. + // * StatusCheckFailed - Reports whether the instance passed or failed both + // the instance status check and the system status check. This metric can + // be either 0 (passed) or 1 (failed). This metric data is available in 1-minute + // (60 seconds) granularity. Statistics: The most useful statistic is Sum. + // Unit: The published unit is Count. // - // * StatusCheckFailed_Instance — Reports whether the instance passed or + // * StatusCheckFailed_Instance - Reports whether the instance passed or // failed the instance status check. This metric can be either 0 (passed) // or 1 (failed). This metric data is available in 1-minute (60 seconds) // granularity. Statistics: The most useful statistic is Sum. Unit: The published // unit is Count. // - // * StatusCheckFailed_System — Reports whether the instance passed or - // failed the system status check. This metric can be either 0 (passed) or - // 1 (failed). This metric data is available in 1-minute (60 seconds) granularity. - // Statistics: The most useful statistic is Sum. Unit: The published unit - // is Count. + // * StatusCheckFailed_System - Reports whether the instance passed or failed + // the system status check. This metric can be either 0 (passed) or 1 (failed). + // This metric data is available in 1-minute (60 seconds) granularity. Statistics: + // The most useful statistic is Sum. Unit: The published unit is Count. // // MetricName is a required field MetricName *string `locationName:"metricName" type:"string" required:"true" enum:"InstanceMetricName"` @@ -19616,30 +19630,30 @@ type GetInstanceMetricDataInput struct { // // The following statistics are available: // - // * Minimum — The lowest value observed during the specified period. Use + // * Minimum - The lowest value observed during the specified period. Use // this value to determine low volumes of activity for your application. // - // * Maximum — The highest value observed during the specified period. - // Use this value to determine high volumes of activity for your application. + // * Maximum - The highest value observed during the specified period. Use + // this value to determine high volumes of activity for your application. // - // * Sum — All values submitted for the matching metric added together. - // You can use this statistic to determine the total volume of a metric. + // * Sum - All values submitted for the matching metric added together. You + // can use this statistic to determine the total volume of a metric. // - // * Average — The value of Sum / SampleCount during the specified period. + // * Average - The value of Sum / SampleCount during the specified period. // By comparing this statistic with the Minimum and Maximum values, you can // determine the full scope of a metric and how close the average use is // to the Minimum and Maximum values. This comparison helps you to know when // to increase or decrease your resources. // - // * SampleCount — The count, or number, of data points used for the statistical + // * SampleCount - The count, or number, of data points used for the statistical // calculation. // // Statistics is a required field Statistics []*string `locationName:"statistics" type:"list" required:"true"` // The unit for the metric data request. Valid units depend on the metric data - // being required. For the valid units with each available metric, see the metricName - // parameter. + // being requested. For the valid units to specify with each available metric, + // see the metricName parameter. // // Unit is a required field Unit *string `locationName:"unit" type:"string" required:"true" enum:"MetricUnit"` @@ -19790,7 +19804,7 @@ func (s *GetInstanceOutput) SetInstance(v *Instance) *GetInstanceOutput { type GetInstancePortStatesInput struct { _ struct{} `type:"structure"` - // The name of the instance. + // The name of the instance for which to return firewall port states. // // InstanceName is a required field InstanceName *string `locationName:"instanceName" type:"string" required:"true"` @@ -19828,7 +19842,8 @@ func (s *GetInstancePortStatesInput) SetInstanceName(v string) *GetInstancePortS type GetInstancePortStatesOutput struct { _ struct{} `type:"structure"` - // Information about the port states resulting from your request. + // An array of objects that describe the firewall port states for the specified + // instance. PortStates []*InstancePortState `locationName:"portStates" type:"list"` } @@ -20281,73 +20296,73 @@ type GetLoadBalancerMetricDataInput struct { // Valid load balancer metric names are listed below, along with the most useful // statistics to include in your request, and the published unit value. // - // * ClientTLSNegotiationErrorCount — The number of TLS connections initiated + // * ClientTLSNegotiationErrorCount - The number of TLS connections initiated // by the client that did not establish a session with the load balancer // due to a TLS error generated by the load balancer. Possible causes include // a mismatch of ciphers or protocols. Statistics: The most useful statistic // is Sum. Unit: The published unit is Count. // - // * HealthyHostCount — The number of target instances that are considered + // * HealthyHostCount - The number of target instances that are considered // healthy. Statistics: The most useful statistic are Average, Minimum, and // Maximum. Unit: The published unit is Count. // - // * HTTPCode_Instance_2XX_Count — The number of HTTP 2XX response codes + // * HTTPCode_Instance_2XX_Count - The number of HTTP 2XX response codes // generated by the target instances. This does not include any response // codes generated by the load balancer. Statistics: The most useful statistic // is Sum. Note that Minimum, Maximum, and Average all return 1. Unit: The // published unit is Count. // - // * HTTPCode_Instance_3XX_Count — The number of HTTP 3XX response codes + // * HTTPCode_Instance_3XX_Count - The number of HTTP 3XX response codes // generated by the target instances. This does not include any response // codes generated by the load balancer. Statistics: The most useful statistic // is Sum. Note that Minimum, Maximum, and Average all return 1. Unit: The // published unit is Count. // - // * HTTPCode_Instance_4XX_Count — The number of HTTP 4XX response codes + // * HTTPCode_Instance_4XX_Count - The number of HTTP 4XX response codes // generated by the target instances. This does not include any response // codes generated by the load balancer. Statistics: The most useful statistic // is Sum. Note that Minimum, Maximum, and Average all return 1. Unit: The // published unit is Count. // - // * HTTPCode_Instance_5XX_Count — The number of HTTP 5XX response codes + // * HTTPCode_Instance_5XX_Count - The number of HTTP 5XX response codes // generated by the target instances. This does not include any response // codes generated by the load balancer. Statistics: The most useful statistic // is Sum. Note that Minimum, Maximum, and Average all return 1. Unit: The // published unit is Count. // - // * HTTPCode_LB_4XX_Count — The number of HTTP 4XX client error codes - // that originated from the load balancer. Client errors are generated when - // requests are malformed or incomplete. These requests were not received - // by the target instance. This count does not include response codes generated - // by the target instances. Statistics: The most useful statistic is Sum. - // Note that Minimum, Maximum, and Average all return 1. Unit: The published - // unit is Count. + // * HTTPCode_LB_4XX_Count - The number of HTTP 4XX client error codes that + // originated from the load balancer. Client errors are generated when requests + // are malformed or incomplete. These requests were not received by the target + // instance. This count does not include response codes generated by the + // target instances. Statistics: The most useful statistic is Sum. Note that + // Minimum, Maximum, and Average all return 1. Unit: The published unit is + // Count. // - // * HTTPCode_LB_5XX_Count — The number of HTTP 5XX server error codes - // that originated from the load balancer. This does not include any response + // * HTTPCode_LB_5XX_Count - The number of HTTP 5XX server error codes that + // originated from the load balancer. This does not include any response // codes generated by the target instance. This metric is reported if there // are no healthy instances attached to the load balancer, or if the request // rate exceeds the capacity of the instances (spillover) or the load balancer. // Statistics: The most useful statistic is Sum. Note that Minimum, Maximum, // and Average all return 1. Unit: The published unit is Count. // - // * InstanceResponseTime — The time elapsed, in seconds, after the request + // * InstanceResponseTime - The time elapsed, in seconds, after the request // leaves the load balancer until a response from the target instance is // received. Statistics: The most useful statistic is Average. Unit: The // published unit is Seconds. // - // * RejectedConnectionCount — The number of connections that were rejected + // * RejectedConnectionCount - The number of connections that were rejected // because the load balancer had reached its maximum number of connections. // Statistics: The most useful statistic is Sum. Unit: The published unit // is Count. // - // * RequestCount — The number of requests processed over IPv4. This count + // * RequestCount - The number of requests processed over IPv4. This count // includes only the requests with a response generated by a target instance // of the load balancer. Statistics: The most useful statistic is Sum. Note // that Minimum, Maximum, and Average all return 1. Unit: The published unit // is Count. // - // * UnhealthyHostCount — The number of target instances that are considered + // * UnhealthyHostCount - The number of target instances that are considered // unhealthy. Statistics: The most useful statistic are Average, Minimum, // and Maximum. Unit: The published unit is Count. // @@ -20368,22 +20383,22 @@ type GetLoadBalancerMetricDataInput struct { // // The following statistics are available: // - // * Minimum — The lowest value observed during the specified period. Use + // * Minimum - The lowest value observed during the specified period. Use // this value to determine low volumes of activity for your application. // - // * Maximum — The highest value observed during the specified period. - // Use this value to determine high volumes of activity for your application. + // * Maximum - The highest value observed during the specified period. Use + // this value to determine high volumes of activity for your application. // - // * Sum — All values submitted for the matching metric added together. - // You can use this statistic to determine the total volume of a metric. + // * Sum - All values submitted for the matching metric added together. You + // can use this statistic to determine the total volume of a metric. // - // * Average — The value of Sum / SampleCount during the specified period. + // * Average - The value of Sum / SampleCount during the specified period. // By comparing this statistic with the Minimum and Maximum values, you can // determine the full scope of a metric and how close the average use is // to the Minimum and Maximum values. This comparison helps you to know when // to increase or decrease your resources. // - // * SampleCount — The count, or number, of data points used for the statistical + // * SampleCount - The count, or number, of data points used for the statistical // calculation. // // Statistics is a required field @@ -20765,7 +20780,7 @@ type GetOperationOutput struct { _ struct{} `type:"structure"` // An array of objects that describe the result of the action, such as the status - // of the request, the time stamp of the request, and the resources affected + // of the request, the timestamp of the request, and the resources affected // by the request. Operation *Operation `locationName:"operation" type:"structure"` } @@ -20857,7 +20872,7 @@ type GetOperationsForResourceOutput struct { NextPageToken *string `locationName:"nextPageToken" type:"string"` // An array of objects that describe the result of the action, such as the status - // of the request, the time stamp of the request, and the resources affected + // of the request, the timestamp of the request, and the resources affected // by the request. Operations []*Operation `locationName:"operations" type:"list"` } @@ -20929,7 +20944,7 @@ type GetOperationsOutput struct { NextPageToken *string `locationName:"nextPageToken" type:"string"` // An array of objects that describe the result of the action, such as the status - // of the request, the time stamp of the request, and the resources affected + // of the request, the timestamp of the request, and the resources affected // by the request. Operations []*Operation `locationName:"operations" type:"list"` } @@ -21617,27 +21632,27 @@ type GetRelationalDatabaseMetricDataInput struct { // All relational database metric data is available in 1-minute (60 seconds) // granularity. // - // * CPUUtilization — The percentage of CPU utilization currently in use + // * CPUUtilization - The percentage of CPU utilization currently in use // on the database. Statistics: The most useful statistics are Maximum and // Average. Unit: The published unit is Percent. // - // * DatabaseConnections — The number of database connections in use. Statistics: + // * DatabaseConnections - The number of database connections in use. Statistics: // The most useful statistics are Maximum and Sum. Unit: The published unit // is Count. // - // * DiskQueueDepth — The number of outstanding IOs (read/write requests) + // * DiskQueueDepth - The number of outstanding IOs (read/write requests) // that are waiting to access the disk. Statistics: The most useful statistic // is Sum. Unit: The published unit is Count. // - // * FreeStorageSpace — The amount of available storage space. Statistics: + // * FreeStorageSpace - The amount of available storage space. Statistics: // The most useful statistic is Sum. Unit: The published unit is Bytes. // - // * NetworkReceiveThroughput — The incoming (Receive) network traffic - // on the database, including both customer database traffic and AWS traffic + // * NetworkReceiveThroughput - The incoming (Receive) network traffic on + // the database, including both customer database traffic and AWS traffic // used for monitoring and replication. Statistics: The most useful statistic // is Average. Unit: The published unit is Bytes/Second. // - // * NetworkTransmitThroughput — The outgoing (Transmit) network traffic + // * NetworkTransmitThroughput - The outgoing (Transmit) network traffic // on the database, including both customer database traffic and AWS traffic // used for monitoring and replication. Statistics: The most useful statistic // is Average. Unit: The published unit is Bytes/Second. @@ -21675,22 +21690,22 @@ type GetRelationalDatabaseMetricDataInput struct { // // The following statistics are available: // - // * Minimum — The lowest value observed during the specified period. Use + // * Minimum - The lowest value observed during the specified period. Use // this value to determine low volumes of activity for your application. // - // * Maximum — The highest value observed during the specified period. - // Use this value to determine high volumes of activity for your application. + // * Maximum - The highest value observed during the specified period. Use + // this value to determine high volumes of activity for your application. // - // * Sum — All values submitted for the matching metric added together. - // You can use this statistic to determine the total volume of a metric. + // * Sum - All values submitted for the matching metric added together. You + // can use this statistic to determine the total volume of a metric. // - // * Average — The value of Sum / SampleCount during the specified period. + // * Average - The value of Sum / SampleCount during the specified period. // By comparing this statistic with the Minimum and Maximum values, you can // determine the full scope of a metric and how close the average use is // to the Minimum and Maximum values. This comparison helps you to know when // to increase or decrease your resources. // - // * SampleCount — The count, or number, of data points used for the statistical + // * SampleCount - The count, or number, of data points used for the statistical // calculation. // // Statistics is a required field @@ -22401,7 +22416,7 @@ type ImportKeyPairOutput struct { _ struct{} `type:"structure"` // An array of objects that describe the result of the action, such as the status - // of the request, the time stamp of the request, and the resources affected + // of the request, the timestamp of the request, and the resources affected // by the request. Operation *Operation `locationName:"operation" type:"structure"` } @@ -22763,13 +22778,20 @@ type InstanceEntry struct { // // The following configuration options are available: // - // * DEFAULT — Use the default firewall settings from the image. + // * DEFAULT - Use the default firewall settings from the Lightsail instance + // blueprint. + // + // * INSTANCE - Use the configured firewall settings from the source Lightsail + // instance. // - // * INSTANCE — Use the firewall settings from the source Lightsail instance. + // * NONE - Use the default Amazon EC2 security group. // - // * NONE — Default to Amazon EC2. + // * CLOSED - All ports closed. // - // * CLOSED — All ports closed. + // If you configured lightsail-connect as a cidrListAliases on your instance, + // or if you chose to allow the Lightsail browser-based SSH or RDP clients to + // connect to your instance, that configuration is not carried over to your + // new Amazon EC2 instance. // // PortInfoSource is a required field PortInfoSource *string `locationName:"portInfoSource" type:"string" required:"true" enum:"PortInfoSourceType"` @@ -23019,26 +23041,55 @@ func (s *InstanceNetworking) SetPorts(v []*InstancePortInfo) *InstanceNetworking return s } -// Describes information about the instance ports. +// Describes information about ports for an Amazon Lightsail instance. type InstancePortInfo struct { _ struct{} `type:"structure"` // The access direction (inbound or outbound). + // + // Lightsail currently supports only inbound access direction. AccessDirection *string `locationName:"accessDirection" type:"string" enum:"AccessDirection"` - // The location from which access is allowed (e.g., Anywhere (0.0.0.0/0)). + // The location from which access is allowed. For example, Anywhere (0.0.0.0/0), + // or Custom if a specific IP address or range of IP addresses is allowed. AccessFrom *string `locationName:"accessFrom" type:"string"` // The type of access (Public or Private). AccessType *string `locationName:"accessType" type:"string" enum:"PortAccessType"` - // The common name. + // An alias that defines access for a preconfigured range of IP addresses. + // + // The only alias currently supported is lightsail-connect, which allows IP + // addresses of the browser-based RDP/SSH client in the Lightsail console to + // connect to your instance. + CidrListAliases []*string `locationName:"cidrListAliases" type:"list"` + + // The IP address, or range of IP addresses in CIDR notation, that are allowed + // to connect to an instance through the ports, and the protocol. Lightsail + // supports IPv4 addresses. + // + // For more information about CIDR block notation, see Classless Inter-Domain + // Routing (https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing#CIDR_notation) + // on Wikipedia. + Cidrs []*string `locationName:"cidrs" type:"list"` + + // The common name of the port information. CommonName *string `locationName:"commonName" type:"string"` - // The first port in the range. + // The first port in a range of open ports on an instance. + // + // Allowed ports: + // + // * TCP and UDP - 0 to 65535 + // + // * ICMP - 8 (to configure Ping) Ping is the only communication supported + // through the ICMP protocol in Lightsail. To configure ping, specify the + // fromPort parameter as 8, and the toPort parameter as -1. FromPort *int64 `locationName:"fromPort" type:"integer"` - // The protocol being used. Can be one of the following. + // The IP protocol name. + // + // The name can be one of the following: // // * tcp - Transmission Control Protocol (TCP) provides reliable, ordered, // and error-checked delivery of streamed data between applications running @@ -23056,9 +23107,24 @@ type InstancePortInfo struct { // can use UDP, which provides a connectionless datagram service that emphasizes // reduced latency over reliability. If you do require reliable data stream // service, use TCP instead. + // + // * icmp - Internet Control Message Protocol (ICMP) is used to send error + // messages and operational information indicating success or failure when + // communicating with an instance. For example, an error is indicated when + // an instance could not be reached. Ping is the only communication supported + // through the ICMP protocol in Lightsail. To configure ping, specify the + // fromPort parameter as 8, and the toPort parameter as -1. Protocol *string `locationName:"protocol" type:"string" enum:"NetworkProtocol"` - // The last port in the range. + // The last port in a range of open ports on an instance. + // + // Allowed ports: + // + // * TCP and UDP - 0 to 65535 + // + // * ICMP - -1 (to configure Ping) Ping is the only communication supported + // through the ICMP protocol in Lightsail. To configure ping, specify the + // fromPort parameter as 8, and the toPort parameter as -1. ToPort *int64 `locationName:"toPort" type:"integer"` } @@ -23090,6 +23156,18 @@ func (s *InstancePortInfo) SetAccessType(v string) *InstancePortInfo { return s } +// SetCidrListAliases sets the CidrListAliases field's value. +func (s *InstancePortInfo) SetCidrListAliases(v []*string) *InstancePortInfo { + s.CidrListAliases = v + return s +} + +// SetCidrs sets the Cidrs field's value. +func (s *InstancePortInfo) SetCidrs(v []*string) *InstancePortInfo { + s.Cidrs = v + return s +} + // SetCommonName sets the CommonName field's value. func (s *InstancePortInfo) SetCommonName(v string) *InstancePortInfo { s.CommonName = &v @@ -23114,14 +23192,41 @@ func (s *InstancePortInfo) SetToPort(v int64) *InstancePortInfo { return s } -// Describes the port state. +// Describes open ports on an instance, the IP addresses allowed to connect +// to the instance through the ports, and the protocol. type InstancePortState struct { _ struct{} `type:"structure"` - // The first port in the range. + // An alias that defines access for a preconfigured range of IP addresses. + // + // The only alias currently supported is lightsail-connect, which allows IP + // addresses of the browser-based RDP/SSH client in the Lightsail console to + // connect to your instance. + CidrListAliases []*string `locationName:"cidrListAliases" type:"list"` + + // The IP address, or range of IP addresses in CIDR notation, that are allowed + // to connect to an instance through the ports, and the protocol. Lightsail + // supports IPv4 addresses. + // + // For more information about CIDR block notation, see Classless Inter-Domain + // Routing (https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing#CIDR_notation) + // on Wikipedia. + Cidrs []*string `locationName:"cidrs" type:"list"` + + // The first port in a range of open ports on an instance. + // + // Allowed ports: + // + // * TCP and UDP - 0 to 65535 + // + // * ICMP - 8 (to configure Ping) Ping is the only communication supported + // through the ICMP protocol in Lightsail. To configure ping, specify the + // fromPort parameter as 8, and the toPort parameter as -1. FromPort *int64 `locationName:"fromPort" type:"integer"` - // The protocol being used. Can be one of the following. + // The IP protocol name. + // + // The name can be one of the following: // // * tcp - Transmission Control Protocol (TCP) provides reliable, ordered, // and error-checked delivery of streamed data between applications running @@ -23139,12 +23244,29 @@ type InstancePortState struct { // can use UDP, which provides a connectionless datagram service that emphasizes // reduced latency over reliability. If you do require reliable data stream // service, use TCP instead. + // + // * icmp - Internet Control Message Protocol (ICMP) is used to send error + // messages and operational information indicating success or failure when + // communicating with an instance. For example, an error is indicated when + // an instance could not be reached. Ping is the only communication supported + // through the ICMP protocol in Lightsail. To configure ping, specify the + // fromPort parameter as 8, and the toPort parameter as -1. Protocol *string `locationName:"protocol" type:"string" enum:"NetworkProtocol"` // Specifies whether the instance port is open or closed. + // + // The port state for Lightsail instances is always open. State *string `locationName:"state" type:"string" enum:"PortState"` - // The last port in the range. + // The last port in a range of open ports on an instance. + // + // Allowed ports: + // + // * TCP and UDP - 0 to 65535 + // + // * ICMP - -1 (to configure Ping) Ping is the only communication supported + // through the ICMP protocol in Lightsail. To configure ping, specify the + // fromPort parameter as 8, and the toPort parameter as -1. ToPort *int64 `locationName:"toPort" type:"integer"` } @@ -23158,6 +23280,18 @@ func (s InstancePortState) GoString() string { return s.String() } +// SetCidrListAliases sets the CidrListAliases field's value. +func (s *InstancePortState) SetCidrListAliases(v []*string) *InstancePortState { + s.CidrListAliases = v + return s +} + +// SetCidrs sets the Cidrs field's value. +func (s *InstancePortState) SetCidrs(v []*string) *InstancePortState { + s.Cidrs = v + return s +} + // SetFromPort sets the FromPort field's value. func (s *InstancePortState) SetFromPort(v int64) *InstancePortState { s.FromPort = &v @@ -24477,12 +24611,12 @@ func (s *NotFoundException) RequestID() string { type OpenInstancePublicPortsInput struct { _ struct{} `type:"structure"` - // The name of the instance for which you want to open the public ports. + // The name of the instance for which to open ports. // // InstanceName is a required field InstanceName *string `locationName:"instanceName" type:"string" required:"true"` - // An array of key-value pairs containing information about the port mappings. + // An object to describe the ports to open for the specified instance. // // PortInfo is a required field PortInfo *PortInfo `locationName:"portInfo" type:"structure" required:"true"` @@ -24507,6 +24641,11 @@ func (s *OpenInstancePublicPortsInput) Validate() error { if s.PortInfo == nil { invalidParams.Add(request.NewErrParamRequired("PortInfo")) } + if s.PortInfo != nil { + if err := s.PortInfo.Validate(); err != nil { + invalidParams.AddNested("PortInfo", err.(request.ErrInvalidParams)) + } + } if invalidParams.Len() > 0 { return invalidParams @@ -24530,7 +24669,7 @@ type OpenInstancePublicPortsOutput struct { _ struct{} `type:"structure"` // An array of objects that describe the result of the action, such as the status - // of the request, the time stamp of the request, and the resources affected + // of the request, the timestamp of the request, and the resources affected // by the request. Operation *Operation `locationName:"operation" type:"structure"` } @@ -24806,7 +24945,7 @@ type PeerVpcOutput struct { _ struct{} `type:"structure"` // An array of objects that describe the result of the action, such as the status - // of the request, the time stamp of the request, and the resources affected + // of the request, the timestamp of the request, and the resources affected // by the request. Operation *Operation `locationName:"operation" type:"structure"` } @@ -24911,18 +25050,82 @@ func (s *PendingModifiedRelationalDatabaseValues) SetMasterUserPassword(v string return s } -// Describes information about the ports on your virtual private server (or -// instance). +// Describes ports to open on an instance, the IP addresses allowed to connect +// to the instance through the ports, and the protocol. type PortInfo struct { _ struct{} `type:"structure"` - // The first port in the range. + // An alias that defines access for a preconfigured range of IP addresses. + // + // The only alias currently supported is lightsail-connect, which allows IP + // addresses of the browser-based RDP/SSH client in the Lightsail console to + // connect to your instance. + CidrListAliases []*string `locationName:"cidrListAliases" type:"list"` + + // The IP address, or range of IP addresses in CIDR notation, that are allowed + // to connect to an instance through the ports, and the protocol. Lightsail + // supports IPv4 addresses. + // + // Examples: + // + // * To allow the IP address 192.0.2.44, specify 192.0.2.44 or 192.0.2.44/32. + // + // * To allow the IP addresses 192.0.2.0 to 192.0.2.255, specify 192.0.2.0/24. + // + // For more information about CIDR block notation, see Classless Inter-Domain + // Routing (https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing#CIDR_notation) + // on Wikipedia. + Cidrs []*string `locationName:"cidrs" type:"list"` + + // The first port in a range of open ports on an instance. + // + // Allowed ports: + // + // * TCP and UDP - 0 to 65535 + // + // * ICMP - 8 (to configure Ping) Ping is the only communication supported + // through the ICMP protocol in Lightsail. To configure ping, specify the + // fromPort parameter as 8, and the toPort parameter as -1. FromPort *int64 `locationName:"fromPort" type:"integer"` - // The protocol. + // The IP protocol name. + // + // The name can be one of the following: + // + // * tcp - Transmission Control Protocol (TCP) provides reliable, ordered, + // and error-checked delivery of streamed data between applications running + // on hosts communicating by an IP network. If you have an application that + // doesn't require reliable data stream service, use UDP instead. + // + // * all - All transport layer protocol types. For more general information, + // see Transport layer (https://en.wikipedia.org/wiki/Transport_layer) on + // Wikipedia. + // + // * udp - With User Datagram Protocol (UDP), computer applications can send + // messages (or datagrams) to other hosts on an Internet Protocol (IP) network. + // Prior communications are not required to set up transmission channels + // or data paths. Applications that don't require reliable data stream service + // can use UDP, which provides a connectionless datagram service that emphasizes + // reduced latency over reliability. If you do require reliable data stream + // service, use TCP instead. + // + // * icmp - Internet Control Message Protocol (ICMP) is used to send error + // messages and operational information indicating success or failure when + // communicating with an instance. For example, an error is indicated when + // an instance could not be reached. Ping is the only communication supported + // through the ICMP protocol in Lightsail. To configure ping, specify the + // fromPort parameter as 8, and the toPort parameter as -1. Protocol *string `locationName:"protocol" type:"string" enum:"NetworkProtocol"` - // The last port in the range. + // The last port in a range of open ports on an instance. + // + // Allowed ports: + // + // * TCP and UDP - 0 to 65535 + // + // * ICMP - -1 (to configure Ping) Ping is the only communication supported + // through the ICMP protocol in Lightsail. To configure ping, specify the + // fromPort parameter as 8, and the toPort parameter as -1. ToPort *int64 `locationName:"toPort" type:"integer"` } @@ -24936,6 +25139,34 @@ func (s PortInfo) GoString() string { return s.String() } +// Validate inspects the fields of the type to determine if they are valid. +func (s *PortInfo) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "PortInfo"} + if s.FromPort != nil && *s.FromPort < -1 { + invalidParams.Add(request.NewErrParamMinValue("FromPort", -1)) + } + if s.ToPort != nil && *s.ToPort < -1 { + invalidParams.Add(request.NewErrParamMinValue("ToPort", -1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetCidrListAliases sets the CidrListAliases field's value. +func (s *PortInfo) SetCidrListAliases(v []*string) *PortInfo { + s.CidrListAliases = v + return s +} + +// SetCidrs sets the Cidrs field's value. +func (s *PortInfo) SetCidrs(v []*string) *PortInfo { + s.Cidrs = v + return s +} + // SetFromPort sets the FromPort field's value. func (s *PortInfo) SetFromPort(v int64) *PortInfo { s.FromPort = &v @@ -25042,13 +25273,13 @@ type PutAlarmInput struct { // // An alarm has the following possible states: // - // * ALARM — The metric is outside of the defined threshold. + // * ALARM - The metric is outside of the defined threshold. // - // * INSUFFICIENT_DATA — The alarm has just started, the metric is not - // available, or not enough data is available for the metric to determine - // the alarm state. + // * INSUFFICIENT_DATA - The alarm has just started, the metric is not available, + // or not enough data is available for the metric to determine the alarm + // state. // - // * OK — The metric is within the defined threshold. + // * OK - The metric is within the defined threshold. // // When you specify a notification trigger, the ALARM state must be specified. // The INSUFFICIENT_DATA and OK states can be specified in addition to the ALARM @@ -25074,16 +25305,16 @@ type PutAlarmInput struct { // // An alarm can treat missing data in the following ways: // - // * breaching — Assume the missing data is not within the threshold. Missing + // * breaching - Assume the missing data is not within the threshold. Missing // data counts towards the number of times the metric is not within the threshold. // - // * notBreaching — Assume the missing data is within the threshold. Missing + // * notBreaching - Assume the missing data is within the threshold. Missing // data does not count towards the number of times the metric is not within // the threshold. // - // * ignore — Ignore the missing data. Maintains the current alarm state. + // * ignore - Ignore the missing data. Maintains the current alarm state. // - // * missing — Missing data is treated as missing. + // * missing - Missing data is treated as missing. // // If treatMissingData is not specified, the default behavior of missing is // used. @@ -25198,7 +25429,7 @@ type PutAlarmOutput struct { _ struct{} `type:"structure"` // An array of objects that describe the result of the action, such as the status - // of the request, the time stamp of the request, and the resources affected + // of the request, the timestamp of the request, and the resources affected // by the request. Operations []*Operation `locationName:"operations" type:"list"` } @@ -25222,12 +25453,12 @@ func (s *PutAlarmOutput) SetOperations(v []*Operation) *PutAlarmOutput { type PutInstancePublicPortsInput struct { _ struct{} `type:"structure"` - // The Lightsail instance name of the public port(s) you are setting. + // The name of the instance for which to open ports. // // InstanceName is a required field InstanceName *string `locationName:"instanceName" type:"string" required:"true"` - // Specifies information about the public port(s). + // An array of objects to describe the ports to open for the specified instance. // // PortInfos is a required field PortInfos []*PortInfo `locationName:"portInfos" type:"list" required:"true"` @@ -25252,6 +25483,16 @@ func (s *PutInstancePublicPortsInput) Validate() error { if s.PortInfos == nil { invalidParams.Add(request.NewErrParamRequired("PortInfos")) } + if s.PortInfos != nil { + for i, v := range s.PortInfos { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "PortInfos", i), err.(request.ErrInvalidParams)) + } + } + } if invalidParams.Len() > 0 { return invalidParams @@ -25275,7 +25516,7 @@ type PutInstancePublicPortsOutput struct { _ struct{} `type:"structure"` // An array of objects that describe the result of the action, such as the status - // of the request, the time stamp of the request, and the resources affected + // of the request, the timestamp of the request, and the resources affected // by the request. Operation *Operation `locationName:"operation" type:"structure"` } @@ -25338,7 +25579,7 @@ type RebootInstanceOutput struct { _ struct{} `type:"structure"` // An array of objects that describe the result of the action, such as the status - // of the request, the time stamp of the request, and the resources affected + // of the request, the timestamp of the request, and the resources affected // by the request. Operations []*Operation `locationName:"operations" type:"list"` } @@ -25401,7 +25642,7 @@ type RebootRelationalDatabaseOutput struct { _ struct{} `type:"structure"` // An array of objects that describe the result of the action, such as the status - // of the request, the time stamp of the request, and the resources affected + // of the request, the timestamp of the request, and the resources affected // by the request. Operations []*Operation `locationName:"operations" type:"list"` } @@ -26336,7 +26577,7 @@ type ReleaseStaticIpOutput struct { _ struct{} `type:"structure"` // An array of objects that describe the result of the action, such as the status - // of the request, the time stamp of the request, and the resources affected + // of the request, the timestamp of the request, and the resources affected // by the request. Operations []*Operation `locationName:"operations" type:"list"` } @@ -26432,7 +26673,7 @@ type SendContactMethodVerificationOutput struct { _ struct{} `type:"structure"` // An array of objects that describe the result of the action, such as the status - // of the request, the time stamp of the request, and the resources affected + // of the request, the timestamp of the request, and the resources affected // by the request. Operations []*Operation `locationName:"operations" type:"list"` } @@ -26557,7 +26798,7 @@ type StartInstanceOutput struct { _ struct{} `type:"structure"` // An array of objects that describe the result of the action, such as the status - // of the request, the time stamp of the request, and the resources affected + // of the request, the timestamp of the request, and the resources affected // by the request. Operations []*Operation `locationName:"operations" type:"list"` } @@ -26620,7 +26861,7 @@ type StartRelationalDatabaseOutput struct { _ struct{} `type:"structure"` // An array of objects that describe the result of the action, such as the status - // of the request, the time stamp of the request, and the resources affected + // of the request, the timestamp of the request, and the resources affected // by the request. Operations []*Operation `locationName:"operations" type:"list"` } @@ -26795,7 +27036,7 @@ type StopInstanceOutput struct { _ struct{} `type:"structure"` // An array of objects that describe the result of the action, such as the status - // of the request, the time stamp of the request, and the resources affected + // of the request, the timestamp of the request, and the resources affected // by the request. Operations []*Operation `locationName:"operations" type:"list"` } @@ -26868,7 +27109,7 @@ type StopRelationalDatabaseOutput struct { _ struct{} `type:"structure"` // An array of objects that describe the result of the action, such as the status - // of the request, the time stamp of the request, and the resources affected + // of the request, the timestamp of the request, and the resources affected // by the request. Operations []*Operation `locationName:"operations" type:"list"` } @@ -26997,7 +27238,7 @@ type TagResourceOutput struct { _ struct{} `type:"structure"` // An array of objects that describe the result of the action, such as the status - // of the request, the time stamp of the request, and the resources affected + // of the request, the timestamp of the request, and the resources affected // by the request. Operations []*Operation `locationName:"operations" type:"list"` } @@ -27030,13 +27271,13 @@ type TestAlarmInput struct { // // An alarm has the following possible states that can be tested: // - // * ALARM — The metric is outside of the defined threshold. + // * ALARM - The metric is outside of the defined threshold. // - // * INSUFFICIENT_DATA — The alarm has just started, the metric is not - // available, or not enough data is available for the metric to determine - // the alarm state. + // * INSUFFICIENT_DATA - The alarm has just started, the metric is not available, + // or not enough data is available for the metric to determine the alarm + // state. // - // * OK — The metric is within the defined threshold. + // * OK - The metric is within the defined threshold. // // State is a required field State *string `locationName:"state" type:"string" required:"true" enum:"AlarmState"` @@ -27084,7 +27325,7 @@ type TestAlarmOutput struct { _ struct{} `type:"structure"` // An array of objects that describe the result of the action, such as the status - // of the request, the time stamp of the request, and the resources affected + // of the request, the timestamp of the request, and the resources affected // by the request. Operations []*Operation `locationName:"operations" type:"list"` } @@ -27185,7 +27426,7 @@ type UnpeerVpcOutput struct { _ struct{} `type:"structure"` // An array of objects that describe the result of the action, such as the status - // of the request, the time stamp of the request, and the resources affected + // of the request, the timestamp of the request, and the resources affected // by the request. Operation *Operation `locationName:"operation" type:"structure"` } @@ -27272,7 +27513,7 @@ type UntagResourceOutput struct { _ struct{} `type:"structure"` // An array of objects that describe the result of the action, such as the status - // of the request, the time stamp of the request, and the resources affected + // of the request, the timestamp of the request, and the resources affected // by the request. Operations []*Operation `locationName:"operations" type:"list"` } @@ -27349,7 +27590,7 @@ type UpdateDomainEntryOutput struct { _ struct{} `type:"structure"` // An array of objects that describe the result of the action, such as the status - // of the request, the time stamp of the request, and the resources affected + // of the request, the timestamp of the request, and the resources affected // by the request. Operations []*Operation `locationName:"operations" type:"list"` } @@ -27443,7 +27684,7 @@ type UpdateLoadBalancerAttributeOutput struct { _ struct{} `type:"structure"` // An array of objects that describe the result of the action, such as the status - // of the request, the time stamp of the request, and the resources affected + // of the request, the timestamp of the request, and the resources affected // by the request. Operations []*Operation `locationName:"operations" type:"list"` } @@ -27636,7 +27877,7 @@ type UpdateRelationalDatabaseOutput struct { _ struct{} `type:"structure"` // An array of objects that describe the result of the action, such as the status - // of the request, the time stamp of the request, and the resources affected + // of the request, the timestamp of the request, and the resources affected // by the request. Operations []*Operation `locationName:"operations" type:"list"` } @@ -27713,7 +27954,7 @@ type UpdateRelationalDatabaseParametersOutput struct { _ struct{} `type:"structure"` // An array of objects that describe the result of the action, such as the status - // of the request, the time stamp of the request, and the resources affected + // of the request, the timestamp of the request, and the resources affected // by the request. Operations []*Operation `locationName:"operations" type:"list"` } @@ -28318,6 +28559,9 @@ const ( // NetworkProtocolUdp is a NetworkProtocol enum value NetworkProtocolUdp = "udp" + + // NetworkProtocolIcmp is a NetworkProtocol enum value + NetworkProtocolIcmp = "icmp" ) const ( diff --git a/vendor/github.com/aws/aws-sdk-go/service/route53/api.go b/vendor/github.com/aws/aws-sdk-go/service/route53/api.go index 38b6207b0bd..6a1693133e0 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/route53/api.go +++ b/vendor/github.com/aws/aws-sdk-go/service/route53/api.go @@ -15194,6 +15194,9 @@ const ( // CloudWatchRegionAfSouth1 is a CloudWatchRegion enum value CloudWatchRegionAfSouth1 = "af-south-1" + // CloudWatchRegionEuSouth1 is a CloudWatchRegion enum value + CloudWatchRegionEuSouth1 = "eu-south-1" + // CloudWatchRegionUsGovWest1 is a CloudWatchRegion enum value CloudWatchRegionUsGovWest1 = "us-gov-west-1" @@ -15415,6 +15418,9 @@ const ( // ResourceRecordSetRegionAfSouth1 is a ResourceRecordSetRegion enum value ResourceRecordSetRegionAfSouth1 = "af-south-1" + + // ResourceRecordSetRegionEuSouth1 is a ResourceRecordSetRegion enum value + ResourceRecordSetRegionEuSouth1 = "eu-south-1" ) const ( @@ -15522,4 +15528,7 @@ const ( // VPCRegionAfSouth1 is a VPCRegion enum value VPCRegionAfSouth1 = "af-south-1" + + // VPCRegionEuSouth1 is a VPCRegion enum value + VPCRegionEuSouth1 = "eu-south-1" ) diff --git a/vendor/github.com/aws/aws-sdk-go/service/sagemaker/api.go b/vendor/github.com/aws/aws-sdk-go/service/sagemaker/api.go index 0a749943fc0..9a7070b9b55 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/sagemaker/api.go +++ b/vendor/github.com/aws/aws-sdk-go/service/sagemaker/api.go @@ -306,10 +306,10 @@ func (c *SageMaker) CreateAppRequest(input *CreateAppInput) (req *request.Reques // CreateApp API operation for Amazon SageMaker Service. // -// Creates a running App for the specified UserProfile. Supported Apps are JupyterServer -// and KernelGateway. This operation is automatically invoked by Amazon SageMaker -// Amazon SageMaker Studio (Studio) upon access to the associated Studio Domain, -// and when new kernel configurations are selected by the user. A user may have +// Creates a running App for the specified UserProfile. Supported Apps are JupyterServer, +// KernelGateway, and TensorBoard. This operation is automatically invoked by +// Amazon SageMaker Studio upon access to the associated Studio Domain, and +// when new kernel configurations are selected by the user. A user may have // multiple Apps active simultaneously. Apps will automatically terminate and // be deleted when stopped from within Studio, or when the DeleteApp API is // manually called. UserProfiles are limited to 5 concurrently running Apps @@ -678,15 +678,15 @@ func (c *SageMaker) CreateDomainRequest(input *CreateDomainInput) (req *request. // CreateDomain API operation for Amazon SageMaker Service. // -// Creates a Domain for Amazon SageMaker Amazon SageMaker Studio (Studio), which -// can be accessed by end-users in a web browser. A Domain has an associated -// directory, list of authorized users, and a variety of security, application, -// policies, and Amazon Virtual Private Cloud configurations. An AWS account -// is limited to one Domain, per region. Users within a domain can share notebook -// files and other artifacts with each other. When a Domain is created, an Amazon -// Elastic File System (EFS) is also created for use by all of the users within -// the Domain. Each user receives a private home directory within the EFS for -// notebooks, Git repositories, and data files. +// Creates a Domain for Amazon SageMaker Studio, which can be accessed by end-users +// in a web browser. A Domain has an associated directory, list of authorized +// users, and a variety of security, application, policies, and Amazon Virtual +// Private Cloud configurations. An AWS account is limited to one Domain, per +// region. Users within a domain can share notebook files and other artifacts +// with each other. When a Domain is created, an Amazon Elastic File System +// (EFS) is also created for use by all of the users within the Domain. Each +// user receives a private home directory within the EFS for notebooks, Git +// repositories, and data files. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -1941,9 +1941,9 @@ func (c *SageMaker) CreatePresignedDomainUrlRequest(input *CreatePresignedDomain // // Creates a URL for a specified UserProfile in a Domain. When accessed in a // web browser, the user will be automatically signed in to Amazon SageMaker -// Amazon SageMaker Studio (Studio), and granted access to all of the Apps and -// files associated with that Amazon Elastic File System (EFS). This operation -// can only be called when AuthMode equals IAM. +// Studio, and granted access to all of the Apps and files associated with that +// Amazon Elastic File System (EFS). This operation can only be called when +// AuthMode equals IAM. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -2631,13 +2631,15 @@ func (c *SageMaker) CreateUserProfileRequest(input *CreateUserProfileInput) (req // CreateUserProfile API operation for Amazon SageMaker Service. // -// Creates a new user profile. A user profile represents a single user within -// a Domain, and is the main way to reference a "person" for the purposes of -// sharing, reporting and other user-oriented features. This entity is created -// during on-boarding. If an administrator invites a person by email or imports -// them from SSO, a new UserProfile is automatically created. This entity is -// the primary holder of settings for an individual user and has a reference -// to the user's private Amazon Elastic File System (EFS) home directory. +// Creates a user profile. A user profile represents a single user within a +// Domain, and is the main way to reference a "person" for the purposes of sharing, +// reporting and other user-oriented features. This entity is created during +// on-boarding to Amazon SageMaker Studio. If an administrator invites a person +// by email or imports them from SSO, a UserProfile is automatically created. +// +// This entity is the primary holder of settings for an individual user and, +// through the domain, has a reference to the user's private Amazon Elastic +// File System (EFS) home directory. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -3041,9 +3043,8 @@ func (c *SageMaker) DeleteDomainRequest(input *DeleteDomainInput) (req *request. // DeleteDomain API operation for Amazon SageMaker Service. // -// Used to delete a domain. If you on-boarded with IAM mode, you will need to -// delete your domain to on-board again using SSO. Use with caution. All of -// the members of the domain will lose access to their EFS volume, including +// Used to delete a domain. Use with caution. If RetentionPolicy is set to Delete, +// all of the members of the domain will lose access to their EFS volume, including // data, notebooks, and other artifacts. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -15820,7 +15821,8 @@ type CreateAppInput struct { // DomainId is a required field DomainId *string `type:"string" required:"true"` - // The instance type and quantity. + // The instance type and the Amazon Resource Name (ARN) of the SageMaker image + // created on the instance. ResourceSpec *ResourceSpec `type:"structure"` // Each tag consists of a key and an optional value. Tag keys must be unique @@ -16404,7 +16406,8 @@ type CreateDomainInput struct { // DomainName is a required field DomainName *string `type:"string" required:"true"` - // The AWS Key Management Service encryption key ID. + // The AWS Key Management Service (KMS) encryption key ID. Encryption with a + // customer master key (CMK) is not supported. HomeEfsFileSystemKmsKeyId *string `type:"string"` // Security setting to limit to a set of subnets. @@ -20788,7 +20791,7 @@ type DeleteDomainInput struct { // DomainId is a required field DomainId *string `type:"string" required:"true"` - // The retention policy for this domain, which specifies which resources will + // The retention policy for this domain, which specifies whether resources will // be retained after the Domain is deleted. By default, all resources are retained // (not automatically deleted). RetentionPolicy *RetentionPolicy `type:"structure"` @@ -21987,7 +21990,8 @@ type DescribeAppOutput struct { // The timestamp of the last user's activity. LastUserActivityTimestamp *time.Time `type:"timestamp"` - // The instance type and quantity. + // The instance type and the Amazon Resource Name (ARN) of the SageMaker image + // created on the instance. ResourceSpec *ResourceSpec `type:"structure"` // The status. @@ -26300,7 +26304,7 @@ type DescribeUserProfileOutput struct { // The failure reason. FailureReason *string `type:"string"` - // The homa Amazon Elastic File System (EFS) Uid. + // The home Amazon Elastic File System (EFS) Uid. HomeEfsFileSystemUid *string `type:"string"` // The last modified time. @@ -28817,11 +28821,6 @@ func (s *HumanTaskConfig) Validate() error { invalidParams.AddNested("AnnotationConsolidationConfig", err.(request.ErrInvalidParams)) } } - if s.UiConfig != nil { - if err := s.UiConfig.Validate(); err != nil { - invalidParams.AddNested("UiConfig", err.(request.ErrInvalidParams)) - } - } if invalidParams.Len() > 0 { return invalidParams @@ -30392,7 +30391,8 @@ func (s *IntegerParameterRangeSpecification) SetMinValue(v string) *IntegerParam type JupyterServerAppSettings struct { _ struct{} `type:"structure"` - // The instance type and quantity. + // The default instance type and the Amazon Resource Name (ARN) of the SageMaker + // image created on the instance. DefaultResourceSpec *ResourceSpec `type:"structure"` } @@ -30416,7 +30416,8 @@ func (s *JupyterServerAppSettings) SetDefaultResourceSpec(v *ResourceSpec) *Jupy type KernelGatewayAppSettings struct { _ struct{} `type:"structure"` - // The instance type and quantity. + // The default instance type and the Amazon Resource Name (ARN) of the SageMaker + // image created on the instance. DefaultResourceSpec *ResourceSpec `type:"structure"` } @@ -37134,6 +37135,11 @@ func (s *NestedFilters) SetNestedPropertyName(v string) *NestedFilters { type NetworkConfig struct { _ struct{} `type:"structure"` + // Whether to encrypt all communications between distributed processing jobs. + // Choose True to encrypt communications. Encryption provides greater security + // for distributed processing jobs, but the processing might take longer. + EnableInterContainerTrafficEncryption *bool `type:"boolean"` + // Whether to allow inbound and outbound network calls to and from the containers // used for the processing job. EnableNetworkIsolation *bool `type:"boolean"` @@ -37171,6 +37177,12 @@ func (s *NetworkConfig) Validate() error { return nil } +// SetEnableInterContainerTrafficEncryption sets the EnableInterContainerTrafficEncryption field's value. +func (s *NetworkConfig) SetEnableInterContainerTrafficEncryption(v bool) *NetworkConfig { + s.EnableInterContainerTrafficEncryption = &v + return s +} + // SetEnableNetworkIsolation sets the EnableNetworkIsolation field's value. func (s *NetworkConfig) SetEnableNetworkIsolation(v bool) *NetworkConfig { s.EnableNetworkIsolation = &v @@ -39216,9 +39228,7 @@ type RenderUiTemplateInput struct { Task *RenderableTask `type:"structure" required:"true"` // A Template object containing the worker UI template to render. - // - // UiTemplate is a required field - UiTemplate *UiTemplate `type:"structure" required:"true"` + UiTemplate *UiTemplate `type:"structure"` } // String returns the string representation @@ -39243,9 +39253,6 @@ func (s *RenderUiTemplateInput) Validate() error { if s.Task == nil { invalidParams.Add(request.NewErrParamRequired("Task")) } - if s.UiTemplate == nil { - invalidParams.Add(request.NewErrParamRequired("UiTemplate")) - } if s.Task != nil { if err := s.Task.Validate(); err != nil { invalidParams.AddNested("Task", err.(request.ErrInvalidParams)) @@ -39795,16 +39802,16 @@ func (s *ResourceNotFound) RequestID() string { return s.RespMetadata.RequestID } -// The instance type and the Amazon Resource Name (ARN) of the image created -// on the instance. The ARN is stored as metadata in Amazon SageMaker Studio -// notebooks. +// The instance type and the Amazon Resource Name (ARN) of the SageMaker image +// created on the instance. The ARN is stored as metadata in Amazon SageMaker +// Studio notebooks. type ResourceSpec struct { _ struct{} `type:"structure"` // The instance type. InstanceType *string `type:"string" enum:"AppInstanceType"` - // The Amazon Resource Name (ARN) of the image created on the instance. + // The Amazon Resource Name (ARN) of the SageMaker image created on the instance. SageMakerImageArn *string `type:"string"` } @@ -39830,11 +39837,15 @@ func (s *ResourceSpec) SetSageMakerImageArn(v string) *ResourceSpec { return s } -// The retention policy. +// The retention policy for data stored on an Amazon Elastic File System (EFS) +// volume. type RetentionPolicy struct { _ struct{} `type:"structure"` - // The home Amazon Elastic File System (EFS). + // The default is Retain, which specifies to keep the data stored on the EFS + // volume. + // + // Specify Delete to delete the data stored on the EFS volume. HomeEfsFileSystem *string `type:"string" enum:"RetentionType"` } @@ -41574,7 +41585,8 @@ func (s *Tag) SetValue(v string) *Tag { type TensorBoardAppSettings struct { _ struct{} `type:"structure"` - // The instance type and quantity. + // The default instance type and the Amazon Resource Name (ARN) of the SageMaker + // image created on the instance. DefaultResourceSpec *ResourceSpec `type:"structure"` } @@ -44128,9 +44140,7 @@ type UiConfig struct { // The Amazon S3 bucket location of the UI template. For more information about // the contents of a UI template, see Creating Your Custom Labeling Task Template // (https://docs.aws.amazon.com/sagemaker/latest/dg/sms-custom-templates-step2.html). - // - // UiTemplateS3Uri is a required field - UiTemplateS3Uri *string `type:"string" required:"true"` + UiTemplateS3Uri *string `type:"string"` } // String returns the string representation @@ -44143,19 +44153,6 @@ func (s UiConfig) GoString() string { return s.String() } -// Validate inspects the fields of the type to determine if they are valid. -func (s *UiConfig) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "UiConfig"} - if s.UiTemplateS3Uri == nil { - invalidParams.Add(request.NewErrParamRequired("UiTemplateS3Uri")) - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - // SetUiTemplateS3Uri sets the UiTemplateS3Uri field's value. func (s *UiConfig) SetUiTemplateS3Uri(v string) *UiConfig { s.UiTemplateS3Uri = &v diff --git a/vendor/github.com/aws/aws-sdk-go/service/ssm/api.go b/vendor/github.com/aws/aws-sdk-go/service/ssm/api.go index d8bb7c631f2..e02de1a4b05 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/ssm/api.go +++ b/vendor/github.com/aws/aws-sdk-go/service/ssm/api.go @@ -45713,6 +45713,12 @@ const ( // OperatingSystemCentos is a OperatingSystem enum value OperatingSystemCentos = "CENTOS" + + // OperatingSystemOracleLinux is a OperatingSystem enum value + OperatingSystemOracleLinux = "ORACLE_LINUX" + + // OperatingSystemDebian is a OperatingSystem enum value + OperatingSystemDebian = "DEBIAN" ) const ( diff --git a/vendor/github.com/aws/aws-sdk-go/service/workmail/api.go b/vendor/github.com/aws/aws-sdk-go/service/workmail/api.go index 24766b693f2..709ad5ea41c 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/workmail/api.go +++ b/vendor/github.com/aws/aws-sdk-go/service/workmail/api.go @@ -2786,7 +2786,7 @@ func (c *WorkMail) ListOrganizationsRequest(input *ListOrganizationsInput) (req // ListOrganizations API operation for Amazon WorkMail. // -// Returns summaries of the customer's non-deleted organizations. +// Returns summaries of the customer's organizations. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -5071,7 +5071,9 @@ type DeleteAccessControlRuleInput struct { Name *string `min:"1" type:"string" required:"true"` // The identifier for the organization. - OrganizationId *string `type:"string"` + // + // OrganizationId is a required field + OrganizationId *string `type:"string" required:"true"` } // String returns the string representation @@ -5093,6 +5095,9 @@ func (s *DeleteAccessControlRuleInput) Validate() error { if s.Name != nil && len(*s.Name) < 1 { invalidParams.Add(request.NewErrParamMinLen("Name", 1)) } + if s.OrganizationId == nil { + invalidParams.Add(request.NewErrParamRequired("OrganizationId")) + } if invalidParams.Len() > 0 { return invalidParams diff --git a/vendor/modules.txt b/vendor/modules.txt index ffdbe2c150a..ed4f920a8a3 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -25,7 +25,7 @@ github.com/apparentlymart/go-cidr/cidr github.com/apparentlymart/go-textseg/textseg # github.com/armon/go-radix v1.0.0 github.com/armon/go-radix -# github.com/aws/aws-sdk-go v1.30.21 +# github.com/aws/aws-sdk-go v1.30.28 github.com/aws/aws-sdk-go/aws github.com/aws/aws-sdk-go/aws/arn github.com/aws/aws-sdk-go/aws/awserr From 9a89bc74b5275a2f624c9087c87b8ad09d68274d Mon Sep 17 00:00:00 2001 From: Ilia Lazebnik Date: Fri, 15 May 2020 19:12:04 +0300 Subject: [PATCH 166/475] service/synthetics: Add service client (#13186) --- .hashibot.hcl | 7 + aws/config.go | 3 + .../generators/servicetags/main.go | 1 + .../generators/updatetags/main.go | 1 + .../service_generation_customizations.go | 3 + aws/internal/keyvaluetags/service_tags_gen.go | 10 + aws/internal/keyvaluetags/update_tags_gen.go | 37 + aws/provider.go | 1 + .../aws/aws-sdk-go/service/synthetics/api.go | 3792 +++++++++++++++++ .../aws/aws-sdk-go/service/synthetics/doc.go | 42 + .../aws-sdk-go/service/synthetics/errors.go | 41 + .../aws-sdk-go/service/synthetics/service.go | 104 + vendor/modules.txt | 1 + .../guides/custom-service-endpoints.html.md | 1 + 14 files changed, 4044 insertions(+) create mode 100644 vendor/github.com/aws/aws-sdk-go/service/synthetics/api.go create mode 100644 vendor/github.com/aws/aws-sdk-go/service/synthetics/doc.go create mode 100644 vendor/github.com/aws/aws-sdk-go/service/synthetics/errors.go create mode 100644 vendor/github.com/aws/aws-sdk-go/service/synthetics/service.go diff --git a/.hashibot.hcl b/.hashibot.hcl index 0e9ac1d9dc8..28ec3a4d82d 100644 --- a/.hashibot.hcl +++ b/.hashibot.hcl @@ -497,6 +497,9 @@ behavior "regexp_issue_labeler_v2" "service_labels" { "service/swf" = [ "aws_swf_", ], + "service/synthetics" = [ + "aws_synthetics_", + ], "service/transfer" = [ "aws_transfer_", ], @@ -1199,6 +1202,10 @@ behavior "pull_request_path_labeler" "service_labels" { "**/*_swf_*", "**/swf_*" ] + "service/synthetics" = [ + "**/*_synthetics_*", + "**/synthetics_*" + ] "service/transfer" = [ "**/*_transfer_*", "**/transfer_*" diff --git a/aws/config.go b/aws/config.go index fcdc8c6fc2a..123dc179068 100644 --- a/aws/config.go +++ b/aws/config.go @@ -139,6 +139,7 @@ import ( "github.com/aws/aws-sdk-go/service/storagegateway" "github.com/aws/aws-sdk-go/service/sts" "github.com/aws/aws-sdk-go/service/swf" + "github.com/aws/aws-sdk-go/service/synthetics" "github.com/aws/aws-sdk-go/service/transfer" "github.com/aws/aws-sdk-go/service/waf" "github.com/aws/aws-sdk-go/service/wafregional" @@ -322,6 +323,7 @@ type AWSClient struct { stsconn *sts.STS supportedplatforms []string swfconn *swf.SWF + syntheticsconn *synthetics.Synthetics terraformVersion string transferconn *transfer.Transfer wafconn *waf.WAF @@ -535,6 +537,7 @@ func (c *Config) Client() (interface{}, error) { storagegatewayconn: storagegateway.New(sess.Copy(&aws.Config{Endpoint: aws.String(c.Endpoints["storagegateway"])})), stsconn: sts.New(sess.Copy(&aws.Config{Endpoint: aws.String(c.Endpoints["sts"])})), swfconn: swf.New(sess.Copy(&aws.Config{Endpoint: aws.String(c.Endpoints["swf"])})), + syntheticsconn: synthetics.New(sess.Copy(&aws.Config{Endpoint: aws.String(c.Endpoints["synthetics"])})), terraformVersion: c.terraformVersion, transferconn: transfer.New(sess.Copy(&aws.Config{Endpoint: aws.String(c.Endpoints["transfer"])})), wafconn: waf.New(sess.Copy(&aws.Config{Endpoint: aws.String(c.Endpoints["waf"])})), diff --git a/aws/internal/keyvaluetags/generators/servicetags/main.go b/aws/internal/keyvaluetags/generators/servicetags/main.go index 79a7a1743bb..0717922fd87 100644 --- a/aws/internal/keyvaluetags/generators/servicetags/main.go +++ b/aws/internal/keyvaluetags/generators/servicetags/main.go @@ -132,6 +132,7 @@ var mapServiceNames = []string{ "resourcegroups", "securityhub", "sqs", + "synthetics", } type TemplateData struct { diff --git a/aws/internal/keyvaluetags/generators/updatetags/main.go b/aws/internal/keyvaluetags/generators/updatetags/main.go index 628f8ee646a..05caa30f048 100644 --- a/aws/internal/keyvaluetags/generators/updatetags/main.go +++ b/aws/internal/keyvaluetags/generators/updatetags/main.go @@ -113,6 +113,7 @@ var serviceNames = []string{ "ssm", "storagegateway", "swf", + "synthetics", "transfer", "waf", "wafregional", diff --git a/aws/internal/keyvaluetags/service_generation_customizations.go b/aws/internal/keyvaluetags/service_generation_customizations.go index c9a11053994..cd798080c68 100644 --- a/aws/internal/keyvaluetags/service_generation_customizations.go +++ b/aws/internal/keyvaluetags/service_generation_customizations.go @@ -103,6 +103,7 @@ import ( "github.com/aws/aws-sdk-go/service/ssm" "github.com/aws/aws-sdk-go/service/storagegateway" "github.com/aws/aws-sdk-go/service/swf" + "github.com/aws/aws-sdk-go/service/synthetics" "github.com/aws/aws-sdk-go/service/transfer" "github.com/aws/aws-sdk-go/service/waf" "github.com/aws/aws-sdk-go/service/wafregional" @@ -311,6 +312,8 @@ func ServiceClientType(serviceName string) string { funcType = reflect.TypeOf(storagegateway.New) case "swf": funcType = reflect.TypeOf(swf.New) + case "synthetics": + funcType = reflect.TypeOf(synthetics.New) case "transfer": funcType = reflect.TypeOf(transfer.New) case "waf": diff --git a/aws/internal/keyvaluetags/service_tags_gen.go b/aws/internal/keyvaluetags/service_tags_gen.go index 643fd0fc7c3..627f72f21fc 100644 --- a/aws/internal/keyvaluetags/service_tags_gen.go +++ b/aws/internal/keyvaluetags/service_tags_gen.go @@ -432,6 +432,16 @@ func SqsKeyValueTags(tags map[string]*string) KeyValueTags { return New(tags) } +// SyntheticsTags returns synthetics service tags. +func (tags KeyValueTags) SyntheticsTags() map[string]*string { + return aws.StringMap(tags.Map()) +} + +// SyntheticsKeyValueTags creates KeyValueTags from synthetics service tags. +func SyntheticsKeyValueTags(tags map[string]*string) KeyValueTags { + return New(tags) +} + // []*SERVICE.Tag handling // AcmTags returns acm service tags. diff --git a/aws/internal/keyvaluetags/update_tags_gen.go b/aws/internal/keyvaluetags/update_tags_gen.go index 68dc42f29ff..e987e0ad9a2 100644 --- a/aws/internal/keyvaluetags/update_tags_gen.go +++ b/aws/internal/keyvaluetags/update_tags_gen.go @@ -102,6 +102,7 @@ import ( "github.com/aws/aws-sdk-go/service/ssm" "github.com/aws/aws-sdk-go/service/storagegateway" "github.com/aws/aws-sdk-go/service/swf" + "github.com/aws/aws-sdk-go/service/synthetics" "github.com/aws/aws-sdk-go/service/transfer" "github.com/aws/aws-sdk-go/service/waf" "github.com/aws/aws-sdk-go/service/wafregional" @@ -3570,6 +3571,42 @@ func SwfUpdateTags(conn *swf.SWF, identifier string, oldTagsMap interface{}, new return nil } +// SyntheticsUpdateTags updates synthetics service tags. +// The identifier is typically the Amazon Resource Name (ARN), although +// it may also be a different identifier depending on the service. +func SyntheticsUpdateTags(conn *synthetics.Synthetics, identifier string, oldTagsMap interface{}, newTagsMap interface{}) error { + oldTags := New(oldTagsMap) + newTags := New(newTagsMap) + + if removedTags := oldTags.Removed(newTags); len(removedTags) > 0 { + input := &synthetics.UntagResourceInput{ + ResourceArn: aws.String(identifier), + TagKeys: aws.StringSlice(removedTags.IgnoreAws().Keys()), + } + + _, err := conn.UntagResource(input) + + if err != nil { + return fmt.Errorf("error untagging resource (%s): %w", identifier, err) + } + } + + if updatedTags := oldTags.Updated(newTags); len(updatedTags) > 0 { + input := &synthetics.TagResourceInput{ + ResourceArn: aws.String(identifier), + Tags: updatedTags.IgnoreAws().SyntheticsTags(), + } + + _, err := conn.TagResource(input) + + if err != nil { + return fmt.Errorf("error tagging resource (%s): %w", identifier, err) + } + } + + return nil +} + // TransferUpdateTags updates transfer service tags. // The identifier is typically the Amazon Resource Name (ARN), although // it may also be a different identifier depending on the service. diff --git a/aws/provider.go b/aws/provider.go index d7eaff110f5..0273b116f54 100644 --- a/aws/provider.go +++ b/aws/provider.go @@ -1130,6 +1130,7 @@ func init() { "storagegateway", "sts", "swf", + "synthetics", "transfer", "waf", "wafregional", diff --git a/vendor/github.com/aws/aws-sdk-go/service/synthetics/api.go b/vendor/github.com/aws/aws-sdk-go/service/synthetics/api.go new file mode 100644 index 00000000000..8b2d759c486 --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go/service/synthetics/api.go @@ -0,0 +1,3792 @@ +// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT. + +package synthetics + +import ( + "fmt" + "time" + + "github.com/aws/aws-sdk-go/aws" + "github.com/aws/aws-sdk-go/aws/awsutil" + "github.com/aws/aws-sdk-go/aws/request" + "github.com/aws/aws-sdk-go/private/protocol" + "github.com/aws/aws-sdk-go/private/protocol/restjson" +) + +const opCreateCanary = "CreateCanary" + +// CreateCanaryRequest generates a "aws/request.Request" representing the +// client's request for the CreateCanary operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See CreateCanary for more information on using the CreateCanary +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the CreateCanaryRequest method. +// req, resp := client.CreateCanaryRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/synthetics-2017-10-11/CreateCanary +func (c *Synthetics) CreateCanaryRequest(input *CreateCanaryInput) (req *request.Request, output *CreateCanaryOutput) { + op := &request.Operation{ + Name: opCreateCanary, + HTTPMethod: "POST", + HTTPPath: "/canary", + } + + if input == nil { + input = &CreateCanaryInput{} + } + + output = &CreateCanaryOutput{} + req = c.newRequest(op, input, output) + return +} + +// CreateCanary API operation for Synthetics. +// +// Creates a canary. Canaries are scripts that monitor your endpoints and APIs +// from the outside-in. Canaries help you check the availability and latency +// of your web services and troubleshoot anomalies by investigating load time +// data, screenshots of the UI, logs, and metrics. You can set up a canary to +// run continuously or just once. +// +// Do not use CreateCanary to modify an existing canary. Use UpdateCanary instead. +// +// To create canaries, you must have the CloudWatchSyntheticsFullAccess policy. +// If you are creating a new IAM role for the canary, you also need the the +// iam:CreateRole, iam:CreatePolicy and iam:AttachRolePolicy permissions. For +// more information, see Necessary Roles and Permissions (https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_Canaries_Roles). +// +// Do not include secrets or proprietary information in your canary names. The +// canary name makes up part of the Amazon Resource Name (ARN) for the canary, +// and the ARN is included in outbound calls over the internet. For more information, +// see Security Considerations for Synthetics Canaries (https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/servicelens_canaries_security.html). +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Synthetics's +// API operation CreateCanary for usage and error information. +// +// Returned Error Types: +// * InternalServerException +// An unknown internal error occurred. +// +// * ValidationException +// A parameter could not be validated. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/synthetics-2017-10-11/CreateCanary +func (c *Synthetics) CreateCanary(input *CreateCanaryInput) (*CreateCanaryOutput, error) { + req, out := c.CreateCanaryRequest(input) + return out, req.Send() +} + +// CreateCanaryWithContext is the same as CreateCanary with the addition of +// the ability to pass a context and additional request options. +// +// See CreateCanary for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *Synthetics) CreateCanaryWithContext(ctx aws.Context, input *CreateCanaryInput, opts ...request.Option) (*CreateCanaryOutput, error) { + req, out := c.CreateCanaryRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opDeleteCanary = "DeleteCanary" + +// DeleteCanaryRequest generates a "aws/request.Request" representing the +// client's request for the DeleteCanary operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DeleteCanary for more information on using the DeleteCanary +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DeleteCanaryRequest method. +// req, resp := client.DeleteCanaryRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/synthetics-2017-10-11/DeleteCanary +func (c *Synthetics) DeleteCanaryRequest(input *DeleteCanaryInput) (req *request.Request, output *DeleteCanaryOutput) { + op := &request.Operation{ + Name: opDeleteCanary, + HTTPMethod: "DELETE", + HTTPPath: "/canary/{name}", + } + + if input == nil { + input = &DeleteCanaryInput{} + } + + output = &DeleteCanaryOutput{} + req = c.newRequest(op, input, output) + req.Handlers.Unmarshal.Swap(restjson.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) + return +} + +// DeleteCanary API operation for Synthetics. +// +// Permanently deletes the specified canary. +// +// When you delete a canary, resources used and created by the canary are not +// automatically deleted. After you delete a canary that you do not intend to +// use again, you should also delete the following: +// +// * The Lambda functions and layers used by this canary. These have the +// prefix cwsyn-MyCanaryName . +// +// * The CloudWatch alarms created for this canary. These alarms have a name +// of Synthetics-SharpDrop-Alarm-MyCanaryName . +// +// * Amazon S3 objects and buckets, such as the canary's artifact location. +// +// * IAM roles created for the canary. If they were created in the console, +// these roles have the name role/service-role/CloudWatchSyntheticsRole-MyCanaryName . +// +// * CloudWatch Logs log groups created for the canary. These logs groups +// have the name /aws/lambda/cwsyn-MyCanaryName . +// +// Before you delete a canary, you might want to use GetCanary to display the +// information about this canary. Make note of the information returned by this +// operation so that you can delete these resources after you delete the canary. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Synthetics's +// API operation DeleteCanary for usage and error information. +// +// Returned Error Types: +// * InternalServerException +// An unknown internal error occurred. +// +// * ValidationException +// A parameter could not be validated. +// +// * ResourceNotFoundException +// One of the specified resources was not found. +// +// * ConflictException +// A conflicting operation is already in progress. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/synthetics-2017-10-11/DeleteCanary +func (c *Synthetics) DeleteCanary(input *DeleteCanaryInput) (*DeleteCanaryOutput, error) { + req, out := c.DeleteCanaryRequest(input) + return out, req.Send() +} + +// DeleteCanaryWithContext is the same as DeleteCanary with the addition of +// the ability to pass a context and additional request options. +// +// See DeleteCanary for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *Synthetics) DeleteCanaryWithContext(ctx aws.Context, input *DeleteCanaryInput, opts ...request.Option) (*DeleteCanaryOutput, error) { + req, out := c.DeleteCanaryRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opDescribeCanaries = "DescribeCanaries" + +// DescribeCanariesRequest generates a "aws/request.Request" representing the +// client's request for the DescribeCanaries operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DescribeCanaries for more information on using the DescribeCanaries +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DescribeCanariesRequest method. +// req, resp := client.DescribeCanariesRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/synthetics-2017-10-11/DescribeCanaries +func (c *Synthetics) DescribeCanariesRequest(input *DescribeCanariesInput) (req *request.Request, output *DescribeCanariesOutput) { + op := &request.Operation{ + Name: opDescribeCanaries, + HTTPMethod: "POST", + HTTPPath: "/canaries", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, + } + + if input == nil { + input = &DescribeCanariesInput{} + } + + output = &DescribeCanariesOutput{} + req = c.newRequest(op, input, output) + return +} + +// DescribeCanaries API operation for Synthetics. +// +// This operation returns a list of the canaries in your account, along with +// full details about each canary. +// +// This operation does not have resource-level authorization, so if a user is +// able to use DescribeCanaries, the user can see all of the canaries in the +// account. A deny policy can only be used to restrict access to all canaries. +// It cannot be used on specific resources. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Synthetics's +// API operation DescribeCanaries for usage and error information. +// +// Returned Error Types: +// * InternalServerException +// An unknown internal error occurred. +// +// * ValidationException +// A parameter could not be validated. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/synthetics-2017-10-11/DescribeCanaries +func (c *Synthetics) DescribeCanaries(input *DescribeCanariesInput) (*DescribeCanariesOutput, error) { + req, out := c.DescribeCanariesRequest(input) + return out, req.Send() +} + +// DescribeCanariesWithContext is the same as DescribeCanaries with the addition of +// the ability to pass a context and additional request options. +// +// See DescribeCanaries for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *Synthetics) DescribeCanariesWithContext(ctx aws.Context, input *DescribeCanariesInput, opts ...request.Option) (*DescribeCanariesOutput, error) { + req, out := c.DescribeCanariesRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +// DescribeCanariesPages iterates over the pages of a DescribeCanaries operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeCanaries method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeCanaries operation. +// pageNum := 0 +// err := client.DescribeCanariesPages(params, +// func(page *synthetics.DescribeCanariesOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *Synthetics) DescribeCanariesPages(input *DescribeCanariesInput, fn func(*DescribeCanariesOutput, bool) bool) error { + return c.DescribeCanariesPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeCanariesPagesWithContext same as DescribeCanariesPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *Synthetics) DescribeCanariesPagesWithContext(ctx aws.Context, input *DescribeCanariesInput, fn func(*DescribeCanariesOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeCanariesInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeCanariesRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeCanariesOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + +const opDescribeCanariesLastRun = "DescribeCanariesLastRun" + +// DescribeCanariesLastRunRequest generates a "aws/request.Request" representing the +// client's request for the DescribeCanariesLastRun operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DescribeCanariesLastRun for more information on using the DescribeCanariesLastRun +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DescribeCanariesLastRunRequest method. +// req, resp := client.DescribeCanariesLastRunRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/synthetics-2017-10-11/DescribeCanariesLastRun +func (c *Synthetics) DescribeCanariesLastRunRequest(input *DescribeCanariesLastRunInput) (req *request.Request, output *DescribeCanariesLastRunOutput) { + op := &request.Operation{ + Name: opDescribeCanariesLastRun, + HTTPMethod: "POST", + HTTPPath: "/canaries/last-run", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, + } + + if input == nil { + input = &DescribeCanariesLastRunInput{} + } + + output = &DescribeCanariesLastRunOutput{} + req = c.newRequest(op, input, output) + return +} + +// DescribeCanariesLastRun API operation for Synthetics. +// +// Use this operation to see information from the most recent run of each canary +// that you have created. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Synthetics's +// API operation DescribeCanariesLastRun for usage and error information. +// +// Returned Error Types: +// * InternalServerException +// An unknown internal error occurred. +// +// * ValidationException +// A parameter could not be validated. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/synthetics-2017-10-11/DescribeCanariesLastRun +func (c *Synthetics) DescribeCanariesLastRun(input *DescribeCanariesLastRunInput) (*DescribeCanariesLastRunOutput, error) { + req, out := c.DescribeCanariesLastRunRequest(input) + return out, req.Send() +} + +// DescribeCanariesLastRunWithContext is the same as DescribeCanariesLastRun with the addition of +// the ability to pass a context and additional request options. +// +// See DescribeCanariesLastRun for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *Synthetics) DescribeCanariesLastRunWithContext(ctx aws.Context, input *DescribeCanariesLastRunInput, opts ...request.Option) (*DescribeCanariesLastRunOutput, error) { + req, out := c.DescribeCanariesLastRunRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +// DescribeCanariesLastRunPages iterates over the pages of a DescribeCanariesLastRun operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeCanariesLastRun method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeCanariesLastRun operation. +// pageNum := 0 +// err := client.DescribeCanariesLastRunPages(params, +// func(page *synthetics.DescribeCanariesLastRunOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *Synthetics) DescribeCanariesLastRunPages(input *DescribeCanariesLastRunInput, fn func(*DescribeCanariesLastRunOutput, bool) bool) error { + return c.DescribeCanariesLastRunPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeCanariesLastRunPagesWithContext same as DescribeCanariesLastRunPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *Synthetics) DescribeCanariesLastRunPagesWithContext(ctx aws.Context, input *DescribeCanariesLastRunInput, fn func(*DescribeCanariesLastRunOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeCanariesLastRunInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeCanariesLastRunRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeCanariesLastRunOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + +const opDescribeRuntimeVersions = "DescribeRuntimeVersions" + +// DescribeRuntimeVersionsRequest generates a "aws/request.Request" representing the +// client's request for the DescribeRuntimeVersions operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DescribeRuntimeVersions for more information on using the DescribeRuntimeVersions +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DescribeRuntimeVersionsRequest method. +// req, resp := client.DescribeRuntimeVersionsRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/synthetics-2017-10-11/DescribeRuntimeVersions +func (c *Synthetics) DescribeRuntimeVersionsRequest(input *DescribeRuntimeVersionsInput) (req *request.Request, output *DescribeRuntimeVersionsOutput) { + op := &request.Operation{ + Name: opDescribeRuntimeVersions, + HTTPMethod: "POST", + HTTPPath: "/runtime-versions", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, + } + + if input == nil { + input = &DescribeRuntimeVersionsInput{} + } + + output = &DescribeRuntimeVersionsOutput{} + req = c.newRequest(op, input, output) + return +} + +// DescribeRuntimeVersions API operation for Synthetics. +// +// Returns a list of Synthetics canary runtime versions. For more information, +// see Canary Runtime Versions (https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_Canaries_Library.html). +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Synthetics's +// API operation DescribeRuntimeVersions for usage and error information. +// +// Returned Error Types: +// * InternalServerException +// An unknown internal error occurred. +// +// * ValidationException +// A parameter could not be validated. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/synthetics-2017-10-11/DescribeRuntimeVersions +func (c *Synthetics) DescribeRuntimeVersions(input *DescribeRuntimeVersionsInput) (*DescribeRuntimeVersionsOutput, error) { + req, out := c.DescribeRuntimeVersionsRequest(input) + return out, req.Send() +} + +// DescribeRuntimeVersionsWithContext is the same as DescribeRuntimeVersions with the addition of +// the ability to pass a context and additional request options. +// +// See DescribeRuntimeVersions for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *Synthetics) DescribeRuntimeVersionsWithContext(ctx aws.Context, input *DescribeRuntimeVersionsInput, opts ...request.Option) (*DescribeRuntimeVersionsOutput, error) { + req, out := c.DescribeRuntimeVersionsRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +// DescribeRuntimeVersionsPages iterates over the pages of a DescribeRuntimeVersions operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeRuntimeVersions method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeRuntimeVersions operation. +// pageNum := 0 +// err := client.DescribeRuntimeVersionsPages(params, +// func(page *synthetics.DescribeRuntimeVersionsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *Synthetics) DescribeRuntimeVersionsPages(input *DescribeRuntimeVersionsInput, fn func(*DescribeRuntimeVersionsOutput, bool) bool) error { + return c.DescribeRuntimeVersionsPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeRuntimeVersionsPagesWithContext same as DescribeRuntimeVersionsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *Synthetics) DescribeRuntimeVersionsPagesWithContext(ctx aws.Context, input *DescribeRuntimeVersionsInput, fn func(*DescribeRuntimeVersionsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeRuntimeVersionsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeRuntimeVersionsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeRuntimeVersionsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + +const opGetCanary = "GetCanary" + +// GetCanaryRequest generates a "aws/request.Request" representing the +// client's request for the GetCanary operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See GetCanary for more information on using the GetCanary +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the GetCanaryRequest method. +// req, resp := client.GetCanaryRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/synthetics-2017-10-11/GetCanary +func (c *Synthetics) GetCanaryRequest(input *GetCanaryInput) (req *request.Request, output *GetCanaryOutput) { + op := &request.Operation{ + Name: opGetCanary, + HTTPMethod: "GET", + HTTPPath: "/canary/{name}", + } + + if input == nil { + input = &GetCanaryInput{} + } + + output = &GetCanaryOutput{} + req = c.newRequest(op, input, output) + return +} + +// GetCanary API operation for Synthetics. +// +// Retrieves complete information about one canary. You must specify the name +// of the canary that you want. To get a list of canaries and their names, use +// DescribeCanaries (https://docs.aws.amazon.com/AmazonSynthetics/latest/APIReference/API_DescribeCanaries.html). +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Synthetics's +// API operation GetCanary for usage and error information. +// +// Returned Error Types: +// * InternalServerException +// An unknown internal error occurred. +// +// * ValidationException +// A parameter could not be validated. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/synthetics-2017-10-11/GetCanary +func (c *Synthetics) GetCanary(input *GetCanaryInput) (*GetCanaryOutput, error) { + req, out := c.GetCanaryRequest(input) + return out, req.Send() +} + +// GetCanaryWithContext is the same as GetCanary with the addition of +// the ability to pass a context and additional request options. +// +// See GetCanary for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *Synthetics) GetCanaryWithContext(ctx aws.Context, input *GetCanaryInput, opts ...request.Option) (*GetCanaryOutput, error) { + req, out := c.GetCanaryRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opGetCanaryRuns = "GetCanaryRuns" + +// GetCanaryRunsRequest generates a "aws/request.Request" representing the +// client's request for the GetCanaryRuns operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See GetCanaryRuns for more information on using the GetCanaryRuns +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the GetCanaryRunsRequest method. +// req, resp := client.GetCanaryRunsRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/synthetics-2017-10-11/GetCanaryRuns +func (c *Synthetics) GetCanaryRunsRequest(input *GetCanaryRunsInput) (req *request.Request, output *GetCanaryRunsOutput) { + op := &request.Operation{ + Name: opGetCanaryRuns, + HTTPMethod: "POST", + HTTPPath: "/canary/{name}/runs", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, + } + + if input == nil { + input = &GetCanaryRunsInput{} + } + + output = &GetCanaryRunsOutput{} + req = c.newRequest(op, input, output) + return +} + +// GetCanaryRuns API operation for Synthetics. +// +// Retrieves a list of runs for a specified canary. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Synthetics's +// API operation GetCanaryRuns for usage and error information. +// +// Returned Error Types: +// * InternalServerException +// An unknown internal error occurred. +// +// * ValidationException +// A parameter could not be validated. +// +// * ResourceNotFoundException +// One of the specified resources was not found. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/synthetics-2017-10-11/GetCanaryRuns +func (c *Synthetics) GetCanaryRuns(input *GetCanaryRunsInput) (*GetCanaryRunsOutput, error) { + req, out := c.GetCanaryRunsRequest(input) + return out, req.Send() +} + +// GetCanaryRunsWithContext is the same as GetCanaryRuns with the addition of +// the ability to pass a context and additional request options. +// +// See GetCanaryRuns for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *Synthetics) GetCanaryRunsWithContext(ctx aws.Context, input *GetCanaryRunsInput, opts ...request.Option) (*GetCanaryRunsOutput, error) { + req, out := c.GetCanaryRunsRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +// GetCanaryRunsPages iterates over the pages of a GetCanaryRuns operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See GetCanaryRuns method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a GetCanaryRuns operation. +// pageNum := 0 +// err := client.GetCanaryRunsPages(params, +// func(page *synthetics.GetCanaryRunsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *Synthetics) GetCanaryRunsPages(input *GetCanaryRunsInput, fn func(*GetCanaryRunsOutput, bool) bool) error { + return c.GetCanaryRunsPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// GetCanaryRunsPagesWithContext same as GetCanaryRunsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *Synthetics) GetCanaryRunsPagesWithContext(ctx aws.Context, input *GetCanaryRunsInput, fn func(*GetCanaryRunsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *GetCanaryRunsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.GetCanaryRunsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*GetCanaryRunsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + +const opListTagsForResource = "ListTagsForResource" + +// ListTagsForResourceRequest generates a "aws/request.Request" representing the +// client's request for the ListTagsForResource operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See ListTagsForResource for more information on using the ListTagsForResource +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the ListTagsForResourceRequest method. +// req, resp := client.ListTagsForResourceRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/synthetics-2017-10-11/ListTagsForResource +func (c *Synthetics) ListTagsForResourceRequest(input *ListTagsForResourceInput) (req *request.Request, output *ListTagsForResourceOutput) { + op := &request.Operation{ + Name: opListTagsForResource, + HTTPMethod: "GET", + HTTPPath: "/tags/{resourceArn}", + } + + if input == nil { + input = &ListTagsForResourceInput{} + } + + output = &ListTagsForResourceOutput{} + req = c.newRequest(op, input, output) + return +} + +// ListTagsForResource API operation for Synthetics. +// +// Displays the tags associated with a canary. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Synthetics's +// API operation ListTagsForResource for usage and error information. +// +// Returned Error Types: +// * InternalServerException +// An unknown internal error occurred. +// +// * ResourceNotFoundException +// One of the specified resources was not found. +// +// * ValidationException +// A parameter could not be validated. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/synthetics-2017-10-11/ListTagsForResource +func (c *Synthetics) ListTagsForResource(input *ListTagsForResourceInput) (*ListTagsForResourceOutput, error) { + req, out := c.ListTagsForResourceRequest(input) + return out, req.Send() +} + +// ListTagsForResourceWithContext is the same as ListTagsForResource with the addition of +// the ability to pass a context and additional request options. +// +// See ListTagsForResource for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *Synthetics) ListTagsForResourceWithContext(ctx aws.Context, input *ListTagsForResourceInput, opts ...request.Option) (*ListTagsForResourceOutput, error) { + req, out := c.ListTagsForResourceRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opStartCanary = "StartCanary" + +// StartCanaryRequest generates a "aws/request.Request" representing the +// client's request for the StartCanary operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See StartCanary for more information on using the StartCanary +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the StartCanaryRequest method. +// req, resp := client.StartCanaryRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/synthetics-2017-10-11/StartCanary +func (c *Synthetics) StartCanaryRequest(input *StartCanaryInput) (req *request.Request, output *StartCanaryOutput) { + op := &request.Operation{ + Name: opStartCanary, + HTTPMethod: "POST", + HTTPPath: "/canary/{name}/start", + } + + if input == nil { + input = &StartCanaryInput{} + } + + output = &StartCanaryOutput{} + req = c.newRequest(op, input, output) + req.Handlers.Unmarshal.Swap(restjson.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) + return +} + +// StartCanary API operation for Synthetics. +// +// Use this operation to run a canary that has already been created. The frequency +// of the canary runs is determined by the value of the canary's Schedule. To +// see a canary's schedule, use GetCanary (https://docs.aws.amazon.com/AmazonSynthetics/latest/APIReference/API_GetCanary.html). +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Synthetics's +// API operation StartCanary for usage and error information. +// +// Returned Error Types: +// * InternalServerException +// An unknown internal error occurred. +// +// * ValidationException +// A parameter could not be validated. +// +// * ResourceNotFoundException +// One of the specified resources was not found. +// +// * ConflictException +// A conflicting operation is already in progress. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/synthetics-2017-10-11/StartCanary +func (c *Synthetics) StartCanary(input *StartCanaryInput) (*StartCanaryOutput, error) { + req, out := c.StartCanaryRequest(input) + return out, req.Send() +} + +// StartCanaryWithContext is the same as StartCanary with the addition of +// the ability to pass a context and additional request options. +// +// See StartCanary for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *Synthetics) StartCanaryWithContext(ctx aws.Context, input *StartCanaryInput, opts ...request.Option) (*StartCanaryOutput, error) { + req, out := c.StartCanaryRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opStopCanary = "StopCanary" + +// StopCanaryRequest generates a "aws/request.Request" representing the +// client's request for the StopCanary operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See StopCanary for more information on using the StopCanary +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the StopCanaryRequest method. +// req, resp := client.StopCanaryRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/synthetics-2017-10-11/StopCanary +func (c *Synthetics) StopCanaryRequest(input *StopCanaryInput) (req *request.Request, output *StopCanaryOutput) { + op := &request.Operation{ + Name: opStopCanary, + HTTPMethod: "POST", + HTTPPath: "/canary/{name}/stop", + } + + if input == nil { + input = &StopCanaryInput{} + } + + output = &StopCanaryOutput{} + req = c.newRequest(op, input, output) + req.Handlers.Unmarshal.Swap(restjson.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) + return +} + +// StopCanary API operation for Synthetics. +// +// Stops the canary to prevent all future runs. If the canary is currently running, +// Synthetics stops waiting for the current run of the specified canary to complete. +// The run that is in progress completes on its own, publishes metrics, and +// uploads artifacts, but it is not recorded in Synthetics as a completed run. +// +// You can use StartCanary to start it running again with the canary’s current +// schedule at any point in the future. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Synthetics's +// API operation StopCanary for usage and error information. +// +// Returned Error Types: +// * InternalServerException +// An unknown internal error occurred. +// +// * ValidationException +// A parameter could not be validated. +// +// * ResourceNotFoundException +// One of the specified resources was not found. +// +// * ConflictException +// A conflicting operation is already in progress. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/synthetics-2017-10-11/StopCanary +func (c *Synthetics) StopCanary(input *StopCanaryInput) (*StopCanaryOutput, error) { + req, out := c.StopCanaryRequest(input) + return out, req.Send() +} + +// StopCanaryWithContext is the same as StopCanary with the addition of +// the ability to pass a context and additional request options. +// +// See StopCanary for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *Synthetics) StopCanaryWithContext(ctx aws.Context, input *StopCanaryInput, opts ...request.Option) (*StopCanaryOutput, error) { + req, out := c.StopCanaryRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opTagResource = "TagResource" + +// TagResourceRequest generates a "aws/request.Request" representing the +// client's request for the TagResource operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See TagResource for more information on using the TagResource +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the TagResourceRequest method. +// req, resp := client.TagResourceRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/synthetics-2017-10-11/TagResource +func (c *Synthetics) TagResourceRequest(input *TagResourceInput) (req *request.Request, output *TagResourceOutput) { + op := &request.Operation{ + Name: opTagResource, + HTTPMethod: "POST", + HTTPPath: "/tags/{resourceArn}", + } + + if input == nil { + input = &TagResourceInput{} + } + + output = &TagResourceOutput{} + req = c.newRequest(op, input, output) + req.Handlers.Unmarshal.Swap(restjson.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) + return +} + +// TagResource API operation for Synthetics. +// +// Assigns one or more tags (key-value pairs) to the specified canary. +// +// Tags can help you organize and categorize your resources. You can also use +// them to scope user permissions, by granting a user permission to access or +// change only resources with certain tag values. +// +// Tags don't have any semantic meaning to AWS and are interpreted strictly +// as strings of characters. +// +// You can use the TagResource action with a canary that already has tags. If +// you specify a new tag key for the alarm, this tag is appended to the list +// of tags associated with the alarm. If you specify a tag key that is already +// associated with the alarm, the new tag value that you specify replaces the +// previous value for that tag. +// +// You can associate as many as 50 tags with a canary. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Synthetics's +// API operation TagResource for usage and error information. +// +// Returned Error Types: +// * InternalServerException +// An unknown internal error occurred. +// +// * ResourceNotFoundException +// One of the specified resources was not found. +// +// * ValidationException +// A parameter could not be validated. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/synthetics-2017-10-11/TagResource +func (c *Synthetics) TagResource(input *TagResourceInput) (*TagResourceOutput, error) { + req, out := c.TagResourceRequest(input) + return out, req.Send() +} + +// TagResourceWithContext is the same as TagResource with the addition of +// the ability to pass a context and additional request options. +// +// See TagResource for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *Synthetics) TagResourceWithContext(ctx aws.Context, input *TagResourceInput, opts ...request.Option) (*TagResourceOutput, error) { + req, out := c.TagResourceRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opUntagResource = "UntagResource" + +// UntagResourceRequest generates a "aws/request.Request" representing the +// client's request for the UntagResource operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See UntagResource for more information on using the UntagResource +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the UntagResourceRequest method. +// req, resp := client.UntagResourceRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/synthetics-2017-10-11/UntagResource +func (c *Synthetics) UntagResourceRequest(input *UntagResourceInput) (req *request.Request, output *UntagResourceOutput) { + op := &request.Operation{ + Name: opUntagResource, + HTTPMethod: "DELETE", + HTTPPath: "/tags/{resourceArn}", + } + + if input == nil { + input = &UntagResourceInput{} + } + + output = &UntagResourceOutput{} + req = c.newRequest(op, input, output) + req.Handlers.Unmarshal.Swap(restjson.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) + return +} + +// UntagResource API operation for Synthetics. +// +// Removes one or more tags from the specified canary. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Synthetics's +// API operation UntagResource for usage and error information. +// +// Returned Error Types: +// * InternalServerException +// An unknown internal error occurred. +// +// * ResourceNotFoundException +// One of the specified resources was not found. +// +// * ValidationException +// A parameter could not be validated. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/synthetics-2017-10-11/UntagResource +func (c *Synthetics) UntagResource(input *UntagResourceInput) (*UntagResourceOutput, error) { + req, out := c.UntagResourceRequest(input) + return out, req.Send() +} + +// UntagResourceWithContext is the same as UntagResource with the addition of +// the ability to pass a context and additional request options. +// +// See UntagResource for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *Synthetics) UntagResourceWithContext(ctx aws.Context, input *UntagResourceInput, opts ...request.Option) (*UntagResourceOutput, error) { + req, out := c.UntagResourceRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opUpdateCanary = "UpdateCanary" + +// UpdateCanaryRequest generates a "aws/request.Request" representing the +// client's request for the UpdateCanary operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See UpdateCanary for more information on using the UpdateCanary +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the UpdateCanaryRequest method. +// req, resp := client.UpdateCanaryRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/synthetics-2017-10-11/UpdateCanary +func (c *Synthetics) UpdateCanaryRequest(input *UpdateCanaryInput) (req *request.Request, output *UpdateCanaryOutput) { + op := &request.Operation{ + Name: opUpdateCanary, + HTTPMethod: "PATCH", + HTTPPath: "/canary/{name}", + } + + if input == nil { + input = &UpdateCanaryInput{} + } + + output = &UpdateCanaryOutput{} + req = c.newRequest(op, input, output) + req.Handlers.Unmarshal.Swap(restjson.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) + return +} + +// UpdateCanary API operation for Synthetics. +// +// Use this operation to change the settings of a canary that has already been +// created. +// +// You can't use this operation to update the tags of an existing canary. To +// change the tags of an existing canary, use TagResource (https://docs.aws.amazon.com/AmazonSynthetics/latest/APIReference/API_TagResource.html). +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Synthetics's +// API operation UpdateCanary for usage and error information. +// +// Returned Error Types: +// * InternalServerException +// An unknown internal error occurred. +// +// * ValidationException +// A parameter could not be validated. +// +// * ResourceNotFoundException +// One of the specified resources was not found. +// +// * ConflictException +// A conflicting operation is already in progress. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/synthetics-2017-10-11/UpdateCanary +func (c *Synthetics) UpdateCanary(input *UpdateCanaryInput) (*UpdateCanaryOutput, error) { + req, out := c.UpdateCanaryRequest(input) + return out, req.Send() +} + +// UpdateCanaryWithContext is the same as UpdateCanary with the addition of +// the ability to pass a context and additional request options. +// +// See UpdateCanary for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *Synthetics) UpdateCanaryWithContext(ctx aws.Context, input *UpdateCanaryInput, opts ...request.Option) (*UpdateCanaryOutput, error) { + req, out := c.UpdateCanaryRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +// This structure contains all information about one canary in your account. +type Canary struct { + _ struct{} `type:"structure"` + + // The location in Amazon S3 where Synthetics stores artifacts from the runs + // of this canary. Artifacts include the log file, screenshots, and HAR files. + ArtifactS3Location *string `min:"1" type:"string"` + + // This structure contains information about the canary's Lambda handler and + // where its code is stored by CloudWatch Synthetics. + Code *CanaryCodeOutput `type:"structure"` + + // The ARN of the Lambda function that is used as your canary's engine. For + // more information about Lambda ARN format, see Resources and Conditions for + // Lambda Actions (https://docs.aws.amazon.com/lambda/latest/dg/lambda-api-permissions-ref.html). + EngineArn *string `type:"string"` + + // The ARN of the IAM role used to run the canary. This role must include lambda.amazonaws.com + // as a principal in the trust policy. + ExecutionRoleArn *string `type:"string"` + + // The number of days to retain data about failed runs of this canary. + FailureRetentionPeriodInDays *int64 `min:"1" type:"integer"` + + // The unique ID of this canary. + Id *string `type:"string"` + + // The name of the canary. + Name *string `min:"1" type:"string"` + + // A structure that contains information for a canary run. + RunConfig *CanaryRunConfigOutput `type:"structure"` + + // Specifies the runtime version to use for the canary. Currently, the only + // valid value is syn-1.0. For more information about runtime versions, see + // Canary Runtime Versions (https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_Canaries_Library.html). + RuntimeVersion *string `min:"1" type:"string"` + + // A structure that contains information about how often the canary is to run, + // and when these runs are to stop. + Schedule *CanaryScheduleOutput `type:"structure"` + + // A structure that contains information about the canary's status. + Status *CanaryStatus `type:"structure"` + + // The number of days to retain data about successful runs of this canary. + SuccessRetentionPeriodInDays *int64 `min:"1" type:"integer"` + + // The list of key-value pairs that are associated with the canary. + Tags map[string]*string `min:"1" type:"map"` + + // A structure that contains information about when the canary was created, + // modified, and most recently run. + Timeline *CanaryTimeline `type:"structure"` + + // If this canary is to test an endpoint in a VPC, this structure contains information + // about the subnets and security groups of the VPC endpoint. For more information, + // see Running a Canary in a VPC (https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_Canaries_VPC.html). + VpcConfig *VpcConfigOutput `type:"structure"` +} + +// String returns the string representation +func (s Canary) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s Canary) GoString() string { + return s.String() +} + +// SetArtifactS3Location sets the ArtifactS3Location field's value. +func (s *Canary) SetArtifactS3Location(v string) *Canary { + s.ArtifactS3Location = &v + return s +} + +// SetCode sets the Code field's value. +func (s *Canary) SetCode(v *CanaryCodeOutput) *Canary { + s.Code = v + return s +} + +// SetEngineArn sets the EngineArn field's value. +func (s *Canary) SetEngineArn(v string) *Canary { + s.EngineArn = &v + return s +} + +// SetExecutionRoleArn sets the ExecutionRoleArn field's value. +func (s *Canary) SetExecutionRoleArn(v string) *Canary { + s.ExecutionRoleArn = &v + return s +} + +// SetFailureRetentionPeriodInDays sets the FailureRetentionPeriodInDays field's value. +func (s *Canary) SetFailureRetentionPeriodInDays(v int64) *Canary { + s.FailureRetentionPeriodInDays = &v + return s +} + +// SetId sets the Id field's value. +func (s *Canary) SetId(v string) *Canary { + s.Id = &v + return s +} + +// SetName sets the Name field's value. +func (s *Canary) SetName(v string) *Canary { + s.Name = &v + return s +} + +// SetRunConfig sets the RunConfig field's value. +func (s *Canary) SetRunConfig(v *CanaryRunConfigOutput) *Canary { + s.RunConfig = v + return s +} + +// SetRuntimeVersion sets the RuntimeVersion field's value. +func (s *Canary) SetRuntimeVersion(v string) *Canary { + s.RuntimeVersion = &v + return s +} + +// SetSchedule sets the Schedule field's value. +func (s *Canary) SetSchedule(v *CanaryScheduleOutput) *Canary { + s.Schedule = v + return s +} + +// SetStatus sets the Status field's value. +func (s *Canary) SetStatus(v *CanaryStatus) *Canary { + s.Status = v + return s +} + +// SetSuccessRetentionPeriodInDays sets the SuccessRetentionPeriodInDays field's value. +func (s *Canary) SetSuccessRetentionPeriodInDays(v int64) *Canary { + s.SuccessRetentionPeriodInDays = &v + return s +} + +// SetTags sets the Tags field's value. +func (s *Canary) SetTags(v map[string]*string) *Canary { + s.Tags = v + return s +} + +// SetTimeline sets the Timeline field's value. +func (s *Canary) SetTimeline(v *CanaryTimeline) *Canary { + s.Timeline = v + return s +} + +// SetVpcConfig sets the VpcConfig field's value. +func (s *Canary) SetVpcConfig(v *VpcConfigOutput) *Canary { + s.VpcConfig = v + return s +} + +// Use this structure to input your script code for the canary. This structure +// contains the Lambda handler with the location where the canary should start +// running the script. If the script is stored in an S3 bucket, the bucket name, +// key, and version are also included. If the script was passed into the canary +// directly, the script code is contained in the value of Zipfile. +type CanaryCodeInput struct { + _ struct{} `type:"structure"` + + // The entry point to use for the source code when running the canary. This + // value must end with the string .handler. + // + // Handler is a required field + Handler *string `min:"1" type:"string" required:"true"` + + // If your canary script is located in S3, specify the full bucket name here. + // The bucket must already exist. Specify the full bucket name, including s3:// + // as the start of the bucket name. + S3Bucket *string `min:"1" type:"string"` + + // The S3 key of your script. For more information, see Working with Amazon + // S3 Objects (https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingObjects.html). + S3Key *string `min:"1" type:"string"` + + // The S3 version ID of your script. + S3Version *string `min:"1" type:"string"` + + // If you input your canary script directly into the canary instead of referring + // to an S3 location, the value of this parameter is the .zip file that contains + // the script. It can be up to 5 MB. + // + // ZipFile is automatically base64 encoded/decoded by the SDK. + ZipFile []byte `min:"1" type:"blob"` +} + +// String returns the string representation +func (s CanaryCodeInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s CanaryCodeInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *CanaryCodeInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "CanaryCodeInput"} + if s.Handler == nil { + invalidParams.Add(request.NewErrParamRequired("Handler")) + } + if s.Handler != nil && len(*s.Handler) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Handler", 1)) + } + if s.S3Bucket != nil && len(*s.S3Bucket) < 1 { + invalidParams.Add(request.NewErrParamMinLen("S3Bucket", 1)) + } + if s.S3Key != nil && len(*s.S3Key) < 1 { + invalidParams.Add(request.NewErrParamMinLen("S3Key", 1)) + } + if s.S3Version != nil && len(*s.S3Version) < 1 { + invalidParams.Add(request.NewErrParamMinLen("S3Version", 1)) + } + if s.ZipFile != nil && len(s.ZipFile) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ZipFile", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetHandler sets the Handler field's value. +func (s *CanaryCodeInput) SetHandler(v string) *CanaryCodeInput { + s.Handler = &v + return s +} + +// SetS3Bucket sets the S3Bucket field's value. +func (s *CanaryCodeInput) SetS3Bucket(v string) *CanaryCodeInput { + s.S3Bucket = &v + return s +} + +// SetS3Key sets the S3Key field's value. +func (s *CanaryCodeInput) SetS3Key(v string) *CanaryCodeInput { + s.S3Key = &v + return s +} + +// SetS3Version sets the S3Version field's value. +func (s *CanaryCodeInput) SetS3Version(v string) *CanaryCodeInput { + s.S3Version = &v + return s +} + +// SetZipFile sets the ZipFile field's value. +func (s *CanaryCodeInput) SetZipFile(v []byte) *CanaryCodeInput { + s.ZipFile = v + return s +} + +// This structure contains information about the canary's Lambda handler and +// where its code is stored by CloudWatch Synthetics. +type CanaryCodeOutput struct { + _ struct{} `type:"structure"` + + // The entry point to use for the source code when running the canary. + Handler *string `min:"1" type:"string"` + + // The ARN of the Lambda layer where Synthetics stores the canary script code. + SourceLocationArn *string `min:"1" type:"string"` +} + +// String returns the string representation +func (s CanaryCodeOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s CanaryCodeOutput) GoString() string { + return s.String() +} + +// SetHandler sets the Handler field's value. +func (s *CanaryCodeOutput) SetHandler(v string) *CanaryCodeOutput { + s.Handler = &v + return s +} + +// SetSourceLocationArn sets the SourceLocationArn field's value. +func (s *CanaryCodeOutput) SetSourceLocationArn(v string) *CanaryCodeOutput { + s.SourceLocationArn = &v + return s +} + +// This structure contains information about the most recent run of a single +// canary. +type CanaryLastRun struct { + _ struct{} `type:"structure"` + + // The name of the canary. + CanaryName *string `min:"1" type:"string"` + + // The results from this canary's most recent run. + LastRun *CanaryRun `type:"structure"` +} + +// String returns the string representation +func (s CanaryLastRun) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s CanaryLastRun) GoString() string { + return s.String() +} + +// SetCanaryName sets the CanaryName field's value. +func (s *CanaryLastRun) SetCanaryName(v string) *CanaryLastRun { + s.CanaryName = &v + return s +} + +// SetLastRun sets the LastRun field's value. +func (s *CanaryLastRun) SetLastRun(v *CanaryRun) *CanaryLastRun { + s.LastRun = v + return s +} + +// This structure contains the details about one run of one canary. +type CanaryRun struct { + _ struct{} `type:"structure"` + + // The location where the canary stored artifacts from the run. Artifacts include + // the log file, screenshots, and HAR files. + ArtifactS3Location *string `min:"1" type:"string"` + + // The name of the canary. + Name *string `min:"1" type:"string"` + + // The status of this run. + Status *CanaryRunStatus `type:"structure"` + + // A structure that contains the start and end times of this run. + Timeline *CanaryRunTimeline `type:"structure"` +} + +// String returns the string representation +func (s CanaryRun) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s CanaryRun) GoString() string { + return s.String() +} + +// SetArtifactS3Location sets the ArtifactS3Location field's value. +func (s *CanaryRun) SetArtifactS3Location(v string) *CanaryRun { + s.ArtifactS3Location = &v + return s +} + +// SetName sets the Name field's value. +func (s *CanaryRun) SetName(v string) *CanaryRun { + s.Name = &v + return s +} + +// SetStatus sets the Status field's value. +func (s *CanaryRun) SetStatus(v *CanaryRunStatus) *CanaryRun { + s.Status = v + return s +} + +// SetTimeline sets the Timeline field's value. +func (s *CanaryRun) SetTimeline(v *CanaryRunTimeline) *CanaryRun { + s.Timeline = v + return s +} + +// A structure that contains input information for a canary run. +type CanaryRunConfigInput struct { + _ struct{} `type:"structure"` + + // How long the canary is allowed to run before it must stop. If you omit this + // field, the frequency of the canary is used as this value, up to a maximum + // of 14 minutes. + // + // TimeoutInSeconds is a required field + TimeoutInSeconds *int64 `min:"60" type:"integer" required:"true"` +} + +// String returns the string representation +func (s CanaryRunConfigInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s CanaryRunConfigInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *CanaryRunConfigInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "CanaryRunConfigInput"} + if s.TimeoutInSeconds == nil { + invalidParams.Add(request.NewErrParamRequired("TimeoutInSeconds")) + } + if s.TimeoutInSeconds != nil && *s.TimeoutInSeconds < 60 { + invalidParams.Add(request.NewErrParamMinValue("TimeoutInSeconds", 60)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetTimeoutInSeconds sets the TimeoutInSeconds field's value. +func (s *CanaryRunConfigInput) SetTimeoutInSeconds(v int64) *CanaryRunConfigInput { + s.TimeoutInSeconds = &v + return s +} + +// A structure that contains information for a canary run. +type CanaryRunConfigOutput struct { + _ struct{} `type:"structure"` + + // How long the canary is allowed to run before it must stop. + TimeoutInSeconds *int64 `min:"60" type:"integer"` +} + +// String returns the string representation +func (s CanaryRunConfigOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s CanaryRunConfigOutput) GoString() string { + return s.String() +} + +// SetTimeoutInSeconds sets the TimeoutInSeconds field's value. +func (s *CanaryRunConfigOutput) SetTimeoutInSeconds(v int64) *CanaryRunConfigOutput { + s.TimeoutInSeconds = &v + return s +} + +// This structure contains the status information about a canary run. +type CanaryRunStatus struct { + _ struct{} `type:"structure"` + + // The current state of the run. + State *string `type:"string" enum:"CanaryRunState"` + + // If run of the canary failed, this field contains the reason for the error. + StateReason *string `min:"1" type:"string"` + + // If this value is CANARY_FAILURE, an exception occurred in the canary code. + // If this value is EXECUTION_FAILURE, an exception occurred in CloudWatch Synthetics. + StateReasonCode *string `type:"string" enum:"CanaryRunStateReasonCode"` +} + +// String returns the string representation +func (s CanaryRunStatus) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s CanaryRunStatus) GoString() string { + return s.String() +} + +// SetState sets the State field's value. +func (s *CanaryRunStatus) SetState(v string) *CanaryRunStatus { + s.State = &v + return s +} + +// SetStateReason sets the StateReason field's value. +func (s *CanaryRunStatus) SetStateReason(v string) *CanaryRunStatus { + s.StateReason = &v + return s +} + +// SetStateReasonCode sets the StateReasonCode field's value. +func (s *CanaryRunStatus) SetStateReasonCode(v string) *CanaryRunStatus { + s.StateReasonCode = &v + return s +} + +// This structure contains the start and end times of a single canary run. +type CanaryRunTimeline struct { + _ struct{} `type:"structure"` + + // The end time of the run. + Completed *time.Time `type:"timestamp"` + + // The start time of the run. + Started *time.Time `type:"timestamp"` +} + +// String returns the string representation +func (s CanaryRunTimeline) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s CanaryRunTimeline) GoString() string { + return s.String() +} + +// SetCompleted sets the Completed field's value. +func (s *CanaryRunTimeline) SetCompleted(v time.Time) *CanaryRunTimeline { + s.Completed = &v + return s +} + +// SetStarted sets the Started field's value. +func (s *CanaryRunTimeline) SetStarted(v time.Time) *CanaryRunTimeline { + s.Started = &v + return s +} + +// This structure specifies how often a canary is to make runs and the date +// and time when it should stop making runs. +type CanaryScheduleInput struct { + _ struct{} `type:"structure"` + + // How long, in seconds, for the canary to continue making regular runs according + // to the schedule in the Expression value. If you specify 0, the canary continues + // making runs until you stop it. If you omit this field, the default of 0 is + // used. + DurationInSeconds *int64 `type:"long"` + + // A rate expression that defines how often the canary is to run. The syntax + // is rate(number unit). unit can be minute, minutes, or hour. + // + // For example, rate(1 minute) runs the canary once a minute, rate(10 minutes) + // runs it once every 10 minutes, and rate(1 hour) runs it once every hour. + // You can specify a frequency between rate(1 minute) and rate(1 hour). + // + // Specifying rate(0 minute) or rate(0 hour) is a special value that causes + // the canary to run only once when it is started. + // + // Expression is a required field + Expression *string `min:"1" type:"string" required:"true"` +} + +// String returns the string representation +func (s CanaryScheduleInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s CanaryScheduleInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *CanaryScheduleInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "CanaryScheduleInput"} + if s.Expression == nil { + invalidParams.Add(request.NewErrParamRequired("Expression")) + } + if s.Expression != nil && len(*s.Expression) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Expression", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDurationInSeconds sets the DurationInSeconds field's value. +func (s *CanaryScheduleInput) SetDurationInSeconds(v int64) *CanaryScheduleInput { + s.DurationInSeconds = &v + return s +} + +// SetExpression sets the Expression field's value. +func (s *CanaryScheduleInput) SetExpression(v string) *CanaryScheduleInput { + s.Expression = &v + return s +} + +// How long, in seconds, for the canary to continue making regular runs according +// to the schedule in the Expression value. +type CanaryScheduleOutput struct { + _ struct{} `type:"structure"` + + // How long, in seconds, for the canary to continue making regular runs after + // it was created. The runs are performed according to the schedule in the Expression + // value. + DurationInSeconds *int64 `type:"long"` + + // A rate expression that defines how often the canary is to run. The syntax + // is rate(number unit). unit can be minute, minutes, or hour. + // + // For example, rate(1 minute) runs the canary once a minute, rate(10 minutes) + // runs it once every 10 minutes, and rate(1 hour) runs it once every hour. + // + // Specifying rate(0 minute) or rate(0 hour) is a special value that causes + // the canary to run only once when it is started. + Expression *string `min:"1" type:"string"` +} + +// String returns the string representation +func (s CanaryScheduleOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s CanaryScheduleOutput) GoString() string { + return s.String() +} + +// SetDurationInSeconds sets the DurationInSeconds field's value. +func (s *CanaryScheduleOutput) SetDurationInSeconds(v int64) *CanaryScheduleOutput { + s.DurationInSeconds = &v + return s +} + +// SetExpression sets the Expression field's value. +func (s *CanaryScheduleOutput) SetExpression(v string) *CanaryScheduleOutput { + s.Expression = &v + return s +} + +// A structure that contains the current state of the canary. +type CanaryStatus struct { + _ struct{} `type:"structure"` + + // The current state of the canary. + State *string `type:"string" enum:"CanaryState"` + + // If the canary has insufficient permissions to run, this field provides more + // details. + StateReason *string `min:"1" type:"string"` + + // If the canary cannot run or has failed, this field displays the reason. + StateReasonCode *string `type:"string" enum:"CanaryStateReasonCode"` +} + +// String returns the string representation +func (s CanaryStatus) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s CanaryStatus) GoString() string { + return s.String() +} + +// SetState sets the State field's value. +func (s *CanaryStatus) SetState(v string) *CanaryStatus { + s.State = &v + return s +} + +// SetStateReason sets the StateReason field's value. +func (s *CanaryStatus) SetStateReason(v string) *CanaryStatus { + s.StateReason = &v + return s +} + +// SetStateReasonCode sets the StateReasonCode field's value. +func (s *CanaryStatus) SetStateReasonCode(v string) *CanaryStatus { + s.StateReasonCode = &v + return s +} + +// This structure contains information about when the canary was created and +// modified. +type CanaryTimeline struct { + _ struct{} `type:"structure"` + + // The date and time the canary was created. + Created *time.Time `type:"timestamp"` + + // The date and time the canary was most recently modified. + LastModified *time.Time `type:"timestamp"` + + // The date and time that the canary's most recent run started. + LastStarted *time.Time `type:"timestamp"` + + // The date and time that the canary's most recent run ended. + LastStopped *time.Time `type:"timestamp"` +} + +// String returns the string representation +func (s CanaryTimeline) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s CanaryTimeline) GoString() string { + return s.String() +} + +// SetCreated sets the Created field's value. +func (s *CanaryTimeline) SetCreated(v time.Time) *CanaryTimeline { + s.Created = &v + return s +} + +// SetLastModified sets the LastModified field's value. +func (s *CanaryTimeline) SetLastModified(v time.Time) *CanaryTimeline { + s.LastModified = &v + return s +} + +// SetLastStarted sets the LastStarted field's value. +func (s *CanaryTimeline) SetLastStarted(v time.Time) *CanaryTimeline { + s.LastStarted = &v + return s +} + +// SetLastStopped sets the LastStopped field's value. +func (s *CanaryTimeline) SetLastStopped(v time.Time) *CanaryTimeline { + s.LastStopped = &v + return s +} + +// A conflicting operation is already in progress. +type ConflictException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + Message_ *string `locationName:"Message" type:"string"` +} + +// String returns the string representation +func (s ConflictException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ConflictException) GoString() string { + return s.String() +} + +func newErrorConflictException(v protocol.ResponseMetadata) error { + return &ConflictException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. +func (s *ConflictException) Code() string { + return "ConflictException" +} + +// Message returns the exception's message. +func (s *ConflictException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *ConflictException) OrigErr() error { + return nil +} + +func (s *ConflictException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *ConflictException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *ConflictException) RequestID() string { + return s.RespMetadata.RequestID +} + +type CreateCanaryInput struct { + _ struct{} `type:"structure"` + + // The location in Amazon S3 where Synthetics stores artifacts from the test + // runs of this canary. Artifacts include the log file, screenshots, and HAR + // files. + // + // ArtifactS3Location is a required field + ArtifactS3Location *string `min:"1" type:"string" required:"true"` + + // A structure that includes the entry point from which the canary should start + // running your script. If the script is stored in an S3 bucket, the bucket + // name, key, and version are also included. + // + // Code is a required field + Code *CanaryCodeInput `type:"structure" required:"true"` + + // The ARN of the IAM role to be used to run the canary. This role must already + // exist, and must include lambda.amazonaws.com as a principal in the trust + // policy. The role must also have the following permissions: + // + // * s3:PutObject + // + // * s3:GetBucketLocation + // + // * s3:ListAllMyBuckets + // + // * cloudwatch:PutMetricData + // + // * logs:CreateLogGroup + // + // * logs:CreateLogStream + // + // * logs:CreateLogStream + // + // ExecutionRoleArn is a required field + ExecutionRoleArn *string `type:"string" required:"true"` + + // The number of days to retain data about failed runs of this canary. If you + // omit this field, the default of 31 days is used. The valid range is 1 to + // 455 days. + FailureRetentionPeriodInDays *int64 `min:"1" type:"integer"` + + // The name for this canary. Be sure to give it a descriptive name that distinguishes + // it from other canaries in your account. + // + // Do not include secrets or proprietary information in your canary names. The + // canary name makes up part of the canary ARN, and the ARN is included in outbound + // calls over the internet. For more information, see Security Considerations + // for Synthetics Canaries (https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/servicelens_canaries_security.html). + // + // Name is a required field + Name *string `min:"1" type:"string" required:"true"` + + // A structure that contains the configuration for individual canary runs, such + // as timeout value. + RunConfig *CanaryRunConfigInput `type:"structure"` + + // Specifies the runtime version to use for the canary. Currently, the only + // valid value is syn-1.0. For more information about runtime versions, see + // Canary Runtime Versions (https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_Canaries_Library.html). + // + // RuntimeVersion is a required field + RuntimeVersion *string `min:"1" type:"string" required:"true"` + + // A structure that contains information about how often the canary is to run + // and when these test runs are to stop. + // + // Schedule is a required field + Schedule *CanaryScheduleInput `type:"structure" required:"true"` + + // The number of days to retain data about successful runs of this canary. If + // you omit this field, the default of 31 days is used. The valid range is 1 + // to 455 days. + SuccessRetentionPeriodInDays *int64 `min:"1" type:"integer"` + + // A list of key-value pairs to associate with the canary. You can associate + // as many as 50 tags with a canary. + // + // Tags can help you organize and categorize your resources. You can also use + // them to scope user permissions, by granting a user permission to access or + // change only the resources that have certain tag values. + Tags map[string]*string `min:"1" type:"map"` + + // If this canary is to test an endpoint in a VPC, this structure contains information + // about the subnet and security groups of the VPC endpoint. For more information, + // see Running a Canary in a VPC (https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_Canaries_VPC.html). + VpcConfig *VpcConfigInput `type:"structure"` +} + +// String returns the string representation +func (s CreateCanaryInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s CreateCanaryInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *CreateCanaryInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "CreateCanaryInput"} + if s.ArtifactS3Location == nil { + invalidParams.Add(request.NewErrParamRequired("ArtifactS3Location")) + } + if s.ArtifactS3Location != nil && len(*s.ArtifactS3Location) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ArtifactS3Location", 1)) + } + if s.Code == nil { + invalidParams.Add(request.NewErrParamRequired("Code")) + } + if s.ExecutionRoleArn == nil { + invalidParams.Add(request.NewErrParamRequired("ExecutionRoleArn")) + } + if s.FailureRetentionPeriodInDays != nil && *s.FailureRetentionPeriodInDays < 1 { + invalidParams.Add(request.NewErrParamMinValue("FailureRetentionPeriodInDays", 1)) + } + if s.Name == nil { + invalidParams.Add(request.NewErrParamRequired("Name")) + } + if s.Name != nil && len(*s.Name) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Name", 1)) + } + if s.RuntimeVersion == nil { + invalidParams.Add(request.NewErrParamRequired("RuntimeVersion")) + } + if s.RuntimeVersion != nil && len(*s.RuntimeVersion) < 1 { + invalidParams.Add(request.NewErrParamMinLen("RuntimeVersion", 1)) + } + if s.Schedule == nil { + invalidParams.Add(request.NewErrParamRequired("Schedule")) + } + if s.SuccessRetentionPeriodInDays != nil && *s.SuccessRetentionPeriodInDays < 1 { + invalidParams.Add(request.NewErrParamMinValue("SuccessRetentionPeriodInDays", 1)) + } + if s.Tags != nil && len(s.Tags) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Tags", 1)) + } + if s.Code != nil { + if err := s.Code.Validate(); err != nil { + invalidParams.AddNested("Code", err.(request.ErrInvalidParams)) + } + } + if s.RunConfig != nil { + if err := s.RunConfig.Validate(); err != nil { + invalidParams.AddNested("RunConfig", err.(request.ErrInvalidParams)) + } + } + if s.Schedule != nil { + if err := s.Schedule.Validate(); err != nil { + invalidParams.AddNested("Schedule", err.(request.ErrInvalidParams)) + } + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetArtifactS3Location sets the ArtifactS3Location field's value. +func (s *CreateCanaryInput) SetArtifactS3Location(v string) *CreateCanaryInput { + s.ArtifactS3Location = &v + return s +} + +// SetCode sets the Code field's value. +func (s *CreateCanaryInput) SetCode(v *CanaryCodeInput) *CreateCanaryInput { + s.Code = v + return s +} + +// SetExecutionRoleArn sets the ExecutionRoleArn field's value. +func (s *CreateCanaryInput) SetExecutionRoleArn(v string) *CreateCanaryInput { + s.ExecutionRoleArn = &v + return s +} + +// SetFailureRetentionPeriodInDays sets the FailureRetentionPeriodInDays field's value. +func (s *CreateCanaryInput) SetFailureRetentionPeriodInDays(v int64) *CreateCanaryInput { + s.FailureRetentionPeriodInDays = &v + return s +} + +// SetName sets the Name field's value. +func (s *CreateCanaryInput) SetName(v string) *CreateCanaryInput { + s.Name = &v + return s +} + +// SetRunConfig sets the RunConfig field's value. +func (s *CreateCanaryInput) SetRunConfig(v *CanaryRunConfigInput) *CreateCanaryInput { + s.RunConfig = v + return s +} + +// SetRuntimeVersion sets the RuntimeVersion field's value. +func (s *CreateCanaryInput) SetRuntimeVersion(v string) *CreateCanaryInput { + s.RuntimeVersion = &v + return s +} + +// SetSchedule sets the Schedule field's value. +func (s *CreateCanaryInput) SetSchedule(v *CanaryScheduleInput) *CreateCanaryInput { + s.Schedule = v + return s +} + +// SetSuccessRetentionPeriodInDays sets the SuccessRetentionPeriodInDays field's value. +func (s *CreateCanaryInput) SetSuccessRetentionPeriodInDays(v int64) *CreateCanaryInput { + s.SuccessRetentionPeriodInDays = &v + return s +} + +// SetTags sets the Tags field's value. +func (s *CreateCanaryInput) SetTags(v map[string]*string) *CreateCanaryInput { + s.Tags = v + return s +} + +// SetVpcConfig sets the VpcConfig field's value. +func (s *CreateCanaryInput) SetVpcConfig(v *VpcConfigInput) *CreateCanaryInput { + s.VpcConfig = v + return s +} + +type CreateCanaryOutput struct { + _ struct{} `type:"structure"` + + // The full details about the canary you have created. + Canary *Canary `type:"structure"` +} + +// String returns the string representation +func (s CreateCanaryOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s CreateCanaryOutput) GoString() string { + return s.String() +} + +// SetCanary sets the Canary field's value. +func (s *CreateCanaryOutput) SetCanary(v *Canary) *CreateCanaryOutput { + s.Canary = v + return s +} + +type DeleteCanaryInput struct { + _ struct{} `type:"structure"` + + // The name of the canary that you want to delete. To find the names of your + // canaries, use DescribeCanaries. + // + // Name is a required field + Name *string `location:"uri" locationName:"name" min:"1" type:"string" required:"true"` +} + +// String returns the string representation +func (s DeleteCanaryInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DeleteCanaryInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DeleteCanaryInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DeleteCanaryInput"} + if s.Name == nil { + invalidParams.Add(request.NewErrParamRequired("Name")) + } + if s.Name != nil && len(*s.Name) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Name", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetName sets the Name field's value. +func (s *DeleteCanaryInput) SetName(v string) *DeleteCanaryInput { + s.Name = &v + return s +} + +type DeleteCanaryOutput struct { + _ struct{} `type:"structure"` +} + +// String returns the string representation +func (s DeleteCanaryOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DeleteCanaryOutput) GoString() string { + return s.String() +} + +type DescribeCanariesInput struct { + _ struct{} `type:"structure"` + + // Specify this parameter to limit how many canaries are returned each time + // you use the DescribeCanaries operation. If you omit this parameter, the default + // of 100 is used. + MaxResults *int64 `min:"1" type:"integer"` + + // A token that indicates that there is more data available. You can use this + // token in a subsequent operation to retrieve the next set of results. + NextToken *string `type:"string"` +} + +// String returns the string representation +func (s DescribeCanariesInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeCanariesInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeCanariesInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeCanariesInput"} + if s.MaxResults != nil && *s.MaxResults < 1 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetMaxResults sets the MaxResults field's value. +func (s *DescribeCanariesInput) SetMaxResults(v int64) *DescribeCanariesInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeCanariesInput) SetNextToken(v string) *DescribeCanariesInput { + s.NextToken = &v + return s +} + +type DescribeCanariesLastRunInput struct { + _ struct{} `type:"structure"` + + // Specify this parameter to limit how many runs are returned each time you + // use the DescribeLastRun operation. If you omit this parameter, the default + // of 100 is used. + MaxResults *int64 `min:"1" type:"integer"` + + // A token that indicates that there is more data available. You can use this + // token in a subsequent DescribeCanaries operation to retrieve the next set + // of results. + NextToken *string `type:"string"` +} + +// String returns the string representation +func (s DescribeCanariesLastRunInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeCanariesLastRunInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeCanariesLastRunInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeCanariesLastRunInput"} + if s.MaxResults != nil && *s.MaxResults < 1 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetMaxResults sets the MaxResults field's value. +func (s *DescribeCanariesLastRunInput) SetMaxResults(v int64) *DescribeCanariesLastRunInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeCanariesLastRunInput) SetNextToken(v string) *DescribeCanariesLastRunInput { + s.NextToken = &v + return s +} + +type DescribeCanariesLastRunOutput struct { + _ struct{} `type:"structure"` + + // An array that contains the information from the most recent run of each canary. + CanariesLastRun []*CanaryLastRun `type:"list"` + + // A token that indicates that there is more data available. You can use this + // token in a subsequent DescribeCanariesLastRun operation to retrieve the next + // set of results. + NextToken *string `type:"string"` +} + +// String returns the string representation +func (s DescribeCanariesLastRunOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeCanariesLastRunOutput) GoString() string { + return s.String() +} + +// SetCanariesLastRun sets the CanariesLastRun field's value. +func (s *DescribeCanariesLastRunOutput) SetCanariesLastRun(v []*CanaryLastRun) *DescribeCanariesLastRunOutput { + s.CanariesLastRun = v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeCanariesLastRunOutput) SetNextToken(v string) *DescribeCanariesLastRunOutput { + s.NextToken = &v + return s +} + +type DescribeCanariesOutput struct { + _ struct{} `type:"structure"` + + // Returns an array. Each item in the array contains the full information about + // one canary. + Canaries []*Canary `type:"list"` + + // A token that indicates that there is more data available. You can use this + // token in a subsequent DescribeCanaries operation to retrieve the next set + // of results. + NextToken *string `type:"string"` +} + +// String returns the string representation +func (s DescribeCanariesOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeCanariesOutput) GoString() string { + return s.String() +} + +// SetCanaries sets the Canaries field's value. +func (s *DescribeCanariesOutput) SetCanaries(v []*Canary) *DescribeCanariesOutput { + s.Canaries = v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeCanariesOutput) SetNextToken(v string) *DescribeCanariesOutput { + s.NextToken = &v + return s +} + +type DescribeRuntimeVersionsInput struct { + _ struct{} `type:"structure"` + + // Specify this parameter to limit how many runs are returned each time you + // use the DescribeRuntimeVersions operation. If you omit this parameter, the + // default of 100 is used. + MaxResults *int64 `min:"1" type:"integer"` + + // A token that indicates that there is more data available. You can use this + // token in a subsequent DescribeRuntimeVersions operation to retrieve the next + // set of results. + NextToken *string `type:"string"` +} + +// String returns the string representation +func (s DescribeRuntimeVersionsInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeRuntimeVersionsInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeRuntimeVersionsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeRuntimeVersionsInput"} + if s.MaxResults != nil && *s.MaxResults < 1 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetMaxResults sets the MaxResults field's value. +func (s *DescribeRuntimeVersionsInput) SetMaxResults(v int64) *DescribeRuntimeVersionsInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeRuntimeVersionsInput) SetNextToken(v string) *DescribeRuntimeVersionsInput { + s.NextToken = &v + return s +} + +type DescribeRuntimeVersionsOutput struct { + _ struct{} `type:"structure"` + + // A token that indicates that there is more data available. You can use this + // token in a subsequent DescribeRuntimeVersions operation to retrieve the next + // set of results. + NextToken *string `type:"string"` + + // An array of objects that display the details about each Synthetics canary + // runtime version. + RuntimeVersions []*RuntimeVersion `type:"list"` +} + +// String returns the string representation +func (s DescribeRuntimeVersionsOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeRuntimeVersionsOutput) GoString() string { + return s.String() +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeRuntimeVersionsOutput) SetNextToken(v string) *DescribeRuntimeVersionsOutput { + s.NextToken = &v + return s +} + +// SetRuntimeVersions sets the RuntimeVersions field's value. +func (s *DescribeRuntimeVersionsOutput) SetRuntimeVersions(v []*RuntimeVersion) *DescribeRuntimeVersionsOutput { + s.RuntimeVersions = v + return s +} + +type GetCanaryInput struct { + _ struct{} `type:"structure"` + + // The name of the canary that you want details for. + // + // Name is a required field + Name *string `location:"uri" locationName:"name" min:"1" type:"string" required:"true"` +} + +// String returns the string representation +func (s GetCanaryInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s GetCanaryInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *GetCanaryInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "GetCanaryInput"} + if s.Name == nil { + invalidParams.Add(request.NewErrParamRequired("Name")) + } + if s.Name != nil && len(*s.Name) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Name", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetName sets the Name field's value. +func (s *GetCanaryInput) SetName(v string) *GetCanaryInput { + s.Name = &v + return s +} + +type GetCanaryOutput struct { + _ struct{} `type:"structure"` + + // A strucure that contains the full information about the canary. + Canary *Canary `type:"structure"` +} + +// String returns the string representation +func (s GetCanaryOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s GetCanaryOutput) GoString() string { + return s.String() +} + +// SetCanary sets the Canary field's value. +func (s *GetCanaryOutput) SetCanary(v *Canary) *GetCanaryOutput { + s.Canary = v + return s +} + +type GetCanaryRunsInput struct { + _ struct{} `type:"structure"` + + // Specify this parameter to limit how many runs are returned each time you + // use the GetCanaryRuns operation. If you omit this parameter, the default + // of 100 is used. + MaxResults *int64 `min:"1" type:"integer"` + + // The name of the canary that you want to see runs for. + // + // Name is a required field + Name *string `location:"uri" locationName:"name" min:"1" type:"string" required:"true"` + + // A token that indicates that there is more data available. You can use this + // token in a subsequent GetCanaryRuns operation to retrieve the next set of + // results. + NextToken *string `type:"string"` +} + +// String returns the string representation +func (s GetCanaryRunsInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s GetCanaryRunsInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *GetCanaryRunsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "GetCanaryRunsInput"} + if s.MaxResults != nil && *s.MaxResults < 1 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) + } + if s.Name == nil { + invalidParams.Add(request.NewErrParamRequired("Name")) + } + if s.Name != nil && len(*s.Name) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Name", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetMaxResults sets the MaxResults field's value. +func (s *GetCanaryRunsInput) SetMaxResults(v int64) *GetCanaryRunsInput { + s.MaxResults = &v + return s +} + +// SetName sets the Name field's value. +func (s *GetCanaryRunsInput) SetName(v string) *GetCanaryRunsInput { + s.Name = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *GetCanaryRunsInput) SetNextToken(v string) *GetCanaryRunsInput { + s.NextToken = &v + return s +} + +type GetCanaryRunsOutput struct { + _ struct{} `type:"structure"` + + // An array of structures. Each structure contains the details of one of the + // retrieved canary runs. + CanaryRuns []*CanaryRun `type:"list"` + + // A token that indicates that there is more data available. You can use this + // token in a subsequent GetCanaryRuns operation to retrieve the next set of + // results. + NextToken *string `type:"string"` +} + +// String returns the string representation +func (s GetCanaryRunsOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s GetCanaryRunsOutput) GoString() string { + return s.String() +} + +// SetCanaryRuns sets the CanaryRuns field's value. +func (s *GetCanaryRunsOutput) SetCanaryRuns(v []*CanaryRun) *GetCanaryRunsOutput { + s.CanaryRuns = v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *GetCanaryRunsOutput) SetNextToken(v string) *GetCanaryRunsOutput { + s.NextToken = &v + return s +} + +// An unknown internal error occurred. +type InternalServerException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + Message_ *string `locationName:"Message" type:"string"` +} + +// String returns the string representation +func (s InternalServerException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s InternalServerException) GoString() string { + return s.String() +} + +func newErrorInternalServerException(v protocol.ResponseMetadata) error { + return &InternalServerException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. +func (s *InternalServerException) Code() string { + return "InternalServerException" +} + +// Message returns the exception's message. +func (s *InternalServerException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *InternalServerException) OrigErr() error { + return nil +} + +func (s *InternalServerException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *InternalServerException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *InternalServerException) RequestID() string { + return s.RespMetadata.RequestID +} + +type ListTagsForResourceInput struct { + _ struct{} `type:"structure"` + + // The ARN of the canary that you want to view tags for. + // + // The ARN format of a canary is arn:aws:synthetics:Region:account-id:canary:canary-name . + // + // ResourceArn is a required field + ResourceArn *string `location:"uri" locationName:"resourceArn" type:"string" required:"true"` +} + +// String returns the string representation +func (s ListTagsForResourceInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ListTagsForResourceInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *ListTagsForResourceInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ListTagsForResourceInput"} + if s.ResourceArn == nil { + invalidParams.Add(request.NewErrParamRequired("ResourceArn")) + } + if s.ResourceArn != nil && len(*s.ResourceArn) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ResourceArn", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetResourceArn sets the ResourceArn field's value. +func (s *ListTagsForResourceInput) SetResourceArn(v string) *ListTagsForResourceInput { + s.ResourceArn = &v + return s +} + +type ListTagsForResourceOutput struct { + _ struct{} `type:"structure"` + + // The list of tag keys and values associated with the canary that you specified. + Tags map[string]*string `min:"1" type:"map"` +} + +// String returns the string representation +func (s ListTagsForResourceOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ListTagsForResourceOutput) GoString() string { + return s.String() +} + +// SetTags sets the Tags field's value. +func (s *ListTagsForResourceOutput) SetTags(v map[string]*string) *ListTagsForResourceOutput { + s.Tags = v + return s +} + +// One of the specified resources was not found. +type ResourceNotFoundException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + Message_ *string `locationName:"Message" type:"string"` +} + +// String returns the string representation +func (s ResourceNotFoundException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ResourceNotFoundException) GoString() string { + return s.String() +} + +func newErrorResourceNotFoundException(v protocol.ResponseMetadata) error { + return &ResourceNotFoundException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. +func (s *ResourceNotFoundException) Code() string { + return "ResourceNotFoundException" +} + +// Message returns the exception's message. +func (s *ResourceNotFoundException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *ResourceNotFoundException) OrigErr() error { + return nil +} + +func (s *ResourceNotFoundException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *ResourceNotFoundException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *ResourceNotFoundException) RequestID() string { + return s.RespMetadata.RequestID +} + +// This structure contains information about one canary runtime version. For +// more information about runtime versions, see Canary Runtime Versions (https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_Canaries_Library.html). +type RuntimeVersion struct { + _ struct{} `type:"structure"` + + // If this runtime version is deprecated, this value is the date of deprecation. + DeprecationDate *time.Time `type:"timestamp"` + + // A description of the runtime version, created by Amazon. + Description *string `min:"1" type:"string"` + + // The date that the runtime version was released. + ReleaseDate *time.Time `type:"timestamp"` + + // The name of the runtime version. Currently, the only valid value is syn-1.0. + // + // Specifies the runtime version to use for the canary. Currently, the only + // valid value is syn-1.0. + VersionName *string `min:"1" type:"string"` +} + +// String returns the string representation +func (s RuntimeVersion) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s RuntimeVersion) GoString() string { + return s.String() +} + +// SetDeprecationDate sets the DeprecationDate field's value. +func (s *RuntimeVersion) SetDeprecationDate(v time.Time) *RuntimeVersion { + s.DeprecationDate = &v + return s +} + +// SetDescription sets the Description field's value. +func (s *RuntimeVersion) SetDescription(v string) *RuntimeVersion { + s.Description = &v + return s +} + +// SetReleaseDate sets the ReleaseDate field's value. +func (s *RuntimeVersion) SetReleaseDate(v time.Time) *RuntimeVersion { + s.ReleaseDate = &v + return s +} + +// SetVersionName sets the VersionName field's value. +func (s *RuntimeVersion) SetVersionName(v string) *RuntimeVersion { + s.VersionName = &v + return s +} + +type StartCanaryInput struct { + _ struct{} `type:"structure"` + + // The name of the canary that you want to run. To find canary names, use DescribeCanaries. + // + // Name is a required field + Name *string `location:"uri" locationName:"name" min:"1" type:"string" required:"true"` +} + +// String returns the string representation +func (s StartCanaryInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s StartCanaryInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *StartCanaryInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "StartCanaryInput"} + if s.Name == nil { + invalidParams.Add(request.NewErrParamRequired("Name")) + } + if s.Name != nil && len(*s.Name) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Name", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetName sets the Name field's value. +func (s *StartCanaryInput) SetName(v string) *StartCanaryInput { + s.Name = &v + return s +} + +type StartCanaryOutput struct { + _ struct{} `type:"structure"` +} + +// String returns the string representation +func (s StartCanaryOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s StartCanaryOutput) GoString() string { + return s.String() +} + +type StopCanaryInput struct { + _ struct{} `type:"structure"` + + // The name of the canary that you want to stop. To find the names of your canaries, + // use DescribeCanaries. + // + // Name is a required field + Name *string `location:"uri" locationName:"name" min:"1" type:"string" required:"true"` +} + +// String returns the string representation +func (s StopCanaryInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s StopCanaryInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *StopCanaryInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "StopCanaryInput"} + if s.Name == nil { + invalidParams.Add(request.NewErrParamRequired("Name")) + } + if s.Name != nil && len(*s.Name) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Name", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetName sets the Name field's value. +func (s *StopCanaryInput) SetName(v string) *StopCanaryInput { + s.Name = &v + return s +} + +type StopCanaryOutput struct { + _ struct{} `type:"structure"` +} + +// String returns the string representation +func (s StopCanaryOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s StopCanaryOutput) GoString() string { + return s.String() +} + +type TagResourceInput struct { + _ struct{} `type:"structure"` + + // The ARN of the canary that you're adding tags to. + // + // The ARN format of a canary is arn:aws:synthetics:Region:account-id:canary:canary-name . + // + // ResourceArn is a required field + ResourceArn *string `location:"uri" locationName:"resourceArn" type:"string" required:"true"` + + // The list of key-value pairs to associate with the canary. + // + // Tags is a required field + Tags map[string]*string `min:"1" type:"map" required:"true"` +} + +// String returns the string representation +func (s TagResourceInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s TagResourceInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *TagResourceInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "TagResourceInput"} + if s.ResourceArn == nil { + invalidParams.Add(request.NewErrParamRequired("ResourceArn")) + } + if s.ResourceArn != nil && len(*s.ResourceArn) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ResourceArn", 1)) + } + if s.Tags == nil { + invalidParams.Add(request.NewErrParamRequired("Tags")) + } + if s.Tags != nil && len(s.Tags) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Tags", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetResourceArn sets the ResourceArn field's value. +func (s *TagResourceInput) SetResourceArn(v string) *TagResourceInput { + s.ResourceArn = &v + return s +} + +// SetTags sets the Tags field's value. +func (s *TagResourceInput) SetTags(v map[string]*string) *TagResourceInput { + s.Tags = v + return s +} + +type TagResourceOutput struct { + _ struct{} `type:"structure"` +} + +// String returns the string representation +func (s TagResourceOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s TagResourceOutput) GoString() string { + return s.String() +} + +type UntagResourceInput struct { + _ struct{} `type:"structure"` + + // The ARN of the canary that you're removing tags from. + // + // The ARN format of a canary is arn:aws:synthetics:Region:account-id:canary:canary-name . + // + // ResourceArn is a required field + ResourceArn *string `location:"uri" locationName:"resourceArn" type:"string" required:"true"` + + // The list of tag keys to remove from the resource. + // + // TagKeys is a required field + TagKeys []*string `location:"querystring" locationName:"tagKeys" min:"1" type:"list" required:"true"` +} + +// String returns the string representation +func (s UntagResourceInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s UntagResourceInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *UntagResourceInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "UntagResourceInput"} + if s.ResourceArn == nil { + invalidParams.Add(request.NewErrParamRequired("ResourceArn")) + } + if s.ResourceArn != nil && len(*s.ResourceArn) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ResourceArn", 1)) + } + if s.TagKeys == nil { + invalidParams.Add(request.NewErrParamRequired("TagKeys")) + } + if s.TagKeys != nil && len(s.TagKeys) < 1 { + invalidParams.Add(request.NewErrParamMinLen("TagKeys", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetResourceArn sets the ResourceArn field's value. +func (s *UntagResourceInput) SetResourceArn(v string) *UntagResourceInput { + s.ResourceArn = &v + return s +} + +// SetTagKeys sets the TagKeys field's value. +func (s *UntagResourceInput) SetTagKeys(v []*string) *UntagResourceInput { + s.TagKeys = v + return s +} + +type UntagResourceOutput struct { + _ struct{} `type:"structure"` +} + +// String returns the string representation +func (s UntagResourceOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s UntagResourceOutput) GoString() string { + return s.String() +} + +type UpdateCanaryInput struct { + _ struct{} `type:"structure"` + + // A structure that includes the entry point from which the canary should start + // running your script. If the script is stored in an S3 bucket, the bucket + // name, key, and version are also included. + Code *CanaryCodeInput `type:"structure"` + + // The ARN of the IAM role to be used to run the canary. This role must already + // exist, and must include lambda.amazonaws.com as a principal in the trust + // policy. The role must also have the following permissions: + // + // * s3:PutObject + // + // * s3:GetBucketLocation + // + // * s3:ListAllMyBuckets + // + // * cloudwatch:PutMetricData + // + // * logs:CreateLogGroup + // + // * logs:CreateLogStream + // + // * logs:CreateLogStream + ExecutionRoleArn *string `type:"string"` + + // The number of days to retain data about failed runs of this canary. + FailureRetentionPeriodInDays *int64 `min:"1" type:"integer"` + + // The name of the canary that you want to update. To find the names of your + // canaries, use DescribeCanaries. + // + // You cannot change the name of a canary that has already been created. + // + // Name is a required field + Name *string `location:"uri" locationName:"name" min:"1" type:"string" required:"true"` + + // A structure that contains the timeout value that is used for each individual + // run of the canary. + RunConfig *CanaryRunConfigInput `type:"structure"` + + // Specifies the runtime version to use for the canary. Currently, the only + // valid value is syn-1.0. For more information about runtime versions, see + // Canary Runtime Versions (https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_Canaries_Library.html). + RuntimeVersion *string `min:"1" type:"string"` + + // A structure that contains information about how often the canary is to run, + // and when these runs are to stop. + Schedule *CanaryScheduleInput `type:"structure"` + + // The number of days to retain data about successful runs of this canary. + SuccessRetentionPeriodInDays *int64 `min:"1" type:"integer"` + + // If this canary is to test an endpoint in a VPC, this structure contains information + // about the subnet and security groups of the VPC endpoint. For more information, + // see Running a Canary in a VPC (https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_Canaries_VPC.html). + VpcConfig *VpcConfigInput `type:"structure"` +} + +// String returns the string representation +func (s UpdateCanaryInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s UpdateCanaryInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *UpdateCanaryInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "UpdateCanaryInput"} + if s.FailureRetentionPeriodInDays != nil && *s.FailureRetentionPeriodInDays < 1 { + invalidParams.Add(request.NewErrParamMinValue("FailureRetentionPeriodInDays", 1)) + } + if s.Name == nil { + invalidParams.Add(request.NewErrParamRequired("Name")) + } + if s.Name != nil && len(*s.Name) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Name", 1)) + } + if s.RuntimeVersion != nil && len(*s.RuntimeVersion) < 1 { + invalidParams.Add(request.NewErrParamMinLen("RuntimeVersion", 1)) + } + if s.SuccessRetentionPeriodInDays != nil && *s.SuccessRetentionPeriodInDays < 1 { + invalidParams.Add(request.NewErrParamMinValue("SuccessRetentionPeriodInDays", 1)) + } + if s.Code != nil { + if err := s.Code.Validate(); err != nil { + invalidParams.AddNested("Code", err.(request.ErrInvalidParams)) + } + } + if s.RunConfig != nil { + if err := s.RunConfig.Validate(); err != nil { + invalidParams.AddNested("RunConfig", err.(request.ErrInvalidParams)) + } + } + if s.Schedule != nil { + if err := s.Schedule.Validate(); err != nil { + invalidParams.AddNested("Schedule", err.(request.ErrInvalidParams)) + } + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetCode sets the Code field's value. +func (s *UpdateCanaryInput) SetCode(v *CanaryCodeInput) *UpdateCanaryInput { + s.Code = v + return s +} + +// SetExecutionRoleArn sets the ExecutionRoleArn field's value. +func (s *UpdateCanaryInput) SetExecutionRoleArn(v string) *UpdateCanaryInput { + s.ExecutionRoleArn = &v + return s +} + +// SetFailureRetentionPeriodInDays sets the FailureRetentionPeriodInDays field's value. +func (s *UpdateCanaryInput) SetFailureRetentionPeriodInDays(v int64) *UpdateCanaryInput { + s.FailureRetentionPeriodInDays = &v + return s +} + +// SetName sets the Name field's value. +func (s *UpdateCanaryInput) SetName(v string) *UpdateCanaryInput { + s.Name = &v + return s +} + +// SetRunConfig sets the RunConfig field's value. +func (s *UpdateCanaryInput) SetRunConfig(v *CanaryRunConfigInput) *UpdateCanaryInput { + s.RunConfig = v + return s +} + +// SetRuntimeVersion sets the RuntimeVersion field's value. +func (s *UpdateCanaryInput) SetRuntimeVersion(v string) *UpdateCanaryInput { + s.RuntimeVersion = &v + return s +} + +// SetSchedule sets the Schedule field's value. +func (s *UpdateCanaryInput) SetSchedule(v *CanaryScheduleInput) *UpdateCanaryInput { + s.Schedule = v + return s +} + +// SetSuccessRetentionPeriodInDays sets the SuccessRetentionPeriodInDays field's value. +func (s *UpdateCanaryInput) SetSuccessRetentionPeriodInDays(v int64) *UpdateCanaryInput { + s.SuccessRetentionPeriodInDays = &v + return s +} + +// SetVpcConfig sets the VpcConfig field's value. +func (s *UpdateCanaryInput) SetVpcConfig(v *VpcConfigInput) *UpdateCanaryInput { + s.VpcConfig = v + return s +} + +type UpdateCanaryOutput struct { + _ struct{} `type:"structure"` +} + +// String returns the string representation +func (s UpdateCanaryOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s UpdateCanaryOutput) GoString() string { + return s.String() +} + +// A parameter could not be validated. +type ValidationException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + Message_ *string `locationName:"Message" type:"string"` +} + +// String returns the string representation +func (s ValidationException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ValidationException) GoString() string { + return s.String() +} + +func newErrorValidationException(v protocol.ResponseMetadata) error { + return &ValidationException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. +func (s *ValidationException) Code() string { + return "ValidationException" +} + +// Message returns the exception's message. +func (s *ValidationException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *ValidationException) OrigErr() error { + return nil +} + +func (s *ValidationException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *ValidationException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *ValidationException) RequestID() string { + return s.RespMetadata.RequestID +} + +// If this canary is to test an endpoint in a VPC, this structure contains information +// about the subnets and security groups of the VPC endpoint. For more information, +// see Running a Canary in a VPC (https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_Canaries_VPC.html). +type VpcConfigInput struct { + _ struct{} `type:"structure"` + + // The IDs of the security groups for this canary. + SecurityGroupIds []*string `type:"list"` + + // The IDs of the subnets where this canary is to run. + SubnetIds []*string `type:"list"` +} + +// String returns the string representation +func (s VpcConfigInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s VpcConfigInput) GoString() string { + return s.String() +} + +// SetSecurityGroupIds sets the SecurityGroupIds field's value. +func (s *VpcConfigInput) SetSecurityGroupIds(v []*string) *VpcConfigInput { + s.SecurityGroupIds = v + return s +} + +// SetSubnetIds sets the SubnetIds field's value. +func (s *VpcConfigInput) SetSubnetIds(v []*string) *VpcConfigInput { + s.SubnetIds = v + return s +} + +// If this canary is to test an endpoint in a VPC, this structure contains information +// about the subnets and security groups of the VPC endpoint. For more information, +// see Running a Canary in a VPC (https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_Canaries_VPC.html). +type VpcConfigOutput struct { + _ struct{} `type:"structure"` + + // The IDs of the security groups for this canary. + SecurityGroupIds []*string `type:"list"` + + // The IDs of the subnets where this canary is to run. + SubnetIds []*string `type:"list"` + + // The IDs of the VPC where this canary is to run. + VpcId *string `type:"string"` +} + +// String returns the string representation +func (s VpcConfigOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s VpcConfigOutput) GoString() string { + return s.String() +} + +// SetSecurityGroupIds sets the SecurityGroupIds field's value. +func (s *VpcConfigOutput) SetSecurityGroupIds(v []*string) *VpcConfigOutput { + s.SecurityGroupIds = v + return s +} + +// SetSubnetIds sets the SubnetIds field's value. +func (s *VpcConfigOutput) SetSubnetIds(v []*string) *VpcConfigOutput { + s.SubnetIds = v + return s +} + +// SetVpcId sets the VpcId field's value. +func (s *VpcConfigOutput) SetVpcId(v string) *VpcConfigOutput { + s.VpcId = &v + return s +} + +const ( + // CanaryRunStateRunning is a CanaryRunState enum value + CanaryRunStateRunning = "RUNNING" + + // CanaryRunStatePassed is a CanaryRunState enum value + CanaryRunStatePassed = "PASSED" + + // CanaryRunStateFailed is a CanaryRunState enum value + CanaryRunStateFailed = "FAILED" +) + +const ( + // CanaryRunStateReasonCodeCanaryFailure is a CanaryRunStateReasonCode enum value + CanaryRunStateReasonCodeCanaryFailure = "CANARY_FAILURE" + + // CanaryRunStateReasonCodeExecutionFailure is a CanaryRunStateReasonCode enum value + CanaryRunStateReasonCodeExecutionFailure = "EXECUTION_FAILURE" +) + +const ( + // CanaryStateCreating is a CanaryState enum value + CanaryStateCreating = "CREATING" + + // CanaryStateReady is a CanaryState enum value + CanaryStateReady = "READY" + + // CanaryStateStarting is a CanaryState enum value + CanaryStateStarting = "STARTING" + + // CanaryStateRunning is a CanaryState enum value + CanaryStateRunning = "RUNNING" + + // CanaryStateUpdating is a CanaryState enum value + CanaryStateUpdating = "UPDATING" + + // CanaryStateStopping is a CanaryState enum value + CanaryStateStopping = "STOPPING" + + // CanaryStateStopped is a CanaryState enum value + CanaryStateStopped = "STOPPED" + + // CanaryStateError is a CanaryState enum value + CanaryStateError = "ERROR" + + // CanaryStateDeleting is a CanaryState enum value + CanaryStateDeleting = "DELETING" +) + +const ( + // CanaryStateReasonCodeInvalidPermissions is a CanaryStateReasonCode enum value + CanaryStateReasonCodeInvalidPermissions = "INVALID_PERMISSIONS" +) diff --git a/vendor/github.com/aws/aws-sdk-go/service/synthetics/doc.go b/vendor/github.com/aws/aws-sdk-go/service/synthetics/doc.go new file mode 100644 index 00000000000..8a25de917d0 --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go/service/synthetics/doc.go @@ -0,0 +1,42 @@ +// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT. + +// Package synthetics provides the client and types for making API +// requests to Synthetics. +// +// You can use Amazon CloudWatch Synthetics to continually monitor your services. +// You can create and manage canaries, which are modular, lightweight scripts +// that monitor your endpoints and APIs from the outside-in. You can set up +// your canaries to run 24 hours a day, once per minute. The canaries help you +// check the availability and latency of your web services and troubleshoot +// anomalies by investigating load time data, screenshots of the UI, logs, and +// metrics. The canaries seamlessly integrate with CloudWatch ServiceLens to +// help you trace the causes of impacted nodes in your applications. For more +// information, see Using ServiceLens to Monitor the Health of Your Applications +// (https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/ServiceLens.html) +// in the Amazon CloudWatch User Guide. +// +// Before you create and manage canaries, be aware of the security considerations. +// For more information, see Security Considerations for Synthetics Canaries +// (https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/servicelens_canaries_security.html). +// +// See https://docs.aws.amazon.com/goto/WebAPI/synthetics-2017-10-11 for more information on this service. +// +// See synthetics package documentation for more information. +// https://docs.aws.amazon.com/sdk-for-go/api/service/synthetics/ +// +// Using the Client +// +// To contact Synthetics with the SDK use the New function to create +// a new service client. With that client you can make API requests to the service. +// These clients are safe to use concurrently. +// +// See the SDK's documentation for more information on how to use the SDK. +// https://docs.aws.amazon.com/sdk-for-go/api/ +// +// See aws.Config documentation for more information on configuring SDK clients. +// https://docs.aws.amazon.com/sdk-for-go/api/aws/#Config +// +// See the Synthetics client Synthetics for more +// information on creating client for this service. +// https://docs.aws.amazon.com/sdk-for-go/api/service/synthetics/#New +package synthetics diff --git a/vendor/github.com/aws/aws-sdk-go/service/synthetics/errors.go b/vendor/github.com/aws/aws-sdk-go/service/synthetics/errors.go new file mode 100644 index 00000000000..28559807882 --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go/service/synthetics/errors.go @@ -0,0 +1,41 @@ +// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT. + +package synthetics + +import ( + "github.com/aws/aws-sdk-go/private/protocol" +) + +const ( + + // ErrCodeConflictException for service response error code + // "ConflictException". + // + // A conflicting operation is already in progress. + ErrCodeConflictException = "ConflictException" + + // ErrCodeInternalServerException for service response error code + // "InternalServerException". + // + // An unknown internal error occurred. + ErrCodeInternalServerException = "InternalServerException" + + // ErrCodeResourceNotFoundException for service response error code + // "ResourceNotFoundException". + // + // One of the specified resources was not found. + ErrCodeResourceNotFoundException = "ResourceNotFoundException" + + // ErrCodeValidationException for service response error code + // "ValidationException". + // + // A parameter could not be validated. + ErrCodeValidationException = "ValidationException" +) + +var exceptionFromCode = map[string]func(protocol.ResponseMetadata) error{ + "ConflictException": newErrorConflictException, + "InternalServerException": newErrorInternalServerException, + "ResourceNotFoundException": newErrorResourceNotFoundException, + "ValidationException": newErrorValidationException, +} diff --git a/vendor/github.com/aws/aws-sdk-go/service/synthetics/service.go b/vendor/github.com/aws/aws-sdk-go/service/synthetics/service.go new file mode 100644 index 00000000000..e957283a593 --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go/service/synthetics/service.go @@ -0,0 +1,104 @@ +// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT. + +package synthetics + +import ( + "github.com/aws/aws-sdk-go/aws" + "github.com/aws/aws-sdk-go/aws/client" + "github.com/aws/aws-sdk-go/aws/client/metadata" + "github.com/aws/aws-sdk-go/aws/request" + "github.com/aws/aws-sdk-go/aws/signer/v4" + "github.com/aws/aws-sdk-go/private/protocol" + "github.com/aws/aws-sdk-go/private/protocol/restjson" +) + +// Synthetics provides the API operation methods for making requests to +// Synthetics. See this package's package overview docs +// for details on the service. +// +// Synthetics methods are safe to use concurrently. It is not safe to +// modify mutate any of the struct's properties though. +type Synthetics struct { + *client.Client +} + +// Used for custom client initialization logic +var initClient func(*client.Client) + +// Used for custom request initialization logic +var initRequest func(*request.Request) + +// Service information constants +const ( + ServiceName = "synthetics" // Name of service. + EndpointsID = ServiceName // ID to lookup a service endpoint with. + ServiceID = "synthetics" // ServiceID is a unique identifier of a specific service. +) + +// New creates a new instance of the Synthetics client with a session. +// If additional configuration is needed for the client instance use the optional +// aws.Config parameter to add your extra config. +// +// Example: +// mySession := session.Must(session.NewSession()) +// +// // Create a Synthetics client from just a session. +// svc := synthetics.New(mySession) +// +// // Create a Synthetics client with additional configuration +// svc := synthetics.New(mySession, aws.NewConfig().WithRegion("us-west-2")) +func New(p client.ConfigProvider, cfgs ...*aws.Config) *Synthetics { + c := p.ClientConfig(EndpointsID, cfgs...) + if c.SigningNameDerived || len(c.SigningName) == 0 { + c.SigningName = "synthetics" + } + return newClient(*c.Config, c.Handlers, c.PartitionID, c.Endpoint, c.SigningRegion, c.SigningName) +} + +// newClient creates, initializes and returns a new service client instance. +func newClient(cfg aws.Config, handlers request.Handlers, partitionID, endpoint, signingRegion, signingName string) *Synthetics { + svc := &Synthetics{ + Client: client.New( + cfg, + metadata.ClientInfo{ + ServiceName: ServiceName, + ServiceID: ServiceID, + SigningName: signingName, + SigningRegion: signingRegion, + PartitionID: partitionID, + Endpoint: endpoint, + APIVersion: "2017-10-11", + }, + handlers, + ), + } + + // Handlers + svc.Handlers.Sign.PushBackNamed(v4.SignRequestHandler) + svc.Handlers.Build.PushBackNamed(restjson.BuildHandler) + svc.Handlers.Unmarshal.PushBackNamed(restjson.UnmarshalHandler) + svc.Handlers.UnmarshalMeta.PushBackNamed(restjson.UnmarshalMetaHandler) + svc.Handlers.UnmarshalError.PushBackNamed( + protocol.NewUnmarshalErrorHandler(restjson.NewUnmarshalTypedError(exceptionFromCode)).NamedHandler(), + ) + + // Run custom client initialization if present + if initClient != nil { + initClient(svc.Client) + } + + return svc +} + +// newRequest creates a new request for a Synthetics operation and runs any +// custom request initialization. +func (c *Synthetics) newRequest(op *request.Operation, params, data interface{}) *request.Request { + req := c.NewRequest(op, params, data) + + // Run custom request initialization if present + if initRequest != nil { + initRequest(req) + } + + return req +} diff --git a/vendor/modules.txt b/vendor/modules.txt index ed4f920a8a3..68fe7d51316 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -201,6 +201,7 @@ github.com/aws/aws-sdk-go/service/storagegateway github.com/aws/aws-sdk-go/service/sts github.com/aws/aws-sdk-go/service/sts/stsiface github.com/aws/aws-sdk-go/service/swf +github.com/aws/aws-sdk-go/service/synthetics github.com/aws/aws-sdk-go/service/transfer github.com/aws/aws-sdk-go/service/waf github.com/aws/aws-sdk-go/service/wafregional diff --git a/website/docs/guides/custom-service-endpoints.html.md b/website/docs/guides/custom-service-endpoints.html.md index e186ac084c3..9fd1283d101 100644 --- a/website/docs/guides/custom-service-endpoints.html.md +++ b/website/docs/guides/custom-service-endpoints.html.md @@ -184,6 +184,7 @@ The Terraform AWS Provider allows the following endpoints to be customized:
  • storagegateway
  • sts
  • swf
    • +
  • synthetics
  • transfer
  • waf
  • wafregional
    • From 14c139d67eb1129c790d2bcd516ef7e40b440eac Mon Sep 17 00:00:00 2001 From: Brian Flad Date: Fri, 15 May 2020 12:13:53 -0400 Subject: [PATCH 167/475] website: Add Synthetics to allowed subcategories --- website/allowed-subcategories.txt | 1 + 1 file changed, 1 insertion(+) diff --git a/website/allowed-subcategories.txt b/website/allowed-subcategories.txt index fbb7b427f17..a2c24398725 100644 --- a/website/allowed-subcategories.txt +++ b/website/allowed-subcategories.txt @@ -102,6 +102,7 @@ Shield SimpleDB Step Function (SFN) Storage Gateway +Synthetics Transfer Transit Gateway Network Manager VPC From 9eb4e157ec9cbf919685657e62f56ccfc15b9e94 Mon Sep 17 00:00:00 2001 From: Pascal van Buijtene Date: Fri, 15 May 2020 18:27:51 +0200 Subject: [PATCH 168/475] Apply review changes --- aws/resource_aws_wafv2_ip_set.go | 5 +++-- website/docs/r/wafv2_ip_set.html.markdown | 2 +- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/aws/resource_aws_wafv2_ip_set.go b/aws/resource_aws_wafv2_ip_set.go index 2019da2293e..da0f648e772 100644 --- a/aws/resource_aws_wafv2_ip_set.go +++ b/aws/resource_aws_wafv2_ip_set.go @@ -177,9 +177,10 @@ func resourceAwsWafv2IPSetRead(d *schema.ResourceData, meta interface{}) error { return fmt.Errorf("Error setting addresses: %s", err) } - tags, err := keyvaluetags.Wafv2ListTags(conn, aws.StringValue(resp.IPSet.ARN)) + arn := aws.StringValue(resp.IPSet.ARN) + tags, err := keyvaluetags.Wafv2ListTags(conn, arn) if err != nil { - return fmt.Errorf("Error listing tags for WAFv2 IpSet (%s): %s", *resp.IPSet.ARN, err) + return fmt.Errorf("Error listing tags for WAFv2 IpSet (%s): %s", arn, err) } if err := d.Set("tags", tags.IgnoreAws().IgnoreConfig(ignoreTagsConfig).Map()); err != nil { diff --git a/website/docs/r/wafv2_ip_set.html.markdown b/website/docs/r/wafv2_ip_set.html.markdown index 7b36423fee2..10fa926bbe6 100644 --- a/website/docs/r/wafv2_ip_set.html.markdown +++ b/website/docs/r/wafv2_ip_set.html.markdown @@ -47,7 +47,7 @@ In addition to all arguments above, the following attributes are exported: ## Import -WAFv2 IP Sets can be imported using their ID, Name and Scope e.g. +WAFv2 IP Sets can be imported using `ID/name/scope` ``` $ terraform import aws_wafv2_ip_set.example a1b2c3d4-d5f6-7777-8888-9999aaaabbbbcccc/example/REGIONAL From 748f9428c9707e8a48de3e03bc76d3dd1668a735 Mon Sep 17 00:00:00 2001 From: Angie Pinilla Date: Fri, 15 May 2020 13:36:55 -0400 Subject: [PATCH 169/475] move assume_role test to provider testing --- aws/data_source_aws_caller_identity_test.go | 26 --------------------- aws/provider.go | 24 +++++++++++-------- aws/provider_test.go | 24 +++++++++++++++++++ 3 files changed, 38 insertions(+), 36 deletions(-) diff --git a/aws/data_source_aws_caller_identity_test.go b/aws/data_source_aws_caller_identity_test.go index 5d065d3ca90..d9857323574 100644 --- a/aws/data_source_aws_caller_identity_test.go +++ b/aws/data_source_aws_caller_identity_test.go @@ -23,23 +23,6 @@ func TestAccAWSCallerIdentity_basic(t *testing.T) { }) } -// Protects against a panic in the AWS Provider configuration. -// See https://github.com/terraform-providers/terraform-provider-aws/pull/1227 -func TestAccAWSCallerIdentity_basic_panic(t *testing.T) { - resource.ParallelTest(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t) }, - Providers: testAccProviders, - Steps: []resource.TestStep{ - { - Config: testAccCheckAwsCallerIdentityConfig_basic_panic, - Check: resource.ComposeTestCheckFunc( - testAccCheckAwsCallerIdentityAccountId("data.aws_caller_identity.current"), - ), - }, - }, - }) -} - func testAccCheckAwsCallerIdentityAccountId(n string) resource.TestCheckFunc { return func(s *terraform.State) error { rs, ok := s.RootModule().Resources[n] @@ -71,12 +54,3 @@ func testAccCheckAwsCallerIdentityAccountId(n string) resource.TestCheckFunc { const testAccCheckAwsCallerIdentityConfig_basic = ` data "aws_caller_identity" "current" { } ` - -const testAccCheckAwsCallerIdentityConfig_basic_panic = ` -provider "aws" { - assume_role { - } -} - -data "aws_caller_identity" "current" {} -` diff --git a/aws/provider.go b/aws/provider.go index e164c302d06..b9ff82490d7 100644 --- a/aws/provider.go +++ b/aws/provider.go @@ -1170,17 +1170,21 @@ func providerConfigure(d *schema.ResourceData, terraformVersion string) (interfa assumeRoleList := d.Get("assume_role").([]interface{}) if len(assumeRoleList) == 1 { - assumeRole := assumeRoleList[0].(map[string]interface{}) - config.AssumeRoleARN = assumeRole["role_arn"].(string) - config.AssumeRoleSessionName = assumeRole["session_name"].(string) - config.AssumeRoleExternalID = assumeRole["external_id"].(string) - - if v := assumeRole["policy"].(string); v != "" { - config.AssumeRolePolicy = v + if assumeRoleList[0] != nil { + assumeRole := assumeRoleList[0].(map[string]interface{}) + config.AssumeRoleARN = assumeRole["role_arn"].(string) + config.AssumeRoleSessionName = assumeRole["session_name"].(string) + config.AssumeRoleExternalID = assumeRole["external_id"].(string) + + if v := assumeRole["policy"].(string); v != "" { + config.AssumeRolePolicy = v + } + + log.Printf("[INFO] assume_role configuration set: (ARN: %q, SessionID: %q, ExternalID: %q, Policy: %q)", + config.AssumeRoleARN, config.AssumeRoleSessionName, config.AssumeRoleExternalID, config.AssumeRolePolicy) + } else { + log.Printf("[INFO] Empty assume_role block read from configuration") } - - log.Printf("[INFO] assume_role configuration set: (ARN: %q, SessionID: %q, ExternalID: %q, Policy: %q)", - config.AssumeRoleARN, config.AssumeRoleSessionName, config.AssumeRoleExternalID, config.AssumeRolePolicy) } else { log.Printf("[INFO] No assume_role block read from configuration") } diff --git a/aws/provider_test.go b/aws/provider_test.go index cb69efd2e09..4b6f03b4621 100644 --- a/aws/provider_test.go +++ b/aws/provider_test.go @@ -943,6 +943,21 @@ func TestAccAWSProvider_Region_AwsGovCloudUs(t *testing.T) { }) } +func TestAccAWSProvider_AssumeRole_Empty(t *testing.T) { + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + Steps: []resource.TestStep{ + { + Config: testAccCheckAWSProviderConfigAssumeRoleEmpty, + Check: resource.ComposeTestCheckFunc( + testAccCheckAwsCallerIdentityAccountId("data.aws_caller_identity.current"), + ), + }, + }, + }) +} + func testAccCheckAWSProviderDnsSuffix(providers *[]*schema.Provider, expectedDnsSuffix string) resource.TestCheckFunc { return func(s *terraform.State) error { if providers == nil { @@ -1465,6 +1480,15 @@ provider "aws" { `, os.Getenv("TF_ACC_ASSUME_ROLE_ARN"), policy) } +const testAccCheckAWSProviderConfigAssumeRoleEmpty = ` +provider "aws" { + assume_role { + } +} + +data "aws_caller_identity" "current" {} +` + // composeConfig can be called to concatenate multiple strings to build test configurations func composeConfig(config ...string) string { var str strings.Builder From bde53b2986ab166ef52f594f54b61c7c6cd42e20 Mon Sep 17 00:00:00 2001 From: Angie Pinilla Date: Fri, 15 May 2020 14:07:27 -0400 Subject: [PATCH 170/475] add missing attributes to testcheck --- aws/provider_test.go | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/aws/provider_test.go b/aws/provider_test.go index 4b6f03b4621..ec8c76203b3 100644 --- a/aws/provider_test.go +++ b/aws/provider_test.go @@ -944,9 +944,12 @@ func TestAccAWSProvider_Region_AwsGovCloudUs(t *testing.T) { } func TestAccAWSProvider_AssumeRole_Empty(t *testing.T) { + var providers []*schema.Provider + resource.ParallelTest(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t) }, - Providers: testAccProviders, + PreCheck: func() { testAccPreCheck(t) }, + ProviderFactories: testAccProviderFactories(&providers), + CheckDestroy: nil, Steps: []resource.TestStep{ { Config: testAccCheckAWSProviderConfigAssumeRoleEmpty, From 012864647ddbd4c05361335cda9e370a86fb4d26 Mon Sep 17 00:00:00 2001 From: DrFaust92 Date: Fri, 7 Feb 2020 18:34:53 +0200 Subject: [PATCH 171/475] add support for efs iam policy --- aws/resource_aws_efs_file_system.go | 57 +++++++++++++++ aws/resource_aws_efs_file_system_test.go | 73 ++++++++++++++++++++ website/docs/r/efs_file_system.html.markdown | 34 +++++++++ 3 files changed, 164 insertions(+) diff --git a/aws/resource_aws_efs_file_system.go b/aws/resource_aws_efs_file_system.go index edb5027f5ef..85a5facb2e3 100644 --- a/aws/resource_aws_efs_file_system.go +++ b/aws/resource_aws_efs_file_system.go @@ -4,6 +4,7 @@ import ( "errors" "fmt" "log" + "strings" "time" "github.com/aws/aws-sdk-go/aws" @@ -115,6 +116,12 @@ func resourceAwsEfsFileSystem() *schema.Resource { }, }, }, + "policy": { + Type: schema.TypeString, + Optional: true, + ValidateFunc: validation.ValidateJsonString, + DiffSuppressFunc: suppressEquivalentJsonDiffs, + }, }, } } @@ -195,6 +202,16 @@ func resourceAwsEfsFileSystemCreate(d *schema.ResourceData, meta interface{}) er } } + if v, ok := d.GetOk("policy"); ok && v.(string) != "" { + _, err := conn.PutFileSystemPolicy(&efs.PutFileSystemPolicyInput{ + FileSystemId: aws.String(d.Id()), + Policy: aws.String(v.(string)), + }) + if err != nil { + return fmt.Errorf("Error creating policy for EFS file system %q: %s", d.Id(), err.Error()) + } + } + return resourceAwsEfsFileSystemRead(d, meta) } @@ -253,6 +270,27 @@ func resourceAwsEfsFileSystemUpdate(d *schema.ResourceData, meta interface{}) er } } + if d.HasChange("policy") { + _, n := d.GetChange("policy") + + if n.(string) != "" { + _, err := conn.PutFileSystemPolicy(&efs.PutFileSystemPolicyInput{ + FileSystemId: aws.String(d.Id()), + Policy: aws.String(d.Get("policy").(string)), + }) + if err != nil { + return fmt.Errorf("Error updating policy for EFS file system %q: %s", d.Id(), err.Error()) + } + } else { + _, err := conn.DeleteFileSystemPolicy(&efs.DeleteFileSystemPolicyInput{ + FileSystemId: aws.String(d.Id()), + }) + if err != nil { + return fmt.Errorf("Error removing policy for EFS file system %q: %s", d.Id(), err.Error()) + } + } + } + if d.HasChange("tags") { o, n := d.GetChange("tags") @@ -331,6 +369,25 @@ func resourceAwsEfsFileSystemRead(d *schema.ResourceData, meta interface{}) erro return fmt.Errorf("error setting lifecycle_policy: %s", err) } + var policyRes *efs.DescribeFileSystemPolicyOutput + policyRes, err = conn.DescribeFileSystemPolicy(&efs.DescribeFileSystemPolicyInput{ + FileSystemId: fs.FileSystemId, + }) + if err != nil { + if isAWSErr(err, efs.ErrCodePolicyNotFound, "") { + d.Set("policy", "") + } else { + return fmt.Errorf("Error describing policy for EFS file system (%s): %s", + aws.StringValue(fs.FileSystemId), err) + } + } else { + correctedPolicy := strings.Replace(aws.StringValue(policyRes.Policy), + fmt.Sprintf("\"Resource\" : \"%s\",", fsARN), "", 1) + if err := d.Set("policy", correctedPolicy); err != nil { + return err + } + } + return nil } diff --git a/aws/resource_aws_efs_file_system_test.go b/aws/resource_aws_efs_file_system_test.go index 87e02b8b9a0..ba45739c15d 100644 --- a/aws/resource_aws_efs_file_system_test.go +++ b/aws/resource_aws_efs_file_system_test.go @@ -431,6 +431,47 @@ func TestAccAWSEFSFileSystem_lifecyclePolicy_removal(t *testing.T) { }) } +func TestAccAWSEFSFileSystem_policy(t *testing.T) { + var desc efs.FileSystemDescription + resourceName := "aws_efs_file_system.test" + rName := acctest.RandomWithPrefix("tf-acc") + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckEfsFileSystemDestroy, + Steps: []resource.TestStep{ + { + Config: testAccAWSEFSFileSystemConfigWPolicy(rName), + Check: resource.ComposeTestCheckFunc( + testAccCheckEfsFileSystem(resourceName, &desc), + resource.TestCheckResourceAttrSet(resourceName, "policy"), + ), + }, + { + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{"creation_token"}, + }, + { + Config: testAccAWSEFSFileSystemConfig(rName), + Check: resource.ComposeTestCheckFunc( + testAccCheckEfsFileSystem("aws_efs_file_system.test", &desc), + resource.TestCheckResourceAttr(resourceName, "policy", ""), + ), + }, + { + Config: testAccAWSEFSFileSystemConfigWPolicy(rName), + Check: resource.ComposeTestCheckFunc( + testAccCheckEfsFileSystem(resourceName, &desc), + resource.TestCheckResourceAttrSet(resourceName, "policy"), + ), + }, + }, + }) +} + func TestAccAWSEFSFileSystem_disappears(t *testing.T) { var desc efs.FileSystemDescription resourceName := "aws_efs_file_system.test" @@ -630,6 +671,38 @@ resource "aws_efs_file_system" "test" { `, rName) } +func testAccAWSEFSFileSystemConfigWPolicy(rName string) string { + return fmt.Sprintf(` +resource "aws_efs_file_system" "test" { + creation_token = %q + policy = < Date: Fri, 7 Feb 2020 19:07:07 +0200 Subject: [PATCH 172/475] efs file system data source - add support for policy --- aws/data_source_aws_efs_file_system.go | 24 ++++++++++++++++++++ aws/data_source_aws_efs_file_system_test.go | 2 ++ website/docs/d/efs_file_system.html.markdown | 1 + 3 files changed, 27 insertions(+) diff --git a/aws/data_source_aws_efs_file_system.go b/aws/data_source_aws_efs_file_system.go index e7cf6e66165..8e858f006b2 100644 --- a/aws/data_source_aws_efs_file_system.go +++ b/aws/data_source_aws_efs_file_system.go @@ -3,6 +3,7 @@ package aws import ( "fmt" "log" + "strings" "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/arn" @@ -73,6 +74,10 @@ func dataSourceAwsEfsFileSystem() *schema.Resource { }, }, }, + "policy": { + Type: schema.TypeString, + Computed: true, + }, }, } } @@ -152,6 +157,25 @@ func dataSourceAwsEfsFileSystemRead(d *schema.ResourceData, meta interface{}) er return fmt.Errorf("error setting lifecycle_policy: %s", err) } + var policyRes *efs.DescribeFileSystemPolicyOutput + policyRes, err = efsconn.DescribeFileSystemPolicy(&efs.DescribeFileSystemPolicyInput{ + FileSystemId: fs.FileSystemId, + }) + if err != nil { + if isAWSErr(err, efs.ErrCodePolicyNotFound, "") { + d.Set("policy", "") + } else { + return fmt.Errorf("Error describing policy for EFS file system (%s): %s", + aws.StringValue(fs.FileSystemId), err) + } + } else { + correctedPolicy := strings.Replace(aws.StringValue(policyRes.Policy), + fmt.Sprintf("\"Resource\" : \"%s\",", fsARN), "", 1) + if err := d.Set("policy", correctedPolicy); err != nil { + return err + } + } + d.Set("dns_name", meta.(*AWSClient).RegionalHostname(fmt.Sprintf("%s.efs", aws.StringValue(fs.FileSystemId)))) return nil diff --git a/aws/data_source_aws_efs_file_system_test.go b/aws/data_source_aws_efs_file_system_test.go index f0dd41d7c47..c253e550cfd 100644 --- a/aws/data_source_aws_efs_file_system_test.go +++ b/aws/data_source_aws_efs_file_system_test.go @@ -32,6 +32,7 @@ func TestAccDataSourceAwsEfsFileSystem_id(t *testing.T) { resource.TestCheckResourceAttrPair(dataSourceName, "throughput_mode", resourceName, "throughput_mode"), resource.TestCheckResourceAttrPair(dataSourceName, "lifecycle_policy", resourceName, "lifecycle_policy"), resource.TestMatchResourceAttr(dataSourceName, "size_in_bytes", regexp.MustCompile(`^\d+$`)), + resource.TestCheckResourceAttrPair(dataSourceName, "policy", resourceName, "policy"), ), }, }, @@ -60,6 +61,7 @@ func TestAccDataSourceAwsEfsFileSystem_name(t *testing.T) { resource.TestCheckResourceAttrPair(dataSourceName, "provisioned_throughput_in_mibps", resourceName, "provisioned_throughput_in_mibps"), resource.TestCheckResourceAttrPair(dataSourceName, "throughput_mode", resourceName, "throughput_mode"), resource.TestCheckResourceAttrPair(dataSourceName, "lifecycle_policy", resourceName, "lifecycle_policy"), + resource.TestCheckResourceAttrPair(dataSourceName, "policy", resourceName, "policy"), resource.TestMatchResourceAttr(dataSourceName, "size_in_bytes", regexp.MustCompile(`^\d+$`)), ), }, diff --git a/website/docs/d/efs_file_system.html.markdown b/website/docs/d/efs_file_system.html.markdown index 75da4112e39..eef0a8f8c47 100644 --- a/website/docs/d/efs_file_system.html.markdown +++ b/website/docs/d/efs_file_system.html.markdown @@ -44,3 +44,4 @@ In addition to all arguments above, the following attributes are exported: * `tags` -A map of tags to assign to the file system. * `throughput_mode` - Throughput mode for the file system. * `size_in_bytes` - The current byte count used by the file system. +* `policy` - The JSON formatted file system policy for the EFS file system. From 4314130035cd1816c76dea43dfd264ba6ea00e1f Mon Sep 17 00:00:00 2001 From: DrFaust92 Date: Tue, 14 Apr 2020 19:48:21 +0300 Subject: [PATCH 173/475] fmt --- website/docs/r/efs_file_system.html.markdown | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/website/docs/r/efs_file_system.html.markdown b/website/docs/r/efs_file_system.html.markdown index f9901b998a8..c5661a46864 100644 --- a/website/docs/r/efs_file_system.html.markdown +++ b/website/docs/r/efs_file_system.html.markdown @@ -42,7 +42,7 @@ resource "aws_efs_file_system" "foo_with_lifecyle_policy" { resource "aws_efs_file_system" "foo_with_lifecyle_policy" { creation_token = "my-product" - policy = < Date: Fri, 15 May 2020 17:41:20 +0300 Subject: [PATCH 174/475] split efs policy to its own resource --- aws/data_source_aws_efs_file_system.go | 24 ------- aws/data_source_aws_efs_file_system_test.go | 2 - aws/provider.go | 1 + aws/resource_aws_efs_file_system.go | 57 ---------------- aws/resource_aws_efs_file_system_test.go | 73 --------------------- 5 files changed, 1 insertion(+), 156 deletions(-) diff --git a/aws/data_source_aws_efs_file_system.go b/aws/data_source_aws_efs_file_system.go index 8e858f006b2..e7cf6e66165 100644 --- a/aws/data_source_aws_efs_file_system.go +++ b/aws/data_source_aws_efs_file_system.go @@ -3,7 +3,6 @@ package aws import ( "fmt" "log" - "strings" "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/arn" @@ -74,10 +73,6 @@ func dataSourceAwsEfsFileSystem() *schema.Resource { }, }, }, - "policy": { - Type: schema.TypeString, - Computed: true, - }, }, } } @@ -157,25 +152,6 @@ func dataSourceAwsEfsFileSystemRead(d *schema.ResourceData, meta interface{}) er return fmt.Errorf("error setting lifecycle_policy: %s", err) } - var policyRes *efs.DescribeFileSystemPolicyOutput - policyRes, err = efsconn.DescribeFileSystemPolicy(&efs.DescribeFileSystemPolicyInput{ - FileSystemId: fs.FileSystemId, - }) - if err != nil { - if isAWSErr(err, efs.ErrCodePolicyNotFound, "") { - d.Set("policy", "") - } else { - return fmt.Errorf("Error describing policy for EFS file system (%s): %s", - aws.StringValue(fs.FileSystemId), err) - } - } else { - correctedPolicy := strings.Replace(aws.StringValue(policyRes.Policy), - fmt.Sprintf("\"Resource\" : \"%s\",", fsARN), "", 1) - if err := d.Set("policy", correctedPolicy); err != nil { - return err - } - } - d.Set("dns_name", meta.(*AWSClient).RegionalHostname(fmt.Sprintf("%s.efs", aws.StringValue(fs.FileSystemId)))) return nil diff --git a/aws/data_source_aws_efs_file_system_test.go b/aws/data_source_aws_efs_file_system_test.go index c253e550cfd..f0dd41d7c47 100644 --- a/aws/data_source_aws_efs_file_system_test.go +++ b/aws/data_source_aws_efs_file_system_test.go @@ -32,7 +32,6 @@ func TestAccDataSourceAwsEfsFileSystem_id(t *testing.T) { resource.TestCheckResourceAttrPair(dataSourceName, "throughput_mode", resourceName, "throughput_mode"), resource.TestCheckResourceAttrPair(dataSourceName, "lifecycle_policy", resourceName, "lifecycle_policy"), resource.TestMatchResourceAttr(dataSourceName, "size_in_bytes", regexp.MustCompile(`^\d+$`)), - resource.TestCheckResourceAttrPair(dataSourceName, "policy", resourceName, "policy"), ), }, }, @@ -61,7 +60,6 @@ func TestAccDataSourceAwsEfsFileSystem_name(t *testing.T) { resource.TestCheckResourceAttrPair(dataSourceName, "provisioned_throughput_in_mibps", resourceName, "provisioned_throughput_in_mibps"), resource.TestCheckResourceAttrPair(dataSourceName, "throughput_mode", resourceName, "throughput_mode"), resource.TestCheckResourceAttrPair(dataSourceName, "lifecycle_policy", resourceName, "lifecycle_policy"), - resource.TestCheckResourceAttrPair(dataSourceName, "policy", resourceName, "policy"), resource.TestMatchResourceAttr(dataSourceName, "size_in_bytes", regexp.MustCompile(`^\d+$`)), ), }, diff --git a/aws/provider.go b/aws/provider.go index 0273b116f54..f3c34c613f8 100644 --- a/aws/provider.go +++ b/aws/provider.go @@ -551,6 +551,7 @@ func Provider() terraform.ResourceProvider { "aws_ecs_service": resourceAwsEcsService(), "aws_ecs_task_definition": resourceAwsEcsTaskDefinition(), "aws_efs_file_system": resourceAwsEfsFileSystem(), + "aws_efs_file_system_policy": resourceAwsEfsFileSystemPolicy(), "aws_efs_mount_target": resourceAwsEfsMountTarget(), "aws_egress_only_internet_gateway": resourceAwsEgressOnlyInternetGateway(), "aws_eip": resourceAwsEip(), diff --git a/aws/resource_aws_efs_file_system.go b/aws/resource_aws_efs_file_system.go index 85a5facb2e3..edb5027f5ef 100644 --- a/aws/resource_aws_efs_file_system.go +++ b/aws/resource_aws_efs_file_system.go @@ -4,7 +4,6 @@ import ( "errors" "fmt" "log" - "strings" "time" "github.com/aws/aws-sdk-go/aws" @@ -116,12 +115,6 @@ func resourceAwsEfsFileSystem() *schema.Resource { }, }, }, - "policy": { - Type: schema.TypeString, - Optional: true, - ValidateFunc: validation.ValidateJsonString, - DiffSuppressFunc: suppressEquivalentJsonDiffs, - }, }, } } @@ -202,16 +195,6 @@ func resourceAwsEfsFileSystemCreate(d *schema.ResourceData, meta interface{}) er } } - if v, ok := d.GetOk("policy"); ok && v.(string) != "" { - _, err := conn.PutFileSystemPolicy(&efs.PutFileSystemPolicyInput{ - FileSystemId: aws.String(d.Id()), - Policy: aws.String(v.(string)), - }) - if err != nil { - return fmt.Errorf("Error creating policy for EFS file system %q: %s", d.Id(), err.Error()) - } - } - return resourceAwsEfsFileSystemRead(d, meta) } @@ -270,27 +253,6 @@ func resourceAwsEfsFileSystemUpdate(d *schema.ResourceData, meta interface{}) er } } - if d.HasChange("policy") { - _, n := d.GetChange("policy") - - if n.(string) != "" { - _, err := conn.PutFileSystemPolicy(&efs.PutFileSystemPolicyInput{ - FileSystemId: aws.String(d.Id()), - Policy: aws.String(d.Get("policy").(string)), - }) - if err != nil { - return fmt.Errorf("Error updating policy for EFS file system %q: %s", d.Id(), err.Error()) - } - } else { - _, err := conn.DeleteFileSystemPolicy(&efs.DeleteFileSystemPolicyInput{ - FileSystemId: aws.String(d.Id()), - }) - if err != nil { - return fmt.Errorf("Error removing policy for EFS file system %q: %s", d.Id(), err.Error()) - } - } - } - if d.HasChange("tags") { o, n := d.GetChange("tags") @@ -369,25 +331,6 @@ func resourceAwsEfsFileSystemRead(d *schema.ResourceData, meta interface{}) erro return fmt.Errorf("error setting lifecycle_policy: %s", err) } - var policyRes *efs.DescribeFileSystemPolicyOutput - policyRes, err = conn.DescribeFileSystemPolicy(&efs.DescribeFileSystemPolicyInput{ - FileSystemId: fs.FileSystemId, - }) - if err != nil { - if isAWSErr(err, efs.ErrCodePolicyNotFound, "") { - d.Set("policy", "") - } else { - return fmt.Errorf("Error describing policy for EFS file system (%s): %s", - aws.StringValue(fs.FileSystemId), err) - } - } else { - correctedPolicy := strings.Replace(aws.StringValue(policyRes.Policy), - fmt.Sprintf("\"Resource\" : \"%s\",", fsARN), "", 1) - if err := d.Set("policy", correctedPolicy); err != nil { - return err - } - } - return nil } diff --git a/aws/resource_aws_efs_file_system_test.go b/aws/resource_aws_efs_file_system_test.go index ba45739c15d..87e02b8b9a0 100644 --- a/aws/resource_aws_efs_file_system_test.go +++ b/aws/resource_aws_efs_file_system_test.go @@ -431,47 +431,6 @@ func TestAccAWSEFSFileSystem_lifecyclePolicy_removal(t *testing.T) { }) } -func TestAccAWSEFSFileSystem_policy(t *testing.T) { - var desc efs.FileSystemDescription - resourceName := "aws_efs_file_system.test" - rName := acctest.RandomWithPrefix("tf-acc") - - resource.ParallelTest(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t) }, - Providers: testAccProviders, - CheckDestroy: testAccCheckEfsFileSystemDestroy, - Steps: []resource.TestStep{ - { - Config: testAccAWSEFSFileSystemConfigWPolicy(rName), - Check: resource.ComposeTestCheckFunc( - testAccCheckEfsFileSystem(resourceName, &desc), - resource.TestCheckResourceAttrSet(resourceName, "policy"), - ), - }, - { - ResourceName: resourceName, - ImportState: true, - ImportStateVerify: true, - ImportStateVerifyIgnore: []string{"creation_token"}, - }, - { - Config: testAccAWSEFSFileSystemConfig(rName), - Check: resource.ComposeTestCheckFunc( - testAccCheckEfsFileSystem("aws_efs_file_system.test", &desc), - resource.TestCheckResourceAttr(resourceName, "policy", ""), - ), - }, - { - Config: testAccAWSEFSFileSystemConfigWPolicy(rName), - Check: resource.ComposeTestCheckFunc( - testAccCheckEfsFileSystem(resourceName, &desc), - resource.TestCheckResourceAttrSet(resourceName, "policy"), - ), - }, - }, - }) -} - func TestAccAWSEFSFileSystem_disappears(t *testing.T) { var desc efs.FileSystemDescription resourceName := "aws_efs_file_system.test" @@ -671,38 +630,6 @@ resource "aws_efs_file_system" "test" { `, rName) } -func testAccAWSEFSFileSystemConfigWPolicy(rName string) string { - return fmt.Sprintf(` -resource "aws_efs_file_system" "test" { - creation_token = %q - policy = < Date: Fri, 15 May 2020 17:50:30 +0300 Subject: [PATCH 175/475] split efs policy to its own resource --- aws/resource_aws_efs_file_system_policy.go | 106 +++++++++++++ ...esource_aws_efs_file_system_policy_test.go | 149 ++++++++++++++++++ 2 files changed, 255 insertions(+) create mode 100644 aws/resource_aws_efs_file_system_policy.go create mode 100644 aws/resource_aws_efs_file_system_policy_test.go diff --git a/aws/resource_aws_efs_file_system_policy.go b/aws/resource_aws_efs_file_system_policy.go new file mode 100644 index 00000000000..00a8f535c7e --- /dev/null +++ b/aws/resource_aws_efs_file_system_policy.go @@ -0,0 +1,106 @@ +package aws + +import ( + "fmt" + "log" + + "github.com/aws/aws-sdk-go/aws" + "github.com/aws/aws-sdk-go/service/efs" + "github.com/hashicorp/terraform-plugin-sdk/helper/schema" + "github.com/hashicorp/terraform-plugin-sdk/helper/validation" +) + +func resourceAwsEfsFileSystemPolicy() *schema.Resource { + return &schema.Resource{ + Create: resourceAwsEfsFileSystemPolicyPut, + Read: resourceAwsEfsFileSystemPolicyRead, + Update: resourceAwsEfsFileSystemPolicyPut, + Delete: resourceAwsEfsFileSystemPolicyDelete, + + Importer: &schema.ResourceImporter{ + State: schema.ImportStatePassthrough, + }, + + Schema: map[string]*schema.Schema{ + "file_system_id": { + Type: schema.TypeString, + Required: true, + ForceNew: true, + }, + "policy": { + Type: schema.TypeString, + Required: true, + ValidateFunc: validation.StringIsJSON, + DiffSuppressFunc: suppressEquivalentJsonDiffs, + }, + }, + } +} + +func resourceAwsEfsFileSystemPolicyPut(d *schema.ResourceData, meta interface{}) error { + conn := meta.(*AWSClient).efsconn + + fsId := d.Get("file_system_id").(string) + input := &efs.PutFileSystemPolicyInput{ + FileSystemId: aws.String(fsId), + Policy: aws.String(d.Get("policy").(string)), + } + log.Printf("[DEBUG] Adding EFS File System Policy: %#v", input) + _, err := conn.PutFileSystemPolicy(input) + if err != nil { + return fmt.Errorf("error creating EFS File System Policy %q: %s", d.Id(), err.Error()) + } + + d.SetId(fsId) + + return resourceAwsEfsFileSystemPolicyRead(d, meta) +} + +func resourceAwsEfsFileSystemPolicyRead(d *schema.ResourceData, meta interface{}) error { + conn := meta.(*AWSClient).efsconn + + var policyRes *efs.DescribeFileSystemPolicyOutput + policyRes, err := conn.DescribeFileSystemPolicy(&efs.DescribeFileSystemPolicyInput{ + FileSystemId: aws.String(d.Id()), + }) + if err != nil { + if isAWSErr(err, efs.ErrCodeFileSystemNotFound, "") { + log.Printf("[WARN] EFS File System (%s) not found, removing from state", d.Id()) + d.SetId("") + return nil + } + if isAWSErr(err, efs.ErrCodePolicyNotFound, "") { + log.Printf("[WARN] EFS File System Policy (%s) not found, removing from state", d.Id()) + d.SetId("") + return nil + } + return fmt.Errorf("error describing policy for EFS file system (%s): %s", d.Id(), err) + } + + d.Set("file_system_id", policyRes.FileSystemId) + d.Set("policy", policyRes.Policy) + + //correctedPolicy := strings.Replace(aws.StringValue(policyRes.Policy), + // fmt.Sprintf("\"Resource\" : \"%s\",", fsARN), "", 1) + //if err := d.Set("policy", correctedPolicy); err != nil { + // return err + //} + + return nil +} + +func resourceAwsEfsFileSystemPolicyDelete(d *schema.ResourceData, meta interface{}) error { + conn := meta.(*AWSClient).efsconn + + log.Printf("[DEBUG] Deleting EFS File System Policy: %s", d.Id()) + _, err := conn.DeleteFileSystemPolicy(&efs.DeleteFileSystemPolicyInput{ + FileSystemId: aws.String(d.Id()), + }) + if err != nil { + return fmt.Errorf("error deleting EFS File System Policy: %s with err %s", d.Id(), err.Error()) + } + + log.Printf("[DEBUG] EFS File System Policy %q deleted.", d.Id()) + + return nil +} diff --git a/aws/resource_aws_efs_file_system_policy_test.go b/aws/resource_aws_efs_file_system_policy_test.go new file mode 100644 index 00000000000..d04a934da4f --- /dev/null +++ b/aws/resource_aws_efs_file_system_policy_test.go @@ -0,0 +1,149 @@ +package aws + +import ( + "fmt" + "github.com/aws/aws-sdk-go/aws" + "github.com/aws/aws-sdk-go/service/efs" + "testing" + + "github.com/hashicorp/terraform-plugin-sdk/helper/acctest" + "github.com/hashicorp/terraform-plugin-sdk/helper/resource" + "github.com/hashicorp/terraform-plugin-sdk/terraform" +) + +func TestAccAWSEFSFileSystemPolicy_basic(t *testing.T) { + var desc efs.DescribeFileSystemPolicyOutput + resourceName := "aws_efs_file_system_policy.test" + rName := acctest.RandomWithPrefix("tf-acc-test") + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckEfsFileSystemDestroy, + Steps: []resource.TestStep{ + { + Config: testAccAWSEFSFileSystemPolicyConfig(rName), + Check: resource.ComposeTestCheckFunc( + testAccCheckEfsFileSystemPolicy(resourceName, &desc), + resource.TestCheckResourceAttrSet(resourceName, "policy"), + ), + }, + { + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + }, + }, + }) +} + +func TestAccAWSEFSFileSystemPolicy_disappears(t *testing.T) { + var desc efs.DescribeFileSystemPolicyOutput + resourceName := "aws_efs_file_system_policy.test" + rName := acctest.RandomWithPrefix("tf-acc-test") + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckEfsFileSystemPolicyDestroy, + Steps: []resource.TestStep{ + { + Config: testAccAWSEFSFileSystemPolicyConfig(rName), + Check: resource.ComposeTestCheckFunc( + testAccCheckEfsFileSystemPolicy(resourceName, &desc), + testAccCheckResourceDisappears(testAccProvider, resourceAwsEfsFileSystemPolicy(), resourceName), + ), + ExpectNonEmptyPlan: true, + }, + }, + }) +} + +func testAccCheckEfsFileSystemPolicyDestroy(s *terraform.State) error { + conn := testAccProvider.Meta().(*AWSClient).efsconn + for _, rs := range s.RootModule().Resources { + if rs.Type != "aws_efs_file_system_policy" { + continue + } + + resp, err := conn.DescribeFileSystemPolicy(&efs.DescribeFileSystemPolicyInput{ + FileSystemId: aws.String(rs.Primary.ID), + }) + if err != nil { + if isAWSErr(err, efs.ErrCodeFileSystemNotFound, "") || + isAWSErr(err, efs.ErrCodePolicyNotFound, "") { + return nil + } + return fmt.Errorf("error describing EFS file system policy in tests: %s", err) + } + if resp != nil { + return fmt.Errorf("EFS file system policy %q still exists", rs.Primary.ID) + } + } + + return nil +} + +func testAccCheckEfsFileSystemPolicy(resourceID string, efsFsPolicy *efs.DescribeFileSystemPolicyOutput) resource.TestCheckFunc { + return func(s *terraform.State) error { + rs, ok := s.RootModule().Resources[resourceID] + if !ok { + return fmt.Errorf("Not found: %s", resourceID) + } + + if rs.Primary.ID == "" { + return fmt.Errorf("No ID is set") + } + + conn := testAccProvider.Meta().(*AWSClient).efsconn + fs, err := conn.DescribeFileSystemPolicy(&efs.DescribeFileSystemPolicyInput{ + FileSystemId: aws.String(rs.Primary.ID), + }) + + if err != nil { + return err + } + + *efsFsPolicy = *fs + + return nil + } +} + +func testAccAWSEFSFileSystemPolicyConfig(rName string) string { + return fmt.Sprintf(` +resource "aws_efs_file_system" "test" { + creation_token = %q +} + +resource "aws_efs_file_system_policy" "test" { + file_system_id = "{aws_efs_file_system.test.id}" + + policy = < Date: Fri, 15 May 2020 14:53:54 -0700 Subject: [PATCH 176/475] Adds acceptance test functions for cross-account resources --- aws/provider_test.go | 58 ++++++++++++++++++- ...esource_aws_ram_resource_share_accepter.go | 2 +- ...ce_aws_ram_resource_share_accepter_test.go | 8 +-- 3 files changed, 62 insertions(+), 6 deletions(-) diff --git a/aws/provider_test.go b/aws/provider_test.go index c59e7a202e8..b4411dbbd7e 100644 --- a/aws/provider_test.go +++ b/aws/provider_test.go @@ -21,6 +21,7 @@ import ( ) const rfc3339RegexPattern = `^[0-9]{4}-(0[1-9]|1[012])-(0[1-9]|[12][0-9]|3[01])[Tt]([01][0-9]|2[0-3]):[0-5][0-9]:[0-5][0-9](\.[0-9]+)?([Zz]|([+-]([01][0-9]|2[0-3]):[0-5][0-9]))$` +const uuidRegexPattern = `[a-f0-9]{8}-[a-f0-9]{4}-[1-5][a-f0-9]{3}-[ab89][a-f0-9]{3}-[a-f0-9]{12}` var testAccProviders map[string]terraform.ResourceProvider var testAccProviderFactories func(providers *[]*schema.Provider) map[string]terraform.ResourceProviderFactory @@ -73,6 +74,21 @@ func testAccPreCheck(t *testing.T) { } } +// testAccAlternateAccountProvider returns the schema.Provider for the alternate account +// Must be used within a resource.TestCheckFunc +func testAccAlternateAccountProvider(providers *[]*schema.Provider) (result *schema.Provider) { + primaryAccountID := testAccGetAccountID() + + for _, provider := range *providers { + accountID := testAccAwsProviderAccountID(provider) + if accountID != "" && accountID != primaryAccountID { + result = provider + } + } + + return +} + // testAccAwsProviderAccountID returns the account ID of an AWS provider func testAccAwsProviderAccountID(provider *schema.Provider) string { if provider == nil { @@ -98,6 +114,15 @@ func testAccCheckResourceAttrAccountID(resourceName, attributeName string) resou } } +// testAccCheckResourceAttrAlternateAccountID ensures the Terraform state exactly matches the alternate account ID +func testAccCheckResourceAttrAlternateAccountID(resourceName, attributeName string, providers *[]*schema.Provider) resource.TestCheckFunc { + return func(s *terraform.State) error { + provider := testAccAlternateAccountProvider(providers) + + return resource.TestCheckResourceAttr(resourceName, attributeName, testAccAwsProviderAccountID(provider))(s) + } +} + // testAccCheckResourceAttrRegionalARN ensures the Terraform state exactly matches a formatted ARN with region func testAccCheckResourceAttrRegionalARN(resourceName, attributeName, arnService, arnResource string) resource.TestCheckFunc { return func(s *terraform.State) error { @@ -180,6 +205,37 @@ func testAccMatchResourceAttrRegionalARNNoAccount(resourceName, attributeName, a } } +// testAccMatchResourceAttrRegionalARNAccountID ensures the Terraform state regexp matches a formatted ARN with region and specific account ID +func testAccMatchResourceAttrRegionalARNAccountID(resourceName, attributeName, accountID, arnService string, arnResourceRegexp *regexp.Regexp) resource.TestCheckFunc { + return func(s *terraform.State) error { + arnRegexp := arn.ARN{ + AccountID: accountID, + Partition: testAccGetPartition(), + Region: testAccGetRegion(), + Resource: arnResourceRegexp.String(), + Service: arnService, + }.String() + + attributeMatch, err := regexp.Compile(arnRegexp) + + if err != nil { + return fmt.Errorf("Unable to compile ARN regexp (%s): %s", arnRegexp, err) + } + + return resource.TestMatchResourceAttr(resourceName, attributeName, attributeMatch)(s) + } +} + +// testAccMatchResourceAttrRegionalARNAlternateAccount ensures the Terraform state regexp matches a formatted ARN with region in the alternate account +// assumes the regions for the primary and alternate accounts are the same +func testAccMatchResourceAttrRegionalARNAlternateAccount(resourceName, attributeName string, providers *[]*schema.Provider, arnService string, arnResourceRegexp *regexp.Regexp) resource.TestCheckFunc { + return func(s *terraform.State) error { + provider := testAccAlternateAccountProvider(providers) + + return testAccMatchResourceAttrRegionalARNAccountID(resourceName, attributeName, testAccAwsProviderAccountID(provider), "ram", arnResourceRegexp)(s) + } +} + // testAccMatchResourceAttrRegionalHostname ensures the Terraform state regexp matches a formatted DNS hostname with region and partition DNS suffix func testAccMatchResourceAttrRegionalHostname(resourceName, attributeName, serviceName string, hostnamePrefixRegexp *regexp.Regexp) resource.TestCheckFunc { return func(s *terraform.State) error { @@ -339,7 +395,7 @@ func primaryInstanceState(s *terraform.State, name string) (*terraform.InstanceS } // testAccGetAccountID returns the account ID of testAccProvider -// Must be used returned within a resource.TestCheckFunc +// Must be used within a resource.TestCheckFunc func testAccGetAccountID() string { return testAccAwsProviderAccountID(testAccProvider) } diff --git a/aws/resource_aws_ram_resource_share_accepter.go b/aws/resource_aws_ram_resource_share_accepter.go index 8a15023255a..e7dbbdfb17a 100644 --- a/aws/resource_aws_ram_resource_share_accepter.go +++ b/aws/resource_aws_ram_resource_share_accepter.go @@ -151,7 +151,7 @@ func resourceAwsRamResourceShareAccepterRead(d *schema.ResourceData, meta interf shares, err := conn.GetResourceShares(listResourceSharesInput) if err != nil { - return fmt.Errorf("Error retrieving resource shares: %s", err) + return fmt.Errorf("error retrieving resource shares: %w", err) } if len(shares.ResourceShares) != 1 { diff --git a/aws/resource_aws_ram_resource_share_accepter_test.go b/aws/resource_aws_ram_resource_share_accepter_test.go index 36fe5cd318a..3340c01b4ca 100644 --- a/aws/resource_aws_ram_resource_share_accepter_test.go +++ b/aws/resource_aws_ram_resource_share_accepter_test.go @@ -34,11 +34,11 @@ func TestAccAwsRamResourceShareAccepter_basic(t *testing.T) { Check: resource.ComposeTestCheckFunc( testAccCheckAwsRamResourceShareAccepterExists(resourceName), resource.TestCheckResourceAttrPair(resourceName, "share_arn", principalAssociationResourceName, "resource_share_arn"), - testAccMatchResourceAttrRegionalARN(resourceName, "invitation_arn", "ram", regexp.MustCompile("resource-share-invitation/.+$")), - resource.TestMatchResourceAttr(resourceName, "share_id", regexp.MustCompile(`^rs-.+$`)), + testAccMatchResourceAttrRegionalARNAlternateAccount(resourceName, "invitation_arn", &providers, "ram", regexp.MustCompile(fmt.Sprintf("resource-share-invitation/%s$", uuidRegexPattern))), + resource.TestMatchResourceAttr(resourceName, "share_id", regexp.MustCompile(fmt.Sprintf(`^rs-%s$`, uuidRegexPattern))), resource.TestCheckResourceAttr(resourceName, "status", ram.ResourceShareStatusActive), - resource.TestMatchResourceAttr(resourceName, "receiver_account_id", regexp.MustCompile(`\d{12}`)), - resource.TestMatchResourceAttr(resourceName, "sender_account_id", regexp.MustCompile(`\d{12}`)), + testAccCheckResourceAttrAccountID(resourceName, "receiver_account_id"), + testAccCheckResourceAttrAlternateAccountID(resourceName, "sender_account_id", &providers), resource.TestCheckResourceAttr(resourceName, "share_name", shareName), resource.TestCheckResourceAttr(resourceName, "resources.%", "0"), ), From b80bcf59fcc1945307ef6482bdea5113d7efaec6 Mon Sep 17 00:00:00 2001 From: Graham Davison Date: Fri, 15 May 2020 14:55:03 -0700 Subject: [PATCH 177/475] Adds custom KMS key and makes example Terraform v0.11-friendly --- examples/workspaces/iam.tf | 6 +++--- examples/workspaces/main.tf | 10 +++++----- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/examples/workspaces/iam.tf b/examples/workspaces/iam.tf index a18efb674d5..e3800f308ab 100644 --- a/examples/workspaces/iam.tf +++ b/examples/workspaces/iam.tf @@ -1,6 +1,6 @@ resource "aws_iam_role" "workspaces-default" { name = "workspaces_DefaultRole" - assume_role_policy = data.aws_iam_policy_document.workspaces.json + assume_role_policy = "${data.aws_iam_policy_document.workspaces.json}" } data "aws_iam_policy_document" "workspaces" { @@ -15,11 +15,11 @@ data "aws_iam_policy_document" "workspaces" { } resource "aws_iam_role_policy_attachment" "workspaces-default-service-access" { - role = aws_iam_role.workspaces-default.name + role = "${aws_iam_role.workspaces-default.name}" policy_arn = "arn:aws:iam::aws:policy/AmazonWorkSpacesServiceAccess" } resource "aws_iam_role_policy_attachment" "workspaces-default-self-service-access" { - role = aws_iam_role.workspaces-default.name + role = "${aws_iam_role.workspaces-default.name}" policy_arn = "arn:aws:iam::aws:policy/AmazonWorkSpacesSelfServiceAccess" } diff --git a/examples/workspaces/main.tf b/examples/workspaces/main.tf index 0bbdb041c6a..5479598a2f7 100644 --- a/examples/workspaces/main.tf +++ b/examples/workspaces/main.tf @@ -24,7 +24,7 @@ resource "aws_workspaces_workspace" "example" { root_volume_encryption_enabled = true user_volume_encryption_enabled = true - volume_encryption_key = data.aws_kms_key.workspaces_default.arn + volume_encryption_key = "${aws_kms_key.example.arn}" workspace_properties { compute_type_name = "VALUE" @@ -73,10 +73,10 @@ data "aws_availability_zones" "available" { locals { # Workspace instances are not supported in all AZs in some regions region_workspaces_az_ids = { - "us-east-1" = formatlist("use1-az%d", [2, 4, 6]) + "us-east-1" = "${formatlist("use1-az%d", [2, 4, 6])}" } - workspaces_az_ids = lookup(local.region_workspaces_az_ids, data.aws_region.current.name, data.aws_availability_zones.available.zone_ids) + workspaces_az_ids = "${lookup(local.region_workspaces_az_ids, data.aws_region.current.name, data.aws_availability_zones.available.zone_ids)}" } resource "aws_vpc" "main" { @@ -105,6 +105,6 @@ resource "aws_directory_service_directory" "example" { } } -data "aws_kms_key" "workspaces_default" { - key_id = "alias/aws/workspaces" +resource "aws_kms_key" "example" { + description = "WorkSpaces example key" } From 3d7c3f3b61c40be47fdd4a95da6c05f57b76eea3 Mon Sep 17 00:00:00 2001 From: Kevin Tham Date: Fri, 15 May 2020 19:14:44 -0700 Subject: [PATCH 178/475] Fix aws_security_group_rule description field overwritten to nil on TF state refresh --- aws/resource_aws_security_group_rule.go | 27 ++++++++++++-------- aws/resource_aws_security_group_rule_test.go | 1 + 2 files changed, 17 insertions(+), 11 deletions(-) diff --git a/aws/resource_aws_security_group_rule.go b/aws/resource_aws_security_group_rule.go index 41009bf2071..7135869e11b 100644 --- a/aws/resource_aws_security_group_rule.go +++ b/aws/resource_aws_security_group_rule.go @@ -842,20 +842,25 @@ func descriptionFromIPPerm(d *schema.ResourceData, rule *ec2.IpPermission) strin } } - // probe UserIdGroupPairs - groupIds := make(map[string]bool) if raw, ok := d.GetOk("source_security_group_id"); ok { - groupIds[raw.(string)] = true - } + components := strings.Split(raw.(string), "/") - if len(groupIds) > 0 { - for _, gp := range rule.UserIdGroupPairs { - if _, ok := groupIds[*gp.GroupId]; !ok { - continue - } + switch len(components) { + case 2: + userId := components[0] + groupId := components[1] - if desc := aws.StringValue(gp.Description); desc != "" { - return desc + for _, gp := range rule.UserIdGroupPairs { + if *gp.GroupId == groupId && *gp.UserId == userId { + return aws.StringValue(gp.Description) + } + } + case 1: + groupId := components[0] + for _, gp := range rule.UserIdGroupPairs { + if *gp.GroupId == groupId { + return aws.StringValue(gp.Description) + } } } } diff --git a/aws/resource_aws_security_group_rule_test.go b/aws/resource_aws_security_group_rule_test.go index 12faae390ad..64af4d47fbe 100644 --- a/aws/resource_aws_security_group_rule_test.go +++ b/aws/resource_aws_security_group_rule_test.go @@ -2089,6 +2089,7 @@ resource "aws_security_group_rule" "allow_self" { from_port = 0 to_port = 0 protocol = "-1" + description = "some description" security_group_id = "${aws_security_group.web.id}" source_security_group_id = "${data.aws_caller_identity.current.account_id}/${aws_security_group.web.id}" } From 8cfd92714094a17280f946af95c27ce9832a1b9f Mon Sep 17 00:00:00 2001 From: Kevin Tham Date: Fri, 15 May 2020 19:39:15 -0700 Subject: [PATCH 179/475] fix --- aws/resource_aws_security_group_rule.go | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) diff --git a/aws/resource_aws_security_group_rule.go b/aws/resource_aws_security_group_rule.go index 7135869e11b..509ba4a45c5 100644 --- a/aws/resource_aws_security_group_rule.go +++ b/aws/resource_aws_security_group_rule.go @@ -851,15 +851,24 @@ func descriptionFromIPPerm(d *schema.ResourceData, rule *ec2.IpPermission) strin groupId := components[1] for _, gp := range rule.UserIdGroupPairs { + if *gp.GroupId != groupId || *gp.UserId != userId { + continue + } if *gp.GroupId == groupId && *gp.UserId == userId { - return aws.StringValue(gp.Description) + if desc := aws.StringValue(gp.Description); desc != "" { + return desc + } } } case 1: groupId := components[0] for _, gp := range rule.UserIdGroupPairs { - if *gp.GroupId == groupId { - return aws.StringValue(gp.Description) + if *gp.GroupId != groupId { + continue + } + + if desc := aws.StringValue(gp.Description); desc != "" { + return desc } } } From 489690bbe352a609dc440014e201bf7969d54eb2 Mon Sep 17 00:00:00 2001 From: DrFaust92 Date: Sat, 16 May 2020 18:14:33 +0300 Subject: [PATCH 180/475] take remove custom arn handling --- aws/resource_aws_efs_file_system_policy.go | 6 --- ...esource_aws_efs_file_system_policy_test.go | 46 ++++++++++++++++++- 2 files changed, 45 insertions(+), 7 deletions(-) diff --git a/aws/resource_aws_efs_file_system_policy.go b/aws/resource_aws_efs_file_system_policy.go index 00a8f535c7e..5bb677ea172 100644 --- a/aws/resource_aws_efs_file_system_policy.go +++ b/aws/resource_aws_efs_file_system_policy.go @@ -80,12 +80,6 @@ func resourceAwsEfsFileSystemPolicyRead(d *schema.ResourceData, meta interface{} d.Set("file_system_id", policyRes.FileSystemId) d.Set("policy", policyRes.Policy) - //correctedPolicy := strings.Replace(aws.StringValue(policyRes.Policy), - // fmt.Sprintf("\"Resource\" : \"%s\",", fsARN), "", 1) - //if err := d.Set("policy", correctedPolicy); err != nil { - // return err - //} - return nil } diff --git a/aws/resource_aws_efs_file_system_policy_test.go b/aws/resource_aws_efs_file_system_policy_test.go index d04a934da4f..819ec05784b 100644 --- a/aws/resource_aws_efs_file_system_policy_test.go +++ b/aws/resource_aws_efs_file_system_policy_test.go @@ -33,6 +33,13 @@ func TestAccAWSEFSFileSystemPolicy_basic(t *testing.T) { ImportState: true, ImportStateVerify: true, }, + { + Config: testAccAWSEFSFileSystemPolicyConfigUpdated(rName), + Check: resource.ComposeTestCheckFunc( + testAccCheckEfsFileSystemPolicy(resourceName, &desc), + resource.TestCheckResourceAttrSet(resourceName, "policy"), + ), + }, }, }) } @@ -117,7 +124,7 @@ resource "aws_efs_file_system" "test" { } resource "aws_efs_file_system_policy" "test" { - file_system_id = "{aws_efs_file_system.test.id}" + file_system_id = "${aws_efs_file_system.test.id}" policy = < Date: Sat, 16 May 2020 18:23:48 +0300 Subject: [PATCH 181/475] add docs --- ...esource_aws_efs_file_system_policy_test.go | 44 ------------ website/docs/r/efs_file_system.html.markdown | 34 --------- .../r/efs_file_system_policy.html.markdown | 70 +++++++++++++++++++ 3 files changed, 70 insertions(+), 78 deletions(-) create mode 100644 website/docs/r/efs_file_system_policy.html.markdown diff --git a/aws/resource_aws_efs_file_system_policy_test.go b/aws/resource_aws_efs_file_system_policy_test.go index 819ec05784b..066efbfb986 100644 --- a/aws/resource_aws_efs_file_system_policy_test.go +++ b/aws/resource_aws_efs_file_system_policy_test.go @@ -33,13 +33,6 @@ func TestAccAWSEFSFileSystemPolicy_basic(t *testing.T) { ImportState: true, ImportStateVerify: true, }, - { - Config: testAccAWSEFSFileSystemPolicyConfigUpdated(rName), - Check: resource.ComposeTestCheckFunc( - testAccCheckEfsFileSystemPolicy(resourceName, &desc), - resource.TestCheckResourceAttrSet(resourceName, "policy"), - ), - }, }, }) } @@ -154,40 +147,3 @@ POLICY } `, rName) } - -func testAccAWSEFSFileSystemPolicyConfigUpdated(rName string) string { - return fmt.Sprintf(` -resource "aws_efs_file_system" "test" { - creation_token = %q -} - -resource "aws_efs_file_system_policy" "test" { - file_system_id = "${aws_efs_file_system.test.id}" - - policy = < Date: Sat, 16 May 2020 18:53:34 +0300 Subject: [PATCH 182/475] add update case --- ...esource_aws_efs_file_system_policy_test.go | 42 +++++++++++++++++++ 1 file changed, 42 insertions(+) diff --git a/aws/resource_aws_efs_file_system_policy_test.go b/aws/resource_aws_efs_file_system_policy_test.go index 066efbfb986..442f12b7fa9 100644 --- a/aws/resource_aws_efs_file_system_policy_test.go +++ b/aws/resource_aws_efs_file_system_policy_test.go @@ -33,6 +33,13 @@ func TestAccAWSEFSFileSystemPolicy_basic(t *testing.T) { ImportState: true, ImportStateVerify: true, }, + { + Config: testAccAWSEFSFileSystemPolicyConfigUpdated(rName), + Check: resource.ComposeTestCheckFunc( + testAccCheckEfsFileSystemPolicy(resourceName, &desc), + resource.TestCheckResourceAttrSet(resourceName, "policy"), + ), + }, }, }) } @@ -147,3 +154,38 @@ POLICY } `, rName) } + +func testAccAWSEFSFileSystemPolicyConfigUpdated(rName string) string { + return fmt.Sprintf(` +resource "aws_efs_file_system" "test" { + creation_token = %q +} + +resource "aws_efs_file_system_policy" "test" { + file_system_id = "${aws_efs_file_system.test.id}" + + policy = < Date: Sat, 16 May 2020 18:59:28 +0300 Subject: [PATCH 183/475] Update efs_file_system.html.markdown --- website/docs/d/efs_file_system.html.markdown | 1 - 1 file changed, 1 deletion(-) diff --git a/website/docs/d/efs_file_system.html.markdown b/website/docs/d/efs_file_system.html.markdown index eef0a8f8c47..75da4112e39 100644 --- a/website/docs/d/efs_file_system.html.markdown +++ b/website/docs/d/efs_file_system.html.markdown @@ -44,4 +44,3 @@ In addition to all arguments above, the following attributes are exported: * `tags` -A map of tags to assign to the file system. * `throughput_mode` - Throughput mode for the file system. * `size_in_bytes` - The current byte count used by the file system. -* `policy` - The JSON formatted file system policy for the EFS file system. From 84c0a62c7a731e1766f93955a2c743aaad55722c Mon Sep 17 00:00:00 2001 From: DrFaust92 Date: Sat, 16 May 2020 19:31:50 +0300 Subject: [PATCH 184/475] add docs --- website/aws.erb | 3 +++ 1 file changed, 3 insertions(+) diff --git a/website/aws.erb b/website/aws.erb index b1952514534..b15303dac57 100644 --- a/website/aws.erb +++ b/website/aws.erb @@ -1378,6 +1378,9 @@
  • aws_efs_file_system
    • +
  • + aws_efs_file_system_policy +
  • aws_efs_mount_target
    • From 4f4cae49cd52aa09af0d9ee4990b4698c1856803 Mon Sep 17 00:00:00 2001 From: Andrew Perry Date: Sat, 16 May 2020 22:29:15 +0100 Subject: [PATCH 185/475] style: Add spacing between principal blocks Updates the example Terraform code so that it matches the rest of the examples. --- website/docs/d/iam_policy_document.html.markdown | 1 + 1 file changed, 1 insertion(+) diff --git a/website/docs/d/iam_policy_document.html.markdown b/website/docs/d/iam_policy_document.html.markdown index a6a83b4a9db..1ae073dbc1a 100644 --- a/website/docs/d/iam_policy_document.html.markdown +++ b/website/docs/d/iam_policy_document.html.markdown @@ -186,6 +186,7 @@ data "aws_iam_policy_document" "event_stream_bucket_role_assume_role_policy" { type = "AWS" identifiers = ["${var.trusted_role_arn}"] } + principals { type = "Federated" identifiers = ["arn:aws:iam::${var.account_id}:saml-provider/${var.provider_name}", "cognito-identity.amazonaws.com"] From 5cce2de939bb1429be5dc0dd49f2f7c761fdb426 Mon Sep 17 00:00:00 2001 From: Brian Flad Date: Sun, 17 May 2020 18:36:12 -0400 Subject: [PATCH 186/475] docs/contributing: Initial Resource and Data Source Acceptance Testing sections (#13332) These sections are designed to document the Terraform AWS Provider "best practices" around writing acceptance testing for resources and data sources. The goal is to remove the current ambiguity of these practices for contributors of all levels since the codebase contains many older style generations of testing. These practices will likely change over time as we optimize the experience and updates to this documentation can help highlight those simplifications in those future refactoring proposals. --- .../running-and-writing-acceptance-tests.md | 463 ++++++++++++++++-- 1 file changed, 431 insertions(+), 32 deletions(-) diff --git a/docs/contributing/running-and-writing-acceptance-tests.md b/docs/contributing/running-and-writing-acceptance-tests.md index 7d419488676..25cde2dbaed 100644 --- a/docs/contributing/running-and-writing-acceptance-tests.md +++ b/docs/contributing/running-and-writing-acceptance-tests.md @@ -1,11 +1,25 @@ # Running and Writing Acceptance Tests - - [Acceptance Tests Often Cost Money to Run](#acceptance-tests-often-cost-money-to-run) - - [Running an Acceptance Test](#running-an-acceptance-test) - - [Writing an Acceptance Test](#writing-an-acceptance-test) - - [Writing and running Cross-Account Acceptance Tests](#writing-and-running-cross-account-acceptance-tests) - - [Writing and running Cross-Region Acceptance Tests](#writing-and-running-cross-region-acceptance-tests) - - [Acceptance Test Checklist](#acceptance-test-checklist) +- [Acceptance Tests Often Cost Money to Run](#acceptance-tests-often-cost-money-to-run) +- [Running an Acceptance Test](#running-an-acceptance-test) + - [Running Cross-Account Tests](#running-cross-account-tests) + - [Running Cross-Region Tests](#running-cross-region-tests) +- [Writing an Acceptance Test](#writing-an-acceptance-test) + - [Anatomy of an Acceptance Test](#anatomy-of-an-acceptance-test) + - [Resource Acceptance Testing](#resource-acceptance-testing) + - [Test Configurations](#test-configurations) + - [Combining Test Configurations](#combining-test-configurations) + - [Base Test Configurations](#base-test-configurations) + - [Available Common Test Configurations](#available-common-test-configurations) + - [Randomized Naming](#randomized-naming) + - [Other Recommended Variables](#other-recommended-variables) + - [Basic Acceptance Tests](#basic-acceptance-tests) + - [Disappears Acceptance Tests](#disappears-acceptance-tests) + - [Per Attribute Acceptance Tests](#per-attribute-acceptance-tests) + - [Cross-Account Acceptance Tests](#cross-account-acceptance-tests) + - [Cross-Region Acceptance Tests](#cross-region-acceptance-tests) + - [Data Source Acceptance Testing](#data-source-acceptance-testing) +- [Acceptance Test Checklist](#acceptance-test-checklist) Terraform includes an acceptance test harness that does most of the repetitive work involved in testing a resource. For additional information about testing @@ -84,13 +98,54 @@ ok github.com/terraform-providers/terraform-provider-aws/aws 55.619s Please Note: On macOS 10.14 and later (and some Linux distributions), the default user open file limit is 256. This may cause unexpected issues when running the acceptance testing since this can prevent various operations from occurring such as opening network connections to AWS. To view this limit, the `ulimit -n` command can be run. To update this limit, run `ulimit -n 1024` (or higher). +### Running Cross-Account Tests + +Certain testing requires multiple AWS accounts. This additional setup is not typically required and the testing will return an error (shown below) if your current setup does not have the secondary AWS configuration: + +```console +$ make testacc TEST=./aws TESTARGS='-run=TestAccAWSDBInstance_DbSubnetGroupName_RamShared' +=== RUN TestAccAWSDBInstance_DbSubnetGroupName_RamShared +=== PAUSE TestAccAWSDBInstance_DbSubnetGroupName_RamShared +=== CONT TestAccAWSDBInstance_DbSubnetGroupName_RamShared + TestAccAWSDBInstance_DbSubnetGroupName_RamShared: provider_test.go:386: AWS_ALTERNATE_ACCESS_KEY_ID or AWS_ALTERNATE_PROFILE must be set for acceptance tests +--- FAIL: TestAccAWSDBInstance_DbSubnetGroupName_RamShared (2.22s) +FAIL +FAIL github.com/terraform-providers/terraform-provider-aws/aws 4.305s +FAIL +``` + +Running these acceptance tests is the same as before, except the following additional AWS credential information is required: + +```sh +# Using a profile +export AWS_ALTERNATE_PROFILE=... +# Otherwise +export AWS_ALTERNATE_ACCESS_KEY_ID=... +export AWS_ALTERNATE_SECRET_ACCESS_KEY=... +``` + +### Running Cross-Region Tests + +Certain testing requires multiple AWS regions. Additional setup is not typically required because the testing defaults the alternate AWS region to `us-east-1`. + +Running these acceptance tests is the same as before, but if you wish to override the alternate region: + +```sh +export AWS_ALTERNATE_REGION=... +``` + ## Writing an Acceptance Test Terraform has a framework for writing acceptance tests which minimises the -amount of boilerplate code necessary to use common testing patterns. The entry -point to the framework is the `resource.ParallelTest()` function. +amount of boilerplate code necessary to use common testing patterns. This guide is meant to augment the general [Extending Terraform documentation](https://www.terraform.io/docs/extend/testing/acceptance-tests/index.html) with Terraform AWS Provider specific conventions and helpers. + +### Anatomy of an Acceptance Test -Tests are divided into `TestStep`s. Each `TestStep` proceeds by applying some +This section describes in detail how the Terraform acceptance testing framework operates with respect to the Terraform AWS Provider. We recommend those unfamiliar with this provider, or Terraform resource testing in general, take a look here first to generally understand how we interact with AWS and the resource code to verify functionality. + +The entry point to the framework is the `resource.ParallelTest()` function. This wraps our testing to work with the standard Go testing framework, while also preventing unexpected usage of AWS by requiring the `TF_ACC=1` environment variable. This function accepts a `TestCase` parameter, which has all the details about the test itself. For example, this includes the test steps (`TestSteps`) and how to verify resource deletion in the API after all steps have been run (`CheckDestroy`). + +Each `TestStep` proceeds by applying some Terraform configuration using the provider under test, and then verifying that results are as expected by making assertions using the provider API. It is common for a single test function to exercise both the creation of and updates @@ -102,7 +157,7 @@ to a single resource. Most tests follow a similar structure. to running acceptance tests. This is common to all tests exercising a single provider. -Each `TestStep` is defined in the call to `resource.ParallelTest()`. Most assertion +Most assertion functions are defined out of band with the tests. This keeps the tests readable, and allows reuse of assertion functions across different tests of the same type of resource. The definition of a complete test looks like this: @@ -193,10 +248,10 @@ When executing the test, the following steps are taken for each `TestStep`: resource.TestCheckResourceAttr("aws_cloudwatch_dashboard.foobar", "dashboard_name", testAccAWSCloudWatchDashboardName(rInt)), ``` -2. The resources created by the test are destroyed. This step happens +1. The resources created by the test are destroyed. This step happens automatically, and is the equivalent of calling `terraform destroy`. -3. Assertions are made against the provider API to verify that the resources +1. Assertions are made against the provider API to verify that the resources have indeed been removed. If these checks fail, the test fails and reports "dangling resources". The code to ensure that the `aws_cloudwatch_dashboard` shown above has been destroyed looks like this: @@ -229,7 +284,317 @@ When executing the test, the following steps are taken for each `TestStep`: These functions usually test only for the resource directly under test. -## Writing and running Cross-Account Acceptance Tests +### Resource Acceptance Testing + +Most resources that implement standard Create, Read, Update, and Delete functionality should follow the pattern below. Each test type has a section that describes them in more detail: + +- **basic**: This represents the bare minimum verification that the resource can be created, read, deleted, and optionally imported. +- **disappears**: A test that verifies Terraform will offer to recreate a resource if it is deleted outside of Terraform (e.g. via the Console) instead of returning an error that it cannot be found. +- **Per Attribute**: A test that verifies the resource with a single additional argument can be created, read, optionally updated (or force resource recreation), deleted, and optionally imported. + +The leading sections below highlight additional recommended patterns. + +#### Test Configurations + +Most of the existing test configurations you will find in the Terraform AWS Provider are written in the following function-based style: + +```go +func TestAccAwsExampleThing_basic(t *testing.T) { + // ... omitted for brevity ... + + resource.ParallelTest(t, resource.TestCase{ + // ... omitted for brevity ... + Steps: []resource.TestStep{ + { + Config: testAccAwsExampleThingConfig(), + // ... omitted for brevity ... + }, + }, + }) +} + +func testAccAwsExampleThingConfig() string { + return ` +resource "aws_example_thing" "test" { + # ... omitted for brevity ... +} +` +} +``` + +Even when no values need to be passed in to the test configuration, we have found this setup to be the most flexible for allowing that to be easily implemented. Any configurable values are handled via `fmt.Sprintf()`. Using `text/template` or other templating styles is explicitly forbidden. + +For consistency, resources in the test configuration should be named `resource "..." "test"` unless multiple of that resource are necessary. + +We discourage re-using test configurations across test files (except for some common configuration helpers we provide) as it is much harder to discover potential testing regressions. + +Please also note that the newline on the first line of the configuration (before `resource`) and the newline after the last line of configuration (after `}`) are important to allow test configurations to be easily combined without generating Terraform configuration language syntax errors. + +#### Combining Test Configurations + +We include a helper function, `composeConfig()` for iteratively building and chaining test configurations together. It accepts any number of configurations to combine them. This simplifies a single resource's testing by allowing the creation of a "base" test configuration for all the other test configurations (if necessary) and also allows the maintainers to curate common configurations. Each of these is described in more detail in below sections. + +Please note that we do discourage _excessive_ chaining of configurations such as implementing multiple layers of "base" configurations. Usually these configurations are harder for maintainers and other future readers to understand due to the multiple levels of indirection. + +##### Base Test Configurations + +If a resource requires the same Terraform configuration as a prerequisite for all test configurations, then a common pattern is implementing a "base" test configuration that is combined with each test configuration. + +For example: + +```go +func testAccAwsExampleThingConfigBase() string { + return ` +resource "aws_iam_role" "test" { + # ... omitted for brevity ... +} + +resource "aws_iam_role_policy" "test" { + # ... omitted for brevity ... +} +` +} + +func testAccAwsExampleThingConfig() string { + return composeConfig( + testAccAwsExampleThingConfigBase(), + ` +resource "aws_example_thing" "test" { + # ... omitted for brevity ... +} +`) +} +``` + +##### Available Common Test Configurations + +These test configurations are typical implementations we have found or allow testing to implement best practices easier, since the Terraform AWS Provider testing is expected to run against various AWS Regions and Partitions. + +- `testAccAvailableEc2InstanceTypeForRegion("type1", "type2", ...)`: Typically used to replace hardcoded EC2 Instance Types. Uses `aws_ec2_instance_type_offering` data source to return an available EC2 Instance Type in preferred ordering. Reference the instance type via: `data.aws_ec2_instance_type_offering.available.instance_type` +- `testAccLatestAmazonLinuxHvmEbsAmiConfig()`: Typically used to replace hardcoded EC2 Image IDs (`ami-12345678`). Uses `aws_ami` data source to find the latest Amazon Linux image. Reference the AMI ID via: `data.aws_ami.amzn-ami-minimal-hvm-ebs.id` + +#### Randomized Naming + +For AWS resources that require unique naming, the tests should implement a randomized name, typically coded as a `rName` variable in the test and passed as a parameter to creating the test configuration. + +For example: + +```go +func TestAccAwsExampleThing_basic(t *testing.T) { + rName := acctest.RandomWithPrefix("tf-acc-test") + // ... omitted for brevity ... + + resource.ParallelTest(t, resource.TestCase{ + // ... omitted for brevity ... + Steps: []resource.TestStep{ + { + Config: testAccAwsExampleThingConfigName(rName), + // ... omitted for brevity ... + }, + }, + }) +} + +func testAccAwsExampleThingConfigName(rName string) string { + return fmt.Sprintf(` +resource "aws_example_thing" "test" { + name = %[1]q +} +`, rName) +} +``` + +Typically the `rName` is always the first argument to the test configuration function, if used, for consistency. + +#### Other Recommended Variables + +We also typically recommend saving a `resourceName` variable in the test that contains the resource reference, e.g. `aws_example_thing.test`, which is repeatedly used in the checks. + +For example: + +```go +func TestAccAwsExampleThing_basic(t *testing.T) { + // ... omitted for brevity ... + resourceName := "aws_example_thing.test" + + resource.ParallelTest(t, resource.TestCase{ + // ... omitted for brevity ... + Steps: []resource.TestStep{ + { + // ... omitted for brevity ... + Check: resource.ComposeTestCheckFunc( + testAccCheckAwsExampleThingExists(resourceName), + testAccCheckResourceAttrRegionalARN(resourceName, "arn", "example", fmt.Sprintf("thing/%s", rName)), + resource.TestCheckResourceAttr(resourceName, "description", ""), + resource.TestCheckResourceAttr(resourceName, "name", rName), + ), + }, + { + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + }, + }, + }) +} + +// below all TestAcc functions + +func testAccAwsExampleThingConfigName(rName string) string { + return fmt.Sprintf(` +resource "aws_example_thing" "test" { + name = %[1]q +} +`, rName) +} +``` + +#### Basic Acceptance Tests + +Usually this test is implemented first. The test configuration should contain only required arguments (`Required: true` attributes) and it should check the values of all read-only attributes (`Computed: true` without `Optional: true`). If the resource supports it, it verifies import. It should _NOT_ perform other `TestStep` such as updates or verify recreation. + +These are typically named `TestAccAws{SERVICE}{THING}_basic`, e.g. `TestAccAwsCloudWatchDashboard_basic` + +For example: + +```go +func TestAccAwsExampleThing_basic(t *testing.T) { + rName := acctest.RandomWithPrefix("tf-acc-test") + resourceName := "aws_example_thing.test" + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAwsExampleThingDestroy, + Steps: []resource.TestStep{ + { + Config: testAccAwsExampleThingConfigName(rName), + Check: resource.ComposeTestCheckFunc( + testAccCheckAwsExampleThingExists(resourceName), + testAccCheckResourceAttrRegionalARN(resourceName, "arn", "example", fmt.Sprintf("thing/%s", rName)), + resource.TestCheckResourceAttr(resourceName, "description", ""), + resource.TestCheckResourceAttr(resourceName, "name", rName), + ), + }, + { + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + }, + }, + }) +} + +// below all TestAcc functions + +func testAccAwsExampleThingConfigName(rName string) string { + return fmt.Sprintf(` +resource "aws_example_thing" "test" { + name = %[1]q +} +`, rName) +} +``` + +#### Disappears Acceptance Tests + +This test is generally implemented second. It is straightforward to setup once the basic test is passing since it can reuse that test configuration. It prevents a common bug report with Terraform resources that error when they can not be found (e.g. deleted outside Terraform). + +These are typically named `TestAccAws{SERVICE}{THING}_disappears`, e.g. `TestAccAwsCloudWatchDashboard_disappears` + +For example: + +```go +func TestAccAwsExampleThing_disappears(t *testing.T) { + rName := acctest.RandomWithPrefix("tf-acc-test") + resourceName := "aws_example_thing.test" + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAwsExampleThingDestroy, + Steps: []resource.TestStep{ + { + Config: testAccAwsExampleThingConfigName(rName), + Check: resource.ComposeTestCheckFunc( + testAccCheckAwsExampleThingExists(resourceName, &job), + testAccCheckResourceDisappears(testAccProvider, resourceAwsExampleThing(), resourceName), + ), + ExpectNonEmptyPlan: true, + }, + }, + }) +} +``` + +If this test does fail, the fix for this is generally adding error handling immediately after the `Read` API call that catches the error and tells Terraform to remove the resource before returning the error: + +```go +output, err := conn.GetThing(input) + +if isAWSErr(err, example.ErrCodeResourceNotFound, "") { + log.Printf("[WARN] Example Thing (%s) not found, removing from state", d.Id()) + d.SetId("") + return nil +} + +if err != nil { + return fmt.Errorf("error reading Example Thing (%s): %w", d.Id(), err) +} +``` + +#### Per Attribute Acceptance Tests + +These are typically named `TestAccAws{SERVICE}{THING}_{ATTRIBUTE}`, e.g. `TestAccAwsCloudWatchDashboard_Name` + +For example: + +```go +func TestAccAwsExampleThing_Description(t *testing.T) { + rName := acctest.RandomWithPrefix("tf-acc-test") + resourceName := "aws_example_thing.test" + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAwsExampleThingDestroy, + Steps: []resource.TestStep{ + { + Config: testAccAwsExampleThingConfigDescription(rName, "description1"), + Check: resource.ComposeTestCheckFunc( + testAccCheckAwsExampleThingExists(resourceName), + resource.TestCheckResourceAttr(resourceName, "description", "description1"), + ), + }, + { + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + }, + { + Config: testAccAwsExampleThingConfigDescription(rName, "description2"), + Check: resource.ComposeTestCheckFunc( + testAccCheckAwsExampleThingExists(resourceName), + resource.TestCheckResourceAttr(resourceName, "description", "description2"), + ), + }, + }, + }) +} + +// below all TestAcc functions + +func testAccAwsExampleThingConfigDescription(rName string, description string) string { + return fmt.Sprintf(` +resource "aws_example_thing" "test" { + description = %[2]q + name = %[1]q +} +`, rName, description) +} +``` + +#### Cross-Account Acceptance Tests When testing requires AWS infrastructure in a second AWS account, the below changes to the normal setup will allow the management or reference of resources and data sources across accounts: @@ -292,17 +657,7 @@ resource "aws_example" "test" { Searching for usage of `testAccAlternateAccountPreCheck` in the codebase will yield real world examples of this setup in action. -Running these acceptance tests is the same as before, except the following additional credential information is required: - -```sh -# Using a profile -export AWS_ALTERNATE_PROFILE=... -# Otherwise -export AWS_ALTERNATE_ACCESS_KEY_ID=... -export AWS_ALTERNATE_SECRET_ACCESS_KEY=... -``` - -## Writing and running Cross-Region Acceptance Tests +#### Cross-Region Acceptance Tests When testing requires AWS infrastructure in a second AWS region, the below changes to the normal setup will allow the management or reference of resources and data sources across regions: @@ -366,16 +721,60 @@ resource "aws_example" "test" { Searching for usage of `testAccAlternateRegionPreCheck` in the codebase will yield real world examples of this setup in action. -Running these acceptance tests is the same as before, except if an AWS region other than the default alternate region - `us-east-1` - is required, -in which case the following additional configuration information is required: +### Data Source Acceptance Testing -```sh -export AWS_ALTERNATE_REGION=... -``` +Writing acceptance testing for data sources is similar to resources, with the biggest changes being: + +- Adding `DataSource` to the test and configuration naming, such as `TestAccAwsExampleThingDataSource_Filter` +- The basic test _may_ be named after the easiest lookup attribute instead, e.g. `TestAccAwsExampleThingDataSource_Name` +- No disappears testing +- Almost all checks should be done with [`resource.TestCheckResourceAttrPair()`](https://pkg.go.dev/github.com/hashicorp/terraform-plugin-sdk/helper/resource?tab=doc#TestCheckResourceAttrPair) to compare the data source attributes to the resource attributes +- The usage of an additional `dataSourceName` variable to store a data source reference, e.g. `data.aws_example_thing.test` + +Data sources testing should still utilize the `CheckDestroy` function of the resource, just to continue verifying that there are no dangling AWS resources after a test is ran. + +Please note that we do not recommend re-using test configurations between resources and their associated data source as it is harder to discover testing regressions. Authors are encouraged to potentially implement similar "base" configurations though. + +For example: + +```go +func TestAccAwsExampleThingDataSource_Name(t *testing.T) { + rName := acctest.RandomWithPrefix("tf-acc-test") + dataSourceName := "data.aws_example_thing.test" + resourceName := "aws_example_thing.test" + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAwsExampleThingDestroy, + Steps: []resource.TestStep{ + { + Config: testAccAwsExampleThingDataSourceConfigName(rName), + Check: resource.ComposeTestCheckFunc( + testAccCheckAwsExampleThingExists(resourceName), + resource.TestCheckResourceAttrPair(resourceName, "arn", dataSourceName, "arn"), + resource.TestCheckResourceAttrPair(resourceName, "description", dataSourceName, "description"), + resource.TestCheckResourceAttrPair(resourceName, "name", dataSourceName, "name"), + ), + }, + }, + }) +} + +// below all TestAcc functions + +func testAccAwsExampleThingDataSourceConfigName(rName string) string { + return fmt.Sprintf(` +resource "aws_example_thing" "test" { + name = %[1]q +} -[website]: https://github.com/terraform-providers/terraform-provider-aws/tree/master/website -[acctests]: https://github.com/hashicorp/terraform#acceptance-tests -[ml]: https://groups.google.com/group/terraform-tool +data "aws_example_thing" "test" { + name = aws_example_thing.test.name +} +`, rName) +} +``` ## Acceptance Test Checklist From 0f5fbb4d5262055d764087b800873ad02b6fb624 Mon Sep 17 00:00:00 2001 From: appilon Date: Sun, 17 May 2020 22:27:38 -0400 Subject: [PATCH 187/475] Disable binary driver for missed tests (#13359) These tests were missed in the original sweep of tests that use TypeSet addresses --- aws/resource_aws_security_group_test.go | 7 ++++--- aws/resource_aws_vpc_peering_connection_options_test.go | 5 +++-- 2 files changed, 7 insertions(+), 5 deletions(-) diff --git a/aws/resource_aws_security_group_test.go b/aws/resource_aws_security_group_test.go index 839d0a3eb9c..9898f784a70 100644 --- a/aws/resource_aws_security_group_test.go +++ b/aws/resource_aws_security_group_test.go @@ -808,9 +808,10 @@ func TestAccAWSSecurityGroup_ruleGathering(t *testing.T) { resourceName := "aws_security_group.test" resource.ParallelTest(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t) }, - Providers: testAccProviders, - CheckDestroy: testAccCheckAWSSecurityGroupDestroy, + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSSecurityGroupDestroy, + DisableBinaryDriver: true, Steps: []resource.TestStep{ { Config: testAccAWSSecurityGroupConfig_ruleGathering(sgName), diff --git a/aws/resource_aws_vpc_peering_connection_options_test.go b/aws/resource_aws_vpc_peering_connection_options_test.go index 8621e38cece..a9552c49721 100644 --- a/aws/resource_aws_vpc_peering_connection_options_test.go +++ b/aws/resource_aws_vpc_peering_connection_options_test.go @@ -202,8 +202,9 @@ func TestAccAWSVpcPeeringConnectionOptions_sameRegionDifferentAccount(t *testing testAccPreCheck(t) testAccAlternateAccountPreCheck(t) }, - ProviderFactories: testAccProviderFactories(&providers), - CheckDestroy: testAccCheckAWSVpcPeeringConnectionDestroy, + ProviderFactories: testAccProviderFactories(&providers), + CheckDestroy: testAccCheckAWSVpcPeeringConnectionDestroy, + DisableBinaryDriver: true, Steps: []resource.TestStep{ { Config: testAccVpcPeeringConnectionOptionsConfig_sameRegion_differentAccount(rName), From 40099de47e3707e3891e4c00d7cfa0532b16fa01 Mon Sep 17 00:00:00 2001 From: Kerim Satirli Date: Mon, 18 May 2020 17:33:06 +0200 Subject: [PATCH 188/475] docs/provider: Various documentation updates for aws_cloudfront_distribution and codecommit (#13319) * changes `ARN` to `ID` * adds highlighting * Removes outdated warning * removes outdated warning * Update website/docs/r/acm_certificate.html.markdown Co-authored-by: Brian Flad Co-authored-by: Brian Flad --- website/docs/r/cloudfront_distribution.html.markdown | 2 +- website/docs/r/codecommit_repository.html.markdown | 4 ---- website/docs/r/codecommit_trigger.html.markdown | 4 ---- 3 files changed, 1 insertion(+), 9 deletions(-) diff --git a/website/docs/r/cloudfront_distribution.html.markdown b/website/docs/r/cloudfront_distribution.html.markdown index 1e85553e2e3..bba0c985ff7 100644 --- a/website/docs/r/cloudfront_distribution.html.markdown +++ b/website/docs/r/cloudfront_distribution.html.markdown @@ -520,7 +520,7 @@ In addition to all arguments above, the following attributes are exported: * `id` - The identifier for the distribution. For example: `EDFDVBD632BHDS5`. - * `arn` - The ARN (Amazon Resource Name) for the distribution. For example: arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5, where 123456789012 is your AWS account ID. + * `arn` - The ARN (Amazon Resource Name) for the distribution. For example: `arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5`, where `123456789012` is your AWS account ID. * `caller_reference` - Internal value used by CloudFront to allow future updates to the distribution configuration. diff --git a/website/docs/r/codecommit_repository.html.markdown b/website/docs/r/codecommit_repository.html.markdown index cf6f065c4ec..30ef0d92ead 100644 --- a/website/docs/r/codecommit_repository.html.markdown +++ b/website/docs/r/codecommit_repository.html.markdown @@ -10,10 +10,6 @@ description: |- Provides a CodeCommit Repository Resource. -~> **NOTE on CodeCommit Availability**: The CodeCommit is not yet rolled out -in all regions - available regions are listed -[the AWS Docs](https://docs.aws.amazon.com/general/latest/gr/rande.html#codecommit_region). - ## Example Usage ```hcl diff --git a/website/docs/r/codecommit_trigger.html.markdown b/website/docs/r/codecommit_trigger.html.markdown index bdb2c373f50..fed21d68bd1 100644 --- a/website/docs/r/codecommit_trigger.html.markdown +++ b/website/docs/r/codecommit_trigger.html.markdown @@ -10,10 +10,6 @@ description: |- Provides a CodeCommit Trigger Resource. -~> **NOTE on CodeCommit**: The CodeCommit is not yet rolled out -in all regions - available regions are listed -[the AWS Docs](https://docs.aws.amazon.com/general/latest/gr/rande.html#codecommit_region). - ## Example Usage ```hcl From 8dde7804da66772b0e903c6c1cb148c89a650771 Mon Sep 17 00:00:00 2001 From: angie pinilla Date: Mon, 18 May 2020 15:20:54 -0400 Subject: [PATCH 189/475] Update CHANGELOG for #12119 --- CHANGELOG.md | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index cd7c7351153..d8832d1120f 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,4 +1,9 @@ ## 2.63.0 (Unreleased) + +FEATURES: + +* **New Resource:** `aws_wafv2_ip_set` [GH-12119] + ## 2.62.0 (May 15, 2020) FEATURES: From f4dfa90bf7910267bcb92d56baec720f12bb6a85 Mon Sep 17 00:00:00 2001 From: Kevin Tham Date: Mon, 18 May 2020 16:57:52 -0700 Subject: [PATCH 190/475] pr feedback --- aws/resource_aws_security_group_rule.go | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/aws/resource_aws_security_group_rule.go b/aws/resource_aws_security_group_rule.go index 509ba4a45c5..ffcf6cffe42 100644 --- a/aws/resource_aws_security_group_rule.go +++ b/aws/resource_aws_security_group_rule.go @@ -842,6 +842,7 @@ func descriptionFromIPPerm(d *schema.ResourceData, rule *ec2.IpPermission) strin } } + // probe UserIdGroupPairs if raw, ok := d.GetOk("source_security_group_id"); ok { components := strings.Split(raw.(string), "/") @@ -851,19 +852,18 @@ func descriptionFromIPPerm(d *schema.ResourceData, rule *ec2.IpPermission) strin groupId := components[1] for _, gp := range rule.UserIdGroupPairs { - if *gp.GroupId != groupId || *gp.UserId != userId { + if aws.StringValue(gp.GroupId) != groupId || aws.StringValue(gp.UserId) != userId { continue } - if *gp.GroupId == groupId && *gp.UserId == userId { - if desc := aws.StringValue(gp.Description); desc != "" { - return desc - } + + if desc := aws.StringValue(gp.Description); desc != "" { + return desc } } case 1: groupId := components[0] for _, gp := range rule.UserIdGroupPairs { - if *gp.GroupId != groupId { + if aws.StringValue(gp.GroupId) != groupId { continue } From 50de3fe22ac603652d9e85e99de876752246fcab Mon Sep 17 00:00:00 2001 From: Angie Pinilla Date: Mon, 18 May 2020 23:35:50 -0400 Subject: [PATCH 191/475] remove DisableBinaryDriver refs in tests --- aws/resource_aws_api_gateway_usage_plan_test.go | 3 --- 1 file changed, 3 deletions(-) diff --git a/aws/resource_aws_api_gateway_usage_plan_test.go b/aws/resource_aws_api_gateway_usage_plan_test.go index f3884c6f639..6c1abd687af 100644 --- a/aws/resource_aws_api_gateway_usage_plan_test.go +++ b/aws/resource_aws_api_gateway_usage_plan_test.go @@ -211,7 +211,6 @@ func TestAccAWSAPIGatewayUsagePlan_throttling(t *testing.T) { PreCheck: func() { testAccPreCheck(t) }, Providers: testAccProviders, CheckDestroy: testAccCheckAWSAPIGatewayUsagePlanDestroy, - DisableBinaryDriver: true, Steps: []resource.TestStep{ { Config: testAccAWSApiGatewayUsagePlanBasicConfig(rName), @@ -266,7 +265,6 @@ func TestAccAWSAPIGatewayUsagePlan_throttlingInitialRateLimit(t *testing.T) { PreCheck: func() { testAccPreCheck(t) }, Providers: testAccProviders, CheckDestroy: testAccCheckAWSAPIGatewayUsagePlanDestroy, - DisableBinaryDriver: true, Steps: []resource.TestStep{ { Config: testAccAWSApiGatewayUsagePlanThrottlingConfig(rName), @@ -293,7 +291,6 @@ func TestAccAWSAPIGatewayUsagePlan_quota(t *testing.T) { PreCheck: func() { testAccPreCheck(t) }, Providers: testAccProviders, CheckDestroy: testAccCheckAWSAPIGatewayUsagePlanDestroy, - DisableBinaryDriver: true, Steps: []resource.TestStep{ { Config: testAccAWSApiGatewayUsagePlanBasicConfig(rName), From 212b746745effd9df8f46a2a5ead251002edf648 Mon Sep 17 00:00:00 2001 From: Angie Pinilla Date: Mon, 18 May 2020 23:43:39 -0400 Subject: [PATCH 192/475] run go fmt --- ...resource_aws_api_gateway_usage_plan_test.go | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/aws/resource_aws_api_gateway_usage_plan_test.go b/aws/resource_aws_api_gateway_usage_plan_test.go index 6c1abd687af..e766f11d7be 100644 --- a/aws/resource_aws_api_gateway_usage_plan_test.go +++ b/aws/resource_aws_api_gateway_usage_plan_test.go @@ -208,9 +208,9 @@ func TestAccAWSAPIGatewayUsagePlan_throttling(t *testing.T) { resourceName := "aws_api_gateway_usage_plan.test" resource.ParallelTest(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t) }, - Providers: testAccProviders, - CheckDestroy: testAccCheckAWSAPIGatewayUsagePlanDestroy, + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSAPIGatewayUsagePlanDestroy, Steps: []resource.TestStep{ { Config: testAccAWSApiGatewayUsagePlanBasicConfig(rName), @@ -262,9 +262,9 @@ func TestAccAWSAPIGatewayUsagePlan_throttlingInitialRateLimit(t *testing.T) { resourceName := "aws_api_gateway_usage_plan.test" resource.ParallelTest(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t) }, - Providers: testAccProviders, - CheckDestroy: testAccCheckAWSAPIGatewayUsagePlanDestroy, + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSAPIGatewayUsagePlanDestroy, Steps: []resource.TestStep{ { Config: testAccAWSApiGatewayUsagePlanThrottlingConfig(rName), @@ -288,9 +288,9 @@ func TestAccAWSAPIGatewayUsagePlan_quota(t *testing.T) { resourceName := "aws_api_gateway_usage_plan.test" resource.ParallelTest(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t) }, - Providers: testAccProviders, - CheckDestroy: testAccCheckAWSAPIGatewayUsagePlanDestroy, + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSAPIGatewayUsagePlanDestroy, Steps: []resource.TestStep{ { Config: testAccAWSApiGatewayUsagePlanBasicConfig(rName), From 45bf57207f417e0f53ed8d26232686012c7b64f4 Mon Sep 17 00:00:00 2001 From: Angie Pinilla Date: Mon, 18 May 2020 23:51:42 -0400 Subject: [PATCH 193/475] run go fmt --- aws/resource_aws_cloudfront_distribution_test.go | 14 ++++++-------- 1 file changed, 6 insertions(+), 8 deletions(-) diff --git a/aws/resource_aws_cloudfront_distribution_test.go b/aws/resource_aws_cloudfront_distribution_test.go index cf4ba8e625c..87f341a1c0c 100644 --- a/aws/resource_aws_cloudfront_distribution_test.go +++ b/aws/resource_aws_cloudfront_distribution_test.go @@ -323,10 +323,9 @@ func TestAccAWSCloudFrontDistribution_noOptionalItemsConfig(t *testing.T) { var distribution cloudfront.Distribution resourceName := "aws_cloudfront_distribution.no_optional_items" resource.ParallelTest(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSCloudFront(t) }, - Providers: testAccProviders, - CheckDestroy: testAccCheckCloudFrontDistributionDestroy, - DisableBinaryDriver: true, + PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSCloudFront(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckCloudFrontDistributionDestroy, Steps: []resource.TestStep{ { Config: testAccAWSCloudFrontDistributionNoOptionalItemsConfig, @@ -1080,10 +1079,9 @@ func TestAccAWSCloudFrontDistribution_OriginGroups(t *testing.T) { ri := acctest.RandInt() testConfig := fmt.Sprintf(testAccAWSCloudFrontDistributionOriginGroupsConfig, ri, originBucket, backupBucket, testAccAWSCloudFrontDistributionRetainConfig()) resource.ParallelTest(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSCloudFront(t) }, - Providers: testAccProviders, - CheckDestroy: testAccCheckCloudFrontDistributionDestroy, - DisableBinaryDriver: true, + PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSCloudFront(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckCloudFrontDistributionDestroy, Steps: []resource.TestStep{ { Config: testConfig, From e36f9c9accc6eba00e993b5ba629911f7212aee1 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 19 May 2020 09:18:28 -0400 Subject: [PATCH 194/475] Update module aws/aws-sdk-go to v1.31.0 (#13358) Co-authored-by: Renovate Bot --- go.mod | 2 +- go.sum | 4 +- .../aws/aws-sdk-go/aws/endpoints/defaults.go | 124 +- .../github.com/aws/aws-sdk-go/aws/version.go | 2 +- .../aws-sdk-go/service/cloudformation/api.go | 366 ++++++ .../service/cloudformation/waiters.go | 66 + .../aws/aws-sdk-go/service/dynamodb/api.go | 40 +- .../aws/aws-sdk-go/service/ec2/api.go | 2 +- .../aws/aws-sdk-go/service/ecr/api.go | 45 +- .../aws/aws-sdk-go/service/ecr/errors.go | 3 +- .../aws/aws-sdk-go/service/ecs/api.go | 142 ++- .../aws/aws-sdk-go/service/glue/api.go | 242 +++- .../aws/aws-sdk-go/service/glue/errors.go | 7 + .../aws/aws-sdk-go/service/qldb/api.go | 1120 ++++++++++++++++- .../aws/aws-sdk-go/service/sts/api.go | 4 +- vendor/modules.txt | 2 +- 16 files changed, 2100 insertions(+), 71 deletions(-) diff --git a/go.mod b/go.mod index 064d902dacc..573f3a61b1f 100644 --- a/go.mod +++ b/go.mod @@ -3,7 +3,7 @@ module github.com/terraform-providers/terraform-provider-aws go 1.13 require ( - github.com/aws/aws-sdk-go v1.30.28 + github.com/aws/aws-sdk-go v1.31.0 github.com/beevik/etree v1.1.0 github.com/bflad/tfproviderdocs v0.6.0 github.com/bflad/tfproviderlint v0.14.0 diff --git a/go.sum b/go.sum index 9eb3b8a5b58..ad5339e2676 100644 --- a/go.sum +++ b/go.sum @@ -39,8 +39,8 @@ github.com/armon/go-radix v1.0.0 h1:F4z6KzEeeQIMeLFa97iZU6vupzoecKdU5TX24SNppXI= github.com/armon/go-radix v1.0.0/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgIH9cCH8= github.com/aws/aws-sdk-go v1.15.78/go.mod h1:E3/ieXAlvM0XWO57iftYVDLLvQ824smPP3ATZkfNZeM= github.com/aws/aws-sdk-go v1.25.3/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpiN924inxo= -github.com/aws/aws-sdk-go v1.30.28 h1:SaPM7dlmp7h3Lj1nJ4jdzOkTdom08+g20k7AU5heZYg= -github.com/aws/aws-sdk-go v1.30.28/go.mod h1:5zCpMtNQVjRREroY7sYe8lOMRSxkhG6MZveU8YkpAk0= +github.com/aws/aws-sdk-go v1.31.0 h1:ITLZ0oy7IOB1NGt2Ee75bLevBaH1jaAXE2eyGbPRbCg= +github.com/aws/aws-sdk-go v1.31.0/go.mod h1:5zCpMtNQVjRREroY7sYe8lOMRSxkhG6MZveU8YkpAk0= github.com/beevik/etree v1.1.0 h1:T0xke/WvNtMoCqgzPhkX2r4rjY3GDZFi+FjpRZY2Jbs= github.com/beevik/etree v1.1.0/go.mod h1:r8Aw8JqVegEf0w2fDnATrX9VpkMcyFeM0FhwO62wh+A= github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= diff --git a/vendor/github.com/aws/aws-sdk-go/aws/endpoints/defaults.go b/vendor/github.com/aws/aws-sdk-go/aws/endpoints/defaults.go index be3ad80e135..b976086aba7 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/endpoints/defaults.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/endpoints/defaults.go @@ -1641,8 +1641,10 @@ var awsPartition = partition{ "discovery": service{ Endpoints: endpoints{ + "ap-northeast-1": endpoint{}, "ap-southeast-2": endpoint{}, "eu-central-1": endpoint{}, + "us-east-1": endpoint{}, "us-west-2": endpoint{}, }, }, @@ -2119,6 +2121,7 @@ var awsPartition = partition{ "elasticfilesystem": service{ Endpoints: endpoints{ + "af-south-1": endpoint{}, "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, @@ -2131,6 +2134,12 @@ var awsPartition = partition{ "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "fips-af-south-1": endpoint{ + Hostname: "elasticfilesystem-fips.af-south-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "af-south-1", + }, + }, "fips-ap-east-1": endpoint{ Hostname: "elasticfilesystem-fips.ap-east-1.amazonaws.com", CredentialScope: credentialScope{ @@ -3586,8 +3595,10 @@ var awsPartition = partition{ "mgh": service{ Endpoints: endpoints{ + "ap-northeast-1": endpoint{}, "ap-southeast-2": endpoint{}, "eu-central-1": endpoint{}, + "us-east-1": endpoint{}, "us-west-2": endpoint{}, }, }, @@ -4951,20 +4962,21 @@ var awsPartition = partition{ }, }, "shield": service{ - IsRegionalized: boxedFalse, + PartitionEndpoint: "aws-global", + IsRegionalized: boxedFalse, Defaults: endpoint{ SSLCommonName: "shield.us-east-1.amazonaws.com", Protocols: []string{"https"}, }, Endpoints: endpoints{ - "fips-us-east-1": endpoint{ - Hostname: "shield-fips.us-east-1.amazonaws.com", + "aws-global": endpoint{ + Hostname: "shield.us-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-1", }, }, - "us-east-1": endpoint{ - Hostname: "shield.us-east-1.amazonaws.com", + "fips-aws-global": endpoint{ + Hostname: "shield-fips.us-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-1", }, @@ -6506,6 +6518,19 @@ var awscnPartition = partition{ "cn-northwest-1": endpoint{}, }, }, + "route53": service{ + PartitionEndpoint: "aws-cn-global", + IsRegionalized: boxedFalse, + + Endpoints: endpoints{ + "aws-cn-global": endpoint{ + Hostname: "route53.amazonaws.com.cn", + CredentialScope: credentialScope{ + Region: "cn-northwest-1", + }, + }, + }, + }, "runtime.sagemaker": service{ Endpoints: endpoints{ @@ -6907,8 +6932,18 @@ var awsusgovPartition = partition{ "cloudformation": service{ Endpoints: endpoints{ - "us-gov-east-1": endpoint{}, - "us-gov-west-1": endpoint{}, + "us-gov-east-1": endpoint{ + Hostname: "cloudformation.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + "us-gov-west-1": endpoint{ + Hostname: "cloudformation.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, }, }, "cloudhsm": service{ @@ -7008,6 +7043,24 @@ var awsusgovPartition = partition{ "us-gov-west-1": endpoint{}, }, }, + "cognito-identity": service{ + + Endpoints: endpoints{ + "us-gov-west-1": endpoint{}, + }, + }, + "cognito-idp": service{ + + Endpoints: endpoints{ + "fips-us-gov-west-1": endpoint{ + Hostname: "cognito-idp-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + "us-gov-west-1": endpoint{}, + }, + }, "comprehend": service{ Defaults: endpoint{ Protocols: []string{"https"}, @@ -7169,6 +7222,15 @@ var awsusgovPartition = partition{ "us-gov-west-1": endpoint{}, }, }, + "eks": service{ + Defaults: endpoint{ + Protocols: []string{"http", "https"}, + }, + Endpoints: endpoints{ + "us-gov-east-1": endpoint{}, + "us-gov-west-1": endpoint{}, + }, + }, "elasticache": service{ Endpoints: endpoints{ @@ -7352,7 +7414,12 @@ var awsusgovPartition = partition{ Protocols: []string{"https"}, }, Endpoints: endpoints{ - "us-gov-west-1": endpoint{}, + "us-gov-west-1": endpoint{ + Hostname: "greengrass.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, }, }, "guardduty": service{ @@ -7854,16 +7921,49 @@ var awsusgovPartition = partition{ "sqs": service{ Endpoints: endpoints{ - "us-gov-east-1": endpoint{}, + "us-gov-east-1": endpoint{ + Hostname: "sqs.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, "us-gov-west-1": endpoint{ + Hostname: "sqs.us-gov-west-1.amazonaws.com", SSLCommonName: "{region}.queue.{dnsSuffix}", Protocols: []string{"http", "https"}, + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, }, }, }, "ssm": service{ Endpoints: endpoints{ + "fips-us-gov-east-1": endpoint{ + Hostname: "ssm.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + "fips-us-gov-west-1": endpoint{ + Hostname: "ssm.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + "ssm-facade-fips-us-gov-east-1": endpoint{ + Hostname: "ssm-facade.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + "ssm-facade-fips-us-gov-west-1": endpoint{ + Hostname: "ssm-facade.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, "us-gov-east-1": endpoint{}, "us-gov-west-1": endpoint{}, }, @@ -8208,6 +8308,12 @@ var awsisoPartition = partition{ }, }, }, + "es": service{ + + Endpoints: endpoints{ + "us-iso-east-1": endpoint{}, + }, + }, "events": service{ Endpoints: endpoints{ diff --git a/vendor/github.com/aws/aws-sdk-go/aws/version.go b/vendor/github.com/aws/aws-sdk-go/aws/version.go index d23e36e2da2..8b19a543464 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/version.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/version.go @@ -5,4 +5,4 @@ package aws const SDKName = "aws-sdk-go" // SDKVersion is the version of this SDK -const SDKVersion = "1.30.28" +const SDKVersion = "1.31.0" diff --git a/vendor/github.com/aws/aws-sdk-go/service/cloudformation/api.go b/vendor/github.com/aws/aws-sdk-go/service/cloudformation/api.go index d92ee2227bc..a5761751c29 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/cloudformation/api.go +++ b/vendor/github.com/aws/aws-sdk-go/service/cloudformation/api.go @@ -1055,6 +1055,12 @@ func (c *CloudFormation) DescribeAccountLimitsRequest(input *DescribeAccountLimi Name: opDescribeAccountLimits, HTTPMethod: "POST", HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "", + TruncationToken: "", + }, } if input == nil { @@ -1101,6 +1107,58 @@ func (c *CloudFormation) DescribeAccountLimitsWithContext(ctx aws.Context, input return out, req.Send() } +// DescribeAccountLimitsPages iterates over the pages of a DescribeAccountLimits operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeAccountLimits method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeAccountLimits operation. +// pageNum := 0 +// err := client.DescribeAccountLimitsPages(params, +// func(page *cloudformation.DescribeAccountLimitsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *CloudFormation) DescribeAccountLimitsPages(input *DescribeAccountLimitsInput, fn func(*DescribeAccountLimitsOutput, bool) bool) error { + return c.DescribeAccountLimitsPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeAccountLimitsPagesWithContext same as DescribeAccountLimitsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *CloudFormation) DescribeAccountLimitsPagesWithContext(ctx aws.Context, input *DescribeAccountLimitsInput, fn func(*DescribeAccountLimitsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeAccountLimitsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeAccountLimitsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeAccountLimitsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opDescribeChangeSet = "DescribeChangeSet" // DescribeChangeSetRequest generates a "aws/request.Request" representing the @@ -3038,6 +3096,12 @@ func (c *CloudFormation) ListChangeSetsRequest(input *ListChangeSetsInput) (req Name: opListChangeSets, HTTPMethod: "POST", HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "", + TruncationToken: "", + }, } if input == nil { @@ -3083,6 +3147,58 @@ func (c *CloudFormation) ListChangeSetsWithContext(ctx aws.Context, input *ListC return out, req.Send() } +// ListChangeSetsPages iterates over the pages of a ListChangeSets operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See ListChangeSets method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a ListChangeSets operation. +// pageNum := 0 +// err := client.ListChangeSetsPages(params, +// func(page *cloudformation.ListChangeSetsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *CloudFormation) ListChangeSetsPages(input *ListChangeSetsInput, fn func(*ListChangeSetsOutput, bool) bool) error { + return c.ListChangeSetsPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// ListChangeSetsPagesWithContext same as ListChangeSetsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *CloudFormation) ListChangeSetsPagesWithContext(ctx aws.Context, input *ListChangeSetsInput, fn func(*ListChangeSetsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *ListChangeSetsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.ListChangeSetsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*ListChangeSetsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opListExports = "ListExports" // ListExportsRequest generates a "aws/request.Request" representing the @@ -3389,6 +3505,12 @@ func (c *CloudFormation) ListStackInstancesRequest(input *ListStackInstancesInpu Name: opListStackInstances, HTTPMethod: "POST", HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, } if input == nil { @@ -3439,6 +3561,58 @@ func (c *CloudFormation) ListStackInstancesWithContext(ctx aws.Context, input *L return out, req.Send() } +// ListStackInstancesPages iterates over the pages of a ListStackInstances operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See ListStackInstances method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a ListStackInstances operation. +// pageNum := 0 +// err := client.ListStackInstancesPages(params, +// func(page *cloudformation.ListStackInstancesOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *CloudFormation) ListStackInstancesPages(input *ListStackInstancesInput, fn func(*ListStackInstancesOutput, bool) bool) error { + return c.ListStackInstancesPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// ListStackInstancesPagesWithContext same as ListStackInstancesPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *CloudFormation) ListStackInstancesPagesWithContext(ctx aws.Context, input *ListStackInstancesInput, fn func(*ListStackInstancesOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *ListStackInstancesInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.ListStackInstancesRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*ListStackInstancesOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opListStackResources = "ListStackResources" // ListStackResourcesRequest generates a "aws/request.Request" representing the @@ -3605,6 +3779,12 @@ func (c *CloudFormation) ListStackSetOperationResultsRequest(input *ListStackSet Name: opListStackSetOperationResults, HTTPMethod: "POST", HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, } if input == nil { @@ -3656,6 +3836,58 @@ func (c *CloudFormation) ListStackSetOperationResultsWithContext(ctx aws.Context return out, req.Send() } +// ListStackSetOperationResultsPages iterates over the pages of a ListStackSetOperationResults operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See ListStackSetOperationResults method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a ListStackSetOperationResults operation. +// pageNum := 0 +// err := client.ListStackSetOperationResultsPages(params, +// func(page *cloudformation.ListStackSetOperationResultsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *CloudFormation) ListStackSetOperationResultsPages(input *ListStackSetOperationResultsInput, fn func(*ListStackSetOperationResultsOutput, bool) bool) error { + return c.ListStackSetOperationResultsPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// ListStackSetOperationResultsPagesWithContext same as ListStackSetOperationResultsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *CloudFormation) ListStackSetOperationResultsPagesWithContext(ctx aws.Context, input *ListStackSetOperationResultsInput, fn func(*ListStackSetOperationResultsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *ListStackSetOperationResultsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.ListStackSetOperationResultsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*ListStackSetOperationResultsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opListStackSetOperations = "ListStackSetOperations" // ListStackSetOperationsRequest generates a "aws/request.Request" representing the @@ -3687,6 +3919,12 @@ func (c *CloudFormation) ListStackSetOperationsRequest(input *ListStackSetOperat Name: opListStackSetOperations, HTTPMethod: "POST", HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, } if input == nil { @@ -3735,6 +3973,58 @@ func (c *CloudFormation) ListStackSetOperationsWithContext(ctx aws.Context, inpu return out, req.Send() } +// ListStackSetOperationsPages iterates over the pages of a ListStackSetOperations operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See ListStackSetOperations method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a ListStackSetOperations operation. +// pageNum := 0 +// err := client.ListStackSetOperationsPages(params, +// func(page *cloudformation.ListStackSetOperationsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *CloudFormation) ListStackSetOperationsPages(input *ListStackSetOperationsInput, fn func(*ListStackSetOperationsOutput, bool) bool) error { + return c.ListStackSetOperationsPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// ListStackSetOperationsPagesWithContext same as ListStackSetOperationsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *CloudFormation) ListStackSetOperationsPagesWithContext(ctx aws.Context, input *ListStackSetOperationsInput, fn func(*ListStackSetOperationsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *ListStackSetOperationsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.ListStackSetOperationsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*ListStackSetOperationsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opListStackSets = "ListStackSets" // ListStackSetsRequest generates a "aws/request.Request" representing the @@ -3766,6 +4056,12 @@ func (c *CloudFormation) ListStackSetsRequest(input *ListStackSetsInput) (req *r Name: opListStackSets, HTTPMethod: "POST", HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, } if input == nil { @@ -3810,6 +4106,58 @@ func (c *CloudFormation) ListStackSetsWithContext(ctx aws.Context, input *ListSt return out, req.Send() } +// ListStackSetsPages iterates over the pages of a ListStackSets operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See ListStackSets method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a ListStackSets operation. +// pageNum := 0 +// err := client.ListStackSetsPages(params, +// func(page *cloudformation.ListStackSetsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *CloudFormation) ListStackSetsPages(input *ListStackSetsInput, fn func(*ListStackSetsOutput, bool) bool) error { + return c.ListStackSetsPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// ListStackSetsPagesWithContext same as ListStackSetsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *CloudFormation) ListStackSetsPagesWithContext(ctx aws.Context, input *ListStackSetsInput, fn func(*ListStackSetsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *ListStackSetsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.ListStackSetsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*ListStackSetsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opListStacks = "ListStacks" // ListStacksRequest generates a "aws/request.Request" representing the @@ -8851,6 +9199,9 @@ type DescribeTypeOutput struct { // role to provide your resource type with the appropriate credentials. ExecutionRoleArn *string `min:"1" type:"string"` + // Whether the specified type version is set as the default version. + IsDefaultVersion *bool `type:"boolean"` + // When the specified type version was registered. LastUpdated *time.Time `type:"timestamp"` @@ -8952,6 +9303,12 @@ func (s *DescribeTypeOutput) SetExecutionRoleArn(v string) *DescribeTypeOutput { return s } +// SetIsDefaultVersion sets the IsDefaultVersion field's value. +func (s *DescribeTypeOutput) SetIsDefaultVersion(v bool) *DescribeTypeOutput { + s.IsDefaultVersion = &v + return s +} + // SetLastUpdated sets the LastUpdated field's value. func (s *DescribeTypeOutput) SetLastUpdated(v time.Time) *DescribeTypeOutput { s.LastUpdated = &v @@ -15424,6 +15781,9 @@ type TypeVersionSummary struct { // The description of the type version. Description *string `min:"1" type:"string"` + // Whether the specified type version is set as the default version. + IsDefaultVersion *bool `type:"boolean"` + // When the version was registered. TimeCreated *time.Time `type:"timestamp"` @@ -15461,6 +15821,12 @@ func (s *TypeVersionSummary) SetDescription(v string) *TypeVersionSummary { return s } +// SetIsDefaultVersion sets the IsDefaultVersion field's value. +func (s *TypeVersionSummary) SetIsDefaultVersion(v bool) *TypeVersionSummary { + s.IsDefaultVersion = &v + return s +} + // SetTimeCreated sets the TimeCreated field's value. func (s *TypeVersionSummary) SetTimeCreated(v time.Time) *TypeVersionSummary { s.TimeCreated = &v diff --git a/vendor/github.com/aws/aws-sdk-go/service/cloudformation/waiters.go b/vendor/github.com/aws/aws-sdk-go/service/cloudformation/waiters.go index 0dbdc6c2353..183720d485a 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/cloudformation/waiters.go +++ b/vendor/github.com/aws/aws-sdk-go/service/cloudformation/waiters.go @@ -349,6 +349,72 @@ func (c *CloudFormation) WaitUntilStackImportCompleteWithContext(ctx aws.Context return w.WaitWithContext(ctx) } +// WaitUntilStackRollbackComplete uses the AWS CloudFormation API operation +// DescribeStacks to wait for a condition to be met before returning. +// If the condition is not met within the max attempt window, an error will +// be returned. +func (c *CloudFormation) WaitUntilStackRollbackComplete(input *DescribeStacksInput) error { + return c.WaitUntilStackRollbackCompleteWithContext(aws.BackgroundContext(), input) +} + +// WaitUntilStackRollbackCompleteWithContext is an extended version of WaitUntilStackRollbackComplete. +// With the support for passing in a context and options to configure the +// Waiter and the underlying request options. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *CloudFormation) WaitUntilStackRollbackCompleteWithContext(ctx aws.Context, input *DescribeStacksInput, opts ...request.WaiterOption) error { + w := request.Waiter{ + Name: "WaitUntilStackRollbackComplete", + MaxAttempts: 120, + Delay: request.ConstantWaiterDelay(30 * time.Second), + Acceptors: []request.WaiterAcceptor{ + { + State: request.SuccessWaiterState, + Matcher: request.PathAllWaiterMatch, Argument: "Stacks[].StackStatus", + Expected: "UPDATE_ROLLBACK_COMPLETE", + }, + { + State: request.FailureWaiterState, + Matcher: request.PathAnyWaiterMatch, Argument: "Stacks[].StackStatus", + Expected: "UPDATE_FAILED", + }, + { + State: request.FailureWaiterState, + Matcher: request.PathAnyWaiterMatch, Argument: "Stacks[].StackStatus", + Expected: "UPDATE_ROLLBACK_FAILED", + }, + { + State: request.FailureWaiterState, + Matcher: request.PathAnyWaiterMatch, Argument: "Stacks[].StackStatus", + Expected: "DELETE_FAILED", + }, + { + State: request.FailureWaiterState, + Matcher: request.ErrorWaiterMatch, + Expected: "ValidationError", + }, + }, + Logger: c.Config.Logger, + NewRequest: func(opts []request.Option) (*request.Request, error) { + var inCpy *DescribeStacksInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeStacksRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + w.ApplyOptions(opts...) + + return w.WaitWithContext(ctx) +} + // WaitUntilStackUpdateComplete uses the AWS CloudFormation API operation // DescribeStacks to wait for a condition to be met before returning. // If the condition is not met within the max attempt window, an error will diff --git a/vendor/github.com/aws/aws-sdk-go/service/dynamodb/api.go b/vendor/github.com/aws/aws-sdk-go/service/dynamodb/api.go index e7983fa8e3d..ea2ca2c3350 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/dynamodb/api.go +++ b/vendor/github.com/aws/aws-sdk-go/service/dynamodb/api.go @@ -670,7 +670,7 @@ func (c *DynamoDB) CreateGlobalTableRequest(input *CreateGlobalTableInput) (req // relationship between two or more DynamoDB tables with the same table name // in the provided Regions. // -// This method only applies to Version 2017.11.29 (https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/globaltables.V1.html) +// This operation only applies to Version 2017.11.29 (https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/globaltables.V1.html) // of global tables. // // If you want to add a new replica table to a global table, each of the following @@ -693,6 +693,14 @@ func (c *DynamoDB) CreateGlobalTableRequest(input *CreateGlobalTableInput) (req // * The global secondary indexes must have the same hash key and sort key // (if present). // +// If local secondary indexes are specified, then the following conditions must +// also be met: +// +// * The local secondary indexes must have the same name. +// +// * The local secondary indexes must have the same hash key and sort key +// (if present). +// // Write capacity settings should be set consistently across your replica tables // and secondary indexes. DynamoDB strongly recommends enabling auto scaling // to manage the write capacity settings for all of your global tables replicas @@ -1839,8 +1847,10 @@ func (c *DynamoDB) DescribeGlobalTableRequest(input *DescribeGlobalTableInput) ( // // Returns information about the specified global table. // -// This method only applies to Version 2017.11.29 (https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/globaltables.V1.html) -// of global tables. +// This operation only applies to Version 2017.11.29 (https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/globaltables.V1.html) +// of global tables. If you are using global tables Version 2019.11.21 (https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/globaltables.V2.html) +// you can use DescribeTable (https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_DescribeTable.html) +// instead. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -1949,7 +1959,7 @@ func (c *DynamoDB) DescribeGlobalTableSettingsRequest(input *DescribeGlobalTable // // Describes Region-specific settings for a global table. // -// This method only applies to Version 2017.11.29 (https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/globaltables.V1.html) +// This operation only applies to Version 2017.11.29 (https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/globaltables.V1.html) // of global tables. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -2311,7 +2321,7 @@ func (c *DynamoDB) DescribeTableReplicaAutoScalingRequest(input *DescribeTableRe // // Describes auto scaling settings across replicas of the global table at once. // -// This method only applies to Version 2019.11.21 (https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/globaltables.V2.html) +// This operation only applies to Version 2019.11.21 (https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/globaltables.V2.html) // of global tables. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -2912,7 +2922,7 @@ func (c *DynamoDB) ListGlobalTablesRequest(input *ListGlobalTablesInput) (req *r // // Lists all global tables that have a replica in the specified Region. // -// This method only applies to Version 2017.11.29 (https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/globaltables.V1.html) +// This operation only applies to Version 2017.11.29 (https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/globaltables.V1.html) // of global tables. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -3325,9 +3335,15 @@ func (c *DynamoDB) PutItemRequest(input *PutItemInput) (req *request.Request, ou // * PutItem in the AWS SDK for Ruby V2 (http://docs.aws.amazon.com/goto/SdkForRubyV2/dynamodb-2012-08-10/PutItem) // // When you add an item, the primary key attributes are the only required attributes. -// Attribute values cannot be null. String and Binary type attributes must have -// lengths greater than zero. Set type attributes cannot be empty. Requests -// with empty values will be rejected with a ValidationException exception. +// Attribute values cannot be null. +// +// Empty String and Binary attribute values are allowed. Attribute values of +// type String and Binary must have a length greater than zero if the attribute +// is used as a key attribute for a table or index. Set type attributes cannot +// be empty. +// +// Invalid Requests with empty values will be rejected with a ValidationException +// exception. // // To prevent a new item from replacing an existing item, use a conditional // expression that contains the attribute_not_exists function with the name @@ -5709,7 +5725,7 @@ func (c *DynamoDB) UpdateTableReplicaAutoScalingRequest(input *UpdateTableReplic // // Updates auto scaling settings on your global tables at once. // -// This method only applies to Version 2019.11.21 (https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/globaltables.V2.html) +// This operation only applies to Version 2019.11.21 (https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/globaltables.V2.html) // of global tables. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -13564,6 +13580,10 @@ type PutItemInput struct { // types for those attributes must match those of the schema in the table's // attribute definition. // + // Empty String and Binary attribute values are allowed. Attribute values of + // type String and Binary must have a length greater than zero if the attribute + // is used as a key attribute for a table or index. + // // For more information about primary keys, see Primary Key (https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/HowItWorks.CoreComponents.html#HowItWorks.CoreComponents.PrimaryKey) // in the Amazon DynamoDB Developer Guide. // diff --git a/vendor/github.com/aws/aws-sdk-go/service/ec2/api.go b/vendor/github.com/aws/aws-sdk-go/service/ec2/api.go index d71efab9be8..33af5505174 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/ec2/api.go +++ b/vendor/github.com/aws/aws-sdk-go/service/ec2/api.go @@ -98233,7 +98233,7 @@ type RunInstancesInput struct { // For more information, see Ensuring Idempotency (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). // // Constraints: Maximum 64 ASCII characters - ClientToken *string `locationName:"clientToken" type:"string"` + ClientToken *string `locationName:"clientToken" type:"string" idempotencyToken:"true"` // The CPU options for the instance. For more information, see Optimizing CPU // Options (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-optimize-cpu.html) diff --git a/vendor/github.com/aws/aws-sdk-go/service/ecr/api.go b/vendor/github.com/aws/aws-sdk-go/service/ecr/api.go index 91e36f08d1c..12e2e1bd6a6 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/ecr/api.go +++ b/vendor/github.com/aws/aws-sdk-go/service/ecr/api.go @@ -483,8 +483,7 @@ func (c *ECR) CreateRepositoryRequest(input *CreateRepositoryInput) (req *reques // // * LimitExceededException // The operation did not succeed because it would have exceeded a service limit -// for your account. For more information, see Amazon ECR Default Service Limits -// (https://docs.aws.amazon.com/AmazonECR/latest/userguide/service_limits.html) +// for your account. For more information, see Amazon ECR Service Quotas (https://docs.aws.amazon.com/AmazonECR/latest/userguide/service-quotas.html) // in the Amazon Elastic Container Registry User Guide. // // See also, https://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/CreateRepository @@ -2178,8 +2177,7 @@ func (c *ECR) PutImageRequest(input *PutImageInput) (req *request.Request, outpu // // * LimitExceededException // The operation did not succeed because it would have exceeded a service limit -// for your account. For more information, see Amazon ECR Default Service Limits -// (https://docs.aws.amazon.com/AmazonECR/latest/userguide/service_limits.html) +// for your account. For more information, see Amazon ECR Service Quotas (https://docs.aws.amazon.com/AmazonECR/latest/userguide/service-quotas.html) // in the Amazon Elastic Container Registry User Guide. // // * ImageTagAlreadyExistsException @@ -2517,7 +2515,7 @@ func (c *ECR) SetRepositoryPolicyRequest(input *SetRepositoryPolicyInput) (req * // SetRepositoryPolicy API operation for Amazon EC2 Container Registry. // // Applies a repository policy to the specified repository to control access -// permissions. For more information, see Amazon ECR Repository Policies (https://docs.aws.amazon.com/AmazonECR/latest/userguide/RepositoryPolicies.html) +// permissions. For more information, see Amazon ECR Repository Policies (https://docs.aws.amazon.com/AmazonECR/latest/userguide/repository-policies.html) // in the Amazon Elastic Container Registry User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -2630,8 +2628,7 @@ func (c *ECR) StartImageScanRequest(input *StartImageScanInput) (req *request.Re // // * LimitExceededException // The operation did not succeed because it would have exceeded a service limit -// for your account. For more information, see Amazon ECR Default Service Limits -// (https://docs.aws.amazon.com/AmazonECR/latest/userguide/service_limits.html) +// for your account. For more information, see Amazon ECR Service Quotas (https://docs.aws.amazon.com/AmazonECR/latest/userguide/service-quotas.html) // in the Amazon Elastic Container Registry User Guide. // // * RepositoryNotFoundException @@ -3037,8 +3034,7 @@ func (c *ECR) UploadLayerPartRequest(input *UploadLayerPartInput) (req *request. // // * LimitExceededException // The operation did not succeed because it would have exceeded a service limit -// for your account. For more information, see Amazon ECR Default Service Limits -// (https://docs.aws.amazon.com/AmazonECR/latest/userguide/service_limits.html) +// for your account. For more information, see Amazon ECR Service Quotas (https://docs.aws.amazon.com/AmazonECR/latest/userguide/service-quotas.html) // in the Amazon Elastic Container Registry User Guide. // // See also, https://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/UploadLayerPart @@ -5080,6 +5076,9 @@ type Image struct { // The image manifest associated with the image. ImageManifest *string `locationName:"imageManifest" min:"1" type:"string"` + // The media type associated with the image manifest. + ImageManifestMediaType *string `locationName:"imageManifestMediaType" type:"string"` + // The AWS account ID associated with the registry containing the image. RegistryId *string `locationName:"registryId" type:"string"` @@ -5109,6 +5108,12 @@ func (s *Image) SetImageManifest(v string) *Image { return s } +// SetImageManifestMediaType sets the ImageManifestMediaType field's value. +func (s *Image) SetImageManifestMediaType(v string) *Image { + s.ImageManifestMediaType = &v + return s +} + // SetRegistryId sets the RegistryId field's value. func (s *Image) SetRegistryId(v string) *Image { s.RegistryId = &v @@ -6647,8 +6652,7 @@ func (s *LifecyclePolicyRuleAction) SetType(v string) *LifecyclePolicyRuleAction } // The operation did not succeed because it would have exceeded a service limit -// for your account. For more information, see Amazon ECR Default Service Limits -// (https://docs.aws.amazon.com/AmazonECR/latest/userguide/service_limits.html) +// for your account. For more information, see Amazon ECR Service Quotas (https://docs.aws.amazon.com/AmazonECR/latest/userguide/service-quotas.html) // in the Amazon Elastic Container Registry User Guide. type LimitExceededException struct { _ struct{} `type:"structure"` @@ -6930,6 +6934,11 @@ type PutImageInput struct { // ImageManifest is a required field ImageManifest *string `locationName:"imageManifest" min:"1" type:"string" required:"true"` + // The media type of the image manifest. If you push an image manifest that + // does not contain the mediaType field, you must specify the imageManifestMediaType + // in the request. + ImageManifestMediaType *string `locationName:"imageManifestMediaType" type:"string"` + // The tag to associate with the image. This parameter is required for images // that use the Docker Image Manifest V2 Schema 2 or OCI formats. ImageTag *string `locationName:"imageTag" min:"1" type:"string"` @@ -6986,6 +6995,12 @@ func (s *PutImageInput) SetImageManifest(v string) *PutImageInput { return s } +// SetImageManifestMediaType sets the ImageManifestMediaType field's value. +func (s *PutImageInput) SetImageManifestMediaType(v string) *PutImageInput { + s.ImageManifestMediaType = &v + return s +} + // SetImageTag sets the ImageTag field's value. func (s *PutImageInput) SetImageTag(v string) *PutImageInput { s.ImageTag = &v @@ -7847,7 +7862,7 @@ type SetRepositoryPolicyInput struct { Force *bool `locationName:"force" type:"boolean"` // The JSON repository policy text to apply to the repository. For more information, - // see Amazon ECR Repository Policy Examples (https://docs.aws.amazon.com/AmazonECR/latest/userguide/RepositoryPolicyExamples.html) + // see Amazon ECR Repository Policies (https://docs.aws.amazon.com/AmazonECR/latest/userguide/repository-policy-examples.html) // in the Amazon Elastic Container Registry User Guide. // // PolicyText is a required field @@ -8489,12 +8504,14 @@ type UploadLayerPartInput struct { // LayerPartBlob is a required field LayerPartBlob []byte `locationName:"layerPartBlob" type:"blob" required:"true"` - // The integer value of the first byte of the layer part. + // The position of the first byte of the layer part witin the overall image + // layer. // // PartFirstByte is a required field PartFirstByte *int64 `locationName:"partFirstByte" type:"long" required:"true"` - // The integer value of the last byte of the layer part. + // The position of the last byte of the layer part within the overall image + // layer. // // PartLastByte is a required field PartLastByte *int64 `locationName:"partLastByte" type:"long" required:"true"` diff --git a/vendor/github.com/aws/aws-sdk-go/service/ecr/errors.go b/vendor/github.com/aws/aws-sdk-go/service/ecr/errors.go index c4e9b4013b4..bf44256bd1c 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/ecr/errors.go +++ b/vendor/github.com/aws/aws-sdk-go/service/ecr/errors.go @@ -112,8 +112,7 @@ const ( // "LimitExceededException". // // The operation did not succeed because it would have exceeded a service limit - // for your account. For more information, see Amazon ECR Default Service Limits - // (https://docs.aws.amazon.com/AmazonECR/latest/userguide/service_limits.html) + // for your account. For more information, see Amazon ECR Service Quotas (https://docs.aws.amazon.com/AmazonECR/latest/userguide/service-quotas.html) // in the Amazon Elastic Container Registry User Guide. ErrCodeLimitExceededException = "LimitExceededException" diff --git a/vendor/github.com/aws/aws-sdk-go/service/ecs/api.go b/vendor/github.com/aws/aws-sdk-go/service/ecs/api.go index 533e5460c24..8a85c7cd85e 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/ecs/api.go +++ b/vendor/github.com/aws/aws-sdk-go/service/ecs/api.go @@ -7060,6 +7060,27 @@ type ContainerDefinition struct { // such as credential data. Environment []*KeyValuePair `locationName:"environment" type:"list"` + // A list of files containing the environment variables to pass to a container. + // This parameter maps to the --env-file option to docker run (https://docs.docker.com/engine/reference/run/). + // + // You can specify up to ten environment files. The file must have a .env file + // extension. Each line in an environment file should contain an environment + // variable in VARIABLE=VALUE format. Lines beginning with # are treated as + // comments and are ignored. For more information on the environment variable + // file syntax, see Declare default environment variables in file (https://docs.docker.com/compose/env-file/). + // + // If there are environment variables specified using the environment parameter + // in a container definition, they take precedence over the variables contained + // within an environment file. If multiple environment files are specified that + // contain the same variable, they are processed from the top down. It is recommended + // to use unique variable names. For more information, see Specifying Environment + // Variables (https://docs.aws.amazon.com/AmazonECS/latest/developerguide/taskdef-envfiles.html) + // in the Amazon Elastic Container Service Developer Guide. + // + // This field is not valid for containers in tasks using the Fargate launch + // type. + EnvironmentFiles []*EnvironmentFile `locationName:"environmentFiles" type:"list"` + // If the essential parameter of a container is marked as true, and that container // fails or stops for any reason, all other containers that are part of the // task are stopped. If the essential parameter of a container is marked as @@ -7472,6 +7493,16 @@ func (s *ContainerDefinition) Validate() error { } } } + if s.EnvironmentFiles != nil { + for i, v := range s.EnvironmentFiles { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "EnvironmentFiles", i), err.(request.ErrInvalidParams)) + } + } + } if s.ExtraHosts != nil { for i, v := range s.ExtraHosts { if v == nil { @@ -7604,6 +7635,12 @@ func (s *ContainerDefinition) SetEnvironment(v []*KeyValuePair) *ContainerDefini return s } +// SetEnvironmentFiles sets the EnvironmentFiles field's value. +func (s *ContainerDefinition) SetEnvironmentFiles(v []*EnvironmentFile) *ContainerDefinition { + s.EnvironmentFiles = v + return s +} + // SetEssential sets the Essential field's value. func (s *ContainerDefinition) SetEssential(v bool) *ContainerDefinition { s.Essential = &v @@ -8119,6 +8156,10 @@ type ContainerOverride struct { // You must also specify a container name. Environment []*KeyValuePair `locationName:"environment" type:"list"` + // A list of files containing the environment variables to pass to a container, + // instead of the value from the container definition. + EnvironmentFiles []*EnvironmentFile `locationName:"environmentFiles" type:"list"` + // The hard limit (in MiB) of memory to present to the container, instead of // the default value from the task definition. If your container attempts to // exceed the memory specified here, the container is killed. You must also @@ -8153,6 +8194,16 @@ func (s ContainerOverride) GoString() string { // Validate inspects the fields of the type to determine if they are valid. func (s *ContainerOverride) Validate() error { invalidParams := request.ErrInvalidParams{Context: "ContainerOverride"} + if s.EnvironmentFiles != nil { + for i, v := range s.EnvironmentFiles { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "EnvironmentFiles", i), err.(request.ErrInvalidParams)) + } + } + } if s.ResourceRequirements != nil { for i, v := range s.ResourceRequirements { if v == nil { @@ -8188,6 +8239,12 @@ func (s *ContainerOverride) SetEnvironment(v []*KeyValuePair) *ContainerOverride return s } +// SetEnvironmentFiles sets the EnvironmentFiles field's value. +func (s *ContainerOverride) SetEnvironmentFiles(v []*EnvironmentFile) *ContainerOverride { + s.EnvironmentFiles = v + return s +} + // SetMemory sets the Memory field's value. func (s *ContainerOverride) SetMemory(v int64) *ContainerOverride { s.Memory = &v @@ -11219,6 +11276,76 @@ func (s *EFSVolumeConfiguration) SetTransitEncryptionPort(v int64) *EFSVolumeCon return s } +// A list of files containing the environment variables to pass to a container. +// You can specify up to ten environment files. The file must have a .env file +// extension. Each line in an environment file should contain an environment +// variable in VARIABLE=VALUE format. Lines beginning with # are treated as +// comments and are ignored. For more information on the environment variable +// file syntax, see Declare default environment variables in file (https://docs.docker.com/compose/env-file/). +// +// If there are environment variables specified using the environment parameter +// in a container definition, they take precedence over the variables contained +// within an environment file. If multiple environment files are specified that +// contain the same variable, they are processed from the top down. It is recommended +// to use unique variable names. For more information, see Specifying Environment +// Variables (https://docs.aws.amazon.com/AmazonECS/latest/developerguide/taskdef-envfiles.html) +// in the Amazon Elastic Container Service Developer Guide. +// +// This field is not valid for containers in tasks using the Fargate launch +// type. +type EnvironmentFile struct { + _ struct{} `type:"structure"` + + // The file type to use. The only supported value is s3. + // + // Type is a required field + Type *string `locationName:"type" type:"string" required:"true" enum:"EnvironmentFileType"` + + // The Amazon Resource Name (ARN) of the Amazon S3 object containing the environment + // variable file. + // + // Value is a required field + Value *string `locationName:"value" type:"string" required:"true"` +} + +// String returns the string representation +func (s EnvironmentFile) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s EnvironmentFile) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *EnvironmentFile) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "EnvironmentFile"} + if s.Type == nil { + invalidParams.Add(request.NewErrParamRequired("Type")) + } + if s.Value == nil { + invalidParams.Add(request.NewErrParamRequired("Value")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetType sets the Type field's value. +func (s *EnvironmentFile) SetType(v string) *EnvironmentFile { + s.Type = &v + return s +} + +// SetValue sets the Value field's value. +func (s *EnvironmentFile) SetValue(v string) *EnvironmentFile { + s.Value = &v + return s +} + // A failed resource. type Failure struct { _ struct{} `type:"structure"` @@ -11715,8 +11842,9 @@ type KernelCapabilities struct { // section of the Docker Remote API (https://docs.docker.com/engine/api/v1.35/) // and the --cap-add option to docker run (https://docs.docker.com/engine/reference/run/). // - // If you are using tasks that use the Fargate launch type, the add parameter - // is not supported. + // The SYS_PTRACE capability is supported for tasks that use the Fargate launch + // type if they are also using platform version 1.4.0. The other capabilities + // are not supported for any platform versions. // // Valid values: "ALL" | "AUDIT_CONTROL" | "AUDIT_WRITE" | "BLOCK_SUSPEND" | // "CHOWN" | "DAC_OVERRIDE" | "DAC_READ_SEARCH" | "FOWNER" | "FSETID" | "IPC_LOCK" @@ -11865,8 +11993,9 @@ type LinuxParameters struct { // The Linux capabilities for the container that are added to or dropped from // the default configuration provided by Docker. // - // If you are using tasks that use the Fargate launch type, capabilities is - // supported but the add parameter is not supported. + // For tasks that use the Fargate launch type, capabilities is supported for + // all platform versions but the add parameter is only supported if using platform + // version 1.4.0 or later. Capabilities *KernelCapabilities `locationName:"capabilities" type:"structure"` // Any host devices to expose to the container. This parameter maps to Devices @@ -20024,6 +20153,11 @@ const ( EFSTransitEncryptionDisabled = "DISABLED" ) +const ( + // EnvironmentFileTypeS3 is a EnvironmentFileType enum value + EnvironmentFileTypeS3 = "s3" +) + const ( // FirelensConfigurationTypeFluentd is a FirelensConfigurationType enum value FirelensConfigurationTypeFluentd = "fluentd" diff --git a/vendor/github.com/aws/aws-sdk-go/service/glue/api.go b/vendor/github.com/aws/aws-sdk-go/service/glue/api.go index 965e0382e61..58312d39b23 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/glue/api.go +++ b/vendor/github.com/aws/aws-sdk-go/service/glue/api.go @@ -11279,6 +11279,98 @@ func (c *Glue) StopTriggerWithContext(ctx aws.Context, input *StopTriggerInput, return out, req.Send() } +const opStopWorkflowRun = "StopWorkflowRun" + +// StopWorkflowRunRequest generates a "aws/request.Request" representing the +// client's request for the StopWorkflowRun operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See StopWorkflowRun for more information on using the StopWorkflowRun +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the StopWorkflowRunRequest method. +// req, resp := client.StopWorkflowRunRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/glue-2017-03-31/StopWorkflowRun +func (c *Glue) StopWorkflowRunRequest(input *StopWorkflowRunInput) (req *request.Request, output *StopWorkflowRunOutput) { + op := &request.Operation{ + Name: opStopWorkflowRun, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &StopWorkflowRunInput{} + } + + output = &StopWorkflowRunOutput{} + req = c.newRequest(op, input, output) + req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) + return +} + +// StopWorkflowRun API operation for AWS Glue. +// +// Stops the execution of the specified workflow run. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Glue's +// API operation StopWorkflowRun for usage and error information. +// +// Returned Error Types: +// * InvalidInputException +// The input provided was not valid. +// +// * EntityNotFoundException +// A specified entity does not exist +// +// * InternalServiceException +// An internal service error occurred. +// +// * OperationTimeoutException +// The operation timed out. +// +// * IllegalWorkflowStateException +// The workflow is in an invalid state to perform a requested operation. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/glue-2017-03-31/StopWorkflowRun +func (c *Glue) StopWorkflowRun(input *StopWorkflowRunInput) (*StopWorkflowRunOutput, error) { + req, out := c.StopWorkflowRunRequest(input) + return out, req.Send() +} + +// StopWorkflowRunWithContext is the same as StopWorkflowRun with the addition of +// the ability to pass a context and additional request options. +// +// See StopWorkflowRun for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *Glue) StopWorkflowRunWithContext(ctx aws.Context, input *StopWorkflowRunInput, opts ...request.Option) (*StopWorkflowRunOutput, error) { + req, out := c.StopWorkflowRunRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opTagResource = "TagResource" // TagResourceRequest generates a "aws/request.Request" representing the @@ -14843,8 +14935,9 @@ type Condition struct { // A logical operator. LogicalOperator *string `type:"string" enum:"LogicalOperator"` - // The condition state. Currently, the values supported are SUCCEEDED, STOPPED, - // TIMEOUT, and FAILED. + // The condition state. Currently, the only job states that a trigger can listen + // for are SUCCEEDED, STOPPED, FAILED, and TIMEOUT. The only crawler states + // that a trigger can listen for are SUCCEEDED, FAILED, and CANCELLED. State *string `type:"string" enum:"JobRunState"` } @@ -25095,6 +25188,63 @@ func (s *IdempotentParameterMismatchException) RequestID() string { return s.RespMetadata.RequestID } +// The workflow is in an invalid state to perform a requested operation. +type IllegalWorkflowStateException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + // A message describing the problem. + Message_ *string `locationName:"Message" type:"string"` +} + +// String returns the string representation +func (s IllegalWorkflowStateException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s IllegalWorkflowStateException) GoString() string { + return s.String() +} + +func newErrorIllegalWorkflowStateException(v protocol.ResponseMetadata) error { + return &IllegalWorkflowStateException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. +func (s *IllegalWorkflowStateException) Code() string { + return "IllegalWorkflowStateException" +} + +// Message returns the exception's message. +func (s *IllegalWorkflowStateException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *IllegalWorkflowStateException) OrigErr() error { + return nil +} + +func (s *IllegalWorkflowStateException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *IllegalWorkflowStateException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *IllegalWorkflowStateException) RequestID() string { + return s.RespMetadata.RequestID +} + type ImportCatalogToGlueInput struct { _ struct{} `type:"structure"` @@ -25833,7 +25983,8 @@ type JobRun struct { // The name of the job definition being used in this run. JobName *string `min:"1" type:"string"` - // The current state of the job run. + // The current state of the job run. For more information about the statuses + // of jobs that have terminated abnormally, see AWS Glue Job Run Statuses (https://docs.aws.amazon.com/glue/latest/dg/job-run-statuses.html). JobRunState *string `type:"string" enum:"JobRunState"` // The last time that this job run was modified. @@ -30302,6 +30453,78 @@ func (s *StopTriggerOutput) SetName(v string) *StopTriggerOutput { return s } +type StopWorkflowRunInput struct { + _ struct{} `type:"structure"` + + // The name of the workflow to stop. + // + // Name is a required field + Name *string `min:"1" type:"string" required:"true"` + + // The ID of the workflow run to stop. + // + // RunId is a required field + RunId *string `min:"1" type:"string" required:"true"` +} + +// String returns the string representation +func (s StopWorkflowRunInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s StopWorkflowRunInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *StopWorkflowRunInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "StopWorkflowRunInput"} + if s.Name == nil { + invalidParams.Add(request.NewErrParamRequired("Name")) + } + if s.Name != nil && len(*s.Name) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Name", 1)) + } + if s.RunId == nil { + invalidParams.Add(request.NewErrParamRequired("RunId")) + } + if s.RunId != nil && len(*s.RunId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("RunId", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetName sets the Name field's value. +func (s *StopWorkflowRunInput) SetName(v string) *StopWorkflowRunInput { + s.Name = &v + return s +} + +// SetRunId sets the RunId field's value. +func (s *StopWorkflowRunInput) SetRunId(v string) *StopWorkflowRunInput { + s.RunId = &v + return s +} + +type StopWorkflowRunOutput struct { + _ struct{} `type:"structure"` +} + +// String returns the string representation +func (s StopWorkflowRunOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s StopWorkflowRunOutput) GoString() string { + return s.String() +} + // Describes the physical storage of table data. type StorageDescriptor struct { _ struct{} `type:"structure"` @@ -34291,12 +34514,15 @@ const ( // CrawlStateRunning is a CrawlState enum value CrawlStateRunning = "RUNNING" - // CrawlStateSucceeded is a CrawlState enum value - CrawlStateSucceeded = "SUCCEEDED" + // CrawlStateCancelling is a CrawlState enum value + CrawlStateCancelling = "CANCELLING" // CrawlStateCancelled is a CrawlState enum value CrawlStateCancelled = "CANCELLED" + // CrawlStateSucceeded is a CrawlState enum value + CrawlStateSucceeded = "SUCCEEDED" + // CrawlStateFailed is a CrawlState enum value CrawlStateFailed = "FAILED" ) @@ -34654,4 +34880,10 @@ const ( // WorkflowRunStatusCompleted is a WorkflowRunStatus enum value WorkflowRunStatusCompleted = "COMPLETED" + + // WorkflowRunStatusStopping is a WorkflowRunStatus enum value + WorkflowRunStatusStopping = "STOPPING" + + // WorkflowRunStatusStopped is a WorkflowRunStatus enum value + WorkflowRunStatusStopped = "STOPPED" ) diff --git a/vendor/github.com/aws/aws-sdk-go/service/glue/errors.go b/vendor/github.com/aws/aws-sdk-go/service/glue/errors.go index dc5ad7afd38..95a992b0233 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/glue/errors.go +++ b/vendor/github.com/aws/aws-sdk-go/service/glue/errors.go @@ -74,6 +74,12 @@ const ( // The same unique identifier was associated with two different records. ErrCodeIdempotentParameterMismatchException = "IdempotentParameterMismatchException" + // ErrCodeIllegalWorkflowStateException for service response error code + // "IllegalWorkflowStateException". + // + // The workflow is in an invalid state to perform a requested operation. + ErrCodeIllegalWorkflowStateException = "IllegalWorkflowStateException" + // ErrCodeInternalServiceException for service response error code // "InternalServiceException". // @@ -153,6 +159,7 @@ var exceptionFromCode = map[string]func(protocol.ResponseMetadata) error{ "GlueEncryptionException": newErrorEncryptionException, "EntityNotFoundException": newErrorEntityNotFoundException, "IdempotentParameterMismatchException": newErrorIdempotentParameterMismatchException, + "IllegalWorkflowStateException": newErrorIllegalWorkflowStateException, "InternalServiceException": newErrorInternalServiceException, "InvalidInputException": newErrorInvalidInputException, "MLTransformNotReadyException": newErrorMLTransformNotReadyException, diff --git a/vendor/github.com/aws/aws-sdk-go/service/qldb/api.go b/vendor/github.com/aws/aws-sdk-go/service/qldb/api.go index 8a4e4d98b1d..7f80514590a 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/qldb/api.go +++ b/vendor/github.com/aws/aws-sdk-go/service/qldb/api.go @@ -13,6 +13,96 @@ import ( "github.com/aws/aws-sdk-go/private/protocol/restjson" ) +const opCancelJournalKinesisStream = "CancelJournalKinesisStream" + +// CancelJournalKinesisStreamRequest generates a "aws/request.Request" representing the +// client's request for the CancelJournalKinesisStream operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See CancelJournalKinesisStream for more information on using the CancelJournalKinesisStream +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the CancelJournalKinesisStreamRequest method. +// req, resp := client.CancelJournalKinesisStreamRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/qldb-2019-01-02/CancelJournalKinesisStream +func (c *QLDB) CancelJournalKinesisStreamRequest(input *CancelJournalKinesisStreamInput) (req *request.Request, output *CancelJournalKinesisStreamOutput) { + op := &request.Operation{ + Name: opCancelJournalKinesisStream, + HTTPMethod: "DELETE", + HTTPPath: "/ledgers/{name}/journal-kinesis-streams/{streamId}", + } + + if input == nil { + input = &CancelJournalKinesisStreamInput{} + } + + output = &CancelJournalKinesisStreamOutput{} + req = c.newRequest(op, input, output) + return +} + +// CancelJournalKinesisStream API operation for Amazon QLDB. +// +// Ends a given Amazon QLDB journal stream. Before a stream can be canceled, +// its current status must be ACTIVE. +// +// You can't restart a stream after you cancel it. Canceled QLDB stream resources +// are subject to a 7-day retention period, so they are automatically deleted +// after this limit expires. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon QLDB's +// API operation CancelJournalKinesisStream for usage and error information. +// +// Returned Error Types: +// * InvalidParameterException +// One or more parameters in the request aren't valid. +// +// * ResourceNotFoundException +// The specified resource doesn't exist. +// +// * ResourcePreconditionNotMetException +// The operation failed because a condition wasn't satisfied in advance. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/qldb-2019-01-02/CancelJournalKinesisStream +func (c *QLDB) CancelJournalKinesisStream(input *CancelJournalKinesisStreamInput) (*CancelJournalKinesisStreamOutput, error) { + req, out := c.CancelJournalKinesisStreamRequest(input) + return out, req.Send() +} + +// CancelJournalKinesisStreamWithContext is the same as CancelJournalKinesisStream with the addition of +// the ability to pass a context and additional request options. +// +// See CancelJournalKinesisStream for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *QLDB) CancelJournalKinesisStreamWithContext(ctx aws.Context, input *CancelJournalKinesisStreamInput, opts ...request.Option) (*CancelJournalKinesisStreamOutput, error) { + req, out := c.CancelJournalKinesisStreamRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opCreateLedger = "CreateLedger" // CreateLedgerRequest generates a "aws/request.Request" representing the @@ -196,6 +286,93 @@ func (c *QLDB) DeleteLedgerWithContext(ctx aws.Context, input *DeleteLedgerInput return out, req.Send() } +const opDescribeJournalKinesisStream = "DescribeJournalKinesisStream" + +// DescribeJournalKinesisStreamRequest generates a "aws/request.Request" representing the +// client's request for the DescribeJournalKinesisStream operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DescribeJournalKinesisStream for more information on using the DescribeJournalKinesisStream +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DescribeJournalKinesisStreamRequest method. +// req, resp := client.DescribeJournalKinesisStreamRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/qldb-2019-01-02/DescribeJournalKinesisStream +func (c *QLDB) DescribeJournalKinesisStreamRequest(input *DescribeJournalKinesisStreamInput) (req *request.Request, output *DescribeJournalKinesisStreamOutput) { + op := &request.Operation{ + Name: opDescribeJournalKinesisStream, + HTTPMethod: "GET", + HTTPPath: "/ledgers/{name}/journal-kinesis-streams/{streamId}", + } + + if input == nil { + input = &DescribeJournalKinesisStreamInput{} + } + + output = &DescribeJournalKinesisStreamOutput{} + req = c.newRequest(op, input, output) + return +} + +// DescribeJournalKinesisStream API operation for Amazon QLDB. +// +// Returns detailed information about a given Amazon QLDB journal stream. The +// output includes the Amazon Resource Name (ARN), stream name, current status, +// creation time, and the parameters of your original stream creation request. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon QLDB's +// API operation DescribeJournalKinesisStream for usage and error information. +// +// Returned Error Types: +// * InvalidParameterException +// One or more parameters in the request aren't valid. +// +// * ResourceNotFoundException +// The specified resource doesn't exist. +// +// * ResourcePreconditionNotMetException +// The operation failed because a condition wasn't satisfied in advance. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/qldb-2019-01-02/DescribeJournalKinesisStream +func (c *QLDB) DescribeJournalKinesisStream(input *DescribeJournalKinesisStreamInput) (*DescribeJournalKinesisStreamOutput, error) { + req, out := c.DescribeJournalKinesisStreamRequest(input) + return out, req.Send() +} + +// DescribeJournalKinesisStreamWithContext is the same as DescribeJournalKinesisStream with the addition of +// the ability to pass a context and additional request options. +// +// See DescribeJournalKinesisStream for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *QLDB) DescribeJournalKinesisStreamWithContext(ctx aws.Context, input *DescribeJournalKinesisStreamInput, opts ...request.Option) (*DescribeJournalKinesisStreamOutput, error) { + req, out := c.DescribeJournalKinesisStreamRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opDescribeJournalS3Export = "DescribeJournalS3Export" // DescribeJournalS3ExportRequest generates a "aws/request.Request" representing the @@ -244,6 +421,10 @@ func (c *QLDB) DescribeJournalS3ExportRequest(input *DescribeJournalS3ExportInpu // export ID, when it was created, current status, and its start and end time // export parameters. // +// This action does not return any expired export jobs. For more information, +// see Export Job Expiration (https://docs.aws.amazon.com/qldb/latest/developerguide/export-journal.request.html#export-journal.request.expiration) +// in the Amazon QLDB Developer Guide. +// // If the export job with the given ExportId doesn't exist, then throws ResourceNotFoundException. // // If the ledger with the given Name doesn't exist, then throws ResourceNotFoundException. @@ -720,6 +901,155 @@ func (c *QLDB) GetRevisionWithContext(ctx aws.Context, input *GetRevisionInput, return out, req.Send() } +const opListJournalKinesisStreamsForLedger = "ListJournalKinesisStreamsForLedger" + +// ListJournalKinesisStreamsForLedgerRequest generates a "aws/request.Request" representing the +// client's request for the ListJournalKinesisStreamsForLedger operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See ListJournalKinesisStreamsForLedger for more information on using the ListJournalKinesisStreamsForLedger +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the ListJournalKinesisStreamsForLedgerRequest method. +// req, resp := client.ListJournalKinesisStreamsForLedgerRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/qldb-2019-01-02/ListJournalKinesisStreamsForLedger +func (c *QLDB) ListJournalKinesisStreamsForLedgerRequest(input *ListJournalKinesisStreamsForLedgerInput) (req *request.Request, output *ListJournalKinesisStreamsForLedgerOutput) { + op := &request.Operation{ + Name: opListJournalKinesisStreamsForLedger, + HTTPMethod: "GET", + HTTPPath: "/ledgers/{name}/journal-kinesis-streams", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, + } + + if input == nil { + input = &ListJournalKinesisStreamsForLedgerInput{} + } + + output = &ListJournalKinesisStreamsForLedgerOutput{} + req = c.newRequest(op, input, output) + return +} + +// ListJournalKinesisStreamsForLedger API operation for Amazon QLDB. +// +// Returns an array of all Amazon QLDB journal stream descriptors for a given +// ledger. The output of each stream descriptor includes the same details that +// are returned by DescribeJournalKinesisStream. +// +// This action returns a maximum of MaxResults items. It is paginated so that +// you can retrieve all the items by calling ListJournalKinesisStreamsForLedger +// multiple times. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon QLDB's +// API operation ListJournalKinesisStreamsForLedger for usage and error information. +// +// Returned Error Types: +// * InvalidParameterException +// One or more parameters in the request aren't valid. +// +// * ResourceNotFoundException +// The specified resource doesn't exist. +// +// * ResourcePreconditionNotMetException +// The operation failed because a condition wasn't satisfied in advance. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/qldb-2019-01-02/ListJournalKinesisStreamsForLedger +func (c *QLDB) ListJournalKinesisStreamsForLedger(input *ListJournalKinesisStreamsForLedgerInput) (*ListJournalKinesisStreamsForLedgerOutput, error) { + req, out := c.ListJournalKinesisStreamsForLedgerRequest(input) + return out, req.Send() +} + +// ListJournalKinesisStreamsForLedgerWithContext is the same as ListJournalKinesisStreamsForLedger with the addition of +// the ability to pass a context and additional request options. +// +// See ListJournalKinesisStreamsForLedger for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *QLDB) ListJournalKinesisStreamsForLedgerWithContext(ctx aws.Context, input *ListJournalKinesisStreamsForLedgerInput, opts ...request.Option) (*ListJournalKinesisStreamsForLedgerOutput, error) { + req, out := c.ListJournalKinesisStreamsForLedgerRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +// ListJournalKinesisStreamsForLedgerPages iterates over the pages of a ListJournalKinesisStreamsForLedger operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See ListJournalKinesisStreamsForLedger method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a ListJournalKinesisStreamsForLedger operation. +// pageNum := 0 +// err := client.ListJournalKinesisStreamsForLedgerPages(params, +// func(page *qldb.ListJournalKinesisStreamsForLedgerOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *QLDB) ListJournalKinesisStreamsForLedgerPages(input *ListJournalKinesisStreamsForLedgerInput, fn func(*ListJournalKinesisStreamsForLedgerOutput, bool) bool) error { + return c.ListJournalKinesisStreamsForLedgerPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// ListJournalKinesisStreamsForLedgerPagesWithContext same as ListJournalKinesisStreamsForLedgerPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *QLDB) ListJournalKinesisStreamsForLedgerPagesWithContext(ctx aws.Context, input *ListJournalKinesisStreamsForLedgerInput, fn func(*ListJournalKinesisStreamsForLedgerOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *ListJournalKinesisStreamsForLedgerInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.ListJournalKinesisStreamsForLedgerRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*ListJournalKinesisStreamsForLedgerOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opListJournalS3Exports = "ListJournalS3Exports" // ListJournalS3ExportsRequest generates a "aws/request.Request" representing the @@ -776,6 +1106,10 @@ func (c *QLDB) ListJournalS3ExportsRequest(input *ListJournalS3ExportsInput) (re // This action returns a maximum of MaxResults items, and is paginated so that // you can retrieve all the items by calling ListJournalS3Exports multiple times. // +// This action does not return any expired export jobs. For more information, +// see Export Job Expiration (https://docs.aws.amazon.com/qldb/latest/developerguide/export-journal.request.html#export-journal.request.expiration) +// in the Amazon QLDB Developer Guide. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -912,6 +1246,10 @@ func (c *QLDB) ListJournalS3ExportsForLedgerRequest(input *ListJournalS3ExportsF // you can retrieve all the items by calling ListJournalS3ExportsForLedger multiple // times. // +// This action does not return any expired export jobs. For more information, +// see Export Job Expiration (https://docs.aws.amazon.com/qldb/latest/developerguide/export-journal.request.html#export-journal.request.expiration) +// in the Amazon QLDB Developer Guide. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -1210,6 +1548,94 @@ func (c *QLDB) ListTagsForResourceWithContext(ctx aws.Context, input *ListTagsFo return out, req.Send() } +const opStreamJournalToKinesis = "StreamJournalToKinesis" + +// StreamJournalToKinesisRequest generates a "aws/request.Request" representing the +// client's request for the StreamJournalToKinesis operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See StreamJournalToKinesis for more information on using the StreamJournalToKinesis +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the StreamJournalToKinesisRequest method. +// req, resp := client.StreamJournalToKinesisRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/qldb-2019-01-02/StreamJournalToKinesis +func (c *QLDB) StreamJournalToKinesisRequest(input *StreamJournalToKinesisInput) (req *request.Request, output *StreamJournalToKinesisOutput) { + op := &request.Operation{ + Name: opStreamJournalToKinesis, + HTTPMethod: "POST", + HTTPPath: "/ledgers/{name}/journal-kinesis-streams", + } + + if input == nil { + input = &StreamJournalToKinesisInput{} + } + + output = &StreamJournalToKinesisOutput{} + req = c.newRequest(op, input, output) + return +} + +// StreamJournalToKinesis API operation for Amazon QLDB. +// +// Creates a stream for a given Amazon QLDB ledger that delivers the journal +// data to a specified Amazon Kinesis Data Streams resource. The stream captures +// every document revision that is committed to your journal and sends it to +// the Kinesis data stream. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon QLDB's +// API operation StreamJournalToKinesis for usage and error information. +// +// Returned Error Types: +// * InvalidParameterException +// One or more parameters in the request aren't valid. +// +// * ResourceNotFoundException +// The specified resource doesn't exist. +// +// * ResourcePreconditionNotMetException +// The operation failed because a condition wasn't satisfied in advance. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/qldb-2019-01-02/StreamJournalToKinesis +func (c *QLDB) StreamJournalToKinesis(input *StreamJournalToKinesisInput) (*StreamJournalToKinesisOutput, error) { + req, out := c.StreamJournalToKinesisRequest(input) + return out, req.Send() +} + +// StreamJournalToKinesisWithContext is the same as StreamJournalToKinesis with the addition of +// the ability to pass a context and additional request options. +// +// See StreamJournalToKinesis for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *QLDB) StreamJournalToKinesisWithContext(ctx aws.Context, input *StreamJournalToKinesisInput, opts ...request.Option) (*StreamJournalToKinesisOutput, error) { + req, out := c.StreamJournalToKinesisRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opTagResource = "TagResource" // TagResourceRequest generates a "aws/request.Request" representing the @@ -1462,6 +1888,87 @@ func (c *QLDB) UpdateLedgerWithContext(ctx aws.Context, input *UpdateLedgerInput return out, req.Send() } +type CancelJournalKinesisStreamInput struct { + _ struct{} `type:"structure"` + + // The name of the ledger. + // + // LedgerName is a required field + LedgerName *string `location:"uri" locationName:"name" min:"1" type:"string" required:"true"` + + // The unique ID that QLDB assigns to each QLDB journal stream. + // + // StreamId is a required field + StreamId *string `location:"uri" locationName:"streamId" min:"22" type:"string" required:"true"` +} + +// String returns the string representation +func (s CancelJournalKinesisStreamInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s CancelJournalKinesisStreamInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *CancelJournalKinesisStreamInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "CancelJournalKinesisStreamInput"} + if s.LedgerName == nil { + invalidParams.Add(request.NewErrParamRequired("LedgerName")) + } + if s.LedgerName != nil && len(*s.LedgerName) < 1 { + invalidParams.Add(request.NewErrParamMinLen("LedgerName", 1)) + } + if s.StreamId == nil { + invalidParams.Add(request.NewErrParamRequired("StreamId")) + } + if s.StreamId != nil && len(*s.StreamId) < 22 { + invalidParams.Add(request.NewErrParamMinLen("StreamId", 22)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetLedgerName sets the LedgerName field's value. +func (s *CancelJournalKinesisStreamInput) SetLedgerName(v string) *CancelJournalKinesisStreamInput { + s.LedgerName = &v + return s +} + +// SetStreamId sets the StreamId field's value. +func (s *CancelJournalKinesisStreamInput) SetStreamId(v string) *CancelJournalKinesisStreamInput { + s.StreamId = &v + return s +} + +type CancelJournalKinesisStreamOutput struct { + _ struct{} `type:"structure"` + + // The unique ID that QLDB assigns to each QLDB journal stream. + StreamId *string `min:"22" type:"string"` +} + +// String returns the string representation +func (s CancelJournalKinesisStreamOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s CancelJournalKinesisStreamOutput) GoString() string { + return s.String() +} + +// SetStreamId sets the StreamId field's value. +func (s *CancelJournalKinesisStreamOutput) SetStreamId(v string) *CancelJournalKinesisStreamOutput { + s.StreamId = &v + return s +} + type CreateLedgerInput struct { _ struct{} `type:"structure"` @@ -1667,6 +2174,88 @@ func (s DeleteLedgerOutput) GoString() string { return s.String() } +type DescribeJournalKinesisStreamInput struct { + _ struct{} `type:"structure"` + + // The name of the ledger. + // + // LedgerName is a required field + LedgerName *string `location:"uri" locationName:"name" min:"1" type:"string" required:"true"` + + // The unique ID that QLDB assigns to each QLDB journal stream. + // + // StreamId is a required field + StreamId *string `location:"uri" locationName:"streamId" min:"22" type:"string" required:"true"` +} + +// String returns the string representation +func (s DescribeJournalKinesisStreamInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeJournalKinesisStreamInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeJournalKinesisStreamInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeJournalKinesisStreamInput"} + if s.LedgerName == nil { + invalidParams.Add(request.NewErrParamRequired("LedgerName")) + } + if s.LedgerName != nil && len(*s.LedgerName) < 1 { + invalidParams.Add(request.NewErrParamMinLen("LedgerName", 1)) + } + if s.StreamId == nil { + invalidParams.Add(request.NewErrParamRequired("StreamId")) + } + if s.StreamId != nil && len(*s.StreamId) < 22 { + invalidParams.Add(request.NewErrParamMinLen("StreamId", 22)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetLedgerName sets the LedgerName field's value. +func (s *DescribeJournalKinesisStreamInput) SetLedgerName(v string) *DescribeJournalKinesisStreamInput { + s.LedgerName = &v + return s +} + +// SetStreamId sets the StreamId field's value. +func (s *DescribeJournalKinesisStreamInput) SetStreamId(v string) *DescribeJournalKinesisStreamInput { + s.StreamId = &v + return s +} + +type DescribeJournalKinesisStreamOutput struct { + _ struct{} `type:"structure"` + + // Information about the QLDB journal stream returned by a DescribeJournalS3Export + // request. + Stream *JournalKinesisStreamDescription `type:"structure"` +} + +// String returns the string representation +func (s DescribeJournalKinesisStreamOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeJournalKinesisStreamOutput) GoString() string { + return s.String() +} + +// SetStream sets the Stream field's value. +func (s *DescribeJournalKinesisStreamOutput) SetStream(v *JournalKinesisStreamDescription) *DescribeJournalKinesisStreamOutput { + s.Stream = v + return s +} + type DescribeJournalS3ExportInput struct { _ struct{} `type:"structure"` @@ -2378,31 +2967,166 @@ func (s *InvalidParameterException) Code() string { return "InvalidParameterException" } -// Message returns the exception's message. -func (s *InvalidParameterException) Message() string { - if s.Message_ != nil { - return *s.Message_ - } - return "" +// Message returns the exception's message. +func (s *InvalidParameterException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *InvalidParameterException) OrigErr() error { + return nil +} + +func (s *InvalidParameterException) Error() string { + return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *InvalidParameterException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *InvalidParameterException) RequestID() string { + return s.RespMetadata.RequestID +} + +// The information about an Amazon QLDB journal stream, including the Amazon +// Resource Name (ARN), stream name, creation time, current status, and the +// parameters of your original stream creation request. +type JournalKinesisStreamDescription struct { + _ struct{} `type:"structure"` + + // The Amazon Resource Name (ARN) of the QLDB journal stream. + Arn *string `min:"20" type:"string"` + + // The date and time, in epoch time format, when the QLDB journal stream was + // created. (Epoch time format is the number of seconds elapsed since 12:00:00 + // AM January 1, 1970 UTC.) + CreationTime *time.Time `type:"timestamp"` + + // The error message that describes the reason that a stream has a status of + // IMPAIRED or FAILED. This is not applicable to streams that have other status + // values. + ErrorCause *string `type:"string" enum:"ErrorCause"` + + // The exclusive date and time that specifies when the stream ends. If this + // parameter is blank, the stream runs indefinitely until you cancel it. + ExclusiveEndTime *time.Time `type:"timestamp"` + + // The inclusive start date and time from which to start streaming journal data. + InclusiveStartTime *time.Time `type:"timestamp"` + + // The configuration settings of the Amazon Kinesis Data Streams destination + // for your QLDB journal stream. + // + // KinesisConfiguration is a required field + KinesisConfiguration *KinesisConfiguration `type:"structure" required:"true"` + + // The name of the ledger. + // + // LedgerName is a required field + LedgerName *string `min:"1" type:"string" required:"true"` + + // The Amazon Resource Name (ARN) of the IAM role that grants QLDB permissions + // for a journal stream to write data records to a Kinesis Data Streams resource. + // + // RoleArn is a required field + RoleArn *string `min:"20" type:"string" required:"true"` + + // The current state of the QLDB journal stream. + // + // Status is a required field + Status *string `type:"string" required:"true" enum:"StreamStatus"` + + // The unique ID that QLDB assigns to each QLDB journal stream. + // + // StreamId is a required field + StreamId *string `min:"22" type:"string" required:"true"` + + // The user-defined name of the QLDB journal stream. + // + // StreamName is a required field + StreamName *string `min:"1" type:"string" required:"true"` +} + +// String returns the string representation +func (s JournalKinesisStreamDescription) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s JournalKinesisStreamDescription) GoString() string { + return s.String() +} + +// SetArn sets the Arn field's value. +func (s *JournalKinesisStreamDescription) SetArn(v string) *JournalKinesisStreamDescription { + s.Arn = &v + return s +} + +// SetCreationTime sets the CreationTime field's value. +func (s *JournalKinesisStreamDescription) SetCreationTime(v time.Time) *JournalKinesisStreamDescription { + s.CreationTime = &v + return s +} + +// SetErrorCause sets the ErrorCause field's value. +func (s *JournalKinesisStreamDescription) SetErrorCause(v string) *JournalKinesisStreamDescription { + s.ErrorCause = &v + return s +} + +// SetExclusiveEndTime sets the ExclusiveEndTime field's value. +func (s *JournalKinesisStreamDescription) SetExclusiveEndTime(v time.Time) *JournalKinesisStreamDescription { + s.ExclusiveEndTime = &v + return s +} + +// SetInclusiveStartTime sets the InclusiveStartTime field's value. +func (s *JournalKinesisStreamDescription) SetInclusiveStartTime(v time.Time) *JournalKinesisStreamDescription { + s.InclusiveStartTime = &v + return s +} + +// SetKinesisConfiguration sets the KinesisConfiguration field's value. +func (s *JournalKinesisStreamDescription) SetKinesisConfiguration(v *KinesisConfiguration) *JournalKinesisStreamDescription { + s.KinesisConfiguration = v + return s +} + +// SetLedgerName sets the LedgerName field's value. +func (s *JournalKinesisStreamDescription) SetLedgerName(v string) *JournalKinesisStreamDescription { + s.LedgerName = &v + return s } -// OrigErr always returns nil, satisfies awserr.Error interface. -func (s *InvalidParameterException) OrigErr() error { - return nil +// SetRoleArn sets the RoleArn field's value. +func (s *JournalKinesisStreamDescription) SetRoleArn(v string) *JournalKinesisStreamDescription { + s.RoleArn = &v + return s } -func (s *InvalidParameterException) Error() string { - return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String()) +// SetStatus sets the Status field's value. +func (s *JournalKinesisStreamDescription) SetStatus(v string) *JournalKinesisStreamDescription { + s.Status = &v + return s } -// Status code returns the HTTP status code for the request's response error. -func (s *InvalidParameterException) StatusCode() int { - return s.RespMetadata.StatusCode +// SetStreamId sets the StreamId field's value. +func (s *JournalKinesisStreamDescription) SetStreamId(v string) *JournalKinesisStreamDescription { + s.StreamId = &v + return s } -// RequestID returns the service's response RequestID for request. -func (s *InvalidParameterException) RequestID() string { - return s.RespMetadata.RequestID +// SetStreamName sets the StreamName field's value. +func (s *JournalKinesisStreamDescription) SetStreamName(v string) *JournalKinesisStreamDescription { + s.StreamName = &v + return s } // The information about a journal export job, including the ledger name, export @@ -2521,6 +3245,60 @@ func (s *JournalS3ExportDescription) SetStatus(v string) *JournalS3ExportDescrip return s } +// The configuration settings of the Amazon Kinesis Data Streams destination +// for your Amazon QLDB journal stream. +type KinesisConfiguration struct { + _ struct{} `type:"structure"` + + // Enables QLDB to publish multiple stream records in a single Kinesis Data + // Streams record. To learn more, see KPL Key Concepts (https://docs.aws.amazon.com/streams/latest/dev/kinesis-kpl-concepts.html) + // in the Amazon Kinesis Data Streams Developer Guide. + AggregationEnabled *bool `type:"boolean"` + + // The Amazon Resource Name (ARN) of the Kinesis data stream resource. + // + // StreamArn is a required field + StreamArn *string `min:"20" type:"string" required:"true"` +} + +// String returns the string representation +func (s KinesisConfiguration) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s KinesisConfiguration) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *KinesisConfiguration) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "KinesisConfiguration"} + if s.StreamArn == nil { + invalidParams.Add(request.NewErrParamRequired("StreamArn")) + } + if s.StreamArn != nil && len(*s.StreamArn) < 20 { + invalidParams.Add(request.NewErrParamMinLen("StreamArn", 20)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetAggregationEnabled sets the AggregationEnabled field's value. +func (s *KinesisConfiguration) SetAggregationEnabled(v bool) *KinesisConfiguration { + s.AggregationEnabled = &v + return s +} + +// SetStreamArn sets the StreamArn field's value. +func (s *KinesisConfiguration) SetStreamArn(v string) *KinesisConfiguration { + s.StreamArn = &v + return s +} + // Information about a ledger, including its name, state, and when it was created. type LedgerSummary struct { _ struct{} `type:"structure"` @@ -2624,6 +3402,113 @@ func (s *LimitExceededException) RequestID() string { return s.RespMetadata.RequestID } +type ListJournalKinesisStreamsForLedgerInput struct { + _ struct{} `type:"structure"` + + // The name of the ledger. + // + // LedgerName is a required field + LedgerName *string `location:"uri" locationName:"name" min:"1" type:"string" required:"true"` + + // The maximum number of results to return in a single ListJournalKinesisStreamsForLedger + // request. (The actual number of results returned might be fewer.) + MaxResults *int64 `location:"querystring" locationName:"max_results" min:"1" type:"integer"` + + // A pagination token, indicating that you want to retrieve the next page of + // results. If you received a value for NextToken in the response from a previous + // ListJournalKinesisStreamsForLedger call, you should use that value as input + // here. + NextToken *string `location:"querystring" locationName:"next_token" min:"4" type:"string"` +} + +// String returns the string representation +func (s ListJournalKinesisStreamsForLedgerInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ListJournalKinesisStreamsForLedgerInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *ListJournalKinesisStreamsForLedgerInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ListJournalKinesisStreamsForLedgerInput"} + if s.LedgerName == nil { + invalidParams.Add(request.NewErrParamRequired("LedgerName")) + } + if s.LedgerName != nil && len(*s.LedgerName) < 1 { + invalidParams.Add(request.NewErrParamMinLen("LedgerName", 1)) + } + if s.MaxResults != nil && *s.MaxResults < 1 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) + } + if s.NextToken != nil && len(*s.NextToken) < 4 { + invalidParams.Add(request.NewErrParamMinLen("NextToken", 4)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetLedgerName sets the LedgerName field's value. +func (s *ListJournalKinesisStreamsForLedgerInput) SetLedgerName(v string) *ListJournalKinesisStreamsForLedgerInput { + s.LedgerName = &v + return s +} + +// SetMaxResults sets the MaxResults field's value. +func (s *ListJournalKinesisStreamsForLedgerInput) SetMaxResults(v int64) *ListJournalKinesisStreamsForLedgerInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *ListJournalKinesisStreamsForLedgerInput) SetNextToken(v string) *ListJournalKinesisStreamsForLedgerInput { + s.NextToken = &v + return s +} + +type ListJournalKinesisStreamsForLedgerOutput struct { + _ struct{} `type:"structure"` + + // * If NextToken is empty, the last page of results has been processed and + // there are no more results to be retrieved. + // + // * If NextToken is not empty, more results are available. To retrieve the + // next page of results, use the value of NextToken in a subsequent ListJournalKinesisStreamsForLedger + // call. + NextToken *string `min:"4" type:"string"` + + // The array of QLDB journal stream descriptors that are associated with the + // given ledger. + Streams []*JournalKinesisStreamDescription `type:"list"` +} + +// String returns the string representation +func (s ListJournalKinesisStreamsForLedgerOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ListJournalKinesisStreamsForLedgerOutput) GoString() string { + return s.String() +} + +// SetNextToken sets the NextToken field's value. +func (s *ListJournalKinesisStreamsForLedgerOutput) SetNextToken(v string) *ListJournalKinesisStreamsForLedgerOutput { + s.NextToken = &v + return s +} + +// SetStreams sets the Streams field's value. +func (s *ListJournalKinesisStreamsForLedgerOutput) SetStreams(v []*JournalKinesisStreamDescription) *ListJournalKinesisStreamsForLedgerOutput { + s.Streams = v + return s +} + type ListJournalS3ExportsForLedgerInput struct { _ struct{} `type:"structure"` @@ -3230,8 +4115,9 @@ func (s *ResourcePreconditionNotMetException) RequestID() string { type S3EncryptionConfiguration struct { _ struct{} `type:"structure"` - // The Amazon Resource Name (ARN) for a customer master key (CMK) in AWS Key - // Management Service (AWS KMS). + // The Amazon Resource Name (ARN) for a symmetric customer master key (CMK) + // in AWS Key Management Service (AWS KMS). Amazon QLDB does not support asymmetric + // CMKs. // // You must provide a KmsKeyArn if you specify SSE_KMS as the ObjectEncryptionType. // @@ -3381,6 +4267,177 @@ func (s *S3ExportConfiguration) SetPrefix(v string) *S3ExportConfiguration { return s } +type StreamJournalToKinesisInput struct { + _ struct{} `type:"structure"` + + // The exclusive date and time that specifies when the stream ends. If you keep + // this parameter blank, the stream runs indefinitely until you cancel it. + // + // The ExclusiveEndTime must be in ISO 8601 date and time format and in Universal + // Coordinated Time (UTC). For example: 2019-06-13T21:36:34Z + ExclusiveEndTime *time.Time `type:"timestamp"` + + // The inclusive start date and time from which to start streaming journal data. + // This parameter must be in ISO 8601 date and time format and in Universal + // Coordinated Time (UTC). For example: 2019-06-13T21:36:34Z + // + // The InclusiveStartTime cannot be in the future and must be before ExclusiveEndTime. + // + // If you provide an InclusiveStartTime that is before the ledger's CreationDateTime, + // QLDB effectively defaults it to the ledger's CreationDateTime. + // + // InclusiveStartTime is a required field + InclusiveStartTime *time.Time `type:"timestamp" required:"true"` + + // The configuration settings of the Kinesis Data Streams destination for your + // stream request. + // + // KinesisConfiguration is a required field + KinesisConfiguration *KinesisConfiguration `type:"structure" required:"true"` + + // The name of the ledger. + // + // LedgerName is a required field + LedgerName *string `location:"uri" locationName:"name" min:"1" type:"string" required:"true"` + + // The Amazon Resource Name (ARN) of the IAM role that grants QLDB permissions + // for a journal stream to write data records to a Kinesis Data Streams resource. + // + // RoleArn is a required field + RoleArn *string `min:"20" type:"string" required:"true"` + + // The name that you want to assign to the QLDB journal stream. User-defined + // names can help identify and indicate the purpose of a stream. + // + // Your stream name must be unique among other active streams for a given ledger. + // If you try to create a stream with the same name and configuration of an + // active, existing stream for the same ledger, QLDB simply returns the existing + // stream. Stream names have the same naming constraints as ledger names, as + // defined in Quotas in Amazon QLDB (https://docs.aws.amazon.com/qldb/latest/developerguide/limits.html#limits.naming) + // in the Amazon QLDB Developer Guide. + // + // StreamName is a required field + StreamName *string `min:"1" type:"string" required:"true"` + + // The key-value pairs to add as tags to the stream that you want to create. + // Tag keys are case sensitive. Tag values are case sensitive and can be null. + Tags map[string]*string `type:"map"` +} + +// String returns the string representation +func (s StreamJournalToKinesisInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s StreamJournalToKinesisInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *StreamJournalToKinesisInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "StreamJournalToKinesisInput"} + if s.InclusiveStartTime == nil { + invalidParams.Add(request.NewErrParamRequired("InclusiveStartTime")) + } + if s.KinesisConfiguration == nil { + invalidParams.Add(request.NewErrParamRequired("KinesisConfiguration")) + } + if s.LedgerName == nil { + invalidParams.Add(request.NewErrParamRequired("LedgerName")) + } + if s.LedgerName != nil && len(*s.LedgerName) < 1 { + invalidParams.Add(request.NewErrParamMinLen("LedgerName", 1)) + } + if s.RoleArn == nil { + invalidParams.Add(request.NewErrParamRequired("RoleArn")) + } + if s.RoleArn != nil && len(*s.RoleArn) < 20 { + invalidParams.Add(request.NewErrParamMinLen("RoleArn", 20)) + } + if s.StreamName == nil { + invalidParams.Add(request.NewErrParamRequired("StreamName")) + } + if s.StreamName != nil && len(*s.StreamName) < 1 { + invalidParams.Add(request.NewErrParamMinLen("StreamName", 1)) + } + if s.KinesisConfiguration != nil { + if err := s.KinesisConfiguration.Validate(); err != nil { + invalidParams.AddNested("KinesisConfiguration", err.(request.ErrInvalidParams)) + } + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetExclusiveEndTime sets the ExclusiveEndTime field's value. +func (s *StreamJournalToKinesisInput) SetExclusiveEndTime(v time.Time) *StreamJournalToKinesisInput { + s.ExclusiveEndTime = &v + return s +} + +// SetInclusiveStartTime sets the InclusiveStartTime field's value. +func (s *StreamJournalToKinesisInput) SetInclusiveStartTime(v time.Time) *StreamJournalToKinesisInput { + s.InclusiveStartTime = &v + return s +} + +// SetKinesisConfiguration sets the KinesisConfiguration field's value. +func (s *StreamJournalToKinesisInput) SetKinesisConfiguration(v *KinesisConfiguration) *StreamJournalToKinesisInput { + s.KinesisConfiguration = v + return s +} + +// SetLedgerName sets the LedgerName field's value. +func (s *StreamJournalToKinesisInput) SetLedgerName(v string) *StreamJournalToKinesisInput { + s.LedgerName = &v + return s +} + +// SetRoleArn sets the RoleArn field's value. +func (s *StreamJournalToKinesisInput) SetRoleArn(v string) *StreamJournalToKinesisInput { + s.RoleArn = &v + return s +} + +// SetStreamName sets the StreamName field's value. +func (s *StreamJournalToKinesisInput) SetStreamName(v string) *StreamJournalToKinesisInput { + s.StreamName = &v + return s +} + +// SetTags sets the Tags field's value. +func (s *StreamJournalToKinesisInput) SetTags(v map[string]*string) *StreamJournalToKinesisInput { + s.Tags = v + return s +} + +type StreamJournalToKinesisOutput struct { + _ struct{} `type:"structure"` + + // The unique ID that QLDB assigns to each QLDB journal stream. + StreamId *string `min:"22" type:"string"` +} + +// String returns the string representation +func (s StreamJournalToKinesisOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s StreamJournalToKinesisOutput) GoString() string { + return s.String() +} + +// SetStreamId sets the StreamId field's value. +func (s *StreamJournalToKinesisOutput) SetStreamId(v string) *StreamJournalToKinesisOutput { + s.StreamId = &v + return s +} + type TagResourceInput struct { _ struct{} `type:"structure"` @@ -3689,6 +4746,14 @@ func (s *ValueHolder) SetIonText(v string) *ValueHolder { return s } +const ( + // ErrorCauseKinesisStreamNotFound is a ErrorCause enum value + ErrorCauseKinesisStreamNotFound = "KINESIS_STREAM_NOT_FOUND" + + // ErrorCauseIamPermissionRevoked is a ErrorCause enum value + ErrorCauseIamPermissionRevoked = "IAM_PERMISSION_REVOKED" +) + const ( // ExportStatusInProgress is a ExportStatus enum value ExportStatusInProgress = "IN_PROGRESS" @@ -3729,3 +4794,20 @@ const ( // S3ObjectEncryptionTypeNoEncryption is a S3ObjectEncryptionType enum value S3ObjectEncryptionTypeNoEncryption = "NO_ENCRYPTION" ) + +const ( + // StreamStatusActive is a StreamStatus enum value + StreamStatusActive = "ACTIVE" + + // StreamStatusCompleted is a StreamStatus enum value + StreamStatusCompleted = "COMPLETED" + + // StreamStatusCanceled is a StreamStatus enum value + StreamStatusCanceled = "CANCELED" + + // StreamStatusFailed is a StreamStatus enum value + StreamStatusFailed = "FAILED" + + // StreamStatusImpaired is a StreamStatus enum value + StreamStatusImpaired = "IMPAIRED" +) diff --git a/vendor/github.com/aws/aws-sdk-go/service/sts/api.go b/vendor/github.com/aws/aws-sdk-go/service/sts/api.go index 7f60d4aa185..550b5f687f9 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/sts/api.go +++ b/vendor/github.com/aws/aws-sdk-go/service/sts/api.go @@ -1788,7 +1788,7 @@ type AssumeRoleWithSAMLInput struct { // in the IAM User Guide. // // SAMLAssertion is a required field - SAMLAssertion *string `min:"4" type:"string" required:"true"` + SAMLAssertion *string `min:"4" type:"string" required:"true" sensitive:"true"` } // String returns the string representation @@ -2100,7 +2100,7 @@ type AssumeRoleWithWebIdentityInput struct { // the application makes an AssumeRoleWithWebIdentity call. // // WebIdentityToken is a required field - WebIdentityToken *string `min:"4" type:"string" required:"true"` + WebIdentityToken *string `min:"4" type:"string" required:"true" sensitive:"true"` } // String returns the string representation diff --git a/vendor/modules.txt b/vendor/modules.txt index 68fe7d51316..7d6434710d2 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -25,7 +25,7 @@ github.com/apparentlymart/go-cidr/cidr github.com/apparentlymart/go-textseg/textseg # github.com/armon/go-radix v1.0.0 github.com/armon/go-radix -# github.com/aws/aws-sdk-go v1.30.28 +# github.com/aws/aws-sdk-go v1.31.0 github.com/aws/aws-sdk-go/aws github.com/aws/aws-sdk-go/aws/arn github.com/aws/aws-sdk-go/aws/awserr From 8fd7e168b2cf0c1e823401dc3d1b4c763cf0513d Mon Sep 17 00:00:00 2001 From: Pascal van Buijtene Date: Tue, 7 Apr 2020 22:39:11 +0200 Subject: [PATCH 195/475] Add aws_wafv2_ip_set data source --- aws/data_source_aws_wafv2_ip_set.go | 77 ++++++++++++++++++++++++ aws/data_source_aws_wafv2_ip_set_test.go | 67 +++++++++++++++++++++ aws/provider.go | 1 + 3 files changed, 145 insertions(+) create mode 100644 aws/data_source_aws_wafv2_ip_set.go create mode 100644 aws/data_source_aws_wafv2_ip_set_test.go diff --git a/aws/data_source_aws_wafv2_ip_set.go b/aws/data_source_aws_wafv2_ip_set.go new file mode 100644 index 00000000000..5c9721a751e --- /dev/null +++ b/aws/data_source_aws_wafv2_ip_set.go @@ -0,0 +1,77 @@ +package aws + +import ( + "fmt" + + "github.com/aws/aws-sdk-go/aws" + "github.com/aws/aws-sdk-go/service/wafv2" + "github.com/hashicorp/terraform-plugin-sdk/helper/schema" + "github.com/hashicorp/terraform-plugin-sdk/helper/validation" +) + +func dataSourceAwsWafv2IPSet() *schema.Resource { + return &schema.Resource{ + Read: dataSourceAwsWafv2IPSetRead, + + Schema: map[string]*schema.Schema{ + "arn": { + Type: schema.TypeString, + Computed: true, + }, + "description": { + Type: schema.TypeString, + Computed: true, + }, + "name": { + Type: schema.TypeString, + Required: true, + }, + "scope": { + Type: schema.TypeString, + Required: true, + ValidateFunc: validation.StringInSlice([]string{ + wafv2.ScopeCloudfront, + wafv2.ScopeRegional, + }, false), + }, + }, + } +} + +func dataSourceAwsWafv2IPSetRead(d *schema.ResourceData, meta interface{}) error { + conn := meta.(*AWSClient).wafv2conn + name := d.Get("name").(string) + + var foundIpSet *wafv2.IPSetSummary + input := &wafv2.ListIPSetsInput{ + Scope: aws.String(d.Get("scope").(string)), + } + for { + output, err := conn.ListIPSets(input) + if err != nil { + return fmt.Errorf("Error reading WAFV2 IPSets: %s", err) + } + + for _, ipSet := range output.IPSets { + if aws.StringValue(ipSet.Name) == name { + foundIpSet = ipSet + break + } + } + + if output.NextMarker == nil || foundIpSet != nil { + break + } + input.NextMarker = output.NextMarker + } + + if foundIpSet == nil { + return fmt.Errorf("WAFV2 IPSet not found for name: %s", name) + } + + d.SetId(aws.StringValue(foundIpSet.Id)) + d.Set("arn", aws.StringValue(foundIpSet.ARN)) + d.Set("description", aws.StringValue(foundIpSet.Description)) + + return nil +} diff --git a/aws/data_source_aws_wafv2_ip_set_test.go b/aws/data_source_aws_wafv2_ip_set_test.go new file mode 100644 index 00000000000..1e794c4656a --- /dev/null +++ b/aws/data_source_aws_wafv2_ip_set_test.go @@ -0,0 +1,67 @@ +package aws + +import ( + "fmt" + "regexp" + "testing" + + "github.com/hashicorp/terraform-plugin-sdk/helper/acctest" + "github.com/hashicorp/terraform-plugin-sdk/helper/resource" +) + +func TestAccDataSourceAwsWafv2IPSet_Basic(t *testing.T) { + name := acctest.RandomWithPrefix("tf-acc-test") + resourceName := "aws_wafv2_ip_set.test" + datasourceName := "data.aws_wafv2_ip_set.test" + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + Steps: []resource.TestStep{ + { + Config: testAccDataSourceAwsWafv2IPSet_NonExistent(name), + ExpectError: regexp.MustCompile(`WAFV2 IPSet not found`), + }, + { + Config: testAccDataSourceAwsWafv2IPSet_Name(name), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttrPair(datasourceName, "arn", resourceName, "arn"), + resource.TestCheckResourceAttrPair(datasourceName, "description", resourceName, "description"), + resource.TestCheckResourceAttrPair(datasourceName, "id", resourceName, "id"), + resource.TestCheckResourceAttrPair(datasourceName, "name", resourceName, "name"), + resource.TestCheckResourceAttrPair(datasourceName, "scope", resourceName, "scope"), + ), + }, + }, + }) +} + +func testAccDataSourceAwsWafv2IPSet_Name(name string) string { + return fmt.Sprintf(` +resource "aws_wafv2_ip_set" "test" { + name = "%s" + scope = "REGIONAL" + ip_address_version = "IPV4" +} + +data "aws_wafv2_ip_set" "test" { + name = aws_wafv2_ip_set.test.name + scope = "REGIONAL" +} +`, name) +} + +func testAccDataSourceAwsWafv2IPSet_NonExistent(name string) string { + return fmt.Sprintf(` +resource "aws_wafv2_ip_set" "test" { + name = "%s" + scope = "REGIONAL" + ip_address_version = "IPV4" +} + +data "aws_wafv2_ip_set" "test" { + name = "tf-acc-test-does-not-exist" + scope = "REGIONAL" +} +`, name) +} diff --git a/aws/provider.go b/aws/provider.go index e407448316c..1ba0ed481c8 100644 --- a/aws/provider.go +++ b/aws/provider.go @@ -333,6 +333,7 @@ func Provider() terraform.ResourceProvider { "aws_wafregional_rule": dataSourceAwsWafRegionalRule(), "aws_wafregional_rate_based_rule": dataSourceAwsWafRegionalRateBasedRule(), "aws_wafregional_web_acl": dataSourceAwsWafRegionalWebAcl(), + "aws_wafv2_ip_set": dataSourceAwsWafv2IPSet(), "aws_workspaces_bundle": dataSourceAwsWorkspaceBundle(), // Adding the Aliases for the ALB -> LB Rename From b71796e4acb1416c90def2167a27b507d3e47365 Mon Sep 17 00:00:00 2001 From: Pascal van Buijtene Date: Thu, 9 Apr 2020 21:39:19 +0200 Subject: [PATCH 196/475] Add documentation --- website/aws.erb | 13 +++++++++ website/docs/d/wafv2_ip_set.html.markdown | 35 +++++++++++++++++++++++ 2 files changed, 48 insertions(+) create mode 100644 website/docs/d/wafv2_ip_set.html.markdown diff --git a/website/aws.erb b/website/aws.erb index 6d77c4a5d6d..afdc2788414 100644 --- a/website/aws.erb +++ b/website/aws.erb @@ -3561,6 +3561,19 @@ +
  • + WAFv2 + +
  • WorkLink
      diff --git a/website/docs/d/wafv2_ip_set.html.markdown b/website/docs/d/wafv2_ip_set.html.markdown new file mode 100644 index 00000000000..4ec771953d7 --- /dev/null +++ b/website/docs/d/wafv2_ip_set.html.markdown @@ -0,0 +1,35 @@ +--- +subcategory: "WAFv2" +layout: "aws" +page_title: "AWS: aws_wafv2_ip_set" +description: |- + Retrieves the summary of a WAFv2 IP Set. +--- + +# Data Source: aws_wafv2_ip_set + +Retrieves the summary of a WAFv2 IP Set. + +## Example Usage + +```hcl +data "aws_wafv2_ip_set" "example" { + name = "some-ip-set" + scope = "REGIONAL" +} +``` + +## Argument Reference + +The following arguments are supported: + +* `name` - (Required) The name of the WAFv2 IP Set. +* `scope` - (Required) Specifies whether this is for an AWS CloudFront distribution or for a regional application. To work with CloudFront, you must also specify the Region US East (N. Virginia). + +## Attributes Reference + +In addition to all arguments above, the following attributes are exported: + +* `arn` - The Amazon Resource Name (ARN) of the entity. +* `description` - The description of the set that helps with identification. +* `id` - The unique identifier for the set. From c3b0404c6ef6de4140531e39bf506eb912b3137c Mon Sep 17 00:00:00 2001 From: Pascal van Buijtene Date: Mon, 11 May 2020 21:50:29 +0200 Subject: [PATCH 197/475] Add missing attributes --- aws/data_source_aws_wafv2_ip_set.go | 31 +++++++++++++++++++---- aws/data_source_aws_wafv2_ip_set_test.go | 4 ++- website/docs/d/wafv2_ip_set.html.markdown | 2 ++ 3 files changed, 31 insertions(+), 6 deletions(-) diff --git a/aws/data_source_aws_wafv2_ip_set.go b/aws/data_source_aws_wafv2_ip_set.go index 5c9721a751e..d816b12935a 100644 --- a/aws/data_source_aws_wafv2_ip_set.go +++ b/aws/data_source_aws_wafv2_ip_set.go @@ -14,6 +14,11 @@ func dataSourceAwsWafv2IPSet() *schema.Resource { Read: dataSourceAwsWafv2IPSetRead, Schema: map[string]*schema.Schema{ + "addresses": { + Type: schema.TypeSet, + Computed: true, + Elem: &schema.Schema{Type: schema.TypeString}, + }, "arn": { Type: schema.TypeString, Computed: true, @@ -22,6 +27,10 @@ func dataSourceAwsWafv2IPSet() *schema.Resource { Type: schema.TypeString, Computed: true, }, + "ip_address_version": { + Type: schema.TypeString, + Computed: true, + }, "name": { Type: schema.TypeString, Required: true, @@ -49,7 +58,7 @@ func dataSourceAwsWafv2IPSetRead(d *schema.ResourceData, meta interface{}) error for { output, err := conn.ListIPSets(input) if err != nil { - return fmt.Errorf("Error reading WAFV2 IPSets: %s", err) + return fmt.Errorf("Error reading WAFv2 IPSets: %s", err) } for _, ipSet := range output.IPSets { @@ -66,12 +75,24 @@ func dataSourceAwsWafv2IPSetRead(d *schema.ResourceData, meta interface{}) error } if foundIpSet == nil { - return fmt.Errorf("WAFV2 IPSet not found for name: %s", name) + return fmt.Errorf("WAFv2 IPSet not found for name: %s", name) + } + + resp, err := conn.GetIPSet(&wafv2.GetIPSetInput{ + Id: aws.String(*foundIpSet.Id), + Name: aws.String(*foundIpSet.Name), + Scope: aws.String(d.Get("scope").(string)), + }) + + if err != nil { + return fmt.Errorf("WAFv2 IPSet not found for name: %s", name) } - d.SetId(aws.StringValue(foundIpSet.Id)) - d.Set("arn", aws.StringValue(foundIpSet.ARN)) - d.Set("description", aws.StringValue(foundIpSet.Description)) + d.SetId(aws.StringValue(resp.IPSet.Id)) + d.Set("addresses", flattenStringList(resp.IPSet.Addresses)) + d.Set("arn", aws.StringValue(resp.IPSet.ARN)) + d.Set("description", aws.StringValue(resp.IPSet.Description)) + d.Set("ip_address_version", aws.StringValue(resp.IPSet.IPAddressVersion)) return nil } diff --git a/aws/data_source_aws_wafv2_ip_set_test.go b/aws/data_source_aws_wafv2_ip_set_test.go index 1e794c4656a..35e3c1ed5b1 100644 --- a/aws/data_source_aws_wafv2_ip_set_test.go +++ b/aws/data_source_aws_wafv2_ip_set_test.go @@ -20,14 +20,16 @@ func TestAccDataSourceAwsWafv2IPSet_Basic(t *testing.T) { Steps: []resource.TestStep{ { Config: testAccDataSourceAwsWafv2IPSet_NonExistent(name), - ExpectError: regexp.MustCompile(`WAFV2 IPSet not found`), + ExpectError: regexp.MustCompile(`WAFv2 IPSet not found`), }, { Config: testAccDataSourceAwsWafv2IPSet_Name(name), Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttrPair(datasourceName, "addresses", resourceName, "addresses"), resource.TestCheckResourceAttrPair(datasourceName, "arn", resourceName, "arn"), resource.TestCheckResourceAttrPair(datasourceName, "description", resourceName, "description"), resource.TestCheckResourceAttrPair(datasourceName, "id", resourceName, "id"), + resource.TestCheckResourceAttrPair(datasourceName, "ip_address_version", resourceName, "ip_address_version"), resource.TestCheckResourceAttrPair(datasourceName, "name", resourceName, "name"), resource.TestCheckResourceAttrPair(datasourceName, "scope", resourceName, "scope"), ), diff --git a/website/docs/d/wafv2_ip_set.html.markdown b/website/docs/d/wafv2_ip_set.html.markdown index 4ec771953d7..b2bff9d01e1 100644 --- a/website/docs/d/wafv2_ip_set.html.markdown +++ b/website/docs/d/wafv2_ip_set.html.markdown @@ -30,6 +30,8 @@ The following arguments are supported: In addition to all arguments above, the following attributes are exported: +* `addresses` - An array of strings that specify one or more IP addresses or blocks of IP addresses in Classless Inter-Domain Routing (CIDR) notation. * `arn` - The Amazon Resource Name (ARN) of the entity. * `description` - The description of the set that helps with identification. * `id` - The unique identifier for the set. +* `ip_address_version` - The IP address version of the set. From 4cedbeb28c14da3b26bd4de9511c37ad5bd3bb21 Mon Sep 17 00:00:00 2001 From: Pascal van Buijtene Date: Wed, 13 May 2020 22:46:46 +0200 Subject: [PATCH 198/475] Add extra checks --- aws/data_source_aws_wafv2_ip_set.go | 31 +++++++++++++++++------- aws/data_source_aws_wafv2_ip_set_test.go | 1 + 2 files changed, 23 insertions(+), 9 deletions(-) diff --git a/aws/data_source_aws_wafv2_ip_set.go b/aws/data_source_aws_wafv2_ip_set.go index d816b12935a..81a3eb09381 100644 --- a/aws/data_source_aws_wafv2_ip_set.go +++ b/aws/data_source_aws_wafv2_ip_set.go @@ -54,24 +54,30 @@ func dataSourceAwsWafv2IPSetRead(d *schema.ResourceData, meta interface{}) error var foundIpSet *wafv2.IPSetSummary input := &wafv2.ListIPSetsInput{ Scope: aws.String(d.Get("scope").(string)), + Limit: aws.Int64(100), } + for { - output, err := conn.ListIPSets(input) + resp, err := conn.ListIPSets(input) if err != nil { return fmt.Errorf("Error reading WAFv2 IPSets: %s", err) } - for _, ipSet := range output.IPSets { - if aws.StringValue(ipSet.Name) == name { + if resp == nil || resp.IPSets == nil { + return fmt.Errorf("Error reading WAFv2 IPSets") + } + + for _, ipSet := range resp.IPSets { + if ipSet != nil && aws.StringValue(ipSet.Name) == name { foundIpSet = ipSet break } } - if output.NextMarker == nil || foundIpSet != nil { + if resp.NextMarker == nil || foundIpSet != nil { break } - input.NextMarker = output.NextMarker + input.NextMarker = resp.NextMarker } if foundIpSet == nil { @@ -79,20 +85,27 @@ func dataSourceAwsWafv2IPSetRead(d *schema.ResourceData, meta interface{}) error } resp, err := conn.GetIPSet(&wafv2.GetIPSetInput{ - Id: aws.String(*foundIpSet.Id), - Name: aws.String(*foundIpSet.Name), + Id: foundIpSet.Id, + Name: foundIpSet.Name, Scope: aws.String(d.Get("scope").(string)), }) if err != nil { - return fmt.Errorf("WAFv2 IPSet not found for name: %s", name) + return fmt.Errorf("Error reading WAFv2 IPSet: %s", err) + } + + if resp == nil || resp.IPSet == nil { + return fmt.Errorf("Error reading WAFv2 IPSet") } d.SetId(aws.StringValue(resp.IPSet.Id)) - d.Set("addresses", flattenStringList(resp.IPSet.Addresses)) d.Set("arn", aws.StringValue(resp.IPSet.ARN)) d.Set("description", aws.StringValue(resp.IPSet.Description)) d.Set("ip_address_version", aws.StringValue(resp.IPSet.IPAddressVersion)) + if err := d.Set("addresses", flattenStringList(resp.IPSet.Addresses)); err != nil { + return fmt.Errorf("Error setting addresses: %s", err) + } + return nil } diff --git a/aws/data_source_aws_wafv2_ip_set_test.go b/aws/data_source_aws_wafv2_ip_set_test.go index 35e3c1ed5b1..050b961cba6 100644 --- a/aws/data_source_aws_wafv2_ip_set_test.go +++ b/aws/data_source_aws_wafv2_ip_set_test.go @@ -27,6 +27,7 @@ func TestAccDataSourceAwsWafv2IPSet_Basic(t *testing.T) { Check: resource.ComposeTestCheckFunc( resource.TestCheckResourceAttrPair(datasourceName, "addresses", resourceName, "addresses"), resource.TestCheckResourceAttrPair(datasourceName, "arn", resourceName, "arn"), + testAccMatchResourceAttrRegionalARN(datasourceName, "arn", "wafv2", regexp.MustCompile(fmt.Sprintf("regional/ipset/%v/.+$", name))), resource.TestCheckResourceAttrPair(datasourceName, "description", resourceName, "description"), resource.TestCheckResourceAttrPair(datasourceName, "id", resourceName, "id"), resource.TestCheckResourceAttrPair(datasourceName, "ip_address_version", resourceName, "ip_address_version"), From daa1802195b0dbe1204a3712eecf9979e7648af6 Mon Sep 17 00:00:00 2001 From: Pascal van Buijtene Date: Tue, 19 May 2020 18:20:34 +0200 Subject: [PATCH 199/475] Update docs --- website/aws.erb | 13 ++++--------- website/docs/d/wafv2_ip_set.html.markdown | 3 ++- 2 files changed, 6 insertions(+), 10 deletions(-) diff --git a/website/aws.erb b/website/aws.erb index afdc2788414..f7872164682 100644 --- a/website/aws.erb +++ b/website/aws.erb @@ -3552,23 +3552,18 @@ WAFv2 - -
    • - WAFv2 -
      • - Data Sources + Resources
        • diff --git a/website/docs/d/wafv2_ip_set.html.markdown b/website/docs/d/wafv2_ip_set.html.markdown index b2bff9d01e1..7991878ddea 100644 --- a/website/docs/d/wafv2_ip_set.html.markdown +++ b/website/docs/d/wafv2_ip_set.html.markdown @@ -24,7 +24,8 @@ data "aws_wafv2_ip_set" "example" { The following arguments are supported: * `name` - (Required) The name of the WAFv2 IP Set. -* `scope` - (Required) Specifies whether this is for an AWS CloudFront distribution or for a regional application. To work with CloudFront, you must also specify the Region US East (N. Virginia). +* `scope` - (Required) Specifies whether this is for an AWS CloudFront distribution or for a regional application. Valid values are `CLOUDFRONT` or `REGIONAL`. To work with CloudFront, you must also specify the region `us-east-1` (N. Virginia) on the AWS provider. + ## Attributes Reference From 76b3d098ed5560fab3b2129c662f264822e69f70 Mon Sep 17 00:00:00 2001 From: appilon Date: Tue, 19 May 2020 12:23:33 -0400 Subject: [PATCH 200/475] move mysql tarball to ./aws/testdata (#13333) --- aws/resource_aws_db_instance_test.go | 4 ++-- aws/resource_aws_rds_cluster_test.go | 4 ++-- {files => aws/testdata}/mysql-5-6-xtrabackup.tar.gz | Bin 3 files changed, 4 insertions(+), 4 deletions(-) rename {files => aws/testdata}/mysql-5-6-xtrabackup.tar.gz (100%) diff --git a/aws/resource_aws_db_instance_test.go b/aws/resource_aws_db_instance_test.go index e759391007d..91548dcc777 100644 --- a/aws/resource_aws_db_instance_test.go +++ b/aws/resource_aws_db_instance_test.go @@ -3191,8 +3191,8 @@ resource "aws_s3_bucket" "xtrabackup" { resource "aws_s3_bucket_object" "xtrabackup_db" { bucket = "${aws_s3_bucket.xtrabackup.id}" key = "%s/mysql-5-6-xtrabackup.tar.gz" - source = "../files/mysql-5-6-xtrabackup.tar.gz" - etag = "${filemd5("../files/mysql-5-6-xtrabackup.tar.gz")}" + source = "./testdata/mysql-5-6-xtrabackup.tar.gz" + etag = "${filemd5("./testdata/mysql-5-6-xtrabackup.tar.gz")}" } resource "aws_iam_role" "rds_s3_access_role" { diff --git a/aws/resource_aws_rds_cluster_test.go b/aws/resource_aws_rds_cluster_test.go index 5cf30b59e26..09190f788d0 100644 --- a/aws/resource_aws_rds_cluster_test.go +++ b/aws/resource_aws_rds_cluster_test.go @@ -2275,8 +2275,8 @@ resource "aws_s3_bucket" "xtrabackup" { resource "aws_s3_bucket_object" "xtrabackup_db" { bucket = "${aws_s3_bucket.xtrabackup.id}" key = "%[2]s/mysql-5-6-xtrabackup.tar.gz" - source = "../files/mysql-5-6-xtrabackup.tar.gz" - etag = "${filemd5("../files/mysql-5-6-xtrabackup.tar.gz")}" + source = "./testdata/mysql-5-6-xtrabackup.tar.gz" + etag = "${filemd5("./testdata/mysql-5-6-xtrabackup.tar.gz")}" } resource "aws_iam_role" "rds_s3_access_role" { diff --git a/files/mysql-5-6-xtrabackup.tar.gz b/aws/testdata/mysql-5-6-xtrabackup.tar.gz similarity index 100% rename from files/mysql-5-6-xtrabackup.tar.gz rename to aws/testdata/mysql-5-6-xtrabackup.tar.gz From 24eaad21936767248676b900d69ce2abf02813f8 Mon Sep 17 00:00:00 2001 From: appilon Date: Tue, 19 May 2020 12:54:06 -0400 Subject: [PATCH 201/475] service/rds: Fix schema panic errors (#13362) * Fix attribute typo to 'auto_minor_version_upgrade' * Add 'backtrack_window' attribute to schema * Add TestChecks --- aws/data_source_aws_db_instance.go | 2 +- aws/data_source_aws_db_instance_test.go | 1 + aws/data_source_aws_rds_cluster.go | 5 +++++ aws/data_source_aws_rds_cluster_test.go | 1 + 4 files changed, 8 insertions(+), 1 deletion(-) diff --git a/aws/data_source_aws_db_instance.go b/aws/data_source_aws_db_instance.go index e8197702643..b99b8a6ac1f 100644 --- a/aws/data_source_aws_db_instance.go +++ b/aws/data_source_aws_db_instance.go @@ -242,7 +242,7 @@ func dataSourceAwsDbInstanceRead(d *schema.ResourceData, meta interface{}) error d.SetId(d.Get("db_instance_identifier").(string)) d.Set("allocated_storage", dbInstance.AllocatedStorage) - d.Set("auto_minor_upgrade_enabled", dbInstance.AutoMinorVersionUpgrade) + d.Set("auto_minor_version_upgrade", dbInstance.AutoMinorVersionUpgrade) d.Set("availability_zone", dbInstance.AvailabilityZone) d.Set("backup_retention_period", dbInstance.BackupRetentionPeriod) d.Set("db_cluster_identifier", dbInstance.DBClusterIdentifier) diff --git a/aws/data_source_aws_db_instance_test.go b/aws/data_source_aws_db_instance_test.go index a7d1d7e17f7..12eda9aa902 100644 --- a/aws/data_source_aws_db_instance_test.go +++ b/aws/data_source_aws_db_instance_test.go @@ -20,6 +20,7 @@ func TestAccAWSDbInstanceDataSource_basic(t *testing.T) { Check: resource.ComposeAggregateTestCheckFunc( resource.TestCheckResourceAttrSet("data.aws_db_instance.bar", "address"), resource.TestCheckResourceAttrSet("data.aws_db_instance.bar", "allocated_storage"), + resource.TestCheckResourceAttrSet("data.aws_db_instance.bar", "auto_minor_version_upgrade"), resource.TestCheckResourceAttrSet("data.aws_db_instance.bar", "db_instance_class"), resource.TestCheckResourceAttrSet("data.aws_db_instance.bar", "db_name"), resource.TestCheckResourceAttrSet("data.aws_db_instance.bar", "db_subnet_group"), diff --git a/aws/data_source_aws_rds_cluster.go b/aws/data_source_aws_rds_cluster.go index a4a555e1041..812973deca2 100644 --- a/aws/data_source_aws_rds_cluster.go +++ b/aws/data_source_aws_rds_cluster.go @@ -31,6 +31,11 @@ func dataSourceAwsRdsCluster() *schema.Resource { Set: schema.HashString, }, + "backtrack_window": { + Type: schema.TypeInt, + Computed: true, + }, + "backup_retention_period": { Type: schema.TypeInt, Computed: true, diff --git a/aws/data_source_aws_rds_cluster_test.go b/aws/data_source_aws_rds_cluster_test.go index 1b5079ee49a..bc655a884f5 100644 --- a/aws/data_source_aws_rds_cluster_test.go +++ b/aws/data_source_aws_rds_cluster_test.go @@ -21,6 +21,7 @@ func TestAccDataSourceAWSRDSCluster_basic(t *testing.T) { Config: testAccDataSourceAwsRdsClusterConfigBasic(clusterName), Check: resource.ComposeAggregateTestCheckFunc( resource.TestCheckResourceAttrPair(dataSourceName, "arn", resourceName, "arn"), + resource.TestCheckResourceAttrPair(dataSourceName, "backtrack_window", resourceName, "backtrack_window"), resource.TestCheckResourceAttrPair(dataSourceName, "cluster_identifier", resourceName, "cluster_identifier"), resource.TestCheckResourceAttrPair(dataSourceName, "database_name", resourceName, "database_name"), resource.TestCheckResourceAttrPair(dataSourceName, "db_cluster_parameter_group_name", resourceName, "db_cluster_parameter_group_name"), From 6cc05d40df4bf728d396a1ca502ca643dbac6c23 Mon Sep 17 00:00:00 2001 From: appilon Date: Tue, 19 May 2020 12:55:09 -0400 Subject: [PATCH 202/475] Update CHANGELOG.md --- CHANGELOG.md | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index d8832d1120f..a8659ae5ec0 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,6 +4,11 @@ FEATURES: * **New Resource:** `aws_wafv2_ip_set` [GH-12119] +ENHANCEMENTS: + +* d/aws_db_instance: 'auto_minor_version_upgrade' now properly set [GH-13362] +* d/aws_rds_cluster: 'backtrack_window' attribute now available [GH-13362] + ## 2.62.0 (May 15, 2020) FEATURES: From f88acd25cfcef2e14f9a1a2b43e08b35a31cd9be Mon Sep 17 00:00:00 2001 From: appilon Date: Tue, 19 May 2020 13:03:10 -0400 Subject: [PATCH 203/475] service/asg: Fix schema panic in ASG tags (#13360) * Fix schema panic in ASG tags * Use AWS pointer helpers --- aws/autoscaling_tags.go | 17 ++++++++++++----- aws/resource_aws_autoscaling_group.go | 6 +++--- 2 files changed, 15 insertions(+), 8 deletions(-) diff --git a/aws/autoscaling_tags.go b/aws/autoscaling_tags.go index ffc74eba9b2..7df5a53fc99 100644 --- a/aws/autoscaling_tags.go +++ b/aws/autoscaling_tags.go @@ -248,14 +248,21 @@ func autoscalingTagFromMap(attr map[string]interface{}, resourceID string) (*aut return t, nil } -// autoscalingTagDescriptionsToSlice turns the list of tags into a slice. -func autoscalingTagDescriptionsToSlice(ts []*autoscaling.TagDescription) []map[string]interface{} { +// autoscalingTagDescriptionsToSlice turns the list of tags into a slice. If +// forceStrings is true, all values are converted to strings +func autoscalingTagDescriptionsToSlice(ts []*autoscaling.TagDescription, forceStrings bool) []map[string]interface{} { tags := make([]map[string]interface{}, 0, len(ts)) for _, t := range ts { + var propagateAtLaunch interface{} + if forceStrings { + propagateAtLaunch = strconv.FormatBool(aws.BoolValue(t.PropagateAtLaunch)) + } else { + propagateAtLaunch = aws.BoolValue(t.PropagateAtLaunch) + } tags = append(tags, map[string]interface{}{ - "key": *t.Key, - "value": *t.Value, - "propagate_at_launch": *t.PropagateAtLaunch, + "key": aws.StringValue(t.Key), + "value": aws.StringValue(t.Value), + "propagate_at_launch": propagateAtLaunch, }) } diff --git a/aws/resource_aws_autoscaling_group.go b/aws/resource_aws_autoscaling_group.go index 79ce5024fd4..bdc93a4920d 100644 --- a/aws/resource_aws_autoscaling_group.go +++ b/aws/resource_aws_autoscaling_group.go @@ -729,7 +729,7 @@ func resourceAwsAutoscalingGroupRead(d *schema.ResourceData, meta interface{}) e tagList = append(tagList, t) } } - d.Set("tag", autoscalingTagDescriptionsToSlice(tagList)) + d.Set("tag", autoscalingTagDescriptionsToSlice(tagList, false)) } if v, tagsOk = d.GetOk("tags"); tagsOk { @@ -754,11 +754,11 @@ func resourceAwsAutoscalingGroupRead(d *schema.ResourceData, meta interface{}) e } } //lintignore:AWSR002 - d.Set("tags", autoscalingTagDescriptionsToSlice(tagsList)) + d.Set("tags", autoscalingTagDescriptionsToSlice(tagsList, true)) } if !tagOk && !tagsOk { - d.Set("tag", autoscalingTagDescriptionsToSlice(g.Tags)) + d.Set("tag", autoscalingTagDescriptionsToSlice(g.Tags, false)) } if err := d.Set("target_group_arns", flattenStringList(g.TargetGroupARNs)); err != nil { From 67b06fc45fb84155f3fbaef7ead7b65d7432f708 Mon Sep 17 00:00:00 2001 From: appilon Date: Tue, 19 May 2020 13:04:34 -0400 Subject: [PATCH 204/475] Update CHANGELOG.md --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index a8659ae5ec0..1e2029ac655 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -8,6 +8,7 @@ ENHANCEMENTS: * d/aws_db_instance: 'auto_minor_version_upgrade' now properly set [GH-13362] * d/aws_rds_cluster: 'backtrack_window' attribute now available [GH-13362] +* autoscaling groups `tags` `propagate_at_launch` now properly set [GH-13360] ## 2.62.0 (May 15, 2020) From 700c52af590fbb7f29b1c9c38b6bcf9ef80f9c50 Mon Sep 17 00:00:00 2001 From: appilon Date: Tue, 19 May 2020 13:04:59 -0400 Subject: [PATCH 205/475] Update CHANGELOG.md --- CHANGELOG.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 1e2029ac655..d23ef383a05 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -6,8 +6,8 @@ FEATURES: ENHANCEMENTS: -* d/aws_db_instance: 'auto_minor_version_upgrade' now properly set [GH-13362] -* d/aws_rds_cluster: 'backtrack_window' attribute now available [GH-13362] +* d/aws_db_instance: `auto_minor_version_upgrade` now properly set [GH-13362] +* d/aws_rds_cluster: `backtrack_window' attribute` now available [GH-13362] * autoscaling groups `tags` `propagate_at_launch` now properly set [GH-13360] ## 2.62.0 (May 15, 2020) From 75ba1f98ea1c8d675e01df29cca04356c0216e21 Mon Sep 17 00:00:00 2001 From: appilon Date: Tue, 19 May 2020 13:05:34 -0400 Subject: [PATCH 206/475] Update CHANGELOG.md --- CHANGELOG.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index d23ef383a05..8d45a3a5ec1 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -7,7 +7,7 @@ FEATURES: ENHANCEMENTS: * d/aws_db_instance: `auto_minor_version_upgrade` now properly set [GH-13362] -* d/aws_rds_cluster: `backtrack_window' attribute` now available [GH-13362] +* d/aws_rds_cluster: `backtrack_window` attribute now available [GH-13362] * autoscaling groups `tags` `propagate_at_launch` now properly set [GH-13360] ## 2.62.0 (May 15, 2020) From 600ce6a6efb3a2300941321ee7b233fbb15c913b Mon Sep 17 00:00:00 2001 From: appilon Date: Tue, 19 May 2020 13:08:19 -0400 Subject: [PATCH 207/475] Update CHANGELOG.md --- CHANGELOG.md | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 8d45a3a5ec1..f5de51d5006 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -6,8 +6,11 @@ FEATURES: ENHANCEMENTS: -* d/aws_db_instance: `auto_minor_version_upgrade` now properly set [GH-13362] * d/aws_rds_cluster: `backtrack_window` attribute now available [GH-13362] + +BUG FIXES: + +* d/aws_db_instance: `auto_minor_version_upgrade` now properly set [GH-13362] * autoscaling groups `tags` `propagate_at_launch` now properly set [GH-13360] ## 2.62.0 (May 15, 2020) From c0ac7b96cb218e796e5e5193a8ac38378e8f98ac Mon Sep 17 00:00:00 2001 From: Kevin Tham Date: Tue, 19 May 2020 11:15:15 -0700 Subject: [PATCH 208/475] Add additional validation on sg rule attributes --- aws/resource_aws_security_group_rule_test.go | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/aws/resource_aws_security_group_rule_test.go b/aws/resource_aws_security_group_rule_test.go index 64af4d47fbe..516bda5ee4d 100644 --- a/aws/resource_aws_security_group_rule_test.go +++ b/aws/resource_aws_security_group_rule_test.go @@ -159,6 +159,8 @@ func TestAccAWSSecurityGroupRule_Ingress_Source_With_Account_Id(t *testing.T) { rInt := acctest.RandInt() + ruleName := "aws_security_group_rule.allow_self" + resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, Providers: testAccProviders, @@ -168,6 +170,18 @@ func TestAccAWSSecurityGroupRule_Ingress_Source_With_Account_Id(t *testing.T) { Config: testAccAWSSecurityGroupRule_Ingress_Source_with_AccountId(rInt), Check: resource.ComposeTestCheckFunc( testAccCheckAWSSecurityGroupRuleExists("aws_security_group.web", &group), + resource.TestMatchResourceAttr( + ruleName, "security_group_id", regexp.MustCompile("^sg-[0-9a-z]{17}$")), + resource.TestMatchResourceAttr( + ruleName, "source_security_group_id", regexp.MustCompile("^[0-9]{12}/sg-[0-9a-z]{17}$")), + resource.TestCheckResourceAttr( + ruleName, "description", "some description"), + resource.TestCheckResourceAttr( + ruleName, "from_port", "0"), + resource.TestCheckResourceAttr( + ruleName, "to_port", "0"), + resource.TestCheckResourceAttr( + ruleName, "protocol", "-1"), ), }, }, From 038e53fa1d8e56dcef07aa2a36b147e3ca2d325d Mon Sep 17 00:00:00 2001 From: Ilia Lazebnik Date: Tue, 19 May 2020 21:21:03 +0300 Subject: [PATCH 209/475] service/efs: New Resource and Data Source for EFS Access Point (#11965) Output from acceptance testing: ``` --- PASS: TestAccAWSEFSAccessPoint_basic (196.59s) --- PASS: TestAccAWSEFSAccessPoint_disappears (139.19s) --- PASS: TestAccAWSEFSAccessPoint_posix_user (248.78s) --- PASS: TestAccAWSEFSAccessPoint_posix_user_secondary_gids (49.14s) --- PASS: TestAccAWSEFSAccessPoint_root_directory (206.78s) --- PASS: TestAccAWSEFSAccessPoint_root_directory_creation_info (95.77s) --- PASS: TestAccAWSEFSAccessPoint_tags (90.36s) --- PASS: TestAccDataSourceAWSEFSAccessPoint_basic (136.14s) ``` --- aws/data_source_aws_efs_access_point.go | 144 ++++++ aws/data_source_aws_efs_access_point_test.go | 49 ++ aws/provider.go | 2 + aws/resource_aws_efs_access_point.go | 406 +++++++++++++++ aws/resource_aws_efs_access_point_test.go | 476 ++++++++++++++++++ aws/resource_aws_efs_file_system_test.go | 1 + aws/structure.go | 15 + website/aws.erb | 6 + website/docs/d/efs_access_point.html.markdown | 45 ++ website/docs/d/efs_file_system.html.markdown | 4 +- website/docs/r/efs_access_point.html.markdown | 72 +++ website/docs/r/efs_file_system.html.markdown | 4 +- 12 files changed, 1220 insertions(+), 4 deletions(-) create mode 100644 aws/data_source_aws_efs_access_point.go create mode 100644 aws/data_source_aws_efs_access_point_test.go create mode 100644 aws/resource_aws_efs_access_point.go create mode 100644 aws/resource_aws_efs_access_point_test.go create mode 100644 website/docs/d/efs_access_point.html.markdown create mode 100644 website/docs/r/efs_access_point.html.markdown diff --git a/aws/data_source_aws_efs_access_point.go b/aws/data_source_aws_efs_access_point.go new file mode 100644 index 00000000000..51a2e5030fb --- /dev/null +++ b/aws/data_source_aws_efs_access_point.go @@ -0,0 +1,144 @@ +package aws + +import ( + "fmt" + "log" + + "github.com/aws/aws-sdk-go/aws" + "github.com/aws/aws-sdk-go/aws/arn" + "github.com/aws/aws-sdk-go/service/efs" + "github.com/hashicorp/terraform-plugin-sdk/helper/schema" + "github.com/terraform-providers/terraform-provider-aws/aws/internal/keyvaluetags" +) + +func dataSourceAwsEfsAccessPoint() *schema.Resource { + return &schema.Resource{ + Read: dataSourceAwsEfsAccessPointRead, + + Schema: map[string]*schema.Schema{ + "access_point_id": { + Type: schema.TypeString, + Required: true, + }, + "file_system_arn": { + Type: schema.TypeString, + Computed: true, + }, + "file_system_id": { + Type: schema.TypeString, + Computed: true, + }, + "arn": { + Type: schema.TypeString, + Computed: true, + }, + "owner_id": { + Type: schema.TypeString, + Computed: true, + }, + "posix_user": { + Type: schema.TypeList, + Computed: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "gid": { + Type: schema.TypeInt, + Computed: true, + }, + "uid": { + Type: schema.TypeInt, + Computed: true, + }, + "secondary_gids": { + Type: schema.TypeSet, + Elem: &schema.Schema{Type: schema.TypeInt}, + Set: schema.HashInt, + Computed: true, + }, + }, + }, + }, + "root_directory": { + Type: schema.TypeList, + Computed: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "path": { + Type: schema.TypeString, + Computed: true, + }, + "creation_info": { + Type: schema.TypeList, + Computed: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "owner_gid": { + Type: schema.TypeInt, + Computed: true, + }, + "owner_uid": { + Type: schema.TypeInt, + Computed: true, + }, + "permissions": { + Type: schema.TypeString, + Computed: true, + }, + }, + }, + }, + }, + }, + }, + "tags": tagsSchema(), + }, + } +} + +func dataSourceAwsEfsAccessPointRead(d *schema.ResourceData, meta interface{}) error { + conn := meta.(*AWSClient).efsconn + ignoreTagsConfig := meta.(*AWSClient).IgnoreTagsConfig + + resp, err := conn.DescribeAccessPoints(&efs.DescribeAccessPointsInput{ + AccessPointId: aws.String(d.Get("access_point_id").(string)), + }) + if err != nil { + return fmt.Errorf("Error reading EFS access point %s: %s", d.Id(), err) + } + if len(resp.AccessPoints) != 1 { + return fmt.Errorf("Search returned %d results, please revise so only one is returned", len(resp.AccessPoints)) + } + + ap := resp.AccessPoints[0] + + log.Printf("[DEBUG] Found EFS access point: %#v", ap) + + d.SetId(*ap.AccessPointId) + + fsARN := arn.ARN{ + AccountID: meta.(*AWSClient).accountid, + Partition: meta.(*AWSClient).partition, + Region: meta.(*AWSClient).region, + Resource: fmt.Sprintf("file-system/%s", aws.StringValue(ap.FileSystemId)), + Service: "elasticfilesystem", + }.String() + + d.Set("file_system_arn", fsARN) + d.Set("file_system_id", ap.FileSystemId) + d.Set("arn", ap.AccessPointArn) + d.Set("owner_id", ap.OwnerId) + + if err := d.Set("posix_user", flattenEfsAccessPointPosixUser(ap.PosixUser)); err != nil { + return fmt.Errorf("error setting posix user: %s", err) + } + + if err := d.Set("root_directory", flattenEfsAccessPointRootDirectory(ap.RootDirectory)); err != nil { + return fmt.Errorf("error setting root directory: %s", err) + } + + if err := d.Set("tags", keyvaluetags.EfsKeyValueTags(ap.Tags).IgnoreAws().IgnoreConfig(ignoreTagsConfig).Map()); err != nil { + return fmt.Errorf("error setting tags: %s", err) + } + + return nil +} diff --git a/aws/data_source_aws_efs_access_point_test.go b/aws/data_source_aws_efs_access_point_test.go new file mode 100644 index 00000000000..5b49bf1bcac --- /dev/null +++ b/aws/data_source_aws_efs_access_point_test.go @@ -0,0 +1,49 @@ +package aws + +import ( + "fmt" + "testing" + + "github.com/hashicorp/terraform-plugin-sdk/helper/acctest" + "github.com/hashicorp/terraform-plugin-sdk/helper/resource" +) + +func TestAccDataSourceAWSEFSAccessPoint_basic(t *testing.T) { + rName := acctest.RandomWithPrefix("tf-acc-test") + dataSourceName := "data.aws_efs_access_point.test" + resourceName := "aws_efs_access_point.test" + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckEfsAccessPointDestroy, + Steps: []resource.TestStep{ + { + Config: testAccDataSourceAWSEFSAccessPointConfig(rName), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttrPair(dataSourceName, "arn", resourceName, "arn"), + resource.TestCheckResourceAttrPair(dataSourceName, "owner_id", resourceName, "owner_id"), + resource.TestCheckResourceAttrPair(dataSourceName, "tags", resourceName, "tags"), + resource.TestCheckResourceAttrPair(dataSourceName, "posix_user", resourceName, "posix_user"), + resource.TestCheckResourceAttrPair(dataSourceName, "root_directory", resourceName, "root_directory"), + ), + }, + }, + }) +} + +func testAccDataSourceAWSEFSAccessPointConfig(rName string) string { + return fmt.Sprintf(` +resource "aws_efs_file_system" "test" { + creation_token = "%s" +} + +resource "aws_efs_access_point" "test" { + file_system_id = "${aws_efs_file_system.test.id}" +} + +data "aws_efs_access_point" "test" { + access_point_id = "${aws_efs_access_point.test.id}" +} +`, rName) +} diff --git a/aws/provider.go b/aws/provider.go index e407448316c..1c584b5d966 100644 --- a/aws/provider.go +++ b/aws/provider.go @@ -230,6 +230,7 @@ func Provider() terraform.ResourceProvider { "aws_ecs_service": dataSourceAwsEcsService(), "aws_ecs_task_definition": dataSourceAwsEcsTaskDefinition(), "aws_customer_gateway": dataSourceAwsCustomerGateway(), + "aws_efs_access_point": dataSourceAwsEfsAccessPoint(), "aws_efs_file_system": dataSourceAwsEfsFileSystem(), "aws_efs_mount_target": dataSourceAwsEfsMountTarget(), "aws_eip": dataSourceAwsEip(), @@ -550,6 +551,7 @@ func Provider() terraform.ResourceProvider { "aws_ecs_cluster": resourceAwsEcsCluster(), "aws_ecs_service": resourceAwsEcsService(), "aws_ecs_task_definition": resourceAwsEcsTaskDefinition(), + "aws_efs_access_point": resourceAwsEfsAccessPoint(), "aws_efs_file_system": resourceAwsEfsFileSystem(), "aws_efs_mount_target": resourceAwsEfsMountTarget(), "aws_egress_only_internet_gateway": resourceAwsEgressOnlyInternetGateway(), diff --git a/aws/resource_aws_efs_access_point.go b/aws/resource_aws_efs_access_point.go new file mode 100644 index 00000000000..046982e5554 --- /dev/null +++ b/aws/resource_aws_efs_access_point.go @@ -0,0 +1,406 @@ +package aws + +import ( + "fmt" + "log" + "time" + + "github.com/aws/aws-sdk-go/aws" + "github.com/aws/aws-sdk-go/aws/arn" + "github.com/aws/aws-sdk-go/service/efs" + "github.com/hashicorp/terraform-plugin-sdk/helper/resource" + "github.com/hashicorp/terraform-plugin-sdk/helper/schema" + "github.com/terraform-providers/terraform-provider-aws/aws/internal/keyvaluetags" +) + +func resourceAwsEfsAccessPoint() *schema.Resource { + return &schema.Resource{ + Create: resourceAwsEfsAccessPointCreate, + Read: resourceAwsEfsAccessPointRead, + Update: resourceAwsEfsAccessPointUpdate, + Delete: resourceAwsEfsAccessPointDelete, + + Importer: &schema.ResourceImporter{ + State: schema.ImportStatePassthrough, + }, + + Schema: map[string]*schema.Schema{ + "file_system_arn": { + Type: schema.TypeString, + Computed: true, + }, + "file_system_id": { + Type: schema.TypeString, + Required: true, + ForceNew: true, + }, + "arn": { + Type: schema.TypeString, + Computed: true, + }, + "owner_id": { + Type: schema.TypeString, + Computed: true, + }, + "posix_user": { + Type: schema.TypeList, + Optional: true, + MaxItems: 1, + ForceNew: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "gid": { + Type: schema.TypeInt, + Required: true, + ForceNew: true, + }, + "uid": { + Type: schema.TypeInt, + Required: true, + ForceNew: true, + }, + "secondary_gids": { + Type: schema.TypeSet, + Elem: &schema.Schema{Type: schema.TypeInt}, + Set: schema.HashInt, + Optional: true, + ForceNew: true, + }, + }, + }, + }, + "root_directory": { + Type: schema.TypeList, + Optional: true, + MaxItems: 1, + ForceNew: true, + Computed: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "path": { + Type: schema.TypeString, + Optional: true, + ForceNew: true, + Computed: true, + }, + "creation_info": { + Type: schema.TypeList, + Optional: true, + ForceNew: true, + MaxItems: 1, + Computed: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "owner_gid": { + Type: schema.TypeInt, + Required: true, + ForceNew: true, + }, + "owner_uid": { + Type: schema.TypeInt, + Required: true, + ForceNew: true, + }, + "permissions": { + Type: schema.TypeString, + Required: true, + ForceNew: true, + }, + }, + }, + }, + }, + }, + }, + "tags": tagsSchema(), + }, + } +} + +func resourceAwsEfsAccessPointCreate(d *schema.ResourceData, meta interface{}) error { + conn := meta.(*AWSClient).efsconn + + fsId := d.Get("file_system_id").(string) + + input := efs.CreateAccessPointInput{ + FileSystemId: aws.String(fsId), + Tags: keyvaluetags.New(d.Get("tags").(map[string]interface{})).IgnoreAws().EfsTags(), + } + + if v, ok := d.GetOk("posix_user"); ok { + input.PosixUser = expandEfsAccessPointPosixUser(v.([]interface{})) + } + + if v, ok := d.GetOk("root_directory"); ok { + input.RootDirectory = expandEfsAccessPointRootDirectory(v.([]interface{})) + } + + log.Printf("[DEBUG] Creating EFS Access Point: %#v", input) + + ap, err := conn.CreateAccessPoint(&input) + if err != nil { + return fmt.Errorf("error creating EFS Access Point for File System (%s): %w", fsId, err) + } + + d.SetId(*ap.AccessPointId) + log.Printf("[INFO] EFS access point ID: %s", d.Id()) + + stateConf := &resource.StateChangeConf{ + Pending: []string{efs.LifeCycleStateCreating}, + Target: []string{efs.LifeCycleStateAvailable}, + Refresh: func() (interface{}, string, error) { + resp, err := conn.DescribeAccessPoints(&efs.DescribeAccessPointsInput{ + AccessPointId: aws.String(d.Id()), + }) + if err != nil { + return nil, "error", err + } + + if hasEmptyAccessPoints(resp) { + return nil, "error", fmt.Errorf("EFS access point %q could not be found.", d.Id()) + } + + mt := resp.AccessPoints[0] + + log.Printf("[DEBUG] Current status of %q: %q", aws.StringValue(mt.AccessPointId), aws.StringValue(mt.LifeCycleState)) + return mt, aws.StringValue(mt.LifeCycleState), nil + }, + Timeout: 10 * time.Minute, + Delay: 2 * time.Second, + MinTimeout: 3 * time.Second, + } + + _, err = stateConf.WaitForState() + if err != nil { + return fmt.Errorf("Error waiting for EFS access point (%s) to create: %s", d.Id(), err) + } + + log.Printf("[DEBUG] EFS access point created: %s", *ap.AccessPointId) + + return resourceAwsEfsAccessPointRead(d, meta) +} + +func resourceAwsEfsAccessPointUpdate(d *schema.ResourceData, meta interface{}) error { + conn := meta.(*AWSClient).efsconn + + if d.HasChange("tags") { + o, n := d.GetChange("tags") + + if err := keyvaluetags.EfsUpdateTags(conn, d.Id(), o, n); err != nil { + return fmt.Errorf("error updating EFS file system (%s) tags: %s", d.Id(), err) + } + } + + return resourceAwsEfsAccessPointRead(d, meta) +} + +func resourceAwsEfsAccessPointRead(d *schema.ResourceData, meta interface{}) error { + conn := meta.(*AWSClient).efsconn + ignoreTagsConfig := meta.(*AWSClient).IgnoreTagsConfig + + resp, err := conn.DescribeAccessPoints(&efs.DescribeAccessPointsInput{ + AccessPointId: aws.String(d.Id()), + }) + if err != nil { + if isAWSErr(err, efs.ErrCodeAccessPointNotFound, "") { + log.Printf("[WARN] EFS access point %q could not be found.", d.Id()) + d.SetId("") + return nil + } + return fmt.Errorf("Error reading EFS access point %s: %s", d.Id(), err) + } + + if hasEmptyAccessPoints(resp) { + return fmt.Errorf("EFS access point %q could not be found.", d.Id()) + } + + ap := resp.AccessPoints[0] + + log.Printf("[DEBUG] Found EFS access point: %#v", ap) + + d.SetId(*ap.AccessPointId) + + fsARN := arn.ARN{ + AccountID: meta.(*AWSClient).accountid, + Partition: meta.(*AWSClient).partition, + Region: meta.(*AWSClient).region, + Resource: fmt.Sprintf("file-system/%s", aws.StringValue(ap.FileSystemId)), + Service: "elasticfilesystem", + }.String() + + d.Set("file_system_arn", fsARN) + d.Set("file_system_id", ap.FileSystemId) + d.Set("arn", ap.AccessPointArn) + d.Set("owner_id", ap.OwnerId) + + if err := d.Set("posix_user", flattenEfsAccessPointPosixUser(ap.PosixUser)); err != nil { + return fmt.Errorf("error setting posix user: %s", err) + } + + if err := d.Set("root_directory", flattenEfsAccessPointRootDirectory(ap.RootDirectory)); err != nil { + return fmt.Errorf("error setting root directory: %s", err) + } + + if err := d.Set("tags", keyvaluetags.EfsKeyValueTags(ap.Tags).IgnoreAws().IgnoreConfig(ignoreTagsConfig).Map()); err != nil { + return fmt.Errorf("error setting tags: %s", err) + } + + return nil +} + +func resourceAwsEfsAccessPointDelete(d *schema.ResourceData, meta interface{}) error { + conn := meta.(*AWSClient).efsconn + + log.Printf("[DEBUG] Deleting EFS access point %q", d.Id()) + _, err := conn.DeleteAccessPoint(&efs.DeleteAccessPointInput{ + AccessPointId: aws.String(d.Id()), + }) + if err != nil { + return fmt.Errorf("error deleting EFS Access Point (%s): %w", d.Id(), err) + } + + err = waitForDeleteEfsAccessPoint(conn, d.Id(), 10*time.Minute) + if err != nil { + return fmt.Errorf("Error waiting for EFS access point (%q) to delete: %s", d.Id(), err.Error()) + } + + log.Printf("[DEBUG] EFS access point %q deleted.", d.Id()) + + return nil +} + +func waitForDeleteEfsAccessPoint(conn *efs.EFS, id string, timeout time.Duration) error { + stateConf := &resource.StateChangeConf{ + Pending: []string{efs.LifeCycleStateAvailable, efs.LifeCycleStateDeleting, efs.LifeCycleStateDeleted}, + Target: []string{}, + Refresh: func() (interface{}, string, error) { + resp, err := conn.DescribeAccessPoints(&efs.DescribeAccessPointsInput{ + AccessPointId: aws.String(id), + }) + if err != nil { + if isAWSErr(err, efs.ErrCodeAccessPointNotFound, "") { + return nil, "", nil + } + + return nil, "error", err + } + + if hasEmptyAccessPoints(resp) { + return nil, "", nil + } + + mt := resp.AccessPoints[0] + + log.Printf("[DEBUG] Current status of %q: %q", aws.StringValue(mt.AccessPointId), aws.StringValue(mt.LifeCycleState)) + return mt, aws.StringValue(mt.LifeCycleState), nil + }, + Timeout: timeout, + Delay: 2 * time.Second, + MinTimeout: 3 * time.Second, + } + _, err := stateConf.WaitForState() + return err +} + +func hasEmptyAccessPoints(aps *efs.DescribeAccessPointsOutput) bool { + if aps != nil && len(aps.AccessPoints) > 0 { + return false + } + return true +} + +func expandEfsAccessPointPosixUser(pUser []interface{}) *efs.PosixUser { + if len(pUser) < 1 || pUser[0] == nil { + return nil + } + + m := pUser[0].(map[string]interface{}) + + posixUser := &efs.PosixUser{ + Gid: aws.Int64(int64(m["gid"].(int))), + Uid: aws.Int64(int64(m["uid"].(int))), + } + + if v, ok := m["secondary_gids"].(*schema.Set); ok && len(v.List()) > 0 { + posixUser.SecondaryGids = expandInt64Set(v) + } + + return posixUser +} + +func expandEfsAccessPointRootDirectory(rDir []interface{}) *efs.RootDirectory { + if len(rDir) < 1 || rDir[0] == nil { + return nil + } + + m := rDir[0].(map[string]interface{}) + + rootDir := &efs.RootDirectory{} + + if v, ok := m["path"]; ok { + rootDir.Path = aws.String(v.(string)) + } + + if v, ok := m["creation_info"]; ok { + rootDir.CreationInfo = expandEfsAccessPointRootDirectoryCreationInfo(v.([]interface{})) + } + + return rootDir +} + +func expandEfsAccessPointRootDirectoryCreationInfo(cInfo []interface{}) *efs.CreationInfo { + if len(cInfo) < 1 || cInfo[0] == nil { + return nil + } + + m := cInfo[0].(map[string]interface{}) + + creationInfo := &efs.CreationInfo{ + OwnerGid: aws.Int64(int64(m["owner_gid"].(int))), + OwnerUid: aws.Int64(int64(m["owner_uid"].(int))), + Permissions: aws.String(m["permissions"].(string)), + } + + return creationInfo +} + +func flattenEfsAccessPointPosixUser(posixUser *efs.PosixUser) []interface{} { + if posixUser == nil { + return []interface{}{} + } + + m := map[string]interface{}{ + "gid": aws.Int64Value(posixUser.Gid), + "uid": aws.Int64Value(posixUser.Uid), + "secondary_gids": aws.Int64ValueSlice(posixUser.SecondaryGids), + } + + return []interface{}{m} +} + +func flattenEfsAccessPointRootDirectory(rDir *efs.RootDirectory) []interface{} { + if rDir == nil { + return []interface{}{} + } + + m := map[string]interface{}{ + "path": aws.StringValue(rDir.Path), + "creation_info": flattenEfsAccessPointRootDirectoryCreationInfo(rDir.CreationInfo), + } + + return []interface{}{m} +} + +func flattenEfsAccessPointRootDirectoryCreationInfo(cInfo *efs.CreationInfo) []interface{} { + if cInfo == nil { + return []interface{}{} + } + + m := map[string]interface{}{ + "owner_gid": aws.Int64Value(cInfo.OwnerGid), + "owner_uid": aws.Int64Value(cInfo.OwnerUid), + "permissions": aws.StringValue(cInfo.Permissions), + } + + return []interface{}{m} +} diff --git a/aws/resource_aws_efs_access_point_test.go b/aws/resource_aws_efs_access_point_test.go new file mode 100644 index 00000000000..144171deea2 --- /dev/null +++ b/aws/resource_aws_efs_access_point_test.go @@ -0,0 +1,476 @@ +package aws + +import ( + "fmt" + "log" + "regexp" + "testing" + "time" + + "github.com/aws/aws-sdk-go/aws" + "github.com/aws/aws-sdk-go/service/efs" + + multierror "github.com/hashicorp/go-multierror" + "github.com/hashicorp/terraform-plugin-sdk/helper/acctest" + "github.com/hashicorp/terraform-plugin-sdk/helper/resource" + "github.com/hashicorp/terraform-plugin-sdk/terraform" +) + +func init() { + resource.AddTestSweepers("aws_efs_access_point", &resource.Sweeper{ + Name: "aws_efs_access_point", + F: testSweepEfsAccessPoints, + }) +} + +func testSweepEfsAccessPoints(region string) error { + client, err := sharedClientForRegion(region) + if err != nil { + return fmt.Errorf("error getting client: %s", err) + } + conn := client.(*AWSClient).efsconn + + var errors error + input := &efs.DescribeFileSystemsInput{} + err = conn.DescribeFileSystemsPages(input, func(page *efs.DescribeFileSystemsOutput, lastPage bool) bool { + for _, filesystem := range page.FileSystems { + id := aws.StringValue(filesystem.FileSystemId) + log.Printf("[INFO] Deleting access points for EFS File System: %s", id) + + var errors error + input := &efs.DescribeAccessPointsInput{ + FileSystemId: filesystem.FileSystemId, + } + for { + out, err := conn.DescribeAccessPoints(input) + if err != nil { + errors = multierror.Append(errors, fmt.Errorf("error retrieving EFS access points on File System %q: %w", id, err)) + continue + } + + if out == nil || len(out.AccessPoints) == 0 { + log.Printf("[INFO] No EFS access points to sweep on File System %q", id) + continue + } + + for _, AccessPoint := range out.AccessPoints { + id := aws.StringValue(AccessPoint.AccessPointId) + + log.Printf("[INFO] Deleting EFS access point: %s", id) + _, err := conn.DeleteAccessPoint(&efs.DeleteAccessPointInput{ + AccessPointId: AccessPoint.AccessPointId, + }) + if err != nil { + errors = multierror.Append(errors, fmt.Errorf("error deleting EFS access point %q: %w", id, err)) + continue + } + + err = waitForDeleteEfsAccessPoint(conn, id, 10*time.Minute) + if err != nil { + errors = multierror.Append(errors, fmt.Errorf("error waiting for EFS access point %q to delete: %w", id, err)) + continue + } + } + + if out.NextToken == nil { + break + } + input.NextToken = out.NextToken + } + } + return true + }) + if err != nil { + errors = multierror.Append(errors, fmt.Errorf("error retrieving EFS File Systems: %w", err)) + } + + return errors +} + +func TestAccAWSEFSAccessPoint_basic(t *testing.T) { + var ap efs.AccessPointDescription + rName := acctest.RandomWithPrefix("tf-acc-test") + resourceName := "aws_efs_access_point.test" + fsResourceName := "aws_efs_file_system.test" + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckEfsAccessPointDestroy, + Steps: []resource.TestStep{ + { + Config: testAccAWSEFSAccessPointConfig(rName), + Check: resource.ComposeTestCheckFunc( + testAccCheckEfsAccessPointExists(resourceName, &ap), + resource.TestCheckResourceAttrPair(resourceName, "file_system_arn", fsResourceName, "arn"), + resource.TestCheckResourceAttrPair(resourceName, "file_system_id", fsResourceName, "id"), + testAccMatchResourceAttrRegionalARN(resourceName, "arn", "elasticfilesystem", regexp.MustCompile(`access-point/fsap-.+`)), + resource.TestCheckResourceAttrSet(resourceName, "owner_id"), + resource.TestCheckResourceAttr(resourceName, "tags.#", "0"), + resource.TestCheckResourceAttr(resourceName, "posix_user.#", "0"), + resource.TestCheckResourceAttr(resourceName, "root_directory.#", "1"), + resource.TestCheckResourceAttr(resourceName, "root_directory.0.path", "/"), + ), + }, + { + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + }, + }, + }) +} + +func TestAccAWSEFSAccessPoint_root_directory(t *testing.T) { + var ap efs.AccessPointDescription + rName := acctest.RandomWithPrefix("tf-acc-test") + resourceName := "aws_efs_access_point.test" + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckEfsAccessPointDestroy, + Steps: []resource.TestStep{ + { + Config: testAccAWSEFSAccessPointConfigRootDirectory(rName, "/home/test"), + Check: resource.ComposeTestCheckFunc( + testAccCheckEfsAccessPointExists(resourceName, &ap), + resource.TestCheckResourceAttr(resourceName, "root_directory.#", "1"), + resource.TestCheckResourceAttr(resourceName, "root_directory.0.path", "/home/test"), + resource.TestCheckResourceAttr(resourceName, "root_directory.0.creation_info.#", "0"), + ), + }, + { + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + }, + }, + }) +} + +func TestAccAWSEFSAccessPoint_root_directory_creation_info(t *testing.T) { + var ap efs.AccessPointDescription + rName := acctest.RandomWithPrefix("tf-acc-test") + resourceName := "aws_efs_access_point.test" + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckEfsAccessPointDestroy, + Steps: []resource.TestStep{ + { + Config: testAccAWSEFSAccessPointConfigRootDirectoryCreationInfo(rName, "/home/test"), + Check: resource.ComposeTestCheckFunc( + testAccCheckEfsAccessPointExists(resourceName, &ap), + resource.TestCheckResourceAttr(resourceName, "root_directory.#", "1"), + resource.TestCheckResourceAttr(resourceName, "root_directory.0.path", "/home/test"), + resource.TestCheckResourceAttr(resourceName, "root_directory.0.creation_info.#", "1"), + resource.TestCheckResourceAttr(resourceName, "root_directory.0.creation_info.0.owner_gid", "1001"), + resource.TestCheckResourceAttr(resourceName, "root_directory.0.creation_info.0.owner_uid", "1001"), + resource.TestCheckResourceAttr(resourceName, "root_directory.0.creation_info.0.permissions", "755"), + ), + }, + { + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + }, + }, + }) +} + +func TestAccAWSEFSAccessPoint_posix_user(t *testing.T) { + var ap efs.AccessPointDescription + rName := acctest.RandomWithPrefix("tf-acc-test") + resourceName := "aws_efs_access_point.test" + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckEfsAccessPointDestroy, + Steps: []resource.TestStep{ + { + Config: testAccAWSEFSAccessPointConfigPosixUser(rName), + Check: resource.ComposeTestCheckFunc( + testAccCheckEfsAccessPointExists(resourceName, &ap), + resource.TestCheckResourceAttr(resourceName, "posix_user.#", "1"), + resource.TestCheckResourceAttr(resourceName, "posix_user.0.gid", "1001"), + resource.TestCheckResourceAttr(resourceName, "posix_user.0.uid", "1001"), + resource.TestCheckResourceAttr(resourceName, "posix_user.0.secondary_gids.%", "0"), + ), + }, + { + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + }, + }, + }) +} + +func TestAccAWSEFSAccessPoint_posix_user_secondary_gids(t *testing.T) { + var ap efs.AccessPointDescription + rName := acctest.RandomWithPrefix("tf-acc-test") + resourceName := "aws_efs_access_point.test" + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckEfsAccessPointDestroy, + Steps: []resource.TestStep{ + { + Config: testAccAWSEFSAccessPointConfigPosixUserSecondaryGids(rName), + Check: resource.ComposeTestCheckFunc( + testAccCheckEfsAccessPointExists(resourceName, &ap), + resource.TestCheckResourceAttr(resourceName, "posix_user.#", "1"), + resource.TestCheckResourceAttr(resourceName, "posix_user.0.gid", "1001"), + resource.TestCheckResourceAttr(resourceName, "posix_user.0.uid", "1001"), + resource.TestCheckResourceAttr(resourceName, "posix_user.0.secondary_gids.#", "1")), + }, + { + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + }, + }, + }) +} + +func TestAccAWSEFSAccessPoint_tags(t *testing.T) { + var ap efs.AccessPointDescription + rName := acctest.RandomWithPrefix("tf-acc-test") + resourceName := "aws_efs_access_point.test" + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckEfsAccessPointDestroy, + Steps: []resource.TestStep{ + { + Config: testAccAWSEFSAccessPointConfigTags1(rName, "key1", "value1"), + Check: resource.ComposeTestCheckFunc( + testAccCheckEfsAccessPointExists(resourceName, &ap), + resource.TestCheckResourceAttr(resourceName, "tags.%", "1"), + resource.TestCheckResourceAttr(resourceName, "tags.key1", "value1"), + ), + }, + { + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + }, + { + Config: testAccAWSEFSAccessPointConfigTags2(rName, "key1", "value1updated", "key2", "value2"), + Check: resource.ComposeTestCheckFunc( + testAccCheckEfsAccessPointExists(resourceName, &ap), + resource.TestCheckResourceAttr(resourceName, "tags.%", "2"), + resource.TestCheckResourceAttr(resourceName, "tags.key1", "value1updated"), + resource.TestCheckResourceAttr(resourceName, "tags.key2", "value2"), + ), + }, + { + Config: testAccAWSEFSAccessPointConfigTags1(rName, "key2", "value2"), + Check: resource.ComposeTestCheckFunc( + testAccCheckEfsAccessPointExists(resourceName, &ap), + resource.TestCheckResourceAttr(resourceName, "tags.%", "1"), + resource.TestCheckResourceAttr(resourceName, "tags.key2", "value2"), + ), + }, + }, + }) +} + +func TestAccAWSEFSAccessPoint_disappears(t *testing.T) { + var ap efs.AccessPointDescription + resourceName := "aws_efs_access_point.test" + rName := acctest.RandomWithPrefix("tf-acc-test") + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckEfsAccessPointDestroy, + Steps: []resource.TestStep{ + { + Config: testAccAWSEFSAccessPointConfig(rName), + Check: resource.ComposeTestCheckFunc( + testAccCheckEfsAccessPointExists(resourceName, &ap), + testAccCheckResourceDisappears(testAccProvider, resourceAwsEfsAccessPoint(), resourceName), + ), + ExpectNonEmptyPlan: true, + }, + }, + }) +} + +func testAccCheckEfsAccessPointDestroy(s *terraform.State) error { + conn := testAccProvider.Meta().(*AWSClient).efsconn + for _, rs := range s.RootModule().Resources { + if rs.Type != "aws_efs_access_point" { + continue + } + + resp, err := conn.DescribeAccessPoints(&efs.DescribeAccessPointsInput{ + AccessPointId: aws.String(rs.Primary.ID), + }) + if err != nil { + if isAWSErr(err, efs.ErrCodeAccessPointNotFound, "") { + continue + } + return fmt.Errorf("Error describing EFS access point in tests: %s", err) + } + if len(resp.AccessPoints) > 0 { + return fmt.Errorf("EFS access point %q still exists", rs.Primary.ID) + } + } + + return nil +} + +func testAccCheckEfsAccessPointExists(resourceID string, mount *efs.AccessPointDescription) resource.TestCheckFunc { + return func(s *terraform.State) error { + rs, ok := s.RootModule().Resources[resourceID] + if !ok { + return fmt.Errorf("Not found: %s", resourceID) + } + + if rs.Primary.ID == "" { + return fmt.Errorf("No ID is set") + } + + fs, ok := s.RootModule().Resources[resourceID] + if !ok { + return fmt.Errorf("Not found: %s", resourceID) + } + + conn := testAccProvider.Meta().(*AWSClient).efsconn + mt, err := conn.DescribeAccessPoints(&efs.DescribeAccessPointsInput{ + AccessPointId: aws.String(fs.Primary.ID), + }) + if err != nil { + return err + } + + if *mt.AccessPoints[0].AccessPointId != fs.Primary.ID { + return fmt.Errorf("access point ID mismatch: %q != %q", + *mt.AccessPoints[0].AccessPointId, fs.Primary.ID) + } + + *mount = *mt.AccessPoints[0] + + return nil + } +} + +func testAccAWSEFSAccessPointConfig(rName string) string { + return fmt.Sprintf(` +resource "aws_efs_file_system" "test" { + creation_token = "%s" +} + +resource "aws_efs_access_point" "test" { + file_system_id = "${aws_efs_file_system.test.id}" +} +`, rName) +} + +func testAccAWSEFSAccessPointConfigRootDirectory(rName, dir string) string { + return fmt.Sprintf(` +resource "aws_efs_file_system" "test" { + creation_token = %[1]q +} + +resource "aws_efs_access_point" "test" { + file_system_id = "${aws_efs_file_system.test.id}" + root_directory { + path = %[2]q + } +} +`, rName, dir) +} + +func testAccAWSEFSAccessPointConfigRootDirectoryCreationInfo(rName, dir string) string { + return fmt.Sprintf(` +resource "aws_efs_file_system" "test" { + creation_token = %[1]q +} + +resource "aws_efs_access_point" "test" { + file_system_id = "${aws_efs_file_system.test.id}" + root_directory { + path = %[2]q + creation_info { + owner_gid = 1001 + owner_uid = 1001 + permissions = "755" + } + } +} +`, rName, dir) +} + +func testAccAWSEFSAccessPointConfigPosixUser(rName string) string { + return fmt.Sprintf(` +resource "aws_efs_file_system" "test" { + creation_token = "%s" +} + +resource "aws_efs_access_point" "test" { + file_system_id = "${aws_efs_file_system.test.id}" + posix_user { + gid = 1001 + uid = 1001 + } +} +`, rName) +} + +func testAccAWSEFSAccessPointConfigPosixUserSecondaryGids(rName string) string { + return fmt.Sprintf(` +resource "aws_efs_file_system" "test" { + creation_token = "%s" +} + +resource "aws_efs_access_point" "test" { + file_system_id = "${aws_efs_file_system.test.id}" + posix_user { + gid = 1001 + uid = 1001 + secondary_gids = [1002] + } +} +`, rName) +} + +func testAccAWSEFSAccessPointConfigTags1(rName, tagKey1, tagValue1 string) string { + return fmt.Sprintf(` +resource "aws_efs_file_system" "test" { + creation_token = %[1]q +} + +resource "aws_efs_access_point" "test" { + file_system_id = "${aws_efs_file_system.test.id}" + + tags = { + %[2]q = %[3]q + } +} +`, rName, tagKey1, tagValue1) +} + +func testAccAWSEFSAccessPointConfigTags2(rName, tagKey1, tagValue1, tagKey2, tagValue2 string) string { + return fmt.Sprintf(` +resource "aws_efs_file_system" "test" { + creation_token = %[1]q +} + +resource "aws_efs_access_point" "test" { + file_system_id = "${aws_efs_file_system.test.id}" + + tags = { + %[2]q = %[3]q + %[4]q = %[5]q + } +} +`, rName, tagKey1, tagValue1, tagKey2, tagValue2) +} diff --git a/aws/resource_aws_efs_file_system_test.go b/aws/resource_aws_efs_file_system_test.go index 87e02b8b9a0..2dec9b9a782 100644 --- a/aws/resource_aws_efs_file_system_test.go +++ b/aws/resource_aws_efs_file_system_test.go @@ -22,6 +22,7 @@ func init() { F: testSweepEfsFileSystems, Dependencies: []string{ "aws_efs_mount_target", + "aws_efs_access_point", }, }) } diff --git a/aws/structure.go b/aws/structure.go index 6ebb5317484..71997fe1ef0 100644 --- a/aws/structure.go +++ b/aws/structure.go @@ -971,6 +971,16 @@ func expandStringList(configured []interface{}) []*string { return vs } +// Takes the result of flatmap.Expand for an array of int64 +// and returns a []*int64 +func expandInt64List(configured []interface{}) []*int64 { + vs := make([]*int64, 0, len(configured)) + for _, v := range configured { + vs = append(vs, aws.Int64(int64(v.(int)))) + } + return vs +} + // Expands a map of string to interface to a map of string to *float func expandFloat64Map(m map[string]interface{}) map[string]*float64 { float64Map := make(map[string]*float64, len(m)) @@ -985,6 +995,11 @@ func expandStringSet(configured *schema.Set) []*string { return expandStringList(configured.List()) } +// Takes the result of schema.Set of strings and returns a []*int64 +func expandInt64Set(configured *schema.Set) []*int64 { + return expandInt64List(configured.List()) +} + // Takes list of pointers to strings. Expand to an array // of raw strings and returns a []interface{} // to keep compatibility w/ schema.NewSetschema.NewSet diff --git a/website/aws.erb b/website/aws.erb index 6d77c4a5d6d..0e8a996ff7e 100644 --- a/website/aws.erb +++ b/website/aws.erb @@ -1364,6 +1364,9 @@
      • Data Sources
          +
        • + aws_efs_access_point +
        • aws_efs_file_system
          • @@ -1375,6 +1378,9 @@
        • Resources
            +
          • + aws_efs_access_point +
          • aws_efs_file_system
            • diff --git a/website/docs/d/efs_access_point.html.markdown b/website/docs/d/efs_access_point.html.markdown new file mode 100644 index 00000000000..ad83ad94d4e --- /dev/null +++ b/website/docs/d/efs_access_point.html.markdown @@ -0,0 +1,45 @@ +--- +subcategory: "EFS" +layout: "aws" +page_title: "AWS: aws_efs_access_point" +description: |- + Provides an Elastic File System (EFS) Access Point data source. +--- + +# Data Source: aws_efs_access_point + +Provides information about an Elastic File System (EFS) Access Point. + +## Example Usage + +```hcl +data "aws_efs_access_point" "test" { + access_point_id = "fsap-12345678" +} +``` + +## Argument Reference + +The following arguments are supported: + +* `access_point_id` - (Required) The ID that identifies the file system. + +## Attributes Reference + +In addition to all arguments above, the following attributes are exported: + +* `id` - The ID of the access point. +* `arn` - Amazon Resource Name of the file system. +* `file_system_arn` - Amazon Resource Name of the file system. +* `file_system_id` - The ID of the file system for which the access point is intended. +* `posix_user` - Single element list containing operating system user and group applied to all file system requests made using the access point. + * `gid` - Group ID + * `secondary_gids` - Secondary group IDs + * `uid` - User Id +* `root_directory`- Single element list containing information on the directory on the Amazon EFS file system that the access point provides access to. + * `creation_info` - Single element list containing information on the creation permissions of the directory + * `owner_gid` - POSIX owner group ID + * `owner_uid` - POSIX owner user ID + * `permissions` - POSIX permissions mode + * `path` - Path exposed as the root directory +* `tags` - Key-value mapping of resource tags. diff --git a/website/docs/d/efs_file_system.html.markdown b/website/docs/d/efs_file_system.html.markdown index 75da4112e39..a7994e90031 100644 --- a/website/docs/d/efs_file_system.html.markdown +++ b/website/docs/d/efs_file_system.html.markdown @@ -3,12 +3,12 @@ subcategory: "EFS" layout: "aws" page_title: "AWS: aws_efs_file_system" description: |- - Provides an Elastic File System (EFS) data source. + Provides an Elastic File System (EFS) File System data source. --- # Data Source: aws_efs_file_system -Provides information about an Elastic File System (EFS). +Provides information about an Elastic File System (EFS) File System. ## Example Usage diff --git a/website/docs/r/efs_access_point.html.markdown b/website/docs/r/efs_access_point.html.markdown new file mode 100644 index 00000000000..4d42ff507ca --- /dev/null +++ b/website/docs/r/efs_access_point.html.markdown @@ -0,0 +1,72 @@ +--- +subcategory: "EFS" +layout: "aws" +page_title: "AWS: aws_efs_access_point" +description: |- + Provides an Elastic File System (EFS) access point. +--- + +# Resource: aws_efs_access_point + +Provides an Elastic File System (EFS) access point. + +## Example Usage + +```hcl +resource "aws_efs_access_point" "test" { + file_system_id = "${aws_efs_file_system.foo.id}" +} +``` + +## Argument Reference + +The following arguments are supported: + +* `file_system_id` - (Required) The ID of the file system for which the access point is intended. +* `posix_user` - (Optional) The operating system user and group applied to all file system requests made using the access point. See [Posix User](#posix-user) below. +* `root_directory`- (Optional) Specifies the directory on the Amazon EFS file system that the access point provides access to. See [Root Directory](#root-directory) below. +* `tags` - (Optional) Key-value mapping of resource tags. + +### Posix User + +The `posix_user` block supports the following: + +* `gid` - (Required) The POSIX group ID used for all file system operations using this access point. +* `uid` - (Required) he POSIX user ID used for all file system operations using this access point. +* `secondary_gids` - (Optional) Secondary POSIX group IDs used for all file system operations using this access point. + +### Root Directory + +The access point exposes the specified file system path as the root directory of your file system to applications using the access point. +NFS clients using the access point can only access data in the access point's RootDirectory and it's subdirectories. + +The `root_directory` block supports the following: + +* `path` - (Optional) Specifies the path on the EFS file system to expose as the root directory to NFS clients using the access point to access the EFS file system. A path can have up to four subdirectories. If the specified path does not exist, you are required to provide `creation_info`. +* `creation_info` - (Optional) Specifies the POSIX IDs and permissions to apply to the access point's Root Directory. See [Creation Info](#creation-info) below. + +### Creation Info + +If the `path` specified does not exist, EFS creates the root directory using the `creation_info` settings when a client connects to an access point. + +The `creation_info` block supports the following: + +* `owner_gid` - (Required) Specifies the POSIX group ID to apply to the `root_directory`. +* `owner_uid` - (Required) Specifies the POSIX user ID to apply to the `root_directory`. +* `permissions` - (Required) Specifies the POSIX permissions to apply to the RootDirectory, in the format of an octal number representing the file's mode bits. + +## Attributes Reference + +In addition to all arguments above, the following attributes are exported: + +* `id` - The ID of the access point. +* `arn` - Amazon Resource Name of the access point. +* `file_system_arn` - Amazon Resource Name of the file system. + +## Import + +The EFS access points can be imported using the `id`, e.g. + +``` +$ terraform import aws_efs_access_point.test fsap-52a643fb +``` diff --git a/website/docs/r/efs_file_system.html.markdown b/website/docs/r/efs_file_system.html.markdown index 79c0092a16f..13d99be706e 100644 --- a/website/docs/r/efs_file_system.html.markdown +++ b/website/docs/r/efs_file_system.html.markdown @@ -3,12 +3,12 @@ subcategory: "EFS" layout: "aws" page_title: "AWS: aws_efs_file_system" description: |- - Provides an Elastic File System (EFS) resource. + Provides an Elastic File System (EFS) File System resource. --- # Resource: aws_efs_file_system -Provides an Elastic File System (EFS) resource. +Provides an Elastic File System (EFS) File System resource. ## Example Usage From 6f9af0417ff782f842a8b3f564026bb79d309cd9 Mon Sep 17 00:00:00 2001 From: Brian Flad Date: Tue, 19 May 2020 14:23:18 -0400 Subject: [PATCH 210/475] Update CHANGELOG for #11965 --- CHANGELOG.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index f5de51d5006..b8a26f3cf00 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,8 @@ FEATURES: +* **New Data Source:** `aws_efs_access_point` [GH-11965] +* **New Resource:** `aws_efs_access_point` [GH-11965] * **New Resource:** `aws_wafv2_ip_set` [GH-12119] ENHANCEMENTS: From 6a5d798ff56b9e09cd91dfa5f1db0d38a20e97a4 Mon Sep 17 00:00:00 2001 From: Brian Flad Date: Tue, 19 May 2020 14:25:36 -0400 Subject: [PATCH 211/475] Adjust CHANGELOG formatting for #13362 Reference: https://www.terraform.io/docs/extend/best-practices/versioning.html#changelog-specification --- CHANGELOG.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index b8a26f3cf00..ac54f81977f 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -8,12 +8,12 @@ FEATURES: ENHANCEMENTS: -* d/aws_rds_cluster: `backtrack_window` attribute now available [GH-13362] +* data-source/aws_rds_cluster: `backtrack_window` attribute now available [GH-13362] BUG FIXES: -* d/aws_db_instance: `auto_minor_version_upgrade` now properly set [GH-13362] -* autoscaling groups `tags` `propagate_at_launch` now properly set [GH-13360] +* data-source/aws_db_instance: `auto_minor_version_upgrade` attribute now properly set [GH-13362] +* resource/aws_autoscaling_group: `tags` `propagate_at_launch` attribute now properly set [GH-13360] ## 2.62.0 (May 15, 2020) From c7e86a4b3cef04f0ca61ae85e01da3c4863ff9bf Mon Sep 17 00:00:00 2001 From: Brian Flad Date: Tue, 19 May 2020 14:55:20 -0400 Subject: [PATCH 212/475] service/eks: Fix testing and eks-getting-started example for EKS API change (#13323) * service/eks: Fix testing and eks-getting-started example for EKS API change Reference: https://github.com/terraform-providers/terraform-provider-aws/issues/13071 Reference: https://aws.amazon.com/blogs/containers/upcoming-changes-to-ip-assignment-for-eks-managed-node-groups/ Reference: https://github.com/awslabs/amazon-eks-ami/issues/423 This also switches the ReleaseVersion testing to use the newly available SSM Parameter, so it is no longer hardcoded and stale. Previously: ``` --- FAIL: TestAccAWSEksNodeGroup_basic (1278.58s) testing.go:683: Step 0 error: errors during apply: Error: error waiting for EKS Node Group (tf-acc-test-8344543808745629148:tf-acc-test-8344543808745629148) creation: Ec2SubnetInvalidConfiguration: One or more Amazon EC2 Subnets of [subnet-09e307c552d8e2396, subnet-09b4b4c79ae9b1c5a] for node group tf-acc-test-8344543808745629148 does not automatically assign public IP addresses to instances launched into it. If you want your instances to be assigned a public IP address, then you need to enable auto-assign public IP address for the subnet. See IP addressing in VPC guide: https://docs.aws.amazon.com/vpc/latest/userguide/vpc-ip-addressing.html#subnet-public-ip. Resource IDs: [subnet-09e307c552d8e2396 subnet-09b4b4c79ae9b1c5a] --- FAIL: TestAccAWSEksNodeGroup_ReleaseVersion (1129.51s) testing.go:683: Step 0 error: errors during apply: Error: error creating EKS Node Group (tf-acc-test-395161592184105116:tf-acc-test-395161592184105116): InvalidParameterException: releaseVersion 1.14.8-20191213 is invalid ``` Output from acceptance testing: ``` --- PASS: TestAccAWSEksNodeGroup_AmiType (1539.44s) --- PASS: TestAccAWSEksNodeGroup_basic (1485.68s) --- PASS: TestAccAWSEksNodeGroup_disappears (1425.45s) --- PASS: TestAccAWSEksNodeGroup_DiskSize (1551.75s) --- PASS: TestAccAWSEksNodeGroup_InstanceTypes (1545.64s) --- PASS: TestAccAWSEksNodeGroup_Labels (1647.48s) --- PASS: TestAccAWSEksNodeGroup_ReleaseVersion (1578.86s) --- PASS: TestAccAWSEksNodeGroup_RemoteAccess_Ec2SshKey (1566.70s) --- PASS: TestAccAWSEksNodeGroup_RemoteAccess_SourceSecurityGroupIds (1698.65s) --- PASS: TestAccAWSEksNodeGroup_ScalingConfig_DesiredSize (1619.70s) --- PASS: TestAccAWSEksNodeGroup_ScalingConfig_MaxSize (1610.20s) --- PASS: TestAccAWSEksNodeGroup_ScalingConfig_MinSize (1551.41s) --- PASS: TestAccAWSEksNodeGroup_Tags (1501.53s) --- PASS: TestAccAWSEksNodeGroup_Version (1513.24s) ``` * tests/resource/aws_eks_node_group: Fix version test to use version from aws_eks_cluster reference The EKS Cluster would spin up with the latest Kubernetes version while the Node Group could be hardcoded multiple behind. The EKS API unfortunately does not provide a lookup API for versioning yet. Previously: ``` Error: error creating EKS Node Group (tf-acc-test-1420558841397012520:tf-acc-test-1420558841397012520): InvalidParameterException: Nodegroup Kubernetes version should be equal to Cluster kubernetes version 1.16 or be behind be 1 ``` Output from acceptance testing: ``` --- PASS: TestAccAWSEksNodeGroup_Version (1630.32s) ``` --- aws/resource_aws_eks_node_group_test.go | 60 +++++++++++++++++++------ examples/eks-getting-started/vpc.tf | 7 +-- 2 files changed, 51 insertions(+), 16 deletions(-) diff --git a/aws/resource_aws_eks_node_group_test.go b/aws/resource_aws_eks_node_group_test.go index 28bfdf51a2b..42a1cc87816 100644 --- a/aws/resource_aws_eks_node_group_test.go +++ b/aws/resource_aws_eks_node_group_test.go @@ -271,6 +271,7 @@ func TestAccAWSEksNodeGroup_Labels(t *testing.T) { func TestAccAWSEksNodeGroup_ReleaseVersion(t *testing.T) { var nodeGroup1 eks.Nodegroup rName := acctest.RandomWithPrefix("tf-acc-test") + ssmParameterDataSourceName := "data.aws_ssm_parameter.test" resourceName := "aws_eks_node_group.test" resource.ParallelTest(t, resource.TestCase{ @@ -279,10 +280,10 @@ func TestAccAWSEksNodeGroup_ReleaseVersion(t *testing.T) { CheckDestroy: testAccCheckAWSEksNodeGroupDestroy, Steps: []resource.TestStep{ { - Config: testAccAWSEksNodeGroupConfigReleaseVersion(rName, "1.14.8-20191213"), + Config: testAccAWSEksNodeGroupConfigReleaseVersion(rName), Check: resource.ComposeTestCheckFunc( testAccCheckAWSEksNodeGroupExists(resourceName, &nodeGroup1), - resource.TestCheckResourceAttr(resourceName, "release_version", "1.14.8-20191213"), + resource.TestCheckResourceAttrPair(resourceName, "release_version", ssmParameterDataSourceName, "value"), ), }, { @@ -637,7 +638,7 @@ func testAccCheckAWSEksNodeGroupDisappears(nodeGroup *eks.Nodegroup) resource.Te } } -func testAccAWSEksNodeGroupConfigBase(rName string) string { +func testAccAWSEksNodeGroupConfigBaseIamAndVpc(rName string) string { return fmt.Sprintf(` data "aws_availability_zones" "available" { state = "available" @@ -759,16 +760,23 @@ resource "aws_security_group" "test" { resource "aws_subnet" "test" { count = 2 - availability_zone = data.aws_availability_zones.available.names[count.index] - cidr_block = cidrsubnet(aws_vpc.test.cidr_block, 8, count.index) - vpc_id = aws_vpc.test.id + availability_zone = data.aws_availability_zones.available.names[count.index] + cidr_block = cidrsubnet(aws_vpc.test.cidr_block, 8, count.index) + map_public_ip_on_launch = true + vpc_id = aws_vpc.test.id tags = { Name = "tf-acc-test-eks-node-group" "kubernetes.io/cluster/%[1]s" = "shared" } } +`, rName) +} +func testAccAWSEksNodeGroupConfigBase(rName string) string { + return composeConfig( + testAccAWSEksNodeGroupConfigBaseIamAndVpc(rName), + fmt.Sprintf(` resource "aws_eks_cluster" "test" { name = %[1]q role_arn = aws_iam_role.cluster.arn @@ -783,7 +791,29 @@ resource "aws_eks_cluster" "test" { "aws_main_route_table_association.test", ] } -`, rName) +`, rName)) +} + +func testAccAWSEksNodeGroupConfigBaseVersion(rName string, version string) string { + return composeConfig( + testAccAWSEksNodeGroupConfigBaseIamAndVpc(rName), + fmt.Sprintf(` +resource "aws_eks_cluster" "test" { + name = %[1]q + role_arn = aws_iam_role.cluster.arn + version = %[2]q + + vpc_config { + subnet_ids = aws_subnet.test[*].id + } + + depends_on = [ + "aws_iam_role_policy_attachment.cluster-AmazonEKSClusterPolicy", + "aws_iam_role_policy_attachment.cluster-AmazonEKSServicePolicy", + "aws_main_route_table_association.test", + ] +} +`, rName, version)) } func testAccAWSEksNodeGroupConfigNodeGroupName(rName string) string { @@ -936,13 +966,17 @@ resource "aws_eks_node_group" "test" { `, rName, labelKey1, labelValue1, labelKey2, labelValue2) } -func testAccAWSEksNodeGroupConfigReleaseVersion(rName, releaseVersion string) string { +func testAccAWSEksNodeGroupConfigReleaseVersion(rName string) string { return testAccAWSEksNodeGroupConfigBase(rName) + fmt.Sprintf(` +data "aws_ssm_parameter" "test" { + name = "/aws/service/eks/optimized-ami/${aws_eks_cluster.test.version}/amazon-linux-2/recommended/release_version" +} + resource "aws_eks_node_group" "test" { cluster_name = aws_eks_cluster.test.name node_group_name = %[1]q node_role_arn = aws_iam_role.node.arn - release_version = %[2]q + release_version = data.aws_ssm_parameter.test.value subnet_ids = aws_subnet.test[*].id scaling_config { @@ -957,7 +991,7 @@ resource "aws_eks_node_group" "test" { "aws_iam_role_policy_attachment.node-AmazonEC2ContainerRegistryReadOnly", ] } -`, rName, releaseVersion) +`, rName) } func testAccAWSEksNodeGroupConfigRemoteAccessEc2SshKey(rName string) string { @@ -1104,13 +1138,13 @@ resource "aws_eks_node_group" "test" { } func testAccAWSEksNodeGroupConfigVersion(rName, version string) string { - return testAccAWSEksNodeGroupConfigBase(rName) + fmt.Sprintf(` + return testAccAWSEksNodeGroupConfigBaseVersion(rName, version) + fmt.Sprintf(` resource "aws_eks_node_group" "test" { cluster_name = aws_eks_cluster.test.name node_group_name = %[1]q node_role_arn = aws_iam_role.node.arn subnet_ids = aws_subnet.test[*].id - version = %[2]q + version = aws_eks_cluster.test.version scaling_config { desired_size = 1 @@ -1124,5 +1158,5 @@ resource "aws_eks_node_group" "test" { "aws_iam_role_policy_attachment.node-AmazonEC2ContainerRegistryReadOnly", ] } -`, rName, version) +`, rName) } diff --git a/examples/eks-getting-started/vpc.tf b/examples/eks-getting-started/vpc.tf index 99d9d7921df..4bd3507953d 100644 --- a/examples/eks-getting-started/vpc.tf +++ b/examples/eks-getting-started/vpc.tf @@ -18,9 +18,10 @@ resource "aws_vpc" "demo" { resource "aws_subnet" "demo" { count = 2 - availability_zone = data.aws_availability_zones.available.names[count.index] - cidr_block = "10.0.${count.index}.0/24" - vpc_id = aws_vpc.demo.id + availability_zone = data.aws_availability_zones.available.names[count.index] + cidr_block = "10.0.${count.index}.0/24" + map_public_ip_on_launch = true + vpc_id = aws_vpc.demo.id tags = map( "Name", "terraform-eks-demo-node", From 4a7ed7fd332e489b9ba12be51dfef5b08ba8d1a9 Mon Sep 17 00:00:00 2001 From: Brian Flad Date: Tue, 19 May 2020 15:00:10 -0400 Subject: [PATCH 213/475] resource/aws_ecs_service: Add `force_new_deployment` argument and support in-place updates for `ordered_placement_strategy` and `placement_constraints` (#13376) Reference: https://github.com/terraform-providers/terraform-provider-aws/issues/12490 Previously (with testing updates): ``` --- FAIL TestAccAWSEcsService_withPlacementStrategy TestAccAWSEcsService_withPlacementStrategy: testing.go:683: Step 1 error: Check failed: Check 2/5 error: ECS Service (arn:aws:ecs:us-west-2:--OMITTED--:service/tf-acc-cluster-svc-w-ps-ep46rnwt/tf-acc-svc-w-ps-ep46rnwt) unexpectedly recreated --- FAIL: TestAccAWSEcsService_withPlacementConstraints (134.37s) TestAccAWSEcsService_withPlacementConstraints: testing.go:683: Step 1 error: Check failed: Check 2/3 error: ECS Service (arn:aws:ecs:us-west-2:--OMITTED--:service/tf-acc-cluster-svc-w-pc-9sz6fkt6/tf-acc-svc-w-pc-9sz6fkt6) unexpectedly recreated ``` Output from acceptance testing: ``` --- PASS: TestAccAWSEcsService_basicImport (80.81s) --- PASS: TestAccAWSEcsService_disappears (74.96s) --- PASS: TestAccAWSEcsService_healthCheckGracePeriodSeconds (327.88s) --- PASS: TestAccAWSEcsService_ManagedTags (77.68s) --- PASS: TestAccAWSEcsService_PropagateTags (189.17s) --- PASS: TestAccAWSEcsService_Tags (79.60s) --- PASS: TestAccAWSEcsService_withAlb (259.99s) --- PASS: TestAccAWSEcsService_withARN (88.55s) --- PASS: TestAccAWSEcsService_withCapacityProviderStrategy (170.47s) --- PASS: TestAccAWSEcsService_withDaemonSchedulingStrategy (56.29s) --- PASS: TestAccAWSEcsService_withDaemonSchedulingStrategySetDeploymentMinimum (66.57s) --- PASS: TestAccAWSEcsService_withDeploymentController_Type_CodeDeploy (308.17s) --- PASS: TestAccAWSEcsService_withDeploymentMinimumZeroMaximumOneHundred (77.83s) --- PASS: TestAccAWSEcsService_withDeploymentValues (77.63s) --- PASS: TestAccAWSEcsService_withEcsClusterName (89.34s) --- PASS: TestAccAWSEcsService_withFamilyAndRevision (86.16s) --- PASS: TestAccAWSEcsService_withForceNewDeployment (88.33s) --- PASS: TestAccAWSEcsService_withIamRole (163.07s) --- PASS: TestAccAWSEcsService_withLaunchTypeEC2AndNetworkConfiguration (131.25s) --- PASS: TestAccAWSEcsService_withLaunchTypeFargate (159.28s) --- PASS: TestAccAWSEcsService_withLaunchTypeFargateAndPlatformVersion (167.17s) --- PASS: TestAccAWSEcsService_withLbChanges (257.45s) --- PASS: TestAccAWSEcsService_withMultipleCapacityProviderStrategies (107.96s) --- PASS: TestAccAWSEcsService_withMultipleTargetGroups (259.82s) --- PASS: TestAccAWSEcsService_withPlacementConstraints (49.91s) --- PASS: TestAccAWSEcsService_withPlacementConstraints_emptyExpression (96.58s) --- PASS: TestAccAWSEcsService_withPlacementStrategy (99.17s) --- PASS: TestAccAWSEcsService_withRenamedCluster (169.19s) --- PASS: TestAccAWSEcsService_withReplicaSchedulingStrategy (98.92s) --- PASS: TestAccAWSEcsService_withServiceRegistries (176.99s) --- PASS: TestAccAWSEcsService_withServiceRegistries_container (167.41s) --- PASS: TestAccAWSEcsService_withUnnormalizedPlacementStrategy (75.58s) ``` --- aws/resource_aws_ecs_service.go | 108 +++++++++++++++++------ aws/resource_aws_ecs_service_test.go | 108 +++++++++++++++++++++-- website/docs/r/ecs_service.html.markdown | 6 +- 3 files changed, 187 insertions(+), 35 deletions(-) diff --git a/aws/resource_aws_ecs_service.go b/aws/resource_aws_ecs_service.go index 50f698a5970..955efbdc3eb 100644 --- a/aws/resource_aws_ecs_service.go +++ b/aws/resource_aws_ecs_service.go @@ -89,6 +89,11 @@ func resourceAwsEcsService() *schema.Resource { Default: false, }, + "force_new_deployment": { + Type: schema.TypeBool, + Optional: true, + }, + "health_check_grace_period_seconds": { Type: schema.TypeInt, Optional: true, @@ -272,18 +277,15 @@ func resourceAwsEcsService() *schema.Resource { "ordered_placement_strategy": { Type: schema.TypeList, Optional: true, - ForceNew: true, MaxItems: 5, Elem: &schema.Resource{ Schema: map[string]*schema.Schema{ "type": { Type: schema.TypeString, - ForceNew: true, Required: true, }, "field": { Type: schema.TypeString, - ForceNew: true, Optional: true, StateFunc: func(v interface{}) string { value := v.(string) @@ -302,13 +304,11 @@ func resourceAwsEcsService() *schema.Resource { "placement_constraints": { Type: schema.TypeSet, Optional: true, - ForceNew: true, MaxItems: 10, Elem: &schema.Resource{ Schema: map[string]*schema.Schema{ "type": { Type: schema.TypeString, - ForceNew: true, Required: true, ValidateFunc: validation.StringInSlice([]string{ ecs.PlacementConstraintTypeDistinctInstance, @@ -317,7 +317,6 @@ func resourceAwsEcsService() *schema.Resource { }, "expression": { Type: schema.TypeString, - ForceNew: true, Optional: true, }, }, @@ -458,31 +457,21 @@ func resourceAwsEcsServiceCreate(d *schema.ResourceData, meta interface{}) error if v, ok := d.GetOk("ordered_placement_strategy"); ok { ps, err := expandPlacementStrategy(v.([]interface{})) + if err != nil { return err } + input.PlacementStrategy = ps } - constraints := d.Get("placement_constraints").(*schema.Set).List() - if len(constraints) > 0 { - var pc []*ecs.PlacementConstraint - for _, raw := range constraints { - p := raw.(map[string]interface{}) - t := p["type"].(string) - e := p["expression"].(string) - if err := validateAwsEcsPlacementConstraint(t, e); err != nil { - return err - } - constraint := &ecs.PlacementConstraint{ - Type: aws.String(t), - } - if e != "" { - constraint.Expression = aws.String(e) - } + if v, ok := d.Get("placement_constraints").(*schema.Set); ok { + pc, err := expandPlacementConstraints(v.List()) - pc = append(pc, constraint) + if err != nil { + return err } + input.PlacementConstraints = pc } @@ -797,6 +786,40 @@ func flattenEcsCapacityProviderStrategy(cps []*ecs.CapacityProviderStrategyItem) return results } +func expandPlacementConstraints(tfList []interface{}) ([]*ecs.PlacementConstraint, error) { + if len(tfList) == 0 { + return nil, nil + } + + var result []*ecs.PlacementConstraint + + for _, tfMapRaw := range tfList { + if tfMapRaw == nil { + continue + } + + tfMap := tfMapRaw.(map[string]interface{}) + + apiObject := &ecs.PlacementConstraint{} + + if v, ok := tfMap["expression"].(string); ok && v != "" { + apiObject.Expression = aws.String(v) + } + + if v, ok := tfMap["type"].(string); ok && v != "" { + apiObject.Type = aws.String(v) + } + + if err := validateAwsEcsPlacementConstraint(aws.StringValue(apiObject.Type), aws.StringValue(apiObject.Expression)); err != nil { + return result, err + } + + result = append(result, apiObject) + } + + return result, nil +} + func flattenServicePlacementConstraints(pcs []*ecs.PlacementConstraint) []map[string]interface{} { if len(pcs) == 0 { return nil @@ -889,8 +912,9 @@ func resourceAwsEcsServiceUpdate(d *schema.ResourceData, meta interface{}) error updateService := false input := ecs.UpdateServiceInput{ - Service: aws.String(d.Id()), - Cluster: aws.String(d.Get("cluster").(string)), + Cluster: aws.String(d.Get("cluster").(string)), + ForceNewDeployment: aws.Bool(d.Get("force_new_deployment").(bool)), + Service: aws.String(d.Id()), } schedulingStrategy := d.Get("scheduling_strategy").(string) @@ -917,6 +941,40 @@ func resourceAwsEcsServiceUpdate(d *schema.ResourceData, meta interface{}) error } } + if d.HasChange("ordered_placement_strategy") { + updateService = true + // Reference: https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_UpdateService.html#ECS-UpdateService-request-placementStrategy + // To remove an existing placement strategy, specify an empty object. + input.PlacementStrategy = []*ecs.PlacementStrategy{} + + if v, ok := d.GetOk("ordered_placement_strategy"); ok && len(v.([]interface{})) > 0 { + ps, err := expandPlacementStrategy(v.([]interface{})) + + if err != nil { + return err + } + + input.PlacementStrategy = ps + } + } + + if d.HasChange("placement_constraints") { + updateService = true + // Reference: https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_UpdateService.html#ECS-UpdateService-request-placementConstraints + // To remove all existing placement constraints, specify an empty array. + input.PlacementConstraints = []*ecs.PlacementConstraint{} + + if v, ok := d.Get("placement_constraints").(*schema.Set); ok && v.Len() > 0 { + pc, err := expandPlacementConstraints(v.List()) + + if err != nil { + return err + } + + input.PlacementConstraints = pc + } + } + if d.HasChange("platform_version") { updateService = true input.PlatformVersion = aws.String(d.Get("platform_version").(string)) diff --git a/aws/resource_aws_ecs_service_test.go b/aws/resource_aws_ecs_service_test.go index 6e2c2222ffe..450f3c4786d 100644 --- a/aws/resource_aws_ecs_service_test.go +++ b/aws/resource_aws_ecs_service_test.go @@ -617,8 +617,44 @@ func TestAccAWSEcsService_withMultipleTargetGroups(t *testing.T) { }, }) } + +func TestAccAWSEcsService_withForceNewDeployment(t *testing.T) { + var service1, service2 ecs.Service + resourceName := "aws_ecs_service.mongo" + rString := acctest.RandString(8) + + clusterName := fmt.Sprintf("tf-acc-cluster-svc-w-ps-%s", rString) + tdName := fmt.Sprintf("tf-acc-td-svc-w-ps-%s", rString) + svcName := fmt.Sprintf("tf-acc-svc-w-ps-%s", rString) + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSEcsServiceDestroy, + Steps: []resource.TestStep{ + { + Config: testAccAWSEcsService(clusterName, tdName, svcName), + Check: resource.ComposeTestCheckFunc( + testAccCheckAWSEcsServiceExists(resourceName, &service1), + resource.TestCheckResourceAttr(resourceName, "ordered_placement_strategy.#", "0"), + ), + }, + { + Config: testAccAWSEcsServiceWithForceNewDeployment(clusterName, tdName, svcName), + Check: resource.ComposeTestCheckFunc( + testAccCheckAWSEcsServiceExists(resourceName, &service2), + testAccCheckAWSEcsServiceNotRecreated(&service1, &service2), + resource.TestCheckResourceAttr(resourceName, "ordered_placement_strategy.#", "1"), + resource.TestCheckResourceAttr(resourceName, "ordered_placement_strategy.0.type", "binpack"), + resource.TestCheckResourceAttr(resourceName, "ordered_placement_strategy.0.field", "memory"), + ), + }, + }, + }) +} + func TestAccAWSEcsService_withPlacementStrategy(t *testing.T) { - var service ecs.Service + var service1, service2, service3, service4 ecs.Service rString := acctest.RandString(8) clusterName := fmt.Sprintf("tf-acc-cluster-svc-w-ps-%s", rString) @@ -633,14 +669,15 @@ func TestAccAWSEcsService_withPlacementStrategy(t *testing.T) { { Config: testAccAWSEcsService(clusterName, tdName, svcName), Check: resource.ComposeTestCheckFunc( - testAccCheckAWSEcsServiceExists("aws_ecs_service.mongo", &service), + testAccCheckAWSEcsServiceExists("aws_ecs_service.mongo", &service1), resource.TestCheckResourceAttr("aws_ecs_service.mongo", "ordered_placement_strategy.#", "0"), ), }, { Config: testAccAWSEcsServiceWithPlacementStrategy(clusterName, tdName, svcName), Check: resource.ComposeTestCheckFunc( - testAccCheckAWSEcsServiceExists("aws_ecs_service.mongo", &service), + testAccCheckAWSEcsServiceExists("aws_ecs_service.mongo", &service2), + testAccCheckAWSEcsServiceNotRecreated(&service1, &service2), resource.TestCheckResourceAttr("aws_ecs_service.mongo", "ordered_placement_strategy.#", "1"), resource.TestCheckResourceAttr("aws_ecs_service.mongo", "ordered_placement_strategy.0.type", "binpack"), resource.TestCheckResourceAttr("aws_ecs_service.mongo", "ordered_placement_strategy.0.field", "memory"), @@ -649,7 +686,8 @@ func TestAccAWSEcsService_withPlacementStrategy(t *testing.T) { { Config: testAccAWSEcsServiceWithRandomPlacementStrategy(clusterName, tdName, svcName), Check: resource.ComposeTestCheckFunc( - testAccCheckAWSEcsServiceExists("aws_ecs_service.mongo", &service), + testAccCheckAWSEcsServiceExists("aws_ecs_service.mongo", &service3), + testAccCheckAWSEcsServiceNotRecreated(&service2, &service3), resource.TestCheckResourceAttr("aws_ecs_service.mongo", "ordered_placement_strategy.#", "1"), resource.TestCheckResourceAttr("aws_ecs_service.mongo", "ordered_placement_strategy.0.type", "random"), resource.TestCheckResourceAttr("aws_ecs_service.mongo", "ordered_placement_strategy.0.field", ""), @@ -658,7 +696,8 @@ func TestAccAWSEcsService_withPlacementStrategy(t *testing.T) { { Config: testAccAWSEcsServiceWithMultiPlacementStrategy(clusterName, tdName, svcName), Check: resource.ComposeTestCheckFunc( - testAccCheckAWSEcsServiceExists("aws_ecs_service.mongo", &service), + testAccCheckAWSEcsServiceExists("aws_ecs_service.mongo", &service4), + testAccCheckAWSEcsServiceNotRecreated(&service3, &service4), resource.TestCheckResourceAttr("aws_ecs_service.mongo", "ordered_placement_strategy.#", "2"), resource.TestCheckResourceAttr("aws_ecs_service.mongo", "ordered_placement_strategy.0.type", "binpack"), resource.TestCheckResourceAttr("aws_ecs_service.mongo", "ordered_placement_strategy.0.field", "memory"), @@ -671,7 +710,7 @@ func TestAccAWSEcsService_withPlacementStrategy(t *testing.T) { } func TestAccAWSEcsService_withPlacementConstraints(t *testing.T) { - var service ecs.Service + var service1, service2 ecs.Service rString := acctest.RandString(8) clusterName := fmt.Sprintf("tf-acc-cluster-svc-w-pc-%s", rString) @@ -686,7 +725,15 @@ func TestAccAWSEcsService_withPlacementConstraints(t *testing.T) { { Config: testAccAWSEcsServiceWithPlacementConstraint(clusterName, tdName, svcName), Check: resource.ComposeTestCheckFunc( - testAccCheckAWSEcsServiceExists("aws_ecs_service.mongo", &service), + testAccCheckAWSEcsServiceExists("aws_ecs_service.mongo", &service1), + resource.TestCheckResourceAttr("aws_ecs_service.mongo", "placement_constraints.#", "1"), + ), + }, + { + Config: testAccAWSEcsServiceWithPlacementConstraintEmptyExpression(clusterName, tdName, svcName), + Check: resource.ComposeTestCheckFunc( + testAccCheckAWSEcsServiceExists("aws_ecs_service.mongo", &service2), + testAccCheckAWSEcsServiceNotRecreated(&service1, &service2), resource.TestCheckResourceAttr("aws_ecs_service.mongo", "placement_constraints.#", "1"), ), }, @@ -1186,6 +1233,16 @@ func testAccCheckAWSEcsServiceDisappears(service *ecs.Service) resource.TestChec } } +func testAccCheckAWSEcsServiceNotRecreated(i, j *ecs.Service) resource.TestCheckFunc { + return func(s *terraform.State) error { + if aws.TimeValue(i.CreatedAt) != aws.TimeValue(j.CreatedAt) { + return fmt.Errorf("ECS Service (%s) unexpectedly recreated", aws.StringValue(j.ServiceArn)) + } + + return nil + } +} + func testAccAWSEcsService(clusterName, tdName, svcName string) string { return fmt.Sprintf(` resource "aws_ecs_cluster" "default" { @@ -1405,6 +1462,43 @@ resource "aws_vpc" "main" { `, tdName, svcName, sgName) } +func testAccAWSEcsServiceWithForceNewDeployment(clusterName, tdName, svcName string) string { + return fmt.Sprintf(` +resource "aws_ecs_cluster" "default" { + name = "%s" +} + +resource "aws_ecs_task_definition" "mongo" { + family = "%s" + + container_definitions = < Date: Tue, 19 May 2020 15:01:03 -0400 Subject: [PATCH 214/475] Update CHANGELOG for #13376 --- CHANGELOG.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index ac54f81977f..7ac6cdc4d81 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -9,6 +9,8 @@ FEATURES: ENHANCEMENTS: * data-source/aws_rds_cluster: `backtrack_window` attribute now available [GH-13362] +* resource/aws_ecs_service: Add `force_new_deployment` argument [GH-13376] +* resource/aws_ecs_service: Support in-place updates for `ordered_placement_strategy` and `placement_constraints` [GH-13376] BUG FIXES: From deab886864a6e7006163684389f691aae6f5c31f Mon Sep 17 00:00:00 2001 From: Brian Flad Date: Tue, 19 May 2020 16:22:16 -0400 Subject: [PATCH 215/475] docs/resource/aws_eks_node_group: Add ignore_changes example, similar to aws_ecs_service resource (#13378) * docs/resource/aws_eks_node_group: Add ignore_changes example, similar to aws_ecs_service resource Reference: https://github.com/terraform-providers/terraform-provider-aws/issues/11296 Reference: https://registry.terraform.io/providers/hashicorp/aws/2.62.0/docs/resources/ecs_service#ignoring-changes-to-desired-count * docs/resource/aws_eks_node_group: Update lifecycle anchor --- website/docs/r/eks_node_group.html.markdown | 22 +++++++++++++++++++++ 1 file changed, 22 insertions(+) diff --git a/website/docs/r/eks_node_group.html.markdown b/website/docs/r/eks_node_group.html.markdown index 772584769d9..e4100395155 100644 --- a/website/docs/r/eks_node_group.html.markdown +++ b/website/docs/r/eks_node_group.html.markdown @@ -35,6 +35,28 @@ resource "aws_eks_node_group" "example" { } ``` +### Ignoring Changes to Desired Size + +You can utilize the generic Terraform resource [lifecycle configuration block](/docs/configuration/resources.html#lifecycle-lifecycle-customizations) with `ignore_changes` to create an EKS Node Group with an initial size of running instances, then ignore any changes to that count caused externally (e.g. Application Autoscaling). + +```hcl +resource "aws_eks_node_group" "example" { + # ... other configurations ... + + scaling_config { + # Example: Create EKS Node Group with 2 instances to start + desired_size = 2 + + # ... other configurations ... + } + + # Optional: Allow external changes without Terraform plan difference + lifecycle { + ignore_changes = [scaling_config[0].desired_size] + } +} +``` + ### Example IAM Role for EKS Node Group ```hcl From 1f0bbf2d5dfa61f46d5220a1e360ff54125645cb Mon Sep 17 00:00:00 2001 From: Angie Pinilla Date: Tue, 19 May 2020 16:58:14 -0400 Subject: [PATCH 216/475] remove DisableBinaryDriver refs in tests --- aws/resource_aws_vpc_peering_connection_test.go | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/aws/resource_aws_vpc_peering_connection_test.go b/aws/resource_aws_vpc_peering_connection_test.go index 61f47780f89..d2211daa1ee 100644 --- a/aws/resource_aws_vpc_peering_connection_test.go +++ b/aws/resource_aws_vpc_peering_connection_test.go @@ -222,9 +222,8 @@ func TestAccAWSVPCPeeringConnection_options(t *testing.T) { IDRefreshName: resourceName, IDRefreshIgnore: []string{"auto_accept"}, - Providers: testAccProviders, - CheckDestroy: testAccCheckAWSVpcPeeringConnectionDestroy, - DisableBinaryDriver: true, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSVpcPeeringConnectionDestroy, Steps: []resource.TestStep{ { Config: testAccVpcPeeringConfig_options(rName), From 4c388143c0c5c8d9cdf41e5fb70e3f6531e675f1 Mon Sep 17 00:00:00 2001 From: Angie Pinilla Date: Tue, 19 May 2020 17:04:43 -0400 Subject: [PATCH 217/475] remove DisableBinaryDriver refs in tests --- ...ce_aws_waf_sql_injection_match_set_test.go | 14 ++++------ aws/resource_aws_waf_web_acl_test.go | 28 ++++++++----------- 2 files changed, 18 insertions(+), 24 deletions(-) diff --git a/aws/resource_aws_waf_sql_injection_match_set_test.go b/aws/resource_aws_waf_sql_injection_match_set_test.go index 59d3a70bcb4..c4c4edd2111 100644 --- a/aws/resource_aws_waf_sql_injection_match_set_test.go +++ b/aws/resource_aws_waf_sql_injection_match_set_test.go @@ -18,10 +18,9 @@ func TestAccAWSWafSqlInjectionMatchSet_basic(t *testing.T) { resourceName := "aws_waf_sql_injection_match_set.test" resource.ParallelTest(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSWaf(t) }, - Providers: testAccProviders, - CheckDestroy: testAccCheckAWSWafSqlInjectionMatchSetDestroy, - DisableBinaryDriver: true, + PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSWaf(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSWafSqlInjectionMatchSetDestroy, Steps: []resource.TestStep{ { Config: testAccAWSWafSqlInjectionMatchSetConfig(rName), @@ -108,10 +107,9 @@ func TestAccAWSWafSqlInjectionMatchSet_changeTuples(t *testing.T) { resourceName := "aws_waf_sql_injection_match_set.test" resource.ParallelTest(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSWaf(t) }, - Providers: testAccProviders, - CheckDestroy: testAccCheckAWSWafSqlInjectionMatchSetDestroy, - DisableBinaryDriver: true, + PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSWaf(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSWafSqlInjectionMatchSetDestroy, Steps: []resource.TestStep{ { Config: testAccAWSWafSqlInjectionMatchSetConfig(rName), diff --git a/aws/resource_aws_waf_web_acl_test.go b/aws/resource_aws_waf_web_acl_test.go index 5285126fe4e..cbc1e71d7c9 100644 --- a/aws/resource_aws_waf_web_acl_test.go +++ b/aws/resource_aws_waf_web_acl_test.go @@ -120,10 +120,9 @@ func TestAccAWSWafWebAcl_basic(t *testing.T) { resourceName := "aws_waf_web_acl.test" resource.ParallelTest(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSWaf(t) }, - Providers: testAccProviders, - CheckDestroy: testAccCheckAWSWafWebAclDestroy, - DisableBinaryDriver: true, + PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSWaf(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSWafWebAclDestroy, Steps: []resource.TestStep{ { Config: testAccAWSWafWebAclConfig_Required(rName), @@ -154,10 +153,9 @@ func TestAccAWSWafWebAcl_changeNameForceNew(t *testing.T) { resourceName := "aws_waf_web_acl.test" resource.ParallelTest(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSWaf(t) }, - Providers: testAccProviders, - CheckDestroy: testAccCheckAWSWafWebAclDestroy, - DisableBinaryDriver: true, + PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSWaf(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSWafWebAclDestroy, Steps: []resource.TestStep{ { Config: testAccAWSWafWebAclConfig_Required(rName1), @@ -198,10 +196,9 @@ func TestAccAWSWafWebAcl_DefaultAction(t *testing.T) { resourceName := "aws_waf_web_acl.test" resource.ParallelTest(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSWaf(t) }, - Providers: testAccProviders, - CheckDestroy: testAccCheckAWSWafWebAclDestroy, - DisableBinaryDriver: true, + PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSWaf(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSWafWebAclDestroy, Steps: []resource.TestStep{ { Config: testAccAWSWafWebAclConfig_DefaultAction(rName, "ALLOW"), @@ -350,10 +347,9 @@ func TestAccAWSWafWebAcl_Tags(t *testing.T) { resourceName := "aws_waf_web_acl.test" resource.ParallelTest(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSWaf(t) }, - Providers: testAccProviders, - CheckDestroy: testAccCheckAWSWafWebAclDestroy, - DisableBinaryDriver: true, + PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSWaf(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSWafWebAclDestroy, Steps: []resource.TestStep{ { Config: testAccAWSWafWebAclConfigTags1(rName, "key1", "value1"), From d9ec3766b51fdb5adad9eafe94d1f49a2961dea1 Mon Sep 17 00:00:00 2001 From: Kevin Tham Date: Tue, 19 May 2020 14:14:13 -0700 Subject: [PATCH 218/475] Use resource.TestCheckResourceAttrPair for security_group_id --- aws/resource_aws_security_group_rule_test.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/aws/resource_aws_security_group_rule_test.go b/aws/resource_aws_security_group_rule_test.go index 516bda5ee4d..fd3f7829847 100644 --- a/aws/resource_aws_security_group_rule_test.go +++ b/aws/resource_aws_security_group_rule_test.go @@ -170,8 +170,8 @@ func TestAccAWSSecurityGroupRule_Ingress_Source_With_Account_Id(t *testing.T) { Config: testAccAWSSecurityGroupRule_Ingress_Source_with_AccountId(rInt), Check: resource.ComposeTestCheckFunc( testAccCheckAWSSecurityGroupRuleExists("aws_security_group.web", &group), - resource.TestMatchResourceAttr( - ruleName, "security_group_id", regexp.MustCompile("^sg-[0-9a-z]{17}$")), + resource.TestCheckResourceAttrPair( + ruleName, "security_group_id", "aws_security_group.web", "id"), resource.TestMatchResourceAttr( ruleName, "source_security_group_id", regexp.MustCompile("^[0-9]{12}/sg-[0-9a-z]{17}$")), resource.TestCheckResourceAttr( From ef3e60de7b485c1b02ba79fd9ae76e91bce3fc82 Mon Sep 17 00:00:00 2001 From: DrFaust92 Date: Wed, 20 May 2020 00:33:11 +0300 Subject: [PATCH 219/475] arn --- aws/resource_aws_glue_connection.go | 14 ++++++++++++++ aws/resource_aws_glue_connection_test.go | 1 + website/docs/r/glue_connection.html.markdown | 1 + 3 files changed, 16 insertions(+) diff --git a/aws/resource_aws_glue_connection.go b/aws/resource_aws_glue_connection.go index 46109fe255f..7dfc321170c 100644 --- a/aws/resource_aws_glue_connection.go +++ b/aws/resource_aws_glue_connection.go @@ -6,6 +6,7 @@ import ( "strings" "github.com/aws/aws-sdk-go/aws" + "github.com/aws/aws-sdk-go/aws/arn" "github.com/aws/aws-sdk-go/service/glue" "github.com/hashicorp/terraform-plugin-sdk/helper/schema" "github.com/hashicorp/terraform-plugin-sdk/helper/validation" @@ -22,6 +23,10 @@ func resourceAwsGlueConnection() *schema.Resource { }, Schema: map[string]*schema.Schema{ + "arn": { + Type: schema.TypeString, + Computed: true, + }, "catalog_id": { Type: schema.TypeString, ForceNew: true, @@ -143,6 +148,15 @@ func resourceAwsGlueConnectionRead(d *schema.ResourceData, meta interface{}) err return nil } + connectionArn := arn.ARN{ + Partition: meta.(*AWSClient).partition, + Service: "glue", + Region: meta.(*AWSClient).region, + AccountID: meta.(*AWSClient).accountid, + Resource: fmt.Sprintf("connection/%s", connectionName), + }.String() + d.Set("arn", connectionArn) + d.Set("catalog_id", catalogID) if err := d.Set("connection_properties", aws.StringValueMap(connection.ConnectionProperties)); err != nil { return fmt.Errorf("error setting connection_properties: %s", err) diff --git a/aws/resource_aws_glue_connection_test.go b/aws/resource_aws_glue_connection_test.go index 401b043a971..a718bfff7b9 100644 --- a/aws/resource_aws_glue_connection_test.go +++ b/aws/resource_aws_glue_connection_test.go @@ -72,6 +72,7 @@ func TestAccAWSGlueConnection_Basic(t *testing.T) { Config: testAccAWSGlueConnectionConfig_Required(rName), Check: resource.ComposeTestCheckFunc( testAccCheckAWSGlueConnectionExists(resourceName, &connection), + testAccCheckResourceAttrRegionalARN(resourceName, "arn", "glue", fmt.Sprintf("connection/%s", rName)), resource.TestCheckResourceAttr(resourceName, "connection_properties.%", "3"), resource.TestCheckResourceAttr(resourceName, "connection_properties.JDBC_CONNECTION_URL", "jdbc:mysql://terraformacctesting.com/testdatabase"), resource.TestCheckResourceAttr(resourceName, "connection_properties.PASSWORD", "testpassword"), diff --git a/website/docs/r/glue_connection.html.markdown b/website/docs/r/glue_connection.html.markdown index 6f4f6c15ee0..389d65929ae 100644 --- a/website/docs/r/glue_connection.html.markdown +++ b/website/docs/r/glue_connection.html.markdown @@ -71,6 +71,7 @@ The following arguments are supported: In addition to all arguments above, the following attributes are exported: * `id` - Catalog ID and name of the connection +* `id` - The ARN of the Glue Connection. ## Import From 1083523eb318b663877af00a0f0ea64631cb4680 Mon Sep 17 00:00:00 2001 From: Ilia Lazebnik Date: Wed, 20 May 2020 01:22:19 +0300 Subject: [PATCH 220/475] Update glue_connection.html.markdown --- website/docs/r/glue_connection.html.markdown | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/website/docs/r/glue_connection.html.markdown b/website/docs/r/glue_connection.html.markdown index 389d65929ae..2b0d98c6fff 100644 --- a/website/docs/r/glue_connection.html.markdown +++ b/website/docs/r/glue_connection.html.markdown @@ -71,7 +71,7 @@ The following arguments are supported: In addition to all arguments above, the following attributes are exported: * `id` - Catalog ID and name of the connection -* `id` - The ARN of the Glue Connection. +* `arn` - The ARN of the Glue Connection. ## Import From 813e78d3a282a8da7060b4552185fed6c963c26f Mon Sep 17 00:00:00 2001 From: Brian Flad Date: Tue, 19 May 2020 19:32:25 -0400 Subject: [PATCH 221/475] tests/provider: Add Terraform Provider GitHub Actions workflow (#13248) * tests/provider: Add Terraform Provider GitHub Actions workflow Reference: https://github.com/actions/cache Reference: https://github.com/bflad/tfproviderdocs Reference: https://github.com/hashicorp/setup-terraform Reference: https://www.terraform.io/docs/commands/providers/schema.html This workflow encompasses a large portion of the TravisCI handling, but leaves that in place until this experimental setup is verified with some real world usage. In particular, this workflow enables the enhanced validations available in `tfproviderdocs check`, which requires the JSON schema of the provider and is not setup in TravisCI due to the relative complexity of manually downloading, verifying, and installing Terraform CLI. These validations are able to detect mismatched and missing data source and resource documentation files, which a few existing issues are ignored for future remediation. Aside: The schema dump process can be vastly improved in Terraform Plugin SDK v2 (or potentially a future SDK v1 release) by no longer requiring Terraform CLI and instead implementing a wrapper utilizing gRPC Reflection and matching the output of `terraform providers schema -json`. For now though, this uses the new `hashicorp/setup-terraform` GitHub Action and the necessary plugin directory setup to accomplish the schema dump. This workflow heavily utilizes the `actions/cache` GitHub Action to improve feedback time as well as split the jobs into individual tools for readability by contributors and maintainers. * tests/provider: Bump Terraform CLI version to 0.12.25 --- .github/workflows/terraform_provider.yml | 258 +++++++++++++++++++++++ GNUmakefile | 9 +- 2 files changed, 264 insertions(+), 3 deletions(-) create mode 100644 .github/workflows/terraform_provider.yml diff --git a/.github/workflows/terraform_provider.yml b/.github/workflows/terraform_provider.yml new file mode 100644 index 00000000000..4faf55f6590 --- /dev/null +++ b/.github/workflows/terraform_provider.yml @@ -0,0 +1,258 @@ +name: Terraform Provider Checks + +on: + push: + branches: + - master + pull_request: + paths: + - .github/workflows/terraform_provider.yml + - .golangci.yml + - aws/** + - awsproviderlint/** + - docs/index.md + - docs/data-sources/** + - docs/guides/** + - docs/resources/** + - go.sum + - GNUmakefile + - main.go + - staticcheck.conf + - website/** + +env: + AWS_DEFAULT_REGION: us-west-2 + GO_VERSION: "1.14" + GO111MODULE: on + TERRAFORM_VERSION: "0.12.25" + +jobs: + go_mod_download: + name: go mod download + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + - uses: actions/setup-go@v2 + with: + go-version: ${{ env.GO_VERSION }} + - uses: actions/cache@v1 + continue-on-error: true + id: cache-go-pkg-mod + timeout-minutes: 2 + with: + path: ~/go/pkg/mod + key: ${{ runner.os }}-go-pkg-mod-${{ hashFiles('go.sum') }} + - if: steps.cache-go-pkg-mod.outputs.cache-hit != 'true' || steps.cache-go-pkg-mod.outcome == 'failure' + run: go mod download + + go_build: + name: go build + needs: [go_mod_download] + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + - uses: actions/cache@v1 + continue-on-error: true + id: cache-terraform-plugin-dir + timeout-minutes: 2 + with: + path: terraform-plugin-dir + key: ${{ runner.os }}-terraform-plugin-dir-${{ hashFiles('go.sum') }}-${{ hashFiles('aws/**') }} + - if: steps.cache-terraform-plugin-dir.outputs.cache-hit != 'true' || steps.cache-terraform-plugin-dir.outcome == 'failure' + uses: actions/setup-go@v2 + with: + go-version: ${{ env.GO_VERSION }} + - if: steps.cache-terraform-plugin-dir.outputs.cache-hit != 'true' || steps.cache-terraform-plugin-dir.outcome == 'failure' + name: go env + run: | + echo "::set-env name=GOCACHE::$(go env GOCACHE)" + - if: steps.cache-terraform-plugin-dir.outputs.cache-hit != 'true' || steps.cache-terraform-plugin-dir.outcome == 'failure' + uses: actions/cache@v1 + with: + path: ${{ env.GOCACHE }} + key: ${{ runner.os }}-GOCACHE-${{ hashFiles('go.sum') }}-${{ hashFiles('aws/**') }} + - if: steps.cache-terraform-plugin-dir.outputs.cache-hit != 'true' || steps.cache-terraform-plugin-dir.outcome == 'failure' + uses: actions/cache@v1 + with: + path: ~/go/pkg/mod + key: ${{ runner.os }}-go-pkg-mod-${{ hashFiles('go.sum') }} + - if: steps.cache-terraform-plugin-dir.outputs.cache-hit != 'true' || steps.cache-terraform-plugin-dir.outcome == 'failure' + name: go build + run: go build -o terraform-plugin-dir/terraform-provider-aws_v99.99.99_x4 . + + terraform_providers_schema: + name: terraform providers schema + needs: [go_build] + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + - uses: actions/cache@v1 + continue-on-error: true + id: cache-terraform-providers-schema + timeout-minutes: 2 + with: + path: terraform-providers-schema + key: ${{ runner.os }}-terraform-providers-schema-${{ hashFiles('go.sum') }}-${{ hashFiles('aws/**') }} + - if: steps.cache-terraform-providers-schema.outputs.cache-hit != 'true' || steps.cache-terraform-providers-schema.outcome == 'failure' + uses: actions/cache@v1 + timeout-minutes: 2 + with: + path: terraform-plugin-dir + key: ${{ runner.os }}-terraform-plugin-dir-${{ hashFiles('go.sum') }}-${{ hashFiles('aws/**') }} + - if: steps.cache-terraform-providers-schema.outputs.cache-hit != 'true' || steps.cache-terraform-providers-schema.outcome == 'failure' + uses: hashicorp/setup-terraform@v1 + with: + terraform_version: ${{ env.TERRAFORM_VERSION }} + terraform_wrapper: false + - if: steps.cache-terraform-providers-schema.outputs.cache-hit != 'true' || steps.cache-terraform-providers-schema.outcome == 'failure' + name: terraform init + run: | + # We need a file to initialize the provider + echo 'data "aws_partition" "example" {}' > example.tf + terraform init -plugin-dir terraform-plugin-dir + - if: steps.cache-terraform-providers-schema.outputs.cache-hit != 'true' || steps.cache-terraform-providers-schema.outcome == 'failure' + name: terraform providers schema + run: | + mkdir terraform-providers-schema + terraform providers schema -json > terraform-providers-schema/schema.json + + awsproviderlint: + needs: [go_build] + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + - uses: actions/setup-go@v2 + with: + go-version: ${{ env.GO_VERSION }} + - name: go env + run: | + echo "::set-env name=GOCACHE::$(go env GOCACHE)" + - uses: actions/cache@v1 + continue-on-error: true + timeout-minutes: 2 + with: + path: ${{ env.GOCACHE }} + key: ${{ runner.os }}-GOCACHE-${{ hashFiles('go.sum') }}-${{ hashFiles('aws/**') }} + - uses: actions/cache@v1 + continue-on-error: true + timeout-minutes: 2 + with: + path: ~/go/pkg/mod + key: ${{ runner.os }}-go-pkg-mod-${{ hashFiles('go.sum') }} + - run: go install ./awsproviderlint + - name: awsproviderlint + run: make awsproviderlint + + go_generate: + name: go generate + needs: [go_build] + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + - uses: actions/setup-go@v2 + with: + go-version: ${{ env.GO_VERSION }} + - name: go env + run: | + echo "::set-env name=GOCACHE::$(go env GOCACHE)" + - uses: actions/cache@v1 + continue-on-error: true + timeout-minutes: 2 + with: + path: ${{ env.GOCACHE }} + key: ${{ runner.os }}-GOCACHE-${{ hashFiles('go.sum') }}-${{ hashFiles('aws/**') }} + - uses: actions/cache@v1 + continue-on-error: true + timeout-minutes: 2 + with: + path: ~/go/pkg/mod + key: ${{ runner.os }}-go-pkg-mod-${{ hashFiles('go.sum') }} + - run: go generate ./... + - name: Check for Git Differences + run: | + git diff --compact-summary --exit-code || \ + (echo; echo "Unexpected difference in directories after code generation. Run 'make gen' command and commit."; exit 1) + + go_test: + name: go test + needs: [go_build] + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + - uses: actions/setup-go@v2 + with: + go-version: ${{ env.GO_VERSION }} + - name: go env + run: | + echo "::set-env name=GOCACHE::$(go env GOCACHE)" + - uses: actions/cache@v1 + continue-on-error: true + timeout-minutes: 2 + with: + path: ${{ env.GOCACHE }} + key: ${{ runner.os }}-GOCACHE-${{ hashFiles('go.sum') }}-${{ hashFiles('aws/**') }} + - uses: actions/cache@v1 + continue-on-error: true + timeout-minutes: 2 + with: + path: ~/go/pkg/mod + key: ${{ runner.os }}-go-pkg-mod-${{ hashFiles('go.sum') }} + - run: go test ./... -timeout=120s + + golangci-lint: + needs: [go_build] + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + - uses: actions/setup-go@v2 + with: + go-version: ${{ env.GO_VERSION }} + - name: go env + run: | + echo "::set-env name=GOCACHE::$(go env GOCACHE)" + - uses: actions/cache@v1 + continue-on-error: true + timeout-minutes: 2 + with: + path: ${{ env.GOCACHE }} + key: ${{ runner.os }}-GOCACHE-${{ hashFiles('go.sum') }}-${{ hashFiles('aws/**') }} + - uses: actions/cache@v1 + continue-on-error: true + timeout-minutes: 2 + with: + path: ~/go/pkg/mod + key: ${{ runner.os }}-go-pkg-mod-${{ hashFiles('go.sum') }} + - run: go install github.com/golangci/golangci-lint/cmd/golangci-lint + - run: golangci-lint run ./aws/... + + tfproviderdocs: + needs: [terraform_providers_schema] + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + - uses: actions/setup-go@v2 + with: + go-version: ${{ env.GO_VERSION }} + - uses: actions/cache@v1 + continue-on-error: true + timeout-minutes: 2 + with: + path: ~/go/pkg/mod + key: ${{ runner.os }}-go-pkg-mod-${{ hashFiles('go.sum') }} + - run: go install github.com/bflad/tfproviderdocs + - uses: actions/cache@v1 + timeout-minutes: 2 + with: + path: terraform-providers-schema + key: ${{ runner.os }}-terraform-providers-schema-${{ hashFiles('go.sum') }}-${{ hashFiles('aws/**') }} + - name: tfproviderdocs check + run: | + tfproviderdocs check \ + -allowed-resource-subcategories-file website/allowed-subcategories.txt \ + -ignore-file-mismatch-resources aws_s3_bucket_analysis_configuration \ + -ignore-file-missing-data-sources aws_alb,aws_alb_listener,aws_alb_target_group \ + -ignore-file-missing-resources aws_alb,aws_alb_listener,aws_alb_listener_certificate,aws_alb_listener_rule,aws_alb_target_group,aws_alb_target_group_attachment,aws_s3_bucket_analytics_configuration \ + -ignore-side-navigation-data-sources aws_alb,aws_alb_listener,aws_alb_target_group,aws_kms_secret \ + -provider-name aws \ + -providers-schema-json terraform-providers-schema/schema.json \ + -require-resource-subcategory diff --git a/GNUmakefile b/GNUmakefile index feef8d3c111..9ca5dd4d362 100644 --- a/GNUmakefile +++ b/GNUmakefile @@ -56,9 +56,12 @@ docscheck: -require-resource-subcategory @misspell -error -source text CHANGELOG.md -lint: - @echo "==> Checking source code against linters..." +lint: golangci-lint awsproviderlint + +golangci-lint: @golangci-lint run ./$(PKG_NAME)/... + +awsproviderlint: @awsproviderlint \ -c 1 \ -AT001 \ @@ -178,5 +181,5 @@ ifeq (,$(wildcard $(GOPATH)/src/$(WEBSITE_REPO))) endif @$(MAKE) -C $(GOPATH)/src/$(WEBSITE_REPO) website-provider-test PROVIDER_PATH=$(shell pwd) PROVIDER_NAME=$(PKG_NAME) -.PHONY: build gen sweep test testacc fmt fmtcheck lint tools test-compile website website-link-check website-lint website-lint-fix website-test depscheck docscheck +.PHONY: awsproviderlint build gen golangci-lint sweep test testacc fmt fmtcheck lint tools test-compile website website-link-check website-lint website-lint-fix website-test depscheck docscheck From 4f219467d03790bd7cf90c388497f678317c9eee Mon Sep 17 00:00:00 2001 From: Brian Flad Date: Tue, 19 May 2020 19:39:15 -0400 Subject: [PATCH 222/475] service/eks: markdownlint MD007 fixes (#13356) Reference: https://github.com/terraform-providers/terraform-provider-aws/issues/12157 Reference: https://github.com/terraform-providers/terraform-provider-aws/issues/13355 --- website/docs/d/eks_cluster.html.markdown | 20 ++++++++++---------- website/docs/r/eks_cluster.html.markdown | 10 +++++----- website/docs/r/eks_node_group.html.markdown | 6 +++--- 3 files changed, 18 insertions(+), 18 deletions(-) diff --git a/website/docs/d/eks_cluster.html.markdown b/website/docs/d/eks_cluster.html.markdown index 6488f591169..c494699be3c 100644 --- a/website/docs/d/eks_cluster.html.markdown +++ b/website/docs/d/eks_cluster.html.markdown @@ -40,23 +40,23 @@ output "identity-oidc-issuer" { * `id` - The name of the cluster * `arn` - The Amazon Resource Name (ARN) of the cluster. * `certificate_authority` - Nested attribute containing `certificate-authority-data` for your cluster. - * `data` - The base64 encoded certificate data required to communicate with your cluster. Add this to the `certificate-authority-data` section of the `kubeconfig` file for your cluster. + * `data` - The base64 encoded certificate data required to communicate with your cluster. Add this to the `certificate-authority-data` section of the `kubeconfig` file for your cluster. * `created_at` - The Unix epoch time stamp in seconds for when the cluster was created. * `enabled_cluster_log_types` - The enabled control plane logs. * `endpoint` - The endpoint for your Kubernetes API server. * `identity` - Nested attribute containing identity provider information for your cluster. Only available on Kubernetes version 1.13 and 1.14 clusters created or upgraded on or after September 3, 2019. For an example using this information to enable IAM Roles for Service Accounts, see the [`aws_eks_cluster` resource documentation](/docs/providers/aws/r/eks_cluster.html). - * `oidc` - Nested attribute containing [OpenID Connect](https://openid.net/connect/) identity provider information for the cluster. - * `issuer` - Issuer URL for the OpenID Connect identity provider. + * `oidc` - Nested attribute containing [OpenID Connect](https://openid.net/connect/) identity provider information for the cluster. + * `issuer` - Issuer URL for the OpenID Connect identity provider. * `platform_version` - The platform version for the cluster. * `role_arn` - The Amazon Resource Name (ARN) of the IAM role that provides permissions for the Kubernetes control plane to make calls to AWS API operations on your behalf. * `status` - The status of the EKS cluster. One of `CREATING`, `ACTIVE`, `DELETING`, `FAILED`. * `tags` - Key-value map of resource tags. * `version` - The Kubernetes server version for the cluster. * `vpc_config` - Nested list containing VPC configuration for the cluster. - * `cluster_security_group_id` - The cluster security group that was created by Amazon EKS for the cluster. - * `endpoint_private_access` - Indicates whether or not the Amazon EKS private API server endpoint is enabled. - * `endpoint_public_access` - Indicates whether or not the Amazon EKS public API server endpoint is enabled. - * `public_access_cidrs` - List of CIDR blocks. Indicates which CIDR blocks can access the Amazon EKS public API server endpoint. - * `security_group_ids` – List of security group IDs - * `subnet_ids` – List of subnet IDs - * `vpc_id` – The VPC associated with your cluster. + * `cluster_security_group_id` - The cluster security group that was created by Amazon EKS for the cluster. + * `endpoint_private_access` - Indicates whether or not the Amazon EKS private API server endpoint is enabled. + * `endpoint_public_access` - Indicates whether or not the Amazon EKS public API server endpoint is enabled. + * `public_access_cidrs` - List of CIDR blocks. Indicates which CIDR blocks can access the Amazon EKS public API server endpoint. + * `security_group_ids` – List of security group IDs + * `subnet_ids` – List of subnet IDs + * `vpc_id` – The VPC associated with your cluster. diff --git a/website/docs/r/eks_cluster.html.markdown b/website/docs/r/eks_cluster.html.markdown index 4968fc135f7..a6daff21c47 100644 --- a/website/docs/r/eks_cluster.html.markdown +++ b/website/docs/r/eks_cluster.html.markdown @@ -185,17 +185,17 @@ In addition to all arguments above, the following attributes are exported: * `id` - The name of the cluster. * `arn` - The Amazon Resource Name (ARN) of the cluster. * `certificate_authority` - Nested attribute containing `certificate-authority-data` for your cluster. - * `data` - The base64 encoded certificate data required to communicate with your cluster. Add this to the `certificate-authority-data` section of the `kubeconfig` file for your cluster. + * `data` - The base64 encoded certificate data required to communicate with your cluster. Add this to the `certificate-authority-data` section of the `kubeconfig` file for your cluster. * `endpoint` - The endpoint for your Kubernetes API server. * `identity` - Nested attribute containing identity provider information for your cluster. Only available on Kubernetes version 1.13 and 1.14 clusters created or upgraded on or after September 3, 2019. - * `oidc` - Nested attribute containing [OpenID Connect](https://openid.net/connect/) identity provider information for the cluster. - * `issuer` - Issuer URL for the OpenID Connect identity provider. + * `oidc` - Nested attribute containing [OpenID Connect](https://openid.net/connect/) identity provider information for the cluster. + * `issuer` - Issuer URL for the OpenID Connect identity provider. * `platform_version` - The platform version for the cluster. * `status` - The status of the EKS cluster. One of `CREATING`, `ACTIVE`, `DELETING`, `FAILED`. * `version` - The Kubernetes server version for the cluster. * `vpc_config` - Additional nested attributes: - * `cluster_security_group_id` - The cluster security group that was created by Amazon EKS for the cluster. - * `vpc_id` - The VPC associated with your cluster. + * `cluster_security_group_id` - The cluster security group that was created by Amazon EKS for the cluster. + * `vpc_id` - The VPC associated with your cluster. ## Timeouts diff --git a/website/docs/r/eks_node_group.html.markdown b/website/docs/r/eks_node_group.html.markdown index e4100395155..f6ec96ba7c7 100644 --- a/website/docs/r/eks_node_group.html.markdown +++ b/website/docs/r/eks_node_group.html.markdown @@ -150,9 +150,9 @@ In addition to all arguments above, the following attributes are exported: * `arn` - Amazon Resource Name (ARN) of the EKS Node Group. * `id` - EKS Cluster name and EKS Node Group name separated by a colon (`:`). * `resources` - List of objects containing information about underlying resources. - * `autoscaling_groups` - List of objects containing information about AutoScaling Groups. - * `name` - Name of the AutoScaling Group. - * `remote_access_security_group_id` - Identifier of the remote access EC2 Security Group. + * `autoscaling_groups` - List of objects containing information about AutoScaling Groups. + * `name` - Name of the AutoScaling Group. + * `remote_access_security_group_id` - Identifier of the remote access EC2 Security Group. * `status` - Status of the EKS Node Group. ## Timeouts From ae5f33e9dbf12abf482d9055d62469118a6d9f62 Mon Sep 17 00:00:00 2001 From: Brian Flad Date: Tue, 19 May 2020 19:40:08 -0400 Subject: [PATCH 223/475] hashibot: Labeling for top level Markdown files and docs/ directories (#13324) Note: The provider pattern is not just docs/**/* since eventually the provider documentation structure will be moved under there to match the Terraform Registry guidelines: https://www.terraform.io/docs/registry/providers/docs.html --- .hashibot.hcl | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/.hashibot.hcl b/.hashibot.hcl index 28ec3a4d82d..1437d973e45 100644 --- a/.hashibot.hcl +++ b/.hashibot.hcl @@ -532,6 +532,7 @@ behavior "pull_request_path_labeler" "service_labels" { label_map = { # label provider related changes "provider" = [ + "*.md", ".github/**/*", ".gitignore", ".go-version", @@ -548,6 +549,8 @@ behavior "pull_request_path_labeler" "service_labels" { "aws/internal/naming/*", "aws/provider.go", "aws/utils.go", + "docs/*.md", + "docs/contributing/**/*", "GNUmakefile", "infrastructure/**/*", "main.go", @@ -558,7 +561,10 @@ behavior "pull_request_path_labeler" "service_labels" { "website/**/partition*", "website/**/region*" ] - # label test related changes + "documentation" = [ + "docs/**/*", + "*.md", + ] "tests" = [ "**/*_test.go", "**/testdata/**/*", From 677c11c3dad557d8f55836242b73f00c5e34490d Mon Sep 17 00:00:00 2001 From: Brian Flad Date: Tue, 19 May 2020 19:43:05 -0400 Subject: [PATCH 224/475] docs/contributing: Add Resource Policy Support section, fix tagging documentation heading level (#13322) Reference: https://github.com/terraform-providers/terraform-provider-aws/pull/11960#pullrequestreview-409674625 --- docs/contributing/contribution-checklists.md | 16 ++++++++++++++-- 1 file changed, 14 insertions(+), 2 deletions(-) diff --git a/docs/contributing/contribution-checklists.md b/docs/contributing/contribution-checklists.md index d29e1394d57..e20f70cff8c 100644 --- a/docs/contributing/contribution-checklists.md +++ b/docs/contributing/contribution-checklists.md @@ -11,11 +11,12 @@ each type of contribution. - [Resource Name Generation Code Implementation](#resource-name-generation-code-implementation) - [Resource Name Generation Testing Implementation](#resource-name-generation-testing-implementation) - [Resource Code Generation Documentation Implementation](#resource-code-generation-documentation-implementation) +- [Adding Resource Policy Support](#adding-resource-policy-support) - [Adding Resource Tagging Support](#adding-resource-tagging-support) - [Adding Service to Tag Generating Code](#adding-service-to-tag-generating-code) - [Resource Tagging Code Implementation](#resource-tagging-code-implementation) - [Resource Tagging Acceptance Testing Implementation](#resource-tagging-acceptance-testing-implementation) -- [Resource Tagging Documentation Implementation](#resource-tagging-documentation-implementation) + - [Resource Tagging Documentation Implementation](#resource-tagging-documentation-implementation) - [New Resource](#new-resource) - [New Service](#new-service) - [New Region](#new-region) @@ -207,6 +208,17 @@ resource "aws_service_thing" "test" { * `name` - (Optional) Name of the thing. If omitted, Terraform will assign a random, unique name. Conflicts with `name_prefix`. ``` +## Adding Resource Policy Support + +Some AWS components support [resource-based IAM policies](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_identity-vs-resource.html) to control permissions. When implementing this support in the Terraform AWS Provider, we typically prefer creating a separate resource, `aws_{SERVICE}_{THING}_policy` (e.g. `aws_s3_bucket_policy`) for a few reasons: + +- Many of these policies require the Amazon Resource Name (ARN) of the resource in the policy itself. It is difficult to workaround this requirement with custom difference handling within a self-contained resource. +- Sometimes policies between two resources need to be written where they cross-reference each other resource's ARN within each policy. Without a separate resource, this introduces a configuration cycle. +- Splitting the resources allows operators to logically split their infrastructure on purely operational and security boundaries with separate configurations/modules. +- Splitting the resources prevents any separate policy API calls from needing to be whitelisted in the main resource in environments with restrictive IAM permissions, which can be undesirable. + +Follow the [New Resource section][#new-resource] for more information about implementing the separate resource. + ## Adding Resource Tagging Support AWS provides key-value metadata across many services and resources, which can be used for a variety of use cases including billing, ownership, and more. See the [AWS Tagging Strategy page](https://aws.amazon.com/answers/account-management/aws-tagging-strategies/) for more information about tagging at a high level. @@ -419,7 +431,7 @@ More details about this code generation, including fixes for potential error mes - Verify all acceptance testing passes for the resource (e.g. `make testacc TESTARGS='-run=TestAccAWSEksCluster_'`) -## Resource Tagging Documentation Implementation +### Resource Tagging Documentation Implementation - In the resource documentation (e.g. `website/docs/r/eks_cluster.html.markdown`), add the following to the arguments reference: From 31ef9e1876071097e89f35d0d9991b42b3ee53d2 Mon Sep 17 00:00:00 2001 From: Brian Flad Date: Tue, 19 May 2020 19:44:59 -0400 Subject: [PATCH 225/475] resource/aws_iot_topic_rule: Implement tagging support (#13293) Reference: https://github.com/terraform-providers/terraform-provider-aws/issues/12947 Output from acceptance testing: ``` --- PASS: TestAccAWSIoTTopicRule_iot_analytics (17.78s) --- PASS: TestAccAWSIoTTopicRule_dynamoDbv2 (17.93s) --- PASS: TestAccAWSIoTTopicRule_iot_events (18.01s) --- PASS: TestAccAWSIoTTopicRule_lambda (18.68s) --- PASS: TestAccAWSIoTTopicRule_basic (18.88s) --- PASS: TestAccAWSIoTTopicRule_firehose (19.48s) --- PASS: TestAccAWSIoTTopicRule_cloudwatchalarm (19.57s) --- PASS: TestAccAWSIoTTopicRule_republish_with_qos (19.76s) --- PASS: TestAccAWSIoTTopicRule_cloudwatchmetric (19.98s) --- PASS: TestAccAWSIoTTopicRule_kinesis (20.06s) --- PASS: TestAccAWSIoTTopicRule_s3 (20.11s) --- PASS: TestAccAWSIoTTopicRule_sns (20.27s) --- PASS: TestAccAWSIoTTopicRule_republish (20.31s) --- PASS: TestAccAWSIoTTopicRule_sqs (20.41s) --- PASS: TestAccAWSIoTTopicRule_elasticsearch (23.39s) --- PASS: TestAccAWSIoTTopicRule_firehose_separator (33.11s) --- PASS: TestAccAWSIoTTopicRule_dynamodb (33.23s) --- PASS: TestAccAWSIoTTopicRule_Tags (42.42s) ``` --- aws/resource_aws_iot_topic_rule.go | 55 +++++++++++++-- aws/resource_aws_iot_topic_rule_test.go | 75 +++++++++++++++++++++ website/docs/r/iot_topic_rule.html.markdown | 1 + 3 files changed, 125 insertions(+), 6 deletions(-) diff --git a/aws/resource_aws_iot_topic_rule.go b/aws/resource_aws_iot_topic_rule.go index 7a3e5f9bb51..2eaae9e1da1 100644 --- a/aws/resource_aws_iot_topic_rule.go +++ b/aws/resource_aws_iot_topic_rule.go @@ -7,6 +7,7 @@ import ( "github.com/aws/aws-sdk-go/service/iot" "github.com/hashicorp/terraform-plugin-sdk/helper/schema" "github.com/hashicorp/terraform-plugin-sdk/helper/validation" + "github.com/terraform-providers/terraform-provider-aws/aws/internal/keyvaluetags" ) func resourceAwsIotTopicRule() *schema.Resource { @@ -399,6 +400,7 @@ func resourceAwsIotTopicRule() *schema.Resource { }, }, }, + "tags": tagsSchema(), }, } } @@ -410,6 +412,7 @@ func resourceAwsIotTopicRuleCreate(d *schema.ResourceData, meta interface{}) err input := &iot.CreateTopicRuleInput{ RuleName: aws.String(ruleName), + Tags: aws.String(keyvaluetags.New(d.Get("tags").(map[string]interface{})).IgnoreAws().UrlEncode()), TopicRulePayload: expandIotTopicRulePayload(d), } @@ -426,6 +429,7 @@ func resourceAwsIotTopicRuleCreate(d *schema.ResourceData, meta interface{}) err func resourceAwsIotTopicRuleRead(d *schema.ResourceData, meta interface{}) error { conn := meta.(*AWSClient).iotconn + ignoreTagsConfig := meta.(*AWSClient).IgnoreTagsConfig input := &iot.GetTopicRuleInput{ RuleName: aws.String(d.Id()), @@ -444,6 +448,16 @@ func resourceAwsIotTopicRuleRead(d *schema.ResourceData, meta interface{}) error d.Set("sql", out.Rule.Sql) d.Set("sql_version", out.Rule.AwsIotSqlVersion) + tags, err := keyvaluetags.IotListTags(conn, aws.StringValue(out.RuleArn)) + + if err != nil { + return fmt.Errorf("error listing tags for IoT Topic Rule (%s): %w", aws.StringValue(out.RuleArn), err) + } + + if err := d.Set("tags", tags.IgnoreAws().IgnoreConfig(ignoreTagsConfig).Map()); err != nil { + return fmt.Errorf("error setting tags: %s", err) + } + if err := d.Set("cloudwatch_alarm", flattenIotCloudWatchAlarmActions(out.Rule.Actions)); err != nil { return fmt.Errorf("error setting cloudwatch_alarm: %w", err) } @@ -506,15 +520,44 @@ func resourceAwsIotTopicRuleRead(d *schema.ResourceData, meta interface{}) error func resourceAwsIotTopicRuleUpdate(d *schema.ResourceData, meta interface{}) error { conn := meta.(*AWSClient).iotconn - input := &iot.ReplaceTopicRuleInput{ - RuleName: aws.String(d.Get("name").(string)), - TopicRulePayload: expandIotTopicRulePayload(d), + if d.HasChanges( + "cloudwatch_alarm", + "cloudwatch_metric", + "description", + "dynamodb", + "dynamodbv2", + "elasticsearch", + "enabled", + "firehose", + "iot_analytics", + "iot_events", + "kinesis", + "lambda", + "republish", + "s3", + "sns", + "sql", + "sql_version", + "sqs", + ) { + input := &iot.ReplaceTopicRuleInput{ + RuleName: aws.String(d.Get("name").(string)), + TopicRulePayload: expandIotTopicRulePayload(d), + } + + _, err := conn.ReplaceTopicRule(input) + + if err != nil { + return fmt.Errorf("error updating IoT Topic Rule (%s): %w", d.Id(), err) + } } - _, err := conn.ReplaceTopicRule(input) + if d.HasChange("tags") { + o, n := d.GetChange("tags") - if err != nil { - return fmt.Errorf("error updating IoT Topic Rule (%s): %w", d.Id(), err) + if err := keyvaluetags.IotUpdateTags(conn, d.Get("arn").(string), o, n); err != nil { + return fmt.Errorf("error updating tags: %s", err) + } } return resourceAwsIotTopicRuleRead(d, meta) diff --git a/aws/resource_aws_iot_topic_rule_test.go b/aws/resource_aws_iot_topic_rule_test.go index e8813fd45bd..ed885007539 100644 --- a/aws/resource_aws_iot_topic_rule_test.go +++ b/aws/resource_aws_iot_topic_rule_test.go @@ -85,6 +85,7 @@ func TestAccAWSIoTTopicRule_basic(t *testing.T) { resource.TestCheckResourceAttr("aws_iot_topic_rule.rule", "enabled", "true"), resource.TestCheckResourceAttr("aws_iot_topic_rule.rule", "sql", "SELECT * FROM 'topic/test'"), resource.TestCheckResourceAttr("aws_iot_topic_rule.rule", "sql_version", "2015-10-08"), + resource.TestCheckResourceAttr("aws_iot_topic_rule.rule", "tags.%", "0"), ), }, { @@ -474,6 +475,49 @@ func TestAccAWSIoTTopicRule_iot_events(t *testing.T) { }) } +func TestAccAWSIoTTopicRule_Tags(t *testing.T) { + rName := acctest.RandString(5) + resourceName := "aws_iot_topic_rule.test" + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSIoTTopicRuleDestroy, + Steps: []resource.TestStep{ + { + Config: testAccAWSIoTTopicRuleTags1(rName, "key1", "value1"), + Check: resource.ComposeTestCheckFunc( + testAccCheckAWSIoTTopicRuleExists(resourceName), + resource.TestCheckResourceAttr(resourceName, "tags.%", "1"), + resource.TestCheckResourceAttr(resourceName, "tags.key1", "value1"), + ), + }, + { + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + }, + { + Config: testAccAWSIoTTopicRuleTags2(rName, "key1", "value1updated", "key2", "value2"), + Check: resource.ComposeTestCheckFunc( + testAccCheckAWSIoTTopicRuleExists(resourceName), + resource.TestCheckResourceAttr(resourceName, "tags.%", "2"), + resource.TestCheckResourceAttr(resourceName, "tags.key1", "value1updated"), + resource.TestCheckResourceAttr(resourceName, "tags.key2", "value2"), + ), + }, + { + Config: testAccAWSIoTTopicRuleTags1(rName, "key2", "value2"), + Check: resource.ComposeTestCheckFunc( + testAccCheckAWSIoTTopicRuleExists(resourceName), + resource.TestCheckResourceAttr(resourceName, "tags.%", "1"), + resource.TestCheckResourceAttr(resourceName, "tags.key2", "value2"), + ), + }, + }, + }) +} + func testAccCheckAWSIoTTopicRuleDestroy(s *terraform.State) error { conn := testAccProvider.Meta().(*AWSClient).iotconn @@ -895,3 +939,34 @@ resource "aws_iot_topic_rule" "rule" { } `, rName) } + +func testAccAWSIoTTopicRuleTags1(rName, tagKey1, tagValue1 string) string { + return fmt.Sprintf(testAccAWSIoTTopicRuleRole+` +resource "aws_iot_topic_rule" "test" { + name = "test_rule_%[1]s" + enabled = true + sql = "SELECT * FROM 'topic/test'" + sql_version = "2015-10-08" + + tags = { + %[2]q = %[3]q + } +} +`, rName, tagKey1, tagValue1) +} + +func testAccAWSIoTTopicRuleTags2(rName, tagKey1, tagValue1, tagKey2, tagValue2 string) string { + return fmt.Sprintf(testAccAWSIoTTopicRuleRole+` +resource "aws_iot_topic_rule" "test" { + name = "test_rule_%[1]s" + enabled = true + sql = "SELECT * FROM 'topic/test'" + sql_version = "2015-10-08" + + tags = { + %[2]q = %[3]q + %[4]q = %[5]q + } +} +`, rName, tagKey1, tagValue1, tagKey2, tagValue2) +} diff --git a/website/docs/r/iot_topic_rule.html.markdown b/website/docs/r/iot_topic_rule.html.markdown index 1d48612c94d..03b6829f9fc 100644 --- a/website/docs/r/iot_topic_rule.html.markdown +++ b/website/docs/r/iot_topic_rule.html.markdown @@ -76,6 +76,7 @@ EOF * `enabled` - (Required) Specifies whether the rule is enabled. * `sql` - (Required) The SQL statement used to query the topic. For more information, see AWS IoT SQL Reference (http://docs.aws.amazon.com/iot/latest/developerguide/iot-rules.html#aws-iot-sql-reference) in the AWS IoT Developer Guide. * `sql_version` - (Required) The version of the SQL rules engine to use when evaluating the rule. +* `tags` - (Optional) Key-value map of resource tags The `cloudwatch_alarm` object takes the following arguments: From 663d3aee1ece74b84feac629a980ebcf0e3d282f Mon Sep 17 00:00:00 2001 From: Brian Flad Date: Tue, 19 May 2020 19:45:51 -0400 Subject: [PATCH 226/475] Update CHANGELOG for #13293 --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 7ac6cdc4d81..a8f6fb2099f 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -11,6 +11,7 @@ ENHANCEMENTS: * data-source/aws_rds_cluster: `backtrack_window` attribute now available [GH-13362] * resource/aws_ecs_service: Add `force_new_deployment` argument [GH-13376] * resource/aws_ecs_service: Support in-place updates for `ordered_placement_strategy` and `placement_constraints` [GH-13376] +* resource/aws_iot_topic_rule: Add `tags` argument [GH-13293] BUG FIXES: From e5b1b5e49e199f88ebc42f13ef96d6d504919b26 Mon Sep 17 00:00:00 2001 From: Brian Flad Date: Tue, 19 May 2020 19:47:26 -0400 Subject: [PATCH 227/475] tests/provider: Add misspell to CHANGELOG GitHub Action workflow (#13249) Reference: https://github.com/terraform-providers/terraform-provider-aws/pull/13248 Currently, TravisCI runs `make docscheck`, which contains `tfproviderdocs` and `misspell` (for the CHANGELOG.md file only). To compliment any migration from TravisCI to GitHub Actions, this adds the small piece of `misspell` testing into the existing CHANGELOG workflow. `tfproviderdocs` is handled separately in the referenced pull request since it requires the provider code to fully validate changes. --- .../{changelog_checks.yml => changelog.yml} | 27 +++++++++++++++++-- 1 file changed, 25 insertions(+), 2 deletions(-) rename .github/workflows/{changelog_checks.yml => changelog.yml} (56%) diff --git a/.github/workflows/changelog_checks.yml b/.github/workflows/changelog.yml similarity index 56% rename from .github/workflows/changelog_checks.yml rename to .github/workflows/changelog.yml index d8dcdac3a82..cfc332edf63 100644 --- a/.github/workflows/changelog_checks.yml +++ b/.github/workflows/changelog.yml @@ -1,12 +1,20 @@ name: CHANGELOG Checks on: + push: + branches: + - master pull_request: paths: - CHANGELOG.md +env: + GO_VERSION: "1.14" + GO111MODULE: on + jobs: - PRCheck: - name: PR Check + comment: + if: github.event_name == 'pull_request' && !contains(fromJSON('["bflad", "breathingdust", "ewbankkit", "gdavison", "maryelizbeth"]'), github.actor) + name: Comment runs-on: ubuntu-latest steps: - name: PR Comment @@ -22,3 +30,18 @@ jobs: Remove any changes to the `CHANGELOG.md` file and commit them in this pull request to prevent delays with reviewing and potentially merging this pull request. - name: Fail the check run: exit 1 + misspell: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + - uses: actions/setup-go@v2 + with: + go-version: ${{ env.GO_VERSION }} + - uses: actions/cache@v1 + continue-on-error: true + timeout-minutes: 2 + with: + path: ~/go/pkg/mod + key: ${{ runner.os }}-go-pkg-mod-${{ hashFiles('go.sum') }} + - run: go install github.com/client9/misspell/cmd/misspell + - run: misspell -error -source text CHANGELOG.md From 0c94fcdb41e09682d033187953030c77eb4ad967 Mon Sep 17 00:00:00 2001 From: Brian Flad Date: Tue, 19 May 2020 19:48:34 -0400 Subject: [PATCH 228/475] resource/aws_secretsmanager_secret: Move hardcoded timeout to waiter package, allow retries in CheckDestroy (#13183) Reference: https://github.com/terraform-providers/terraform-provider-aws/issues/13181 Output from acceptance testing: ``` --- PASS: TestAccAwsSecretsManagerSecret_policy (17.07s) --- PASS: TestAccAwsSecretsManagerSecret_Basic (18.46s) --- PASS: TestAccAwsSecretsManagerSecret_withNamePrefix (18.51s) --- PASS: TestAccAwsSecretsManagerSecret_Description (29.61s) --- PASS: TestAccAwsSecretsManagerSecret_KmsKeyID (39.60s) --- PASS: TestAccAwsSecretsManagerSecret_RecoveryWindowInDays_Recreate (46.97s) --- PASS: TestAccAwsSecretsManagerSecret_Tags (50.57s) --- PASS: TestAccAwsSecretsManagerSecret_RotationRules (57.98s) --- PASS: TestAccAwsSecretsManagerSecret_RotationLambdaARN (68.12s) ``` --- .../service/secretsmanager/waiter/waiter.go | 10 +++++++ aws/resource_aws_secretsmanager_secret.go | 3 +- ...resource_aws_secretsmanager_secret_test.go | 29 ++++++++++++++++--- 3 files changed, 37 insertions(+), 5 deletions(-) create mode 100644 aws/internal/service/secretsmanager/waiter/waiter.go diff --git a/aws/internal/service/secretsmanager/waiter/waiter.go b/aws/internal/service/secretsmanager/waiter/waiter.go new file mode 100644 index 00000000000..087f9e82ee8 --- /dev/null +++ b/aws/internal/service/secretsmanager/waiter/waiter.go @@ -0,0 +1,10 @@ +package waiter + +import ( + "time" +) + +const ( + // Maximum amount of time to wait for Secrets Manager deletions to propagate + DeletionPropagationTimeout = 2 * time.Minute +) diff --git a/aws/resource_aws_secretsmanager_secret.go b/aws/resource_aws_secretsmanager_secret.go index 90c3dca11ea..2a8a39a73e1 100644 --- a/aws/resource_aws_secretsmanager_secret.go +++ b/aws/resource_aws_secretsmanager_secret.go @@ -12,6 +12,7 @@ import ( "github.com/hashicorp/terraform-plugin-sdk/helper/structure" "github.com/hashicorp/terraform-plugin-sdk/helper/validation" "github.com/terraform-providers/terraform-provider-aws/aws/internal/keyvaluetags" + "github.com/terraform-providers/terraform-provider-aws/aws/internal/service/secretsmanager/waiter" ) func resourceAwsSecretsManagerSecret() *schema.Resource { @@ -130,7 +131,7 @@ func resourceAwsSecretsManagerSecretCreate(d *schema.ResourceData, meta interfac // Retry for secret recreation after deletion var output *secretsmanager.CreateSecretOutput - err := resource.Retry(2*time.Minute, func() *resource.RetryError { + err := resource.Retry(waiter.DeletionPropagationTimeout, func() *resource.RetryError { var err error output, err = conn.CreateSecret(input) // Temporarily retry on these errors to support immediate secret recreation: diff --git a/aws/resource_aws_secretsmanager_secret_test.go b/aws/resource_aws_secretsmanager_secret_test.go index c6605b0e9c5..0698b75a833 100644 --- a/aws/resource_aws_secretsmanager_secret_test.go +++ b/aws/resource_aws_secretsmanager_secret_test.go @@ -12,6 +12,7 @@ import ( "github.com/hashicorp/terraform-plugin-sdk/helper/resource" "github.com/hashicorp/terraform-plugin-sdk/terraform" awspolicy "github.com/jen20/awspolicyequivalence" + "github.com/terraform-providers/terraform-provider-aws/aws/internal/service/secretsmanager/waiter" ) func init() { @@ -424,12 +425,32 @@ func testAccCheckAwsSecretsManagerSecretDestroy(s *terraform.State) error { SecretId: aws.String(rs.Primary.ID), } - output, err := conn.DescribeSecret(input) + var output *secretsmanager.DescribeSecretOutput - if err != nil { - if isAWSErr(err, secretsmanager.ErrCodeResourceNotFoundException, "") { - return nil + err := resource.Retry(waiter.DeletionPropagationTimeout, func() *resource.RetryError { + var err error + output, err = conn.DescribeSecret(input) + + if err != nil { + return resource.NonRetryableError(err) } + + if output != nil && output.DeletedDate == nil { + return resource.RetryableError(fmt.Errorf("Secret %q still exists", rs.Primary.ID)) + } + + return nil + }) + + if isResourceTimeoutError(err) { + output, err = conn.DescribeSecret(input) + } + + if isAWSErr(err, secretsmanager.ErrCodeResourceNotFoundException, "") { + continue + } + + if err != nil { return err } From 35c57d4b205c748b4ca96eb2c199b7e2c8534225 Mon Sep 17 00:00:00 2001 From: Brian Flad Date: Tue, 19 May 2020 19:50:02 -0400 Subject: [PATCH 229/475] provider: First batch of unparam linter fixes (#13279) * provider: First batch of unparam linter fixes Reference: https://github.com/terraform-providers/terraform-provider-aws/issues/13278 Previously: ``` aws/resource_aws_api_gateway_base_path_mapping_test.go:124:56: `testAccCheckAWSAPIGatewayBasePathExists` - `name` is unused (unparam) func testAccCheckAWSAPIGatewayBasePathExists(n string, name string, res *apigateway.BasePathMapping) resource.TestCheckFunc { ^ aws/resource_aws_athena_database.go:67:126: expandAthenaResultConfiguration - result 1 (error) is always nil (unparam) func expandAthenaResultConfiguration(bucket string, encryptionConfigurationList []interface{}) (*athena.ResultConfiguration, error) { ^ aws/resource_aws_cloudtrail_test.go:552:67: `testAccCheckCloudTrailLoggingEnabled` - `trail` is unused (unparam) func testAccCheckCloudTrailLoggingEnabled(n string, desired bool, trail *cloudtrail.Trail) resource.TestCheckFunc { ^ aws/resource_aws_ecs_cluster_test.go:494:58: `testAccAWSEcsClusterCapacityProvidersFargate` - `providerName` is unused (unparam) func testAccAWSEcsClusterCapacityProvidersFargate(rName, providerName string) string { ^ aws/resource_aws_ecs_cluster_test.go:510:62: `testAccAWSEcsClusterCapacityProvidersFargateSpot` - `providerName` is unused (unparam) func testAccAWSEcsClusterCapacityProvidersFargateSpot(rName, providerName string) string { ^ aws/resource_aws_ecs_cluster_test.go:526:62: `testAccAWSEcsClusterCapacityProvidersFargateBoth` - `providerName` is unused (unparam) func testAccAWSEcsClusterCapacityProvidersFargateBoth(rName, providerName string) string { ^ aws/resource_aws_ecs_cluster_test.go:542:68: `testAccAWSEcsClusterCapacityProvidersFargateNoStrategy` - `providerName` is unused (unparam) func testAccAWSEcsClusterCapacityProvidersFargateNoStrategy(rName, providerName string) string { ^ aws/resource_aws_ecs_cluster_test.go:552:72: `testAccAWSEcsClusterCapacityProvidersFargateSpotNoStrategy` - `providerName` is unused (unparam) func testAccAWSEcsClusterCapacityProvidersFargateSpotNoStrategy(rName, providerName string) string { ^ aws/resource_aws_ecs_task_definition.go:611:93: expandEcsInferenceAccelerators - result 1 (error) is always nil (unparam) func expandEcsInferenceAccelerators(configured []interface{}) ([]*ecs.InferenceAccelerator, error) { ^ aws/resource_aws_eip_association_test.go:233:61: `testAccCheckAWSEIPAssociationHasIpBasedId` - `res` is unused (unparam) func testAccCheckAWSEIPAssociationHasIpBasedId(name string, res *ec2.Address) resource.TestCheckFunc { ^ aws/resource_aws_inspector_resource_group_test.go:72:53: `testAccCheckAWSInspectorResourceGroupRecreated` - `t` is unused (unparam) func testAccCheckAWSInspectorResourceGroupRecreated(t *testing.T, v1, v2 *inspector.ResourceGroup) resource.TestCheckFunc { ^ aws/resource_aws_instance_migrate.go:79:56: writeV1BlockDevice - result 0 (error) is always nil (unparam) is *terraform.InstanceState, oldBd map[string]string) error { ^ aws/resource_aws_kinesis_analytics_application.go:1088:96: createApplicationUpdateOpts - result 1 (error) is always nil (unparam) func createApplicationUpdateOpts(d *schema.ResourceData) (*kinesisanalytics.ApplicationUpdate, error) { ^ aws/resource_aws_kinesis_video_stream_test.go:167:68: `testAccCheckKinesisVideoStreamDisappears` - `stream` is unused (unparam) func testAccCheckKinesisVideoStreamDisappears(resourceName string, stream *kinesisvideo.StreamInfo) resource.TestCheckFunc { ^ aws/resource_aws_lambda_function_test.go:2375:56: `testAccAWSLambdaConfigWithDeadLetterConfigUpdated` - `funcName` is unused (unparam) func testAccAWSLambdaConfigWithDeadLetterConfigUpdated(funcName, topic1Name, topic2Name, policyName, ^ aws/resource_aws_lambda_permission_test.go:544:53: `testAccAWSLambdaPermissionDisappears` - `statement` is unused (unparam) func testAccAWSLambdaPermissionDisappears(n string, statement *LambdaPolicyStatement) resource.TestCheckFunc { ^ aws/resource_aws_lightsail_key_pair_test.go:178:63: `testAccAWSLightsailKeyPairConfig_imported` - `key` is unused (unparam) func testAccAWSLightsailKeyPairConfig_imported(lightsailName, key string) string { ^ aws/resource_aws_main_route_table_association_test.go:73:2: `testAccCheckMainRouteTableAssociation` - `routeTableResource` is unused (unparam) routeTableResource string) resource.TestCheckFunc { ^ ``` Output from acceptance testing: ``` (TestAccAWSAPIGatewayBasePathMapping_|TestAccAWSAthenaDatabase_|TestAccAWSCloudTrail/Trail/enableLogging|TestAccAWSEcsCluster_CapacityProviders|TestAccAWSEcsTaskDefinition_|TestAccAWSInspectorResourceGroup_basic|TestAccAWSKinesisAnalyticsApplication_|TestAccAWSKinesisVideoStream_disappears|TestAccAWSLambdaFunction_DeadLetterConfigUpdated|TestAccAWSLambdaPermission_disappears|TestAccAWSLightsailKeyPair_publicKey|TestAccAWSMainRouteTableAssociation_basic) --- PASS: TestAccAWSAPIGatewayBasePathMapping_BasePath_Empty (54.58s) --- PASS: TestAccAWSAPIGatewayBasePathMapping_basic (55.48s) --- PASS: TestAccAWSAthenaDatabase_basic (60.51s) --- PASS: TestAccAWSAthenaDatabase_destroyFailsIfTablesExist (73.58s) --- PASS: TestAccAWSAthenaDatabase_encryption (71.05s) --- PASS: TestAccAWSAthenaDatabase_forceDestroyAlwaysSucceeds (65.41s) --- PASS: TestAccAWSAthenaDatabase_nameCantHaveUppercase (1.46s) --- PASS: TestAccAWSAthenaDatabase_nameStartsWithUnderscore (61.23s) --- PASS: TestAccAWSCloudTrail/Trail/enableLogging (105.77s) --- PASS: TestAccAWSEcsCluster_CapacityProviders (48.45s) --- PASS: TestAccAWSEcsCluster_CapacityProvidersNoStrategy (53.69s) --- PASS: TestAccAWSEcsCluster_CapacityProvidersUpdate (81.22s) --- PASS: TestAccAWSEcsTaskDefinition_arrays (16.36s) --- PASS: TestAccAWSEcsTaskDefinition_basic (26.60s) --- PASS: TestAccAWSEcsTaskDefinition_changeVolumesForcesNewResource (26.89s) --- PASS: TestAccAWSEcsTaskDefinition_constraint (16.28s) --- PASS: TestAccAWSEcsTaskDefinition_ExecutionRole (16.69s) --- PASS: TestAccAWSEcsTaskDefinition_Fargate (21.81s) --- PASS: TestAccAWSEcsTaskDefinition_Inactive (25.92s) --- PASS: TestAccAWSEcsTaskDefinition_inferenceAccelerator (14.07s) --- PASS: TestAccAWSEcsTaskDefinition_ProxyConfiguration (26.41s) --- PASS: TestAccAWSEcsTaskDefinition_Tags (45.91s) --- PASS: TestAccAWSEcsTaskDefinition_withDockerVolume (16.00s) --- PASS: TestAccAWSEcsTaskDefinition_withDockerVolumeMinimalConfig (16.27s) --- PASS: TestAccAWSEcsTaskDefinition_withEcsService (91.23s) --- PASS: TestAccAWSEcsTaskDefinition_withEFSVolume (27.55s) --- PASS: TestAccAWSEcsTaskDefinition_withEFSVolumeMinimal (27.70s) --- PASS: TestAccAWSEcsTaskDefinition_withIPCMode (16.69s) --- PASS: TestAccAWSEcsTaskDefinition_withNetworkMode (16.85s) --- PASS: TestAccAWSEcsTaskDefinition_withPidMode (18.24s) --- PASS: TestAccAWSEcsTaskDefinition_withScratchVolume (15.69s) --- PASS: TestAccAWSEcsTaskDefinition_withTaskRoleArn (16.75s) --- PASS: TestAccAWSEcsTaskDefinition_withTaskScopedDockerVolume (16.38s) --- PASS: TestAccAWSInspectorResourceGroup_basic (22.88s) --- PASS: TestAccAWSKinesisAnalyticsApplication_addCloudwatchLoggingOptions (34.01s) --- PASS: TestAccAWSKinesisAnalyticsApplication_basic (18.73s) --- PASS: TestAccAWSKinesisAnalyticsApplication_inputsAdd (75.84s) --- PASS: TestAccAWSKinesisAnalyticsApplication_inputsKinesisFirehose (103.79s) --- PASS: TestAccAWSKinesisAnalyticsApplication_inputsKinesisStream (63.12s) --- PASS: TestAccAWSKinesisAnalyticsApplication_inputsUpdateKinesisStream (120.00s) --- PASS: TestAccAWSKinesisAnalyticsApplication_Outputs_Lambda_Add (50.36s) --- PASS: TestAccAWSKinesisAnalyticsApplication_Outputs_Lambda_Create (39.75s) --- PASS: TestAccAWSKinesisAnalyticsApplication_outputsAdd (75.76s) --- PASS: TestAccAWSKinesisAnalyticsApplication_outputsKinesisStream (62.71s) --- PASS: TestAccAWSKinesisAnalyticsApplication_outputsMultiple (66.35s) --- PASS: TestAccAWSKinesisAnalyticsApplication_outputsUpdateKinesisStream (123.03s) --- PASS: TestAccAWSKinesisAnalyticsApplication_referenceDataSource (38.35s) --- PASS: TestAccAWSKinesisAnalyticsApplication_referenceDataSourceUpdate (69.86s) --- PASS: TestAccAWSKinesisAnalyticsApplication_tags (49.91s) --- PASS: TestAccAWSKinesisAnalyticsApplication_update (28.74s) --- PASS: TestAccAWSKinesisAnalyticsApplication_updateCloudwatchLoggingOptions (46.64s) --- PASS: TestAccAWSKinesisVideoStream_disappears (95.02s) --- PASS: TestAccAWSLambdaFunction_DeadLetterConfigUpdated (76.72s) --- PASS: TestAccAWSLambdaPermission_disappears (100.98s) --- PASS: TestAccAWSLightsailKeyPair_publicKey (29.88s) --- PASS: TestAccAWSMainRouteTableAssociation_basic (69.00s) ``` * resource/aws_instance: Remove redundant return Previously: ``` aws/resource_aws_instance_migrate.go:108:2: S1023: redundant `return` statement (gosimple) return ^ ``` --- ..._aws_api_gateway_base_path_mapping_test.go | 6 ++--- aws/resource_aws_athena_database.go | 27 +++++-------------- aws/resource_aws_cloudtrail_test.go | 8 +++--- aws/resource_aws_ecs_cluster_test.go | 22 +++++++-------- aws/resource_aws_ecs_task_definition.go | 10 +++---- aws/resource_aws_eip_association_test.go | 4 +-- ...ource_aws_inspector_resource_group_test.go | 4 +-- aws/resource_aws_instance_migrate.go | 7 ++--- ...ource_aws_kinesis_analytics_application.go | 9 +++---- aws/resource_aws_kinesis_video_stream_test.go | 4 +-- aws/resource_aws_lambda_function_test.go | 7 +++-- aws/resource_aws_lambda_permission_test.go | 6 ++--- aws/resource_aws_lightsail_key_pair_test.go | 6 ++--- ...e_aws_main_route_table_association_test.go | 17 +++--------- 14 files changed, 48 insertions(+), 89 deletions(-) diff --git a/aws/resource_aws_api_gateway_base_path_mapping_test.go b/aws/resource_aws_api_gateway_base_path_mapping_test.go index 4222aac7a4b..73317e41eea 100644 --- a/aws/resource_aws_api_gateway_base_path_mapping_test.go +++ b/aws/resource_aws_api_gateway_base_path_mapping_test.go @@ -80,7 +80,7 @@ func TestAccAWSAPIGatewayBasePathMapping_basic(t *testing.T) { { Config: testAccAWSAPIGatewayBasePathConfigBasePath(name, key, certificate, "tf-acc-test"), Check: resource.ComposeTestCheckFunc( - testAccCheckAWSAPIGatewayBasePathExists("aws_api_gateway_base_path_mapping.test", name, &conf), + testAccCheckAWSAPIGatewayBasePathExists("aws_api_gateway_base_path_mapping.test", &conf), ), }, { @@ -109,7 +109,7 @@ func TestAccAWSAPIGatewayBasePathMapping_BasePath_Empty(t *testing.T) { { Config: testAccAWSAPIGatewayBasePathConfigBasePath(name, key, certificate, ""), Check: resource.ComposeTestCheckFunc( - testAccCheckAWSAPIGatewayBasePathExists("aws_api_gateway_base_path_mapping.test", name, &conf), + testAccCheckAWSAPIGatewayBasePathExists("aws_api_gateway_base_path_mapping.test", &conf), ), }, { @@ -121,7 +121,7 @@ func TestAccAWSAPIGatewayBasePathMapping_BasePath_Empty(t *testing.T) { }) } -func testAccCheckAWSAPIGatewayBasePathExists(n string, name string, res *apigateway.BasePathMapping) resource.TestCheckFunc { +func testAccCheckAWSAPIGatewayBasePathExists(n string, res *apigateway.BasePathMapping) resource.TestCheckFunc { return func(s *terraform.State) error { rs, ok := s.RootModule().Resources[n] if !ok { diff --git a/aws/resource_aws_athena_database.go b/aws/resource_aws_athena_database.go index 34b29b46ab3..23422df097d 100644 --- a/aws/resource_aws_athena_database.go +++ b/aws/resource_aws_athena_database.go @@ -64,13 +64,13 @@ func resourceAwsAthenaDatabase() *schema.Resource { } } -func expandAthenaResultConfiguration(bucket string, encryptionConfigurationList []interface{}) (*athena.ResultConfiguration, error) { +func expandAthenaResultConfiguration(bucket string, encryptionConfigurationList []interface{}) *athena.ResultConfiguration { resultConfig := athena.ResultConfiguration{ OutputLocation: aws.String("s3://" + bucket), } if len(encryptionConfigurationList) <= 0 { - return &resultConfig, nil + return &resultConfig } data := encryptionConfigurationList[0].(map[string]interface{}) @@ -87,20 +87,15 @@ func expandAthenaResultConfiguration(bucket string, encryptionConfigurationList resultConfig.EncryptionConfiguration = &encryptionConfig - return &resultConfig, nil + return &resultConfig } func resourceAwsAthenaDatabaseCreate(d *schema.ResourceData, meta interface{}) error { conn := meta.(*AWSClient).athenaconn - resultConfig, err := expandAthenaResultConfiguration(d.Get("bucket").(string), d.Get("encryption_configuration").([]interface{})) - if err != nil { - return err - } - input := &athena.StartQueryExecutionInput{ QueryString: aws.String(fmt.Sprintf("create database `%s`;", d.Get("name").(string))), - ResultConfiguration: resultConfig, + ResultConfiguration: expandAthenaResultConfiguration(d.Get("bucket").(string), d.Get("encryption_configuration").([]interface{})), } resp, err := conn.StartQueryExecution(input) @@ -118,14 +113,9 @@ func resourceAwsAthenaDatabaseCreate(d *schema.ResourceData, meta interface{}) e func resourceAwsAthenaDatabaseRead(d *schema.ResourceData, meta interface{}) error { conn := meta.(*AWSClient).athenaconn - resultConfig, err := expandAthenaResultConfiguration(d.Get("bucket").(string), d.Get("encryption_configuration").([]interface{})) - if err != nil { - return err - } - input := &athena.StartQueryExecutionInput{ QueryString: aws.String(fmt.Sprint("show databases;")), - ResultConfiguration: resultConfig, + ResultConfiguration: expandAthenaResultConfiguration(d.Get("bucket").(string), d.Get("encryption_configuration").([]interface{})), } resp, err := conn.StartQueryExecution(input) @@ -146,11 +136,6 @@ func resourceAwsAthenaDatabaseUpdate(d *schema.ResourceData, meta interface{}) e func resourceAwsAthenaDatabaseDelete(d *schema.ResourceData, meta interface{}) error { conn := meta.(*AWSClient).athenaconn - resultConfig, err := expandAthenaResultConfiguration(d.Get("bucket").(string), d.Get("encryption_configuration").([]interface{})) - if err != nil { - return err - } - name := d.Get("name").(string) queryString := fmt.Sprintf("drop database `%s`", name) @@ -161,7 +146,7 @@ func resourceAwsAthenaDatabaseDelete(d *schema.ResourceData, meta interface{}) e input := &athena.StartQueryExecutionInput{ QueryString: aws.String(queryString), - ResultConfiguration: resultConfig, + ResultConfiguration: expandAthenaResultConfiguration(d.Get("bucket").(string), d.Get("encryption_configuration").([]interface{})), } resp, err := conn.StartQueryExecution(input) diff --git a/aws/resource_aws_cloudtrail_test.go b/aws/resource_aws_cloudtrail_test.go index ee0786c4d10..d3146fd001a 100644 --- a/aws/resource_aws_cloudtrail_test.go +++ b/aws/resource_aws_cloudtrail_test.go @@ -205,7 +205,7 @@ func testAccAWSCloudTrail_enable_logging(t *testing.T) { testAccCheckCloudTrailExists(resourceName, &trail), // AWS will create the trail with logging turned off. // Test that "enable_logging" default works. - testAccCheckCloudTrailLoggingEnabled(resourceName, true, &trail), + testAccCheckCloudTrailLoggingEnabled(resourceName, true), testAccCheckCloudTrailLogValidationEnabled(resourceName, false, &trail), testAccCheckCloudTrailKmsKeyIdEquals(resourceName, "", &trail), ), @@ -219,7 +219,7 @@ func testAccAWSCloudTrail_enable_logging(t *testing.T) { Config: testAccAWSCloudTrailConfigModified(cloudTrailRandInt), Check: resource.ComposeTestCheckFunc( testAccCheckCloudTrailExists(resourceName, &trail), - testAccCheckCloudTrailLoggingEnabled(resourceName, false, &trail), + testAccCheckCloudTrailLoggingEnabled(resourceName, false), testAccCheckCloudTrailLogValidationEnabled(resourceName, false, &trail), testAccCheckCloudTrailKmsKeyIdEquals(resourceName, "", &trail), ), @@ -228,7 +228,7 @@ func testAccAWSCloudTrail_enable_logging(t *testing.T) { Config: testAccAWSCloudTrailConfig(cloudTrailRandInt), Check: resource.ComposeTestCheckFunc( testAccCheckCloudTrailExists(resourceName, &trail), - testAccCheckCloudTrailLoggingEnabled(resourceName, true, &trail), + testAccCheckCloudTrailLoggingEnabled(resourceName, true), testAccCheckCloudTrailLogValidationEnabled(resourceName, false, &trail), testAccCheckCloudTrailKmsKeyIdEquals(resourceName, "", &trail), ), @@ -549,7 +549,7 @@ func testAccCheckCloudTrailExists(n string, trail *cloudtrail.Trail) resource.Te } } -func testAccCheckCloudTrailLoggingEnabled(n string, desired bool, trail *cloudtrail.Trail) resource.TestCheckFunc { +func testAccCheckCloudTrailLoggingEnabled(n string, desired bool) resource.TestCheckFunc { return func(s *terraform.State) error { rs, ok := s.RootModule().Resources[n] if !ok { diff --git a/aws/resource_aws_ecs_cluster_test.go b/aws/resource_aws_ecs_cluster_test.go index 5fc9e6033db..29104b6f89f 100644 --- a/aws/resource_aws_ecs_cluster_test.go +++ b/aws/resource_aws_ecs_cluster_test.go @@ -217,7 +217,6 @@ func TestAccAWSEcsCluster_CapacityProviders(t *testing.T) { func TestAccAWSEcsCluster_CapacityProvidersUpdate(t *testing.T) { var cluster1 ecs.Cluster rName := acctest.RandomWithPrefix("tf-acc-test") - providerName := acctest.RandomWithPrefix("tf-acc-test") resourceName := "aws_ecs_cluster.test" resource.ParallelTest(t, resource.TestCase{ @@ -226,7 +225,7 @@ func TestAccAWSEcsCluster_CapacityProvidersUpdate(t *testing.T) { CheckDestroy: testAccCheckAWSEcsClusterDestroy, Steps: []resource.TestStep{ { - Config: testAccAWSEcsClusterCapacityProvidersFargate(rName, providerName), + Config: testAccAWSEcsClusterCapacityProvidersFargate(rName), Check: resource.ComposeTestCheckFunc( testAccCheckAWSEcsClusterExists(resourceName, &cluster1), ), @@ -238,13 +237,13 @@ func TestAccAWSEcsCluster_CapacityProvidersUpdate(t *testing.T) { ImportStateVerify: true, }, { - Config: testAccAWSEcsClusterCapacityProvidersFargateSpot(rName, providerName), + Config: testAccAWSEcsClusterCapacityProvidersFargateSpot(rName), Check: resource.ComposeTestCheckFunc( testAccCheckAWSEcsClusterExists(resourceName, &cluster1), ), }, { - Config: testAccAWSEcsClusterCapacityProvidersFargateBoth(rName, providerName), + Config: testAccAWSEcsClusterCapacityProvidersFargateBoth(rName), Check: resource.ComposeTestCheckFunc( testAccCheckAWSEcsClusterExists(resourceName, &cluster1), ), @@ -256,7 +255,6 @@ func TestAccAWSEcsCluster_CapacityProvidersUpdate(t *testing.T) { func TestAccAWSEcsCluster_CapacityProvidersNoStrategy(t *testing.T) { var cluster1 ecs.Cluster rName := acctest.RandomWithPrefix("tf-acc-test") - providerName := acctest.RandomWithPrefix("tf-acc-test") resourceName := "aws_ecs_cluster.test" resource.ParallelTest(t, resource.TestCase{ @@ -265,7 +263,7 @@ func TestAccAWSEcsCluster_CapacityProvidersNoStrategy(t *testing.T) { CheckDestroy: testAccCheckAWSEcsClusterDestroy, Steps: []resource.TestStep{ { - Config: testAccAWSEcsClusterCapacityProvidersFargateNoStrategy(rName, providerName), + Config: testAccAWSEcsClusterCapacityProvidersFargateNoStrategy(rName), Check: resource.ComposeTestCheckFunc( testAccCheckAWSEcsClusterExists(resourceName, &cluster1), ), @@ -277,7 +275,7 @@ func TestAccAWSEcsCluster_CapacityProvidersNoStrategy(t *testing.T) { ImportStateVerify: true, }, { - Config: testAccAWSEcsClusterCapacityProvidersFargateSpotNoStrategy(rName, providerName), + Config: testAccAWSEcsClusterCapacityProvidersFargateSpotNoStrategy(rName), Check: resource.ComposeTestCheckFunc( testAccCheckAWSEcsClusterExists(resourceName, &cluster1), ), @@ -491,7 +489,7 @@ resource "aws_ecs_cluster" "test" { `, rName) } -func testAccAWSEcsClusterCapacityProvidersFargate(rName, providerName string) string { +func testAccAWSEcsClusterCapacityProvidersFargate(rName string) string { return fmt.Sprintf(` resource "aws_ecs_cluster" "test" { name = %[1]q @@ -507,7 +505,7 @@ resource "aws_ecs_cluster" "test" { `, rName) } -func testAccAWSEcsClusterCapacityProvidersFargateSpot(rName, providerName string) string { +func testAccAWSEcsClusterCapacityProvidersFargateSpot(rName string) string { return fmt.Sprintf(` resource "aws_ecs_cluster" "test" { name = %[1]q @@ -523,7 +521,7 @@ resource "aws_ecs_cluster" "test" { `, rName) } -func testAccAWSEcsClusterCapacityProvidersFargateBoth(rName, providerName string) string { +func testAccAWSEcsClusterCapacityProvidersFargateBoth(rName string) string { return fmt.Sprintf(` resource "aws_ecs_cluster" "test" { name = %[1]q @@ -539,7 +537,7 @@ resource "aws_ecs_cluster" "test" { `, rName) } -func testAccAWSEcsClusterCapacityProvidersFargateNoStrategy(rName, providerName string) string { +func testAccAWSEcsClusterCapacityProvidersFargateNoStrategy(rName string) string { return fmt.Sprintf(` resource "aws_ecs_cluster" "test" { name = %[1]q @@ -549,7 +547,7 @@ resource "aws_ecs_cluster" "test" { `, rName) } -func testAccAWSEcsClusterCapacityProvidersFargateSpotNoStrategy(rName, providerName string) string { +func testAccAWSEcsClusterCapacityProvidersFargateSpotNoStrategy(rName string) string { return fmt.Sprintf(` resource "aws_ecs_cluster" "test" { name = %[1]q diff --git a/aws/resource_aws_ecs_task_definition.go b/aws/resource_aws_ecs_task_definition.go index 73b8bd7ee34..8aaa35a14c3 100644 --- a/aws/resource_aws_ecs_task_definition.go +++ b/aws/resource_aws_ecs_task_definition.go @@ -376,11 +376,7 @@ func resourceAwsEcsTaskDefinitionCreate(d *schema.ResourceData, meta interface{} } if v, ok := d.GetOk("inference_accelerator"); ok { - iAcc, err := expandEcsInferenceAccelerators(v.(*schema.Set).List()) - if err != nil { - return err - } - input.InferenceAccelerators = iAcc + input.InferenceAccelerators = expandEcsInferenceAccelerators(v.(*schema.Set).List()) } constraints := d.Get("placement_constraints").(*schema.Set).List() @@ -608,7 +604,7 @@ func flattenEcsInferenceAccelerators(list []*ecs.InferenceAccelerator) []map[str return result } -func expandEcsInferenceAccelerators(configured []interface{}) ([]*ecs.InferenceAccelerator, error) { +func expandEcsInferenceAccelerators(configured []interface{}) []*ecs.InferenceAccelerator { iAccs := make([]*ecs.InferenceAccelerator, 0, len(configured)) for _, lRaw := range configured { data := lRaw.(map[string]interface{}) @@ -619,5 +615,5 @@ func expandEcsInferenceAccelerators(configured []interface{}) ([]*ecs.InferenceA iAccs = append(iAccs, l) } - return iAccs, nil + return iAccs } diff --git a/aws/resource_aws_eip_association_test.go b/aws/resource_aws_eip_association_test.go index 38a12ac0686..97558a60066 100644 --- a/aws/resource_aws_eip_association_test.go +++ b/aws/resource_aws_eip_association_test.go @@ -123,7 +123,7 @@ func TestAccAWSEIPAssociation_ec2Classic(t *testing.T) { testAccCheckAWSEIPAssociationExists(resourceName, &a), resource.TestCheckResourceAttrSet(resourceName, "public_ip"), resource.TestCheckResourceAttr(resourceName, "allocation_id", ""), - testAccCheckAWSEIPAssociationHasIpBasedId(resourceName, &a), + testAccCheckAWSEIPAssociationHasIpBasedId(resourceName), ), }, { @@ -230,7 +230,7 @@ func testAccCheckAWSEIPAssociationExists(name string, res *ec2.Address) resource } } -func testAccCheckAWSEIPAssociationHasIpBasedId(name string, res *ec2.Address) resource.TestCheckFunc { +func testAccCheckAWSEIPAssociationHasIpBasedId(name string) resource.TestCheckFunc { return func(s *terraform.State) error { rs, ok := s.RootModule().Resources[name] if !ok { diff --git a/aws/resource_aws_inspector_resource_group_test.go b/aws/resource_aws_inspector_resource_group_test.go index 02ed90200b9..be94b4c5d86 100644 --- a/aws/resource_aws_inspector_resource_group_test.go +++ b/aws/resource_aws_inspector_resource_group_test.go @@ -34,7 +34,7 @@ func TestAccAWSInspectorResourceGroup_basic(t *testing.T) { testAccCheckAWSInspectorResourceGroupExists(resourceName, &v2), testAccMatchResourceAttrRegionalARN(resourceName, "arn", "inspector", regexp.MustCompile(`resourcegroup/.+`)), resource.TestCheckResourceAttr(resourceName, "tags.Name", "bar"), - testAccCheckAWSInspectorResourceGroupRecreated(t, &v1, &v2), + testAccCheckAWSInspectorResourceGroupRecreated(&v1, &v2), ), }, }, @@ -69,7 +69,7 @@ func testAccCheckAWSInspectorResourceGroupExists(name string, rg *inspector.Reso } } -func testAccCheckAWSInspectorResourceGroupRecreated(t *testing.T, v1, v2 *inspector.ResourceGroup) resource.TestCheckFunc { +func testAccCheckAWSInspectorResourceGroupRecreated(v1, v2 *inspector.ResourceGroup) resource.TestCheckFunc { return func(s *terraform.State) error { if v2.CreatedAt.Equal(*v1.CreatedAt) { return fmt.Errorf("Inspector resource group not recreated when changing tags") diff --git a/aws/resource_aws_instance_migrate.go b/aws/resource_aws_instance_migrate.go index 17065d1e79c..7aaf212f19d 100644 --- a/aws/resource_aws_instance_migrate.go +++ b/aws/resource_aws_instance_migrate.go @@ -45,9 +45,7 @@ func migrateAwsInstanceStateV0toV1(is *terraform.InstanceState) (*terraform.Inst is.Attributes["root_block_device.#"] = "0" } for _, oldBd := range oldBds { - if err := writeV1BlockDevice(is, oldBd); err != nil { - return is, err - } + writeV1BlockDevice(is, oldBd) } log.Printf("[DEBUG] Attributes after migration: %#v", is.Attributes) return is, nil @@ -76,7 +74,7 @@ func readV0BlockDevices(is *terraform.InstanceState) (map[string]map[string]stri } func writeV1BlockDevice( - is *terraform.InstanceState, oldBd map[string]string) error { + is *terraform.InstanceState, oldBd map[string]string) { code := hashcode.String(oldBd["device_name"]) bdType := "ebs_block_device" if vn, ok := oldBd["virtual_name"]; ok && strings.HasPrefix(vn, "ephemeral") { @@ -107,5 +105,4 @@ func writeV1BlockDevice( countAttr := fmt.Sprintf("%s.#", bdType) count, _ := strconv.Atoi(is.Attributes[countAttr]) is.Attributes[countAttr] = strconv.Itoa(count + 1) - return nil } diff --git a/aws/resource_aws_kinesis_analytics_application.go b/aws/resource_aws_kinesis_analytics_application.go index 95d3c6f425d..40497926e25 100644 --- a/aws/resource_aws_kinesis_analytics_application.go +++ b/aws/resource_aws_kinesis_analytics_application.go @@ -704,10 +704,7 @@ func resourceAwsKinesisAnalyticsApplicationUpdate(d *schema.ResourceData, meta i CurrentApplicationVersionId: aws.Int64(int64(version)), } - applicationUpdate, err := createApplicationUpdateOpts(d) - if err != nil { - return err - } + applicationUpdate := createApplicationUpdateOpts(d) if !reflect.DeepEqual(applicationUpdate, &kinesisanalytics.ApplicationUpdate{}) { updateApplicationOpts.SetApplicationUpdate(applicationUpdate) @@ -1085,7 +1082,7 @@ func expandKinesisAnalyticsReferenceData(rd map[string]interface{}) *kinesisanal return referenceData } -func createApplicationUpdateOpts(d *schema.ResourceData) (*kinesisanalytics.ApplicationUpdate, error) { +func createApplicationUpdateOpts(d *schema.ResourceData) *kinesisanalytics.ApplicationUpdate { applicationUpdate := &kinesisanalytics.ApplicationUpdate{} if d.HasChange("code") { @@ -1154,7 +1151,7 @@ func createApplicationUpdateOpts(d *schema.ResourceData) (*kinesisanalytics.Appl } } - return applicationUpdate, nil + return applicationUpdate } func expandKinesisAnalyticsInputUpdate(vL map[string]interface{}) *kinesisanalytics.InputUpdate { diff --git a/aws/resource_aws_kinesis_video_stream_test.go b/aws/resource_aws_kinesis_video_stream_test.go index e434366be44..4c45067fc76 100644 --- a/aws/resource_aws_kinesis_video_stream_test.go +++ b/aws/resource_aws_kinesis_video_stream_test.go @@ -156,7 +156,7 @@ func TestAccAWSKinesisVideoStream_disappears(t *testing.T) { Config: testAccKinesisVideoStreamConfig(rInt), Check: resource.ComposeTestCheckFunc( testAccCheckKinesisVideoStreamExists(resourceName, &stream), - testAccCheckKinesisVideoStreamDisappears(resourceName, &stream), + testAccCheckKinesisVideoStreamDisappears(resourceName), ), ExpectNonEmptyPlan: true, }, @@ -164,7 +164,7 @@ func TestAccAWSKinesisVideoStream_disappears(t *testing.T) { }) } -func testAccCheckKinesisVideoStreamDisappears(resourceName string, stream *kinesisvideo.StreamInfo) resource.TestCheckFunc { +func testAccCheckKinesisVideoStreamDisappears(resourceName string) resource.TestCheckFunc { return func(s *terraform.State) error { conn := testAccProvider.Meta().(*AWSClient).kinesisvideoconn diff --git a/aws/resource_aws_lambda_function_test.go b/aws/resource_aws_lambda_function_test.go index 1b681973696..a2658ee2f25 100644 --- a/aws/resource_aws_lambda_function_test.go +++ b/aws/resource_aws_lambda_function_test.go @@ -550,7 +550,6 @@ func TestAccAWSLambdaFunction_DeadLetterConfigUpdated(t *testing.T) { rString := acctest.RandString(8) funcName := fmt.Sprintf("tf_acc_lambda_func_dlcfg_upd_%s", rString) - uFuncName := fmt.Sprintf("tf_acc_lambda_func_dlcfg_upd_%s", rString) policyName := fmt.Sprintf("tf_acc_policy_lambda_func_dlcfg_upd_%s", rString) roleName := fmt.Sprintf("tf_acc_role_lambda_func_dlcfg_upd_%s", rString) sgName := fmt.Sprintf("tf_acc_sg_lambda_func_dlcfg_upd_%s", rString) @@ -567,7 +566,7 @@ func TestAccAWSLambdaFunction_DeadLetterConfigUpdated(t *testing.T) { Config: testAccAWSLambdaConfigWithDeadLetterConfig(funcName, topic1Name, policyName, roleName, sgName), }, { - Config: testAccAWSLambdaConfigWithDeadLetterConfigUpdated(funcName, topic1Name, topic2Name, policyName, roleName, sgName, uFuncName), + Config: testAccAWSLambdaConfigWithDeadLetterConfigUpdated(funcName, topic1Name, topic2Name, policyName, roleName, sgName), Check: resource.ComposeTestCheckFunc( testAccCheckAwsLambdaFunctionExists(resourceName, funcName, &conf), func(s *terraform.State) error { @@ -2373,7 +2372,7 @@ resource "aws_sns_topic" "test" { } func testAccAWSLambdaConfigWithDeadLetterConfigUpdated(funcName, topic1Name, topic2Name, policyName, - roleName, sgName, uFuncName string) string { + roleName, sgName string) string { return fmt.Sprintf(baseAccAWSLambdaConfig(policyName, roleName, sgName)+` resource "aws_lambda_function" "test" { filename = "test-fixtures/lambdatest.zip" @@ -2394,7 +2393,7 @@ resource "aws_sns_topic" "test" { resource "aws_sns_topic" "test_2" { name = "%s" } -`, uFuncName, topic1Name, topic2Name) +`, funcName, topic1Name, topic2Name) } func testAccAWSLambdaConfigWithNilDeadLetterConfig(funcName, policyName, roleName, sgName string) string { diff --git a/aws/resource_aws_lambda_permission_test.go b/aws/resource_aws_lambda_permission_test.go index 9848ae98fd3..5a6c0a0c371 100644 --- a/aws/resource_aws_lambda_permission_test.go +++ b/aws/resource_aws_lambda_permission_test.go @@ -325,8 +325,6 @@ func TestAccAWSLambdaPermission_withQualifier(t *testing.T) { } func TestAccAWSLambdaPermission_disappears(t *testing.T) { - var statement LambdaPolicyStatement - rString := acctest.RandString(8) funcName := fmt.Sprintf("tf_acc_lambda_perm_multi_%s", rString) roleName := fmt.Sprintf("tf_acc_role_lambda_perm_multi_%s", rString) @@ -343,7 +341,7 @@ func TestAccAWSLambdaPermission_disappears(t *testing.T) { { Config: testAccAWSLambdaPermissionConfig_multiplePerms(funcName, roleName), Check: resource.ComposeTestCheckFunc( - testAccAWSLambdaPermissionDisappears(resourceName, &statement), + testAccAWSLambdaPermissionDisappears(resourceName), ), ExpectNonEmptyPlan: true, }, @@ -541,7 +539,7 @@ func TestAccAWSLambdaPermission_withIAMRole(t *testing.T) { }) } -func testAccAWSLambdaPermissionDisappears(n string, statement *LambdaPolicyStatement) resource.TestCheckFunc { +func testAccAWSLambdaPermissionDisappears(n string) resource.TestCheckFunc { return func(s *terraform.State) error { rs, ok := s.RootModule().Resources[n] if !ok { diff --git a/aws/resource_aws_lightsail_key_pair_test.go b/aws/resource_aws_lightsail_key_pair_test.go index 8796ba6eeab..dd34c3c2d82 100644 --- a/aws/resource_aws_lightsail_key_pair_test.go +++ b/aws/resource_aws_lightsail_key_pair_test.go @@ -46,7 +46,7 @@ func TestAccAWSLightsailKeyPair_publicKey(t *testing.T) { CheckDestroy: testAccCheckAWSLightsailKeyPairDestroy, Steps: []resource.TestStep{ { - Config: testAccAWSLightsailKeyPairConfig_imported(lightsailName, testLightsailKeyPairPubKey1), + Config: testAccAWSLightsailKeyPairConfig_imported(lightsailName, lightsailPubKey), Check: resource.ComposeAggregateTestCheckFunc( testAccCheckAWSLightsailKeyPairExists("aws_lightsail_key_pair.lightsail_key_pair_test", &conf), resource.TestCheckResourceAttrSet("aws_lightsail_key_pair.lightsail_key_pair_test", "arn"), @@ -175,14 +175,14 @@ resource "aws_lightsail_key_pair" "lightsail_key_pair_test" { `, lightsailName) } -func testAccAWSLightsailKeyPairConfig_imported(lightsailName, key string) string { +func testAccAWSLightsailKeyPairConfig_imported(lightsailName, publicKey string) string { return fmt.Sprintf(` resource "aws_lightsail_key_pair" "lightsail_key_pair_test" { name = "%s" public_key = "%s" } -`, lightsailName, lightsailPubKey) +`, lightsailName, publicKey) } func testAccAWSLightsailKeyPairConfig_encrypted(lightsailName, key string) string { diff --git a/aws/resource_aws_main_route_table_association_test.go b/aws/resource_aws_main_route_table_association_test.go index e63a43e561b..bde058d9603 100644 --- a/aws/resource_aws_main_route_table_association_test.go +++ b/aws/resource_aws_main_route_table_association_test.go @@ -18,21 +18,13 @@ func TestAccAWSMainRouteTableAssociation_basic(t *testing.T) { { Config: testAccMainRouteTableAssociationConfig, Check: resource.ComposeTestCheckFunc( - testAccCheckMainRouteTableAssociation( - "aws_main_route_table_association.foo", - "aws_vpc.foo", - "aws_route_table.foo", - ), + testAccCheckMainRouteTableAssociation("aws_main_route_table_association.foo", "aws_vpc.foo"), ), }, { Config: testAccMainRouteTableAssociationConfigUpdate, Check: resource.ComposeTestCheckFunc( - testAccCheckMainRouteTableAssociation( - "aws_main_route_table_association.foo", - "aws_vpc.foo", - "aws_route_table.bar", - ), + testAccCheckMainRouteTableAssociation("aws_main_route_table_association.foo", "aws_vpc.foo"), ), }, }, @@ -67,10 +59,7 @@ func testAccCheckMainRouteTableAssociationDestroy(s *terraform.State) error { return nil } -func testAccCheckMainRouteTableAssociation( - mainRouteTableAssociationResource string, - vpcResource string, - routeTableResource string) resource.TestCheckFunc { +func testAccCheckMainRouteTableAssociation(mainRouteTableAssociationResource string, vpcResource string) resource.TestCheckFunc { return func(s *terraform.State) error { rs, ok := s.RootModule().Resources[mainRouteTableAssociationResource] if !ok { From b10107a177f94a7797c09f4a9448ee49bcde09b0 Mon Sep 17 00:00:00 2001 From: Brian Flad Date: Tue, 19 May 2020 19:56:05 -0400 Subject: [PATCH 230/475] provider: Implement examples label (#13325) Adds a new label, using the documentation label coloring, to denote changes relating to the `examples/` directory. --- .hashibot.hcl | 3 +++ docs/MAINTAINING.md | 3 +++ infrastructure/repository/labels-workflow.tf | 1 + 3 files changed, 7 insertions(+) diff --git a/.hashibot.hcl b/.hashibot.hcl index 1437d973e45..e12b23d12e2 100644 --- a/.hashibot.hcl +++ b/.hashibot.hcl @@ -565,6 +565,9 @@ behavior "pull_request_path_labeler" "service_labels" { "docs/**/*", "*.md", ] + "examples" = [ + "examples/**/*", + ] "tests" = [ "**/*_test.go", "**/testdata/**/*", diff --git a/docs/MAINTAINING.md b/docs/MAINTAINING.md index 4bf01519358..f312b007e7e 100644 --- a/docs/MAINTAINING.md +++ b/docs/MAINTAINING.md @@ -328,6 +328,7 @@ When breaking changes to the provider are necessary we release them in a major v | [![dependencies][dependencies-badge]][dependencies] | Used to indicate dependency or vendoring changes. | Added by Hashibot. | | [![documentation][documentation-badge]][documentation] | Introduces or discusses updates to documentation. | None | | [![enhancement][enhancement-badge]][enhancement] | Requests to existing resources that expand the functionality or scope. | None | +| [![examples][examples-badge]][examples] | Introduces or discusses updates to examples. | None | | [![good first issue][good-first-issue-badge]][good-first-issue] | Call to action for new contributors looking for a place to start. Smaller or straightforward issues. | None | | [![hacktoberfest][hacktoberfest-badge]][hacktoberfest] | Call to action for Hacktoberfest (OSS Initiative). | None | | [![hashibot ignore][hashibot-ignore-badge]][hashibot-ignore] | Issues or PRs labelled with this are ignored by Hashibot. | None | @@ -362,6 +363,8 @@ When breaking changes to the provider are necessary we release them in a major v [documentation]: https://github.com/terraform-providers/terraform-provider-aws/labels/documentation [enhancement-badge]: https://img.shields.io/badge/enhancement-d4c5f9 [enhancement]: https://github.com/terraform-providers/terraform-provider-aws/labels/enhancement +[examples-badge]: https://img.shields.io/badge/examples-fef2c0 +[examples]: https://github.com/terraform-providers/terraform-provider-aws/labels/examples [good-first-issue-badge]: https://img.shields.io/badge/good%20first%20issue-128A0C [good-first-issue]: https://github.com/terraform-providers/terraform-provider-aws/labels/good%20first%20issue [hacktoberfest-badge]: https://img.shields.io/badge/hacktoberfest-2c0fad diff --git a/infrastructure/repository/labels-workflow.tf b/infrastructure/repository/labels-workflow.tf index 8a470950147..1bcb9a4d156 100644 --- a/infrastructure/repository/labels-workflow.tf +++ b/infrastructure/repository/labels-workflow.tf @@ -1,5 +1,6 @@ variable "workflow_labels" { default = { + "examples" = "fef2c0", "hacktoberfest" = "2c0fad", "needs-triage" = "e236d7", "terraform-plugin-sdk-migration" = "fad8c7", From b9acd21e5924303a1c1c2bbd188cf28c865f0500 Mon Sep 17 00:00:00 2001 From: Angie Pinilla Date: Tue, 19 May 2020 21:11:19 -0400 Subject: [PATCH 231/475] use typelist for attributes with maxitems of 1 and remove DisableBinaryDriver refs --- aws/resource_aws_codebuild_project.go | 22 +- aws/resource_aws_codebuild_project_test.go | 293 ++++++++++----------- 2 files changed, 155 insertions(+), 160 deletions(-) diff --git a/aws/resource_aws_codebuild_project.go b/aws/resource_aws_codebuild_project.go index 854eadebd4f..51bea9f50ac 100644 --- a/aws/resource_aws_codebuild_project.go +++ b/aws/resource_aws_codebuild_project.go @@ -160,7 +160,7 @@ func resourceAwsCodeBuildProject() *schema.Resource { Computed: true, }, "environment": { - Type: schema.TypeSet, + Type: schema.TypeList, Required: true, MaxItems: 1, Elem: &schema.Resource{ @@ -257,7 +257,6 @@ func resourceAwsCodeBuildProject() *schema.Resource { }, }, }, - Set: resourceAwsCodeBuildProjectEnvironmentHash, }, "logs_config": { Type: schema.TypeList, @@ -475,7 +474,7 @@ func resourceAwsCodeBuildProject() *schema.Resource { Required: true, }, "source": { - Type: schema.TypeSet, + Type: schema.TypeList, Elem: &schema.Resource{ Schema: map[string]*schema.Schema{ "auth": { @@ -550,7 +549,6 @@ func resourceAwsCodeBuildProject() *schema.Resource { }, Required: true, MaxItems: 1, - Set: resourceAwsCodeBuildProjectSourceHash, }, "source_version": { Type: schema.TypeString, @@ -813,7 +811,7 @@ func expandProjectCache(s []interface{}) *codebuild.ProjectCache { } func expandProjectEnvironment(d *schema.ResourceData) *codebuild.ProjectEnvironment { - configs := d.Get("environment").(*schema.Set).List() + configs := d.Get("environment").([]interface{}) envConfig := configs[0].(map[string]interface{}) @@ -1007,7 +1005,7 @@ func expandProjectSecondarySources(d *schema.ResourceData) []*codebuild.ProjectS } func expandProjectSource(d *schema.ResourceData) codebuild.ProjectSource { - configs := d.Get("source").(*schema.Set).List() + configs := d.Get("source").([]interface{}) data := configs[0].(map[string]interface{}) return expandProjectSourceData(data) @@ -1093,7 +1091,7 @@ func resourceAwsCodeBuildProjectRead(d *schema.ResourceData, meta interface{}) e return fmt.Errorf("error setting artifacts: %s", err) } - if err := d.Set("environment", schema.NewSet(resourceAwsCodeBuildProjectEnvironmentHash, flattenAwsCodeBuildProjectEnvironment(project.Environment))); err != nil { + if err := d.Set("environment", flattenAwsCodeBuildProjectEnvironment(project.Environment)); err != nil { return fmt.Errorf("error setting environment: %s", err) } @@ -1383,12 +1381,12 @@ func flattenAwsCodebuildProjectCache(cache *codebuild.ProjectCache) []interface{ func flattenAwsCodeBuildProjectEnvironment(environment *codebuild.ProjectEnvironment) []interface{} { envConfig := map[string]interface{}{} - envConfig["type"] = *environment.Type - envConfig["compute_type"] = *environment.ComputeType - envConfig["image"] = *environment.Image + envConfig["type"] = aws.StringValue(environment.Type) + envConfig["compute_type"] = aws.StringValue(environment.ComputeType) + envConfig["image"] = aws.StringValue(environment.Image) envConfig["certificate"] = aws.StringValue(environment.Certificate) - envConfig["privileged_mode"] = *environment.PrivilegedMode - envConfig["image_pull_credentials_type"] = *environment.ImagePullCredentialsType + envConfig["privileged_mode"] = aws.BoolValue(environment.PrivilegedMode) + envConfig["image_pull_credentials_type"] = aws.StringValue(environment.ImagePullCredentialsType) envConfig["registry_credential"] = flattenAwsCodebuildRegistryCredential(environment.RegistryCredential) diff --git a/aws/resource_aws_codebuild_project_test.go b/aws/resource_aws_codebuild_project_test.go index 8f36d201484..1fdb9b3ba8d 100644 --- a/aws/resource_aws_codebuild_project_test.go +++ b/aws/resource_aws_codebuild_project_test.go @@ -45,10 +45,10 @@ func TestAccAWSCodeBuildProject_basic(t *testing.T) { resourceName := "aws_codebuild_project.test" resource.ParallelTest(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSCodeBuild(t) }, - Providers: testAccProviders, - CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy, - DisableBinaryDriver: true, + PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSCodeBuild(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy, + Steps: []resource.TestStep{ { Config: testAccAWSCodeBuildProjectConfig_basic(rName), @@ -64,22 +64,22 @@ func TestAccAWSCodeBuildProject_basic(t *testing.T) { resource.TestCheckResourceAttr(resourceName, "description", ""), resource.TestMatchResourceAttr(resourceName, "encryption_key", regexp.MustCompile(`^arn:[^:]+:kms:[^:]+:[^:]+:alias/aws/s3$`)), resource.TestCheckResourceAttr(resourceName, "environment.#", "1"), - resource.TestCheckResourceAttr(resourceName, "environment.2300252877.compute_type", "BUILD_GENERAL1_SMALL"), - resource.TestCheckResourceAttr(resourceName, "environment.2300252877.environment_variable.#", "0"), - resource.TestCheckResourceAttr(resourceName, "environment.2300252877.image", "2"), - resource.TestCheckResourceAttr(resourceName, "environment.2300252877.privileged_mode", "false"), - resource.TestCheckResourceAttr(resourceName, "environment.2300252877.type", "LINUX_CONTAINER"), - resource.TestCheckResourceAttr(resourceName, "environment.2300252877.image_pull_credentials_type", "CODEBUILD"), + resource.TestCheckResourceAttr(resourceName, "environment.0.compute_type", "BUILD_GENERAL1_SMALL"), + resource.TestCheckResourceAttr(resourceName, "environment.0.environment_variable.#", "0"), + resource.TestCheckResourceAttr(resourceName, "environment.0.image", "2"), + resource.TestCheckResourceAttr(resourceName, "environment.0.privileged_mode", "false"), + resource.TestCheckResourceAttr(resourceName, "environment.0.type", "LINUX_CONTAINER"), + resource.TestCheckResourceAttr(resourceName, "environment.0.image_pull_credentials_type", "CODEBUILD"), resource.TestCheckResourceAttr(resourceName, "logs_config.0.cloudwatch_logs.0.status", "ENABLED"), resource.TestCheckResourceAttr(resourceName, "logs_config.0.s3_logs.0.status", "DISABLED"), resource.TestMatchResourceAttr(resourceName, "service_role", regexp.MustCompile(`^arn:[^:]+:iam::[^:]+:role/tf-acc-test-[0-9]+$`)), resource.TestCheckResourceAttr(resourceName, "source.#", "1"), - resource.TestCheckResourceAttr(resourceName, "source.1441597390.auth.#", "0"), - resource.TestCheckResourceAttr(resourceName, "source.1441597390.git_clone_depth", "0"), - resource.TestCheckResourceAttr(resourceName, "source.1441597390.insecure_ssl", "false"), - resource.TestCheckResourceAttr(resourceName, "source.1441597390.location", "https://github.com/hashibot-test/aws-test.git"), - resource.TestCheckResourceAttr(resourceName, "source.1441597390.report_build_status", "false"), - resource.TestCheckResourceAttr(resourceName, "source.1441597390.type", "GITHUB"), + resource.TestCheckResourceAttr(resourceName, "source.0.auth.#", "0"), + resource.TestCheckResourceAttr(resourceName, "source.0.git_clone_depth", "0"), + resource.TestCheckResourceAttr(resourceName, "source.0.insecure_ssl", "false"), + resource.TestCheckResourceAttr(resourceName, "source.0.location", "https://github.com/hashibot-test/aws-test.git"), + resource.TestCheckResourceAttr(resourceName, "source.0.report_build_status", "false"), + resource.TestCheckResourceAttr(resourceName, "source.0.type", "GITHUB"), resource.TestCheckResourceAttr(resourceName, "vpc_config.#", "0"), resource.TestCheckResourceAttr(resourceName, "tags.%", "0"), ), @@ -376,7 +376,7 @@ func TestAccAWSCodeBuildProject_Environment_EnvironmentVariable(t *testing.T) { Config: testAccAWSCodeBuildProjectConfig_Environment_EnvironmentVariable_Zero(rName), Check: resource.ComposeTestCheckFunc( testAccCheckAWSCodeBuildProjectExists(resourceName, &project3), - resource.TestCheckResourceAttr(resourceName, "environment.2300252877.environment_variable.#", "0"), + resource.TestCheckResourceAttr(resourceName, "environment.0.environment_variable.#", "0"), ), }, { @@ -394,17 +394,16 @@ func TestAccAWSCodeBuildProject_Environment_EnvironmentVariable_Type(t *testing. resourceName := "aws_codebuild_project.test" resource.ParallelTest(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSCodeBuild(t) }, - Providers: testAccProviders, - CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy, - DisableBinaryDriver: true, + PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSCodeBuild(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy, Steps: []resource.TestStep{ { Config: testAccAWSCodeBuildProjectConfig_Environment_EnvironmentVariable_Type(rName, "PLAINTEXT"), Check: resource.ComposeTestCheckFunc( testAccCheckAWSCodeBuildProjectExists(resourceName, &project), - resource.TestCheckResourceAttr(resourceName, "environment.4178155002.environment_variable.0.type", "PLAINTEXT"), - resource.TestCheckResourceAttr(resourceName, "environment.4178155002.environment_variable.1.type", "PLAINTEXT"), + resource.TestCheckResourceAttr(resourceName, "environment.0.environment_variable.0.type", "PLAINTEXT"), + resource.TestCheckResourceAttr(resourceName, "environment.0.environment_variable.1.type", "PLAINTEXT"), ), }, { @@ -416,16 +415,16 @@ func TestAccAWSCodeBuildProject_Environment_EnvironmentVariable_Type(t *testing. Config: testAccAWSCodeBuildProjectConfig_Environment_EnvironmentVariable_Type(rName, "PARAMETER_STORE"), Check: resource.ComposeTestCheckFunc( testAccCheckAWSCodeBuildProjectExists(resourceName, &project), - resource.TestCheckResourceAttr(resourceName, "environment.1701234421.environment_variable.0.type", "PLAINTEXT"), - resource.TestCheckResourceAttr(resourceName, "environment.1701234421.environment_variable.1.type", "PARAMETER_STORE"), + resource.TestCheckResourceAttr(resourceName, "environment.0.environment_variable.0.type", "PLAINTEXT"), + resource.TestCheckResourceAttr(resourceName, "environment.0.environment_variable.1.type", "PARAMETER_STORE"), ), }, { Config: testAccAWSCodeBuildProjectConfig_Environment_EnvironmentVariable_Type(rName, "SECRETS_MANAGER"), Check: resource.ComposeTestCheckFunc( testAccCheckAWSCodeBuildProjectExists(resourceName, &project), - resource.TestCheckResourceAttr(resourceName, "environment.198523880.environment_variable.0.type", "PLAINTEXT"), - resource.TestCheckResourceAttr(resourceName, "environment.198523880.environment_variable.1.type", "SECRETS_MANAGER"), + resource.TestCheckResourceAttr(resourceName, "environment.0.environment_variable.0.type", "PLAINTEXT"), + resource.TestCheckResourceAttr(resourceName, "environment.0.environment_variable.1.type", "SECRETS_MANAGER"), ), }, }, @@ -602,10 +601,9 @@ func TestAccAWSCodeBuildProject_Source_Auth(t *testing.T) { resourceName := "aws_codebuild_project.test" resource.ParallelTest(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSCodeBuild(t) }, - Providers: testAccProviders, - CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy, - DisableBinaryDriver: true, + PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSCodeBuild(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy, Steps: []resource.TestStep{ { Config: testAccAWSCodeBuildProjectConfig_Source_Auth(rName, "FAKERESOURCE1", "INVALID"), @@ -615,9 +613,9 @@ func TestAccAWSCodeBuildProject_Source_Auth(t *testing.T) { Config: testAccAWSCodeBuildProjectConfig_Source_Auth(rName, "FAKERESOURCE1", "OAUTH"), Check: resource.ComposeTestCheckFunc( testAccCheckAWSCodeBuildProjectExists(resourceName, &project), - resource.TestCheckResourceAttr(resourceName, "source.3680505372.auth.#", "1"), - resource.TestCheckResourceAttr(resourceName, "source.3680505372.auth.2706882902.resource", "FAKERESOURCE1"), - resource.TestCheckResourceAttr(resourceName, "source.3680505372.auth.2706882902.type", "OAUTH"), + resource.TestCheckResourceAttr(resourceName, "source.0.auth.#", "1"), + resource.TestCheckResourceAttr(resourceName, "source.0.auth.2706882902.resource", "FAKERESOURCE1"), + resource.TestCheckResourceAttr(resourceName, "source.0.auth.2706882902.type", "OAUTH"), ), }, { @@ -635,16 +633,15 @@ func TestAccAWSCodeBuildProject_Source_GitCloneDepth(t *testing.T) { resourceName := "aws_codebuild_project.test" resource.ParallelTest(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSCodeBuild(t) }, - Providers: testAccProviders, - CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy, - DisableBinaryDriver: true, + PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSCodeBuild(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy, Steps: []resource.TestStep{ { Config: testAccAWSCodeBuildProjectConfig_Source_GitCloneDepth(rName, 1), Check: resource.ComposeTestCheckFunc( testAccCheckAWSCodeBuildProjectExists(resourceName, &project), - resource.TestCheckResourceAttr(resourceName, "source.1181740906.git_clone_depth", "1"), + resource.TestCheckResourceAttr(resourceName, "source.0.git_clone_depth", "1"), ), }, { @@ -656,7 +653,7 @@ func TestAccAWSCodeBuildProject_Source_GitCloneDepth(t *testing.T) { Config: testAccAWSCodeBuildProjectConfig_Source_GitCloneDepth(rName, 2), Check: resource.ComposeTestCheckFunc( testAccCheckAWSCodeBuildProjectExists(resourceName, &project), - resource.TestCheckResourceAttr(resourceName, "source.974047921.git_clone_depth", "2"), + resource.TestCheckResourceAttr(resourceName, "source.0.git_clone_depth", "2"), ), }, }, @@ -669,17 +666,17 @@ func TestAccAWSCodeBuildProject_Source_GitSubmodulesConfig_CodeCommit(t *testing resourceName := "aws_codebuild_project.test" resource.ParallelTest(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSCodeBuild(t) }, - Providers: testAccProviders, - CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy, - DisableBinaryDriver: true, + PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSCodeBuild(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy, + Steps: []resource.TestStep{ { Config: testAccAWSCodeBuildProjectConfig_Source_GitSubmodulesConfig_CodeCommit(rName, true), Check: resource.ComposeTestCheckFunc( testAccCheckAWSCodeBuildProjectExists(resourceName, &project), - resource.TestCheckResourceAttr(resourceName, "source.3389748318.git_submodules_config.#", "1"), - resource.TestCheckResourceAttr(resourceName, "source.3389748318.git_submodules_config.0.fetch_submodules", "true"), + resource.TestCheckResourceAttr(resourceName, "source.0.git_submodules_config.#", "1"), + resource.TestCheckResourceAttr(resourceName, "source.0.git_submodules_config.0.fetch_submodules", "true"), ), }, { @@ -691,8 +688,8 @@ func TestAccAWSCodeBuildProject_Source_GitSubmodulesConfig_CodeCommit(t *testing Config: testAccAWSCodeBuildProjectConfig_Source_GitSubmodulesConfig_CodeCommit(rName, false), Check: resource.ComposeTestCheckFunc( testAccCheckAWSCodeBuildProjectExists(resourceName, &project), - resource.TestCheckResourceAttr(resourceName, "source.3338377709.git_submodules_config.#", "1"), - resource.TestCheckResourceAttr(resourceName, "source.3338377709.git_submodules_config.0.fetch_submodules", "false"), + resource.TestCheckResourceAttr(resourceName, "source.0.git_submodules_config.#", "1"), + resource.TestCheckResourceAttr(resourceName, "source.0.git_submodules_config.0.fetch_submodules", "false"), ), }, }, @@ -767,10 +764,10 @@ func TestAccAWSCodeBuildProject_SecondarySources_GitSubmodulesConfig_CodeCommit( resourceName := "aws_codebuild_project.test" resource.ParallelTest(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSCodeBuild(t) }, - Providers: testAccProviders, - CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy, - DisableBinaryDriver: true, + PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSCodeBuild(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy, + Steps: []resource.TestStep{ { Config: testAccAWSCodeBuildProjectConfig_SecondarySources_GitSubmodulesConfig_CodeCommit(rName, true), @@ -869,16 +866,16 @@ func TestAccAWSCodeBuildProject_Source_InsecureSSL(t *testing.T) { resourceName := "aws_codebuild_project.test" resource.ParallelTest(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSCodeBuild(t) }, - Providers: testAccProviders, - CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy, - DisableBinaryDriver: true, + PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSCodeBuild(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy, + Steps: []resource.TestStep{ { Config: testAccAWSCodeBuildProjectConfig_Source_InsecureSSL(rName, true), Check: resource.ComposeTestCheckFunc( testAccCheckAWSCodeBuildProjectExists(resourceName, &project), - resource.TestCheckResourceAttr(resourceName, "source.1976396802.insecure_ssl", "true"), + resource.TestCheckResourceAttr(resourceName, "source.0.insecure_ssl", "true"), ), }, { @@ -890,7 +887,7 @@ func TestAccAWSCodeBuildProject_Source_InsecureSSL(t *testing.T) { Config: testAccAWSCodeBuildProjectConfig_Source_InsecureSSL(rName, false), Check: resource.ComposeTestCheckFunc( testAccCheckAWSCodeBuildProjectExists(resourceName, &project), - resource.TestCheckResourceAttr(resourceName, "source.3680505372.insecure_ssl", "false"), + resource.TestCheckResourceAttr(resourceName, "source.0.insecure_ssl", "false"), ), }, }, @@ -903,16 +900,16 @@ func TestAccAWSCodeBuildProject_Source_ReportBuildStatus_Bitbucket(t *testing.T) resourceName := "aws_codebuild_project.test" resource.ParallelTest(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSCodeBuild(t) }, - Providers: testAccProviders, - CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy, - DisableBinaryDriver: true, + PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSCodeBuild(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy, + Steps: []resource.TestStep{ { Config: testAccAWSCodeBuildProjectConfig_Source_ReportBuildStatus_Bitbucket(rName, true), Check: resource.ComposeTestCheckFunc( testAccCheckAWSCodeBuildProjectExists(resourceName, &project), - resource.TestCheckResourceAttr(resourceName, "source.2876219937.report_build_status", "true"), + resource.TestCheckResourceAttr(resourceName, "source.0.report_build_status", "true"), ), }, { @@ -924,7 +921,7 @@ func TestAccAWSCodeBuildProject_Source_ReportBuildStatus_Bitbucket(t *testing.T) Config: testAccAWSCodeBuildProjectConfig_Source_ReportBuildStatus_Bitbucket(rName, false), Check: resource.ComposeTestCheckFunc( testAccCheckAWSCodeBuildProjectExists(resourceName, &project), - resource.TestCheckResourceAttr(resourceName, "source.3210444828.report_build_status", "false"), + resource.TestCheckResourceAttr(resourceName, "source.0.report_build_status", "false"), ), }, }, @@ -937,16 +934,16 @@ func TestAccAWSCodeBuildProject_Source_ReportBuildStatus_GitHub(t *testing.T) { resourceName := "aws_codebuild_project.test" resource.ParallelTest(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSCodeBuild(t) }, - Providers: testAccProviders, - CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy, - DisableBinaryDriver: true, + PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSCodeBuild(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy, + Steps: []resource.TestStep{ { Config: testAccAWSCodeBuildProjectConfig_Source_ReportBuildStatus_GitHub(rName, true), Check: resource.ComposeTestCheckFunc( testAccCheckAWSCodeBuildProjectExists(resourceName, &project), - resource.TestCheckResourceAttr(resourceName, "source.4215890488.report_build_status", "true"), + resource.TestCheckResourceAttr(resourceName, "source.0.report_build_status", "true"), ), }, { @@ -958,7 +955,7 @@ func TestAccAWSCodeBuildProject_Source_ReportBuildStatus_GitHub(t *testing.T) { Config: testAccAWSCodeBuildProjectConfig_Source_ReportBuildStatus_GitHub(rName, false), Check: resource.ComposeTestCheckFunc( testAccCheckAWSCodeBuildProjectExists(resourceName, &project), - resource.TestCheckResourceAttr(resourceName, "source.3680505372.report_build_status", "false"), + resource.TestCheckResourceAttr(resourceName, "source.0.report_build_status", "false"), ), }, }, @@ -971,16 +968,16 @@ func TestAccAWSCodeBuildProject_Source_ReportBuildStatus_GitHubEnterprise(t *tes resourceName := "aws_codebuild_project.test" resource.ParallelTest(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSCodeBuild(t) }, - Providers: testAccProviders, - CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy, - DisableBinaryDriver: true, + PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSCodeBuild(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy, + Steps: []resource.TestStep{ { Config: testAccAWSCodeBuildProjectConfig_Source_ReportBuildStatus_GitHubEnterprise(rName, true), Check: resource.ComposeTestCheckFunc( testAccCheckAWSCodeBuildProjectExists(resourceName, &project), - resource.TestCheckResourceAttr(resourceName, "source.2964899175.report_build_status", "true"), + resource.TestCheckResourceAttr(resourceName, "source.0.report_build_status", "true"), ), }, { @@ -992,7 +989,7 @@ func TestAccAWSCodeBuildProject_Source_ReportBuildStatus_GitHubEnterprise(t *tes Config: testAccAWSCodeBuildProjectConfig_Source_ReportBuildStatus_GitHubEnterprise(rName, false), Check: resource.ComposeTestCheckFunc( testAccCheckAWSCodeBuildProjectExists(resourceName, &project), - resource.TestCheckResourceAttr(resourceName, "source.553628638.report_build_status", "false"), + resource.TestCheckResourceAttr(resourceName, "source.0.report_build_status", "false"), ), }, }, @@ -1005,16 +1002,16 @@ func TestAccAWSCodeBuildProject_Source_Type_Bitbucket(t *testing.T) { resourceName := "aws_codebuild_project.test" resource.ParallelTest(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSCodeBuild(t) }, - Providers: testAccProviders, - CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy, - DisableBinaryDriver: true, + PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSCodeBuild(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy, + Steps: []resource.TestStep{ { Config: testAccAWSCodeBuildProjectConfig_Source_Type_Bitbucket(rName), Check: resource.ComposeTestCheckFunc( testAccCheckAWSCodeBuildProjectExists(resourceName, &project), - resource.TestCheckResourceAttr(resourceName, "source.3210444828.type", "BITBUCKET"), + resource.TestCheckResourceAttr(resourceName, "source.0.type", "BITBUCKET"), ), }, { @@ -1032,16 +1029,16 @@ func TestAccAWSCodeBuildProject_Source_Type_CodeCommit(t *testing.T) { resourceName := "aws_codebuild_project.test" resource.ParallelTest(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSCodeBuild(t) }, - Providers: testAccProviders, - CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy, - DisableBinaryDriver: true, + PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSCodeBuild(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy, + Steps: []resource.TestStep{ { Config: testAccAWSCodeBuildProjectConfig_Source_Type_CodeCommit(rName), Check: resource.ComposeTestCheckFunc( testAccCheckAWSCodeBuildProjectExists(resourceName, &project), - resource.TestCheckResourceAttr(resourceName, "source.3715340088.type", "CODECOMMIT"), + resource.TestCheckResourceAttr(resourceName, "source.0.type", "CODECOMMIT"), ), }, { @@ -1059,16 +1056,16 @@ func TestAccAWSCodeBuildProject_Source_Type_CodePipeline(t *testing.T) { resourceName := "aws_codebuild_project.test" resource.ParallelTest(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSCodeBuild(t) }, - Providers: testAccProviders, - CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy, - DisableBinaryDriver: true, + PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSCodeBuild(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy, + Steps: []resource.TestStep{ { Config: testAccAWSCodeBuildProjectConfig_Source_Type_CodePipeline(rName), Check: resource.ComposeTestCheckFunc( testAccCheckAWSCodeBuildProjectExists(resourceName, &project), - resource.TestCheckResourceAttr(resourceName, "source.2280907000.type", "CODEPIPELINE"), + resource.TestCheckResourceAttr(resourceName, "source.0.type", "CODEPIPELINE"), ), }, { @@ -1086,16 +1083,16 @@ func TestAccAWSCodeBuildProject_Source_Type_GitHubEnterprise(t *testing.T) { resourceName := "aws_codebuild_project.test" resource.ParallelTest(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSCodeBuild(t) }, - Providers: testAccProviders, - CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy, - DisableBinaryDriver: true, + PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSCodeBuild(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy, + Steps: []resource.TestStep{ { Config: testAccAWSCodeBuildProjectConfig_Source_Type_GitHubEnterprise(rName), Check: resource.ComposeTestCheckFunc( testAccCheckAWSCodeBuildProjectExists(resourceName, &project), - resource.TestCheckResourceAttr(resourceName, "source.553628638.type", "GITHUB_ENTERPRISE"), + resource.TestCheckResourceAttr(resourceName, "source.0.type", "GITHUB_ENTERPRISE"), ), }, { @@ -1144,16 +1141,16 @@ phases: - rspec hello_world_spec.rb` resource.ParallelTest(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSCodeBuild(t) }, - Providers: testAccProviders, - CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy, - DisableBinaryDriver: true, + PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSCodeBuild(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy, + Steps: []resource.TestStep{ { Config: testAccAWSCodeBuildProjectConfig_Source_Type_NoSource(rName, "", rBuildspec), Check: resource.ComposeTestCheckFunc( testAccCheckAWSCodeBuildProjectExists(resourceName, &project), - resource.TestCheckResourceAttr(resourceName, "source.2726343112.type", "NO_SOURCE"), + resource.TestCheckResourceAttr(resourceName, "source.0.type", "NO_SOURCE"), ), }, { @@ -1280,22 +1277,22 @@ func TestAccAWSCodeBuildProject_WindowsContainer(t *testing.T) { resourceName := "aws_codebuild_project.test" resource.ParallelTest(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSCodeBuild(t) }, - Providers: testAccProviders, - CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy, - DisableBinaryDriver: true, + PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSCodeBuild(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy, + Steps: []resource.TestStep{ { Config: testAccAWSCodeBuildProjectConfig_WindowsContainer(rName), Check: resource.ComposeTestCheckFunc( testAccCheckAWSCodeBuildProjectExists(resourceName, &project), resource.TestCheckResourceAttr(resourceName, "environment.#", "1"), - resource.TestCheckResourceAttr(resourceName, "environment.2306861956.compute_type", "BUILD_GENERAL1_MEDIUM"), - resource.TestCheckResourceAttr(resourceName, "environment.2306861956.environment_variable.#", "0"), - resource.TestCheckResourceAttr(resourceName, "environment.2306861956.image", "2"), - resource.TestCheckResourceAttr(resourceName, "environment.2306861956.privileged_mode", "false"), - resource.TestCheckResourceAttr(resourceName, "environment.2306861956.image_pull_credentials_type", "CODEBUILD"), - resource.TestCheckResourceAttr(resourceName, "environment.2306861956.type", "WINDOWS_CONTAINER"), + resource.TestCheckResourceAttr(resourceName, "environment.0.compute_type", "BUILD_GENERAL1_MEDIUM"), + resource.TestCheckResourceAttr(resourceName, "environment.0.environment_variable.#", "0"), + resource.TestCheckResourceAttr(resourceName, "environment.0.image", "2"), + resource.TestCheckResourceAttr(resourceName, "environment.0.privileged_mode", "false"), + resource.TestCheckResourceAttr(resourceName, "environment.0.image_pull_credentials_type", "CODEBUILD"), + resource.TestCheckResourceAttr(resourceName, "environment.0.type", "WINDOWS_CONTAINER"), ), }, { @@ -1703,10 +1700,10 @@ func TestAccAWSCodeBuildProject_SecondaryArtifacts_ArtifactIdentifier(t *testing hash2 := artifactHash(artifactIdentifier2, "false", bName, codebuild.ArtifactNamespaceNone, "false", codebuild.ArtifactPackagingNone, "", codebuild.ArtifactsTypeS3) resource.ParallelTest(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSCodeBuild(t) }, - Providers: testAccProviders, - CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy, - DisableBinaryDriver: true, + PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSCodeBuild(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy, + Steps: []resource.TestStep{ { Config: testAccAWSCodebuildProjectConfig_SecondaryArtifacts_ArtifactIdentifier(rName, bName, artifactIdentifier1), @@ -1743,10 +1740,10 @@ func TestAccAWSCodeBuildProject_SecondaryArtifacts_OverrideArtifactName(t *testi hash2 := artifactHash("secondaryArtifact1", "false", bName, codebuild.ArtifactNamespaceNone, "false", codebuild.ArtifactPackagingNone, "", codebuild.ArtifactsTypeS3) resource.ParallelTest(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSCodeBuild(t) }, - Providers: testAccProviders, - CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy, - DisableBinaryDriver: true, + PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSCodeBuild(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy, + Steps: []resource.TestStep{ { Config: testAccAWSCodebuildProjectConfig_SecondaryArtifacts_OverrideArtifactName(rName, bName, true), @@ -1783,10 +1780,10 @@ func TestAccAWSCodeBuildProject_SecondaryArtifacts_EncryptionDisabled(t *testing hash2 := artifactHash("secondaryArtifact1", "false", bName, codebuild.ArtifactNamespaceNone, "false", codebuild.ArtifactPackagingNone, "", codebuild.ArtifactsTypeS3) resource.ParallelTest(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSCodeBuild(t) }, - Providers: testAccProviders, - CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy, - DisableBinaryDriver: true, + PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSCodeBuild(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy, + Steps: []resource.TestStep{ { Config: testAccAWSCodebuildProjectConfig_SecondaryArtifacts_EncryptionDisabled(rName, bName, true), @@ -1824,10 +1821,10 @@ func TestAccAWSCodeBuildProject_SecondaryArtifacts_Location(t *testing.T) { hash2 := artifactHash("secondaryArtifact1", "false", bName2, codebuild.ArtifactNamespaceNone, "false", codebuild.ArtifactPackagingNone, "", codebuild.ArtifactsTypeS3) resource.ParallelTest(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSCodeBuild(t) }, - Providers: testAccProviders, - CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy, - DisableBinaryDriver: true, + PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSCodeBuild(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy, + Steps: []resource.TestStep{ { Config: testAccAWSCodebuildProjectConfig_SecondaryArtifacts_Location(rName, bName), @@ -1907,10 +1904,10 @@ func TestAccAWSCodeBuildProject_SecondaryArtifacts_NamespaceType(t *testing.T) { hash2 := artifactHash("secondaryArtifact1", "false", rName, codebuild.ArtifactNamespaceNone, "false", codebuild.ArtifactPackagingNone, "", codebuild.ArtifactsTypeS3) resource.ParallelTest(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSCodeBuild(t) }, - Providers: testAccProviders, - CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy, - DisableBinaryDriver: true, + PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSCodeBuild(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy, + Steps: []resource.TestStep{ { Config: testAccAWSCodebuildProjectConfig_SecondaryArtifacts_NamespaceType(rName, codebuild.ArtifactNamespaceBuildId), @@ -1946,10 +1943,10 @@ func TestAccAWSCodeBuildProject_SecondaryArtifacts_Packaging(t *testing.T) { hash2 := artifactHash("secondaryArtifact1", "false", rName, codebuild.ArtifactNamespaceNone, "false", codebuild.ArtifactPackagingNone, "", codebuild.ArtifactsTypeS3) resource.ParallelTest(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSCodeBuild(t) }, - Providers: testAccProviders, - CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy, - DisableBinaryDriver: true, + PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSCodeBuild(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy, + Steps: []resource.TestStep{ { Config: testAccAWSCodebuildProjectConfig_SecondaryArtifacts_Packaging(rName, codebuild.ArtifactPackagingZip), @@ -1988,10 +1985,10 @@ func TestAccAWSCodeBuildProject_SecondaryArtifacts_Path(t *testing.T) { hash2 := artifactHash("secondaryArtifact1", "false", rName, codebuild.ArtifactNamespaceNone, "false", codebuild.ArtifactPackagingNone, path2, codebuild.ArtifactsTypeS3) resource.ParallelTest(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSCodeBuild(t) }, - Providers: testAccProviders, - CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy, - DisableBinaryDriver: true, + PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSCodeBuild(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy, + Steps: []resource.TestStep{ { Config: testAccAWSCodebuildProjectConfig_SecondaryArtifacts_Path(rName, path1), @@ -2029,10 +2026,10 @@ func TestAccAWSCodeBuildProject_SecondaryArtifacts_Type(t *testing.T) { hash1 := artifactHash("secondaryArtifact1", "false", bName, codebuild.ArtifactNamespaceNone, "false", codebuild.ArtifactPackagingNone, "", type1) resource.ParallelTest(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSCodeBuild(t) }, - Providers: testAccProviders, - CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy, - DisableBinaryDriver: true, + PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSCodeBuild(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy, + Steps: []resource.TestStep{ { Config: testAccAWSCodebuildProjectConfig_SecondaryArtifacts_Type(rName, bName, type1), @@ -2057,16 +2054,16 @@ func TestAccAWSCodeBuildProject_SecondarySources_CodeCommit(t *testing.T) { resourceName := "aws_codebuild_project.test" resource.ParallelTest(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSCodeBuild(t) }, - Providers: testAccProviders, - CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy, - DisableBinaryDriver: true, + PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSCodeBuild(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy, + Steps: []resource.TestStep{ { Config: testAccAWSCodeBuildProjectConfig_SecondarySources_CodeCommit(rName), Check: resource.ComposeTestCheckFunc( testAccCheckAWSCodeBuildProjectExists(resourceName, &project), - resource.TestCheckResourceAttr(resourceName, "source.3715340088.type", "CODECOMMIT"), + resource.TestCheckResourceAttr(resourceName, "source.0.type", "CODECOMMIT"), resource.TestCheckResourceAttr(resourceName, "secondary_sources.493771744.source_identifier", "secondarySource1"), resource.TestCheckResourceAttr(resourceName, "secondary_sources.1385902896.source_identifier", "secondarySource2"), ), From cefb059ea4b8fad7749f64155b9b00d3c1f926b0 Mon Sep 17 00:00:00 2001 From: Angie Pinilla Date: Tue, 19 May 2020 22:13:52 -0400 Subject: [PATCH 232/475] change attribute type to handle update diffs --- aws/resource_aws_codebuild_project.go | 80 --------------------------- 1 file changed, 80 deletions(-) diff --git a/aws/resource_aws_codebuild_project.go b/aws/resource_aws_codebuild_project.go index 51bea9f50ac..5a5833549c5 100644 --- a/aws/resource_aws_codebuild_project.go +++ b/aws/resource_aws_codebuild_project.go @@ -5,7 +5,6 @@ import ( "fmt" "log" "regexp" - "strconv" "time" "github.com/aws/aws-sdk-go/aws" @@ -178,7 +177,6 @@ func resourceAwsCodeBuildProject() *schema.Resource { "environment_variable": { Type: schema.TypeList, Optional: true, - Computed: true, Elem: &schema.Resource{ Schema: map[string]*schema.Schema{ "name": { @@ -1514,84 +1512,6 @@ func resourceAwsCodeBuildProjectArtifactsHash(v interface{}) int { return hashcode.String(buf.String()) } -func resourceAwsCodeBuildProjectEnvironmentHash(v interface{}) int { - var buf bytes.Buffer - m := v.(map[string]interface{}) - - environmentType := m["type"].(string) - computeType := m["compute_type"].(string) - image := m["image"].(string) - privilegedMode := m["privileged_mode"].(bool) - imagePullCredentialsType := m["image_pull_credentials_type"].(string) - environmentVariables := m["environment_variable"].([]interface{}) - buf.WriteString(fmt.Sprintf("%s-", environmentType)) - buf.WriteString(fmt.Sprintf("%s-", computeType)) - buf.WriteString(fmt.Sprintf("%s-", image)) - buf.WriteString(fmt.Sprintf("%t-", privilegedMode)) - buf.WriteString(fmt.Sprintf("%s-", imagePullCredentialsType)) - if v, ok := m["certificate"]; ok && v.(string) != "" { - buf.WriteString(fmt.Sprintf("%s-", v.(string))) - } - if v, ok := m["registry_credential"]; ok && len(v.([]interface{})) > 0 && v.([]interface{})[0] != nil { - m := v.([]interface{})[0].(map[string]interface{}) - - if v, ok := m["credential"]; ok && v.(string) != "" { - buf.WriteString(fmt.Sprintf("%s-", v.(string))) - } - - if v, ok := m["credential_provider"]; ok && v.(string) != "" { - buf.WriteString(fmt.Sprintf("%s-", v.(string))) - } - } - for _, e := range environmentVariables { - if e != nil { // Old statefiles might have nil values in them - ev := e.(map[string]interface{}) - buf.WriteString(fmt.Sprintf("%s:", ev["name"].(string))) - // type is sometimes not returned by the API - if v, ok := ev["type"]; ok { - buf.WriteString(fmt.Sprintf("%s:", v.(string))) - } - buf.WriteString(fmt.Sprintf("%s-", ev["value"].(string))) - } - } - - return hashcode.String(buf.String()) -} - -func resourceAwsCodeBuildProjectSourceHash(v interface{}) int { - var buf bytes.Buffer - m := v.(map[string]interface{}) - - buf.WriteString(fmt.Sprintf("%s-", m["type"].(string))) - if v, ok := m["source_identifier"]; ok { - buf.WriteString(fmt.Sprintf("%s-", strconv.Itoa(v.(int)))) - } - if v, ok := m["buildspec"]; ok { - buf.WriteString(fmt.Sprintf("%s-", v.(string))) - } - if v, ok := m["location"]; ok { - buf.WriteString(fmt.Sprintf("%s-", v.(string))) - } - if v, ok := m["git_clone_depth"]; ok { - buf.WriteString(fmt.Sprintf("%s-", strconv.Itoa(v.(int)))) - } - if v, ok := m["git_submodules_config"]; ok && len(v.([]interface{})) > 0 && v.([]interface{})[0] != nil { - m := v.([]interface{})[0].(map[string]interface{}) - - if v, ok := m["fetch_submodules"]; ok { - buf.WriteString(fmt.Sprintf("%s-", strconv.FormatBool(v.(bool)))) - } - } - if v, ok := m["insecure_ssl"]; ok { - buf.WriteString(fmt.Sprintf("%s-", strconv.FormatBool(v.(bool)))) - } - if v, ok := m["report_build_status"]; ok { - buf.WriteString(fmt.Sprintf("%s-", strconv.FormatBool(v.(bool)))) - } - - return hashcode.String(buf.String()) -} - func resourceAwsCodeBuildProjectSourceAuthHash(v interface{}) int { var buf bytes.Buffer m := v.(map[string]interface{}) From 6217ba5feb83f3230ec1478f4b0d5b349255afc5 Mon Sep 17 00:00:00 2001 From: Angie Pinilla Date: Tue, 19 May 2020 23:05:25 -0400 Subject: [PATCH 233/475] add back binarydriver flag --- ...esource_aws_waf_sql_injection_match_set_test.go | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/aws/resource_aws_waf_sql_injection_match_set_test.go b/aws/resource_aws_waf_sql_injection_match_set_test.go index c4c4edd2111..59d3a70bcb4 100644 --- a/aws/resource_aws_waf_sql_injection_match_set_test.go +++ b/aws/resource_aws_waf_sql_injection_match_set_test.go @@ -18,9 +18,10 @@ func TestAccAWSWafSqlInjectionMatchSet_basic(t *testing.T) { resourceName := "aws_waf_sql_injection_match_set.test" resource.ParallelTest(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSWaf(t) }, - Providers: testAccProviders, - CheckDestroy: testAccCheckAWSWafSqlInjectionMatchSetDestroy, + PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSWaf(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSWafSqlInjectionMatchSetDestroy, + DisableBinaryDriver: true, Steps: []resource.TestStep{ { Config: testAccAWSWafSqlInjectionMatchSetConfig(rName), @@ -107,9 +108,10 @@ func TestAccAWSWafSqlInjectionMatchSet_changeTuples(t *testing.T) { resourceName := "aws_waf_sql_injection_match_set.test" resource.ParallelTest(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSWaf(t) }, - Providers: testAccProviders, - CheckDestroy: testAccCheckAWSWafSqlInjectionMatchSetDestroy, + PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSWaf(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSWafSqlInjectionMatchSetDestroy, + DisableBinaryDriver: true, Steps: []resource.TestStep{ { Config: testAccAWSWafSqlInjectionMatchSetConfig(rName), From ee36bceb2cc192bba7ad957ae01923c1208cfff2 Mon Sep 17 00:00:00 2001 From: Kit Ewbank Date: Tue, 19 May 2020 23:54:56 -0400 Subject: [PATCH 234/475] tests/resource/aws_db_cluster_snapshot: Add sweeper (#13301) Output from sweeper in AWS Commercial: ``` 2020/05/19 23:50:59 [DEBUG] Running Sweepers for region (us-west-2): 2020/05/19 23:50:59 [DEBUG] Running Sweeper (aws_db_cluster_snapshot) in region (us-west-2) ... 2020/05/19 23:51:02 [INFO] Deleting RDS DB Cluster Snapshot: tf-acc-6284739189931617431 2020/05/19 23:51:02 [INFO] Deleting RDS DB Cluster Snapshot: tf-acc-7694211504628872151 2020/05/19 23:51:03 [INFO] Deleting RDS DB Cluster Snapshot: tf-acc-7712270125278830714 2020/05/19 23:51:03 [INFO] Deleting RDS DB Cluster Snapshot: tf-acc-test-1034835137897245353 2020/05/19 23:51:04 [INFO] Deleting RDS DB Cluster Snapshot: tf-acc-test-1034835137897245353-incorrect 2020/05/19 23:51:04 [INFO] Deleting RDS DB Cluster Snapshot: tf-acc-test-1177744522386226699 2020/05/19 23:51:05 [INFO] Deleting RDS DB Cluster Snapshot: tf-acc-test-1894715743644967502 2020/05/19 23:51:05 [INFO] Deleting RDS DB Cluster Snapshot: tf-acc-test-1894715743644967502-incorrect 2020/05/19 23:51:05 [INFO] Deleting RDS DB Cluster Snapshot: tf-acc-test-2403831695778869292 2020/05/19 23:51:06 [INFO] Deleting RDS DB Cluster Snapshot: tf-acc-test-3154394584652669178 2020/05/19 23:51:06 [INFO] Deleting RDS DB Cluster Snapshot: tf-acc-test-3672590285800438157 2020/05/19 23:51:07 [INFO] Deleting RDS DB Cluster Snapshot: tf-acc-test-3672590285800438157-incorrect 2020/05/19 23:51:07 [INFO] Deleting RDS DB Cluster Snapshot: tf-acc-test-6818628255720508177 2020/05/19 23:51:08 [INFO] Deleting RDS DB Cluster Snapshot: tf-acc-test-7220579075951202508 2020/05/19 23:51:08 [INFO] Deleting RDS DB Cluster Snapshot: tf-acc-test-8478413316652622710 2020/05/19 23:51:09 [INFO] Deleting RDS DB Cluster Snapshot: tf-acctest-docdbcluster-snapshot-208776221194075115 2020/05/19 23:51:09 [INFO] Deleting RDS DB Cluster Snapshot: tf-acctest-docdbcluster-snapshot-2818346412137517497 2020/05/19 23:51:10 [INFO] Deleting RDS DB Cluster Snapshot: tf-acctest-docdbcluster-snapshot-3016656015395871858 2020/05/19 23:51:10 [INFO] Deleting RDS DB Cluster Snapshot: tf-acctest-docdbcluster-snapshot-4538854897230104146 2020/05/19 23:51:10 [INFO] Deleting RDS DB Cluster Snapshot: tf-acctest-docdbcluster-snapshot-5252971764716972497 2020/05/19 23:51:11 [INFO] Deleting RDS DB Cluster Snapshot: tf-acctest-docdbcluster-snapshot-53349618087131557 2020/05/19 23:51:11 [INFO] Deleting RDS DB Cluster Snapshot: tf-acctest-docdbcluster-snapshot-6236748090645919885 2020/05/19 23:51:12 [INFO] Deleting RDS DB Cluster Snapshot: tf-acctest-docdbcluster-snapshot-6690196973386539453 2020/05/19 23:51:12 [INFO] Deleting RDS DB Cluster Snapshot: tf-acctest-docdbcluster-snapshot-6793880297909833423 2020/05/19 23:51:13 [INFO] Deleting RDS DB Cluster Snapshot: tf-acctest-docdbcluster-snapshot-6844670658230160769 2020/05/19 23:51:13 [INFO] Deleting RDS DB Cluster Snapshot: tf-acctest-docdbcluster-snapshot-7056488780188601715 2020/05/19 23:51:13 [INFO] Deleting RDS DB Cluster Snapshot: tf-acctest-docdbcluster-snapshot-7796064647165572057 2020/05/19 23:51:14 [INFO] Deleting RDS DB Cluster Snapshot: tf-acctest-docdbcluster-snapshot-8786492239320672601 2020/05/19 23:51:14 [INFO] Deleting RDS DB Cluster Snapshot: tf-acctest-docdbcluster-snapshot-8821321520235073139 2020/05/19 23:51:15 [INFO] Deleting RDS DB Cluster Snapshot: tf-acctest-docdbcluster-snapshot-8957994553806249343 2020/05/19 23:51:15 [INFO] Deleting RDS DB Cluster Snapshot: tf-acctest-neptunecluster-snapshot-2298044058867838599 2020/05/19 23:51:16 [INFO] Deleting RDS DB Cluster Snapshot: tf-acctest-neptunecluster-snapshot-2890564058937333346 2020/05/19 23:51:16 [INFO] Deleting RDS DB Cluster Snapshot: tf-acctest-neptunecluster-snapshot-408755487276086665 2020/05/19 23:51:17 [INFO] Deleting RDS DB Cluster Snapshot: tf-acctest-neptunecluster-snapshot-4336233379030840626 2020/05/19 23:51:17 [INFO] Deleting RDS DB Cluster Snapshot: tf-acctest-neptunecluster-snapshot-4631399137659371329 2020/05/19 23:51:17 [INFO] Deleting RDS DB Cluster Snapshot: tf-acctest-neptunecluster-snapshot-6777918919246115777 2020/05/19 23:51:18 [INFO] Deleting RDS DB Cluster Snapshot: tf-acctest-neptunecluster-snapshot-751384545688565201 2020/05/19 23:51:18 [INFO] Deleting RDS DB Cluster Snapshot: tf-acctest-neptunecluster-snapshot-8660214694146490007 2020/05/19 23:51:19 [INFO] Deleting RDS DB Cluster Snapshot: tf-acctest-rdscluster-snapshot-3625374210620980505 2020/05/19 23:51:19 [INFO] Deleting RDS DB Cluster Snapshot: tf-acctest-rdscluster-snapshot-4022657527142458865 2020/05/19 23:51:20 [INFO] Deleting RDS DB Cluster Snapshot: tf-acctest-rdscluster-snapshot-6649937651949721828 2020/05/19 23:51:20 [INFO] Deleting RDS DB Cluster Snapshot: tf-acctest-rdscluster-snapshot-7344132261107189471 2020/05/19 23:51:20 [INFO] Deleting RDS DB Cluster Snapshot: tf-acctest-rdscluster-snapshot-7579832565865974620 2020/05/19 23:51:21 [INFO] Deleting RDS DB Cluster Snapshot: tf-acctest-rdscluster-snapshot-7880011180435690535 2020/05/19 23:51:21 [INFO] Deleting RDS DB Cluster Snapshot: tf-acctest-rdscluster-snapshot-8092261109895566052 2020/05/19 23:51:22 [INFO] Deleting RDS DB Cluster Snapshot: tf-acctest-rdscluster-snapshot-8298908575388334331 2020/05/19 23:51:22 [INFO] Deleting RDS DB Cluster Snapshot: tf-acctest-rdscluster-snapshot-8992617190947537577 2020/05/19 23:51:23 [INFO] Deleting RDS DB Cluster Snapshot: tf-acctest-rdscluster-snapshot-9055254231029142908 2020/05/19 23:51:23 Sweeper Tests ran successfully: - aws_db_cluster_snapshot 2020/05/19 23:51:23 [DEBUG] Running Sweepers for region (us-east-1): 2020/05/19 23:51:23 [DEBUG] Running Sweeper (aws_db_cluster_snapshot) in region (us-east-1) ... 2020/05/19 23:51:25 [INFO] Deleting RDS DB Cluster Snapshot: tf-acc-test-5692518413222267692 2020/05/19 23:51:25 [INFO] Deleting RDS DB Cluster Snapshot: tf-acc-test-8759945401750079573 2020/05/19 23:51:25 Sweeper Tests ran successfully: - aws_db_cluster_snapshot ok github.com/terraform-providers/terraform-provider-aws/aws 28.425s ``` Output from sweeper in AWS GovCloud (US): ``` 2020/05/19 23:51:37 [DEBUG] Running Sweepers for region (us-gov-west-1): 2020/05/19 23:51:37 [DEBUG] Running Sweeper (aws_db_cluster_snapshot) in region (us-gov-west-1) ... 2020/05/19 23:51:39 Sweeper Tests ran successfully: - aws_db_cluster_snapshot ok github.com/terraform-providers/terraform-provider-aws/aws 3.493s ``` --- aws/resource_aws_db_cluster_snapshot_test.go | 62 ++++++++++++++++++++ 1 file changed, 62 insertions(+) diff --git a/aws/resource_aws_db_cluster_snapshot_test.go b/aws/resource_aws_db_cluster_snapshot_test.go index 4b19aeef797..c459c82cb7d 100644 --- a/aws/resource_aws_db_cluster_snapshot_test.go +++ b/aws/resource_aws_db_cluster_snapshot_test.go @@ -2,16 +2,78 @@ package aws import ( "fmt" + "log" "regexp" "testing" "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/service/rds" + "github.com/hashicorp/go-multierror" "github.com/hashicorp/terraform-plugin-sdk/helper/acctest" "github.com/hashicorp/terraform-plugin-sdk/helper/resource" "github.com/hashicorp/terraform-plugin-sdk/terraform" ) +func init() { + resource.AddTestSweepers("aws_db_cluster_snapshot", &resource.Sweeper{ + Name: "aws_db_cluster_snapshot", + F: testSweepDbClusterSnapshots, + }) +} + +func testSweepDbClusterSnapshots(region string) error { + client, err := sharedClientForRegion(region) + if err != nil { + return fmt.Errorf("error getting client: %w", err) + } + conn := client.(*AWSClient).rdsconn + input := &rds.DescribeDBClusterSnapshotsInput{ + // "InvalidDBClusterSnapshotStateFault: Only manual snapshots may be deleted." + Filters: []*rds.Filter{{ + Name: aws.String("snapshot-type"), + Values: aws.StringSlice([]string{"manual"}), + }}, + } + var sweeperErrs *multierror.Error + + for { + output, err := conn.DescribeDBClusterSnapshots(input) + if testSweepSkipSweepError(err) { + log.Printf("[WARN] Skipping RDS DB Cluster Snapshots sweep for %s: %s", region, err) + return sweeperErrs.ErrorOrNil() // In case we have completed some pages, but had errors + } + if err != nil { + sweeperErrs = multierror.Append(sweeperErrs, fmt.Errorf("error retrieving RDS DB Cluster Snapshots: %w", err)) + return sweeperErrs + } + + for _, dbClusterSnapshot := range output.DBClusterSnapshots { + id := aws.StringValue(dbClusterSnapshot.DBClusterSnapshotIdentifier) + + log.Printf("[INFO] Deleting RDS DB Cluster Snapshot: %s", id) + _, err := conn.DeleteDBClusterSnapshot(&rds.DeleteDBClusterSnapshotInput{ + DBClusterSnapshotIdentifier: aws.String(id), + }) + if isAWSErr(err, rds.ErrCodeDBClusterSnapshotNotFoundFault, "") { + continue + } + if err != nil { + sweeperErr := fmt.Errorf("error deleting RDS DB Cluster Snapshot (%s): %w", id, err) + log.Printf("[ERROR] %s", sweeperErr) + sweeperErrs = multierror.Append(sweeperErrs, sweeperErr) + continue + } + } + + if aws.StringValue(output.Marker) == "" { + break + } + input.Marker = output.Marker + } + + return sweeperErrs.ErrorOrNil() +} + func TestAccAWSDBClusterSnapshot_basic(t *testing.T) { var dbClusterSnapshot rds.DBClusterSnapshot rName := acctest.RandomWithPrefix("tf-acc-test") From dd9af8653cfc0bc6ecfeeb536946b891158ce69d Mon Sep 17 00:00:00 2001 From: Angie Pinilla Date: Wed, 20 May 2020 01:46:39 -0400 Subject: [PATCH 235/475] change auth attributes to typelist with maxitems of 1 and remove disablebinarydriver flag where applicable --- aws/resource_aws_codebuild_project.go | 73 +++++++--------- aws/resource_aws_codebuild_project_test.go | 96 ++++++++++------------ 2 files changed, 72 insertions(+), 97 deletions(-) diff --git a/aws/resource_aws_codebuild_project.go b/aws/resource_aws_codebuild_project.go index 5a5833549c5..a7cc67af904 100644 --- a/aws/resource_aws_codebuild_project.go +++ b/aws/resource_aws_codebuild_project.go @@ -394,7 +394,9 @@ func resourceAwsCodeBuildProject() *schema.Resource { Elem: &schema.Resource{ Schema: map[string]*schema.Schema{ "auth": { - Type: schema.TypeSet, + Type: schema.TypeList, + MaxItems: 1, + Optional: true, Elem: &schema.Resource{ Schema: map[string]*schema.Schema{ "resource": { @@ -411,8 +413,6 @@ func resourceAwsCodeBuildProject() *schema.Resource { }, }, }, - Optional: true, - Set: resourceAwsCodeBuildProjectSourceAuthHash, }, "buildspec": { Type: schema.TypeString, @@ -472,11 +472,15 @@ func resourceAwsCodeBuildProject() *schema.Resource { Required: true, }, "source": { - Type: schema.TypeList, + Type: schema.TypeList, + MaxItems: 1, + Required: true, Elem: &schema.Resource{ Schema: map[string]*schema.Schema{ "auth": { - Type: schema.TypeSet, + Type: schema.TypeList, + MaxItems: 1, + Optional: true, Elem: &schema.Resource{ Schema: map[string]*schema.Schema{ "resource": { @@ -493,8 +497,6 @@ func resourceAwsCodeBuildProject() *schema.Resource { }, }, }, - Optional: true, - Set: resourceAwsCodeBuildProjectSourceAuthHash, }, "buildspec": { Type: schema.TypeString, @@ -545,8 +547,6 @@ func resourceAwsCodeBuildProject() *schema.Resource { }, }, }, - Required: true, - MaxItems: 1, }, "source_version": { Type: schema.TypeString, @@ -712,7 +712,7 @@ func resourceAwsCodeBuildProjectCreate(d *schema.ResourceData, meta interface{}) return fmt.Errorf("Error creating CodeBuild project: %s", err) } - d.SetId(*resp.Project.Arn) + d.SetId(aws.StringValue(resp.Project.Arn)) return resourceAwsCodeBuildProjectRead(d, meta) } @@ -1033,10 +1033,10 @@ func expandProjectSourceData(data map[string]interface{}) codebuild.ProjectSourc projectSource.ReportBuildStatus = aws.Bool(data["report_build_status"].(bool)) } - if v, ok := data["auth"]; ok { - if len(v.(*schema.Set).List()) > 0 { - auth := v.(*schema.Set).List()[0].(map[string]interface{}) - + // Probe data for auth details (max of 1 auth per ProjectSource object) + if v, ok := data["auth"]; ok && len(v.([]interface{})) > 0 { + if auths := v.([]interface{}); auths[0] != nil { + auth := auths[0].(map[string]interface{}) projectSource.Auth = &codebuild.SourceAuth{ Type: aws.String(auth["type"].(string)), Resource: aws.String(auth["resource"].(string)), @@ -1326,38 +1326,38 @@ func flattenAwsCodeBuildProjectArtifacts(artifacts *codebuild.ProjectArtifacts) func flattenAwsCodeBuildProjectArtifactsData(artifacts codebuild.ProjectArtifacts) map[string]interface{} { values := map[string]interface{}{} - values["type"] = *artifacts.Type + values["type"] = aws.StringValue(artifacts.Type) if artifacts.ArtifactIdentifier != nil { - values["artifact_identifier"] = *artifacts.ArtifactIdentifier + values["artifact_identifier"] = aws.StringValue(artifacts.ArtifactIdentifier) } if artifacts.EncryptionDisabled != nil { - values["encryption_disabled"] = *artifacts.EncryptionDisabled + values["encryption_disabled"] = aws.BoolValue(artifacts.EncryptionDisabled) } if artifacts.OverrideArtifactName != nil { - values["override_artifact_name"] = *artifacts.OverrideArtifactName + values["override_artifact_name"] = aws.BoolValue(artifacts.OverrideArtifactName) } if artifacts.Location != nil { - values["location"] = *artifacts.Location + values["location"] = aws.StringValue(artifacts.Location) } if artifacts.Name != nil { - values["name"] = *artifacts.Name + values["name"] = aws.StringValue(artifacts.Name) } if artifacts.NamespaceType != nil { - values["namespace_type"] = *artifacts.NamespaceType + values["namespace_type"] = aws.StringValue(artifacts.NamespaceType) } if artifacts.Packaging != nil { - values["packaging"] = *artifacts.Packaging + values["packaging"] = aws.StringValue(artifacts.Packaging) } if artifacts.Path != nil { - values["path"] = *artifacts.Path + values["path"] = aws.StringValue(artifacts.Path) } return values } @@ -1439,7 +1439,7 @@ func flattenAwsCodeBuildProjectSourceData(source *codebuild.ProjectSource) inter m["git_submodules_config"] = flattenAwsCodebuildProjectGitSubmodulesConfig(source.GitSubmodulesConfig) if source.Auth != nil { - m["auth"] = schema.NewSet(resourceAwsCodeBuildProjectSourceAuthHash, []interface{}{sourceAuthToMap(source.Auth)}) + m["auth"] = []interface{}{sourceAuthToMap(source.Auth)} } if source.SourceIdentifier != nil { m["source_identifier"] = aws.StringValue(source.SourceIdentifier) @@ -1464,7 +1464,7 @@ func flattenAwsCodeBuildVpcConfig(vpcConfig *codebuild.VpcConfig) []interface{} if vpcConfig != nil { values := map[string]interface{}{} - values["vpc_id"] = *vpcConfig.VpcId + values["vpc_id"] = aws.StringValue(vpcConfig.VpcId) values["subnets"] = schema.NewSet(schema.HashString, flattenStringList(vpcConfig.Subnets)) values["security_group_ids"] = schema.NewSet(schema.HashString, flattenStringList(vpcConfig.SecurityGroupIds)) @@ -1512,29 +1512,16 @@ func resourceAwsCodeBuildProjectArtifactsHash(v interface{}) int { return hashcode.String(buf.String()) } -func resourceAwsCodeBuildProjectSourceAuthHash(v interface{}) int { - var buf bytes.Buffer - m := v.(map[string]interface{}) - - buf.WriteString(fmt.Sprintf("%s-", m["type"].(string))) - - if m["resource"] != nil { - buf.WriteString(fmt.Sprintf("%s-", m["resource"].(string))) - } - - return hashcode.String(buf.String()) -} - func environmentVariablesToMap(environmentVariables []*codebuild.EnvironmentVariable) []interface{} { envVariables := []interface{}{} if len(environmentVariables) > 0 { for _, env := range environmentVariables { item := map[string]interface{}{} - item["name"] = *env.Name - item["value"] = *env.Value + item["name"] = aws.StringValue(env.Name) + item["value"] = aws.StringValue(env.Value) if env.Type != nil { - item["type"] = *env.Type + item["type"] = aws.StringValue(env.Type) } envVariables = append(envVariables, item) } @@ -1546,10 +1533,10 @@ func environmentVariablesToMap(environmentVariables []*codebuild.EnvironmentVari func sourceAuthToMap(sourceAuth *codebuild.SourceAuth) map[string]interface{} { auth := map[string]interface{}{} - auth["type"] = *sourceAuth.Type + auth["type"] = aws.StringValue(sourceAuth.Type) if sourceAuth.Resource != nil { - auth["resource"] = *sourceAuth.Resource + auth["resource"] = aws.StringValue(sourceAuth.Resource) } return auth diff --git a/aws/resource_aws_codebuild_project_test.go b/aws/resource_aws_codebuild_project_test.go index 1fdb9b3ba8d..e47e908764b 100644 --- a/aws/resource_aws_codebuild_project_test.go +++ b/aws/resource_aws_codebuild_project_test.go @@ -48,7 +48,6 @@ func TestAccAWSCodeBuildProject_basic(t *testing.T) { PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSCodeBuild(t) }, Providers: testAccProviders, CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy, - Steps: []resource.TestStep{ { Config: testAccAWSCodeBuildProjectConfig_basic(rName), @@ -614,8 +613,8 @@ func TestAccAWSCodeBuildProject_Source_Auth(t *testing.T) { Check: resource.ComposeTestCheckFunc( testAccCheckAWSCodeBuildProjectExists(resourceName, &project), resource.TestCheckResourceAttr(resourceName, "source.0.auth.#", "1"), - resource.TestCheckResourceAttr(resourceName, "source.0.auth.2706882902.resource", "FAKERESOURCE1"), - resource.TestCheckResourceAttr(resourceName, "source.0.auth.2706882902.type", "OAUTH"), + resource.TestCheckResourceAttr(resourceName, "source.0.auth.0.resource", "FAKERESOURCE1"), + resource.TestCheckResourceAttr(resourceName, "source.0.auth.0.type", "OAUTH"), ), }, { @@ -669,7 +668,6 @@ func TestAccAWSCodeBuildProject_Source_GitSubmodulesConfig_CodeCommit(t *testing PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSCodeBuild(t) }, Providers: testAccProviders, CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy, - Steps: []resource.TestStep{ { Config: testAccAWSCodeBuildProjectConfig_Source_GitSubmodulesConfig_CodeCommit(rName, true), @@ -764,10 +762,10 @@ func TestAccAWSCodeBuildProject_SecondarySources_GitSubmodulesConfig_CodeCommit( resourceName := "aws_codebuild_project.test" resource.ParallelTest(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSCodeBuild(t) }, - Providers: testAccProviders, - CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy, - + PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSCodeBuild(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy, + DisableBinaryDriver: true, Steps: []resource.TestStep{ { Config: testAccAWSCodeBuildProjectConfig_SecondarySources_GitSubmodulesConfig_CodeCommit(rName, true), @@ -869,7 +867,6 @@ func TestAccAWSCodeBuildProject_Source_InsecureSSL(t *testing.T) { PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSCodeBuild(t) }, Providers: testAccProviders, CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy, - Steps: []resource.TestStep{ { Config: testAccAWSCodeBuildProjectConfig_Source_InsecureSSL(rName, true), @@ -903,7 +900,6 @@ func TestAccAWSCodeBuildProject_Source_ReportBuildStatus_Bitbucket(t *testing.T) PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSCodeBuild(t) }, Providers: testAccProviders, CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy, - Steps: []resource.TestStep{ { Config: testAccAWSCodeBuildProjectConfig_Source_ReportBuildStatus_Bitbucket(rName, true), @@ -937,7 +933,6 @@ func TestAccAWSCodeBuildProject_Source_ReportBuildStatus_GitHub(t *testing.T) { PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSCodeBuild(t) }, Providers: testAccProviders, CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy, - Steps: []resource.TestStep{ { Config: testAccAWSCodeBuildProjectConfig_Source_ReportBuildStatus_GitHub(rName, true), @@ -971,7 +966,6 @@ func TestAccAWSCodeBuildProject_Source_ReportBuildStatus_GitHubEnterprise(t *tes PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSCodeBuild(t) }, Providers: testAccProviders, CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy, - Steps: []resource.TestStep{ { Config: testAccAWSCodeBuildProjectConfig_Source_ReportBuildStatus_GitHubEnterprise(rName, true), @@ -1005,7 +999,6 @@ func TestAccAWSCodeBuildProject_Source_Type_Bitbucket(t *testing.T) { PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSCodeBuild(t) }, Providers: testAccProviders, CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy, - Steps: []resource.TestStep{ { Config: testAccAWSCodeBuildProjectConfig_Source_Type_Bitbucket(rName), @@ -1032,7 +1025,6 @@ func TestAccAWSCodeBuildProject_Source_Type_CodeCommit(t *testing.T) { PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSCodeBuild(t) }, Providers: testAccProviders, CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy, - Steps: []resource.TestStep{ { Config: testAccAWSCodeBuildProjectConfig_Source_Type_CodeCommit(rName), @@ -1059,7 +1051,6 @@ func TestAccAWSCodeBuildProject_Source_Type_CodePipeline(t *testing.T) { PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSCodeBuild(t) }, Providers: testAccProviders, CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy, - Steps: []resource.TestStep{ { Config: testAccAWSCodeBuildProjectConfig_Source_Type_CodePipeline(rName), @@ -1086,7 +1077,6 @@ func TestAccAWSCodeBuildProject_Source_Type_GitHubEnterprise(t *testing.T) { PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSCodeBuild(t) }, Providers: testAccProviders, CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy, - Steps: []resource.TestStep{ { Config: testAccAWSCodeBuildProjectConfig_Source_Type_GitHubEnterprise(rName), @@ -1144,7 +1134,6 @@ phases: PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSCodeBuild(t) }, Providers: testAccProviders, CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy, - Steps: []resource.TestStep{ { Config: testAccAWSCodeBuildProjectConfig_Source_Type_NoSource(rName, "", rBuildspec), @@ -1280,7 +1269,6 @@ func TestAccAWSCodeBuildProject_WindowsContainer(t *testing.T) { PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSCodeBuild(t) }, Providers: testAccProviders, CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy, - Steps: []resource.TestStep{ { Config: testAccAWSCodeBuildProjectConfig_WindowsContainer(rName), @@ -1700,10 +1688,10 @@ func TestAccAWSCodeBuildProject_SecondaryArtifacts_ArtifactIdentifier(t *testing hash2 := artifactHash(artifactIdentifier2, "false", bName, codebuild.ArtifactNamespaceNone, "false", codebuild.ArtifactPackagingNone, "", codebuild.ArtifactsTypeS3) resource.ParallelTest(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSCodeBuild(t) }, - Providers: testAccProviders, - CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy, - + PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSCodeBuild(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy, + DisableBinaryDriver: true, Steps: []resource.TestStep{ { Config: testAccAWSCodebuildProjectConfig_SecondaryArtifacts_ArtifactIdentifier(rName, bName, artifactIdentifier1), @@ -1740,10 +1728,10 @@ func TestAccAWSCodeBuildProject_SecondaryArtifacts_OverrideArtifactName(t *testi hash2 := artifactHash("secondaryArtifact1", "false", bName, codebuild.ArtifactNamespaceNone, "false", codebuild.ArtifactPackagingNone, "", codebuild.ArtifactsTypeS3) resource.ParallelTest(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSCodeBuild(t) }, - Providers: testAccProviders, - CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy, - + PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSCodeBuild(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy, + DisableBinaryDriver: true, Steps: []resource.TestStep{ { Config: testAccAWSCodebuildProjectConfig_SecondaryArtifacts_OverrideArtifactName(rName, bName, true), @@ -1780,10 +1768,10 @@ func TestAccAWSCodeBuildProject_SecondaryArtifacts_EncryptionDisabled(t *testing hash2 := artifactHash("secondaryArtifact1", "false", bName, codebuild.ArtifactNamespaceNone, "false", codebuild.ArtifactPackagingNone, "", codebuild.ArtifactsTypeS3) resource.ParallelTest(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSCodeBuild(t) }, - Providers: testAccProviders, - CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy, - + PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSCodeBuild(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy, + DisableBinaryDriver: true, Steps: []resource.TestStep{ { Config: testAccAWSCodebuildProjectConfig_SecondaryArtifacts_EncryptionDisabled(rName, bName, true), @@ -1821,10 +1809,10 @@ func TestAccAWSCodeBuildProject_SecondaryArtifacts_Location(t *testing.T) { hash2 := artifactHash("secondaryArtifact1", "false", bName2, codebuild.ArtifactNamespaceNone, "false", codebuild.ArtifactPackagingNone, "", codebuild.ArtifactsTypeS3) resource.ParallelTest(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSCodeBuild(t) }, - Providers: testAccProviders, - CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy, - + PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSCodeBuild(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy, + DisableBinaryDriver: true, Steps: []resource.TestStep{ { Config: testAccAWSCodebuildProjectConfig_SecondaryArtifacts_Location(rName, bName), @@ -1904,10 +1892,10 @@ func TestAccAWSCodeBuildProject_SecondaryArtifacts_NamespaceType(t *testing.T) { hash2 := artifactHash("secondaryArtifact1", "false", rName, codebuild.ArtifactNamespaceNone, "false", codebuild.ArtifactPackagingNone, "", codebuild.ArtifactsTypeS3) resource.ParallelTest(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSCodeBuild(t) }, - Providers: testAccProviders, - CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy, - + PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSCodeBuild(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy, + DisableBinaryDriver: true, Steps: []resource.TestStep{ { Config: testAccAWSCodebuildProjectConfig_SecondaryArtifacts_NamespaceType(rName, codebuild.ArtifactNamespaceBuildId), @@ -1943,10 +1931,10 @@ func TestAccAWSCodeBuildProject_SecondaryArtifacts_Packaging(t *testing.T) { hash2 := artifactHash("secondaryArtifact1", "false", rName, codebuild.ArtifactNamespaceNone, "false", codebuild.ArtifactPackagingNone, "", codebuild.ArtifactsTypeS3) resource.ParallelTest(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSCodeBuild(t) }, - Providers: testAccProviders, - CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy, - + PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSCodeBuild(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy, + DisableBinaryDriver: true, Steps: []resource.TestStep{ { Config: testAccAWSCodebuildProjectConfig_SecondaryArtifacts_Packaging(rName, codebuild.ArtifactPackagingZip), @@ -1985,10 +1973,10 @@ func TestAccAWSCodeBuildProject_SecondaryArtifacts_Path(t *testing.T) { hash2 := artifactHash("secondaryArtifact1", "false", rName, codebuild.ArtifactNamespaceNone, "false", codebuild.ArtifactPackagingNone, path2, codebuild.ArtifactsTypeS3) resource.ParallelTest(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSCodeBuild(t) }, - Providers: testAccProviders, - CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy, - + PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSCodeBuild(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy, + DisableBinaryDriver: true, Steps: []resource.TestStep{ { Config: testAccAWSCodebuildProjectConfig_SecondaryArtifacts_Path(rName, path1), @@ -2026,10 +2014,10 @@ func TestAccAWSCodeBuildProject_SecondaryArtifacts_Type(t *testing.T) { hash1 := artifactHash("secondaryArtifact1", "false", bName, codebuild.ArtifactNamespaceNone, "false", codebuild.ArtifactPackagingNone, "", type1) resource.ParallelTest(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSCodeBuild(t) }, - Providers: testAccProviders, - CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy, - + PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSCodeBuild(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy, + DisableBinaryDriver: true, Steps: []resource.TestStep{ { Config: testAccAWSCodebuildProjectConfig_SecondaryArtifacts_Type(rName, bName, type1), @@ -2054,10 +2042,10 @@ func TestAccAWSCodeBuildProject_SecondarySources_CodeCommit(t *testing.T) { resourceName := "aws_codebuild_project.test" resource.ParallelTest(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSCodeBuild(t) }, - Providers: testAccProviders, - CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy, - + PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSCodeBuild(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy, + DisableBinaryDriver: true, Steps: []resource.TestStep{ { Config: testAccAWSCodeBuildProjectConfig_SecondarySources_CodeCommit(rName), From 76c557839107fc97a22a9c28fae9e79390e14d19 Mon Sep 17 00:00:00 2001 From: Angie Pinilla Date: Wed, 20 May 2020 02:42:14 -0400 Subject: [PATCH 236/475] update hash strings for secondary_sources --- aws/resource_aws_codebuild_project_test.go | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/aws/resource_aws_codebuild_project_test.go b/aws/resource_aws_codebuild_project_test.go index e47e908764b..2a3db7c98ec 100644 --- a/aws/resource_aws_codebuild_project_test.go +++ b/aws/resource_aws_codebuild_project_test.go @@ -771,10 +771,10 @@ func TestAccAWSCodeBuildProject_SecondarySources_GitSubmodulesConfig_CodeCommit( Config: testAccAWSCodeBuildProjectConfig_SecondarySources_GitSubmodulesConfig_CodeCommit(rName, true), Check: resource.ComposeTestCheckFunc( testAccCheckAWSCodeBuildProjectExists(resourceName, &project), - resource.TestCheckResourceAttr(resourceName, "secondary_sources.2336845252.git_submodules_config.#", "1"), - resource.TestCheckResourceAttr(resourceName, "secondary_sources.2336845252.git_submodules_config.0.fetch_submodules", "true"), - resource.TestCheckResourceAttr(resourceName, "secondary_sources.2080741754.git_submodules_config.#", "1"), - resource.TestCheckResourceAttr(resourceName, "secondary_sources.2080741754.git_submodules_config.0.fetch_submodules", "true"), + resource.TestCheckResourceAttr(resourceName, "secondary_sources.1861191586.git_submodules_config.#", "1"), + resource.TestCheckResourceAttr(resourceName, "secondary_sources.1861191586.git_submodules_config.0.fetch_submodules", "true"), + resource.TestCheckResourceAttr(resourceName, "secondary_sources.55827772.git_submodules_config.#", "1"), + resource.TestCheckResourceAttr(resourceName, "secondary_sources.55827772.git_submodules_config.0.fetch_submodules", "true"), ), }, { @@ -786,10 +786,10 @@ func TestAccAWSCodeBuildProject_SecondarySources_GitSubmodulesConfig_CodeCommit( Config: testAccAWSCodeBuildProjectConfig_SecondarySources_GitSubmodulesConfig_CodeCommit(rName, false), Check: resource.ComposeTestCheckFunc( testAccCheckAWSCodeBuildProjectExists(resourceName, &project), - resource.TestCheckResourceAttr(resourceName, "secondary_sources.3511868825.git_submodules_config.#", "1"), - resource.TestCheckResourceAttr(resourceName, "secondary_sources.3511868825.git_submodules_config.0.fetch_submodules", "false"), - resource.TestCheckResourceAttr(resourceName, "secondary_sources.1651171204.git_submodules_config.#", "1"), - resource.TestCheckResourceAttr(resourceName, "secondary_sources.1651171204.git_submodules_config.0.fetch_submodules", "false"), + resource.TestCheckResourceAttr(resourceName, "secondary_sources.1497918817.git_submodules_config.#", "1"), + resource.TestCheckResourceAttr(resourceName, "secondary_sources.1497918817.git_submodules_config.0.fetch_submodules", "false"), + resource.TestCheckResourceAttr(resourceName, "secondary_sources.1887486300.git_submodules_config.#", "1"), + resource.TestCheckResourceAttr(resourceName, "secondary_sources.1887486300.git_submodules_config.0.fetch_submodules", "false"), ), }, }, @@ -2052,8 +2052,8 @@ func TestAccAWSCodeBuildProject_SecondarySources_CodeCommit(t *testing.T) { Check: resource.ComposeTestCheckFunc( testAccCheckAWSCodeBuildProjectExists(resourceName, &project), resource.TestCheckResourceAttr(resourceName, "source.0.type", "CODECOMMIT"), - resource.TestCheckResourceAttr(resourceName, "secondary_sources.493771744.source_identifier", "secondarySource1"), - resource.TestCheckResourceAttr(resourceName, "secondary_sources.1385902896.source_identifier", "secondarySource2"), + resource.TestCheckResourceAttr(resourceName, "secondary_sources.2212771807.source_identifier", "secondarySource1"), + resource.TestCheckResourceAttr(resourceName, "secondary_sources.3160583991.source_identifier", "secondarySource2"), ), }, { From 5cd992c925aaa987260e2fdb7b81e1917f6b2669 Mon Sep 17 00:00:00 2001 From: Angie Pinilla Date: Wed, 20 May 2020 03:24:59 -0400 Subject: [PATCH 237/475] update from typset to typelist with maxitems of 1 --- aws/resource_aws_s3_bucket.go | 140 +++++++++++++---------------- aws/resource_aws_s3_bucket_test.go | 23 +++-- 2 files changed, 71 insertions(+), 92 deletions(-) diff --git a/aws/resource_aws_s3_bucket.go b/aws/resource_aws_s3_bucket.go index 8d95bb5dd55..6408f1b4ebb 100644 --- a/aws/resource_aws_s3_bucket.go +++ b/aws/resource_aws_s3_bucket.go @@ -289,9 +289,8 @@ func resourceAwsS3Bucket() *schema.Resource { Optional: true, }, "expiration": { - Type: schema.TypeSet, + Type: schema.TypeList, Optional: true, - Set: expirationHash, MaxItems: 1, Elem: &schema.Resource{ Schema: map[string]*schema.Schema{ @@ -313,10 +312,9 @@ func resourceAwsS3Bucket() *schema.Resource { }, }, "noncurrent_version_expiration": { - Type: schema.TypeSet, + Type: schema.TypeList, MaxItems: 1, Optional: true, - Set: expirationHash, Elem: &schema.Resource{ Schema: map[string]*schema.Schema{ "days": { @@ -422,11 +420,10 @@ func resourceAwsS3Bucket() *schema.Resource { ValidateFunc: validation.StringLenBetween(0, 255), }, "destination": { - Type: schema.TypeSet, + Type: schema.TypeList, MaxItems: 1, MinItems: 1, Required: true, - Set: destinationHash, Elem: &schema.Resource{ Schema: map[string]*schema.Schema{ "account_id": { @@ -477,19 +474,17 @@ func resourceAwsS3Bucket() *schema.Resource { }, }, "source_selection_criteria": { - Type: schema.TypeSet, + Type: schema.TypeList, Optional: true, MinItems: 1, MaxItems: 1, - Set: sourceSelectionCriteriaHash, Elem: &schema.Resource{ Schema: map[string]*schema.Schema{ "sse_kms_encrypted_objects": { - Type: schema.TypeSet, + Type: schema.TypeList, Optional: true, MinItems: 1, MaxItems: 1, - Set: sourceSseKmsObjectsHash, Elem: &schema.Resource{ Schema: map[string]*schema.Schema{ "enabled": { @@ -1175,23 +1170,23 @@ func resourceAwsS3BucketRead(d *schema.ResourceData, meta interface{}) error { if lifecycleRule.Expiration != nil { e := make(map[string]interface{}) if lifecycleRule.Expiration.Date != nil { - e["date"] = (*lifecycleRule.Expiration.Date).Format("2006-01-02") + e["date"] = (aws.TimeValue(lifecycleRule.Expiration.Date)).Format("2006-01-02") } if lifecycleRule.Expiration.Days != nil { - e["days"] = int(*lifecycleRule.Expiration.Days) + e["days"] = int(aws.Int64Value(lifecycleRule.Expiration.Days)) } if lifecycleRule.Expiration.ExpiredObjectDeleteMarker != nil { - e["expired_object_delete_marker"] = *lifecycleRule.Expiration.ExpiredObjectDeleteMarker + e["expired_object_delete_marker"] = aws.BoolValue(lifecycleRule.Expiration.ExpiredObjectDeleteMarker) } - rule["expiration"] = schema.NewSet(expirationHash, []interface{}{e}) + rule["expiration"] = []interface{}{e} } // noncurrent_version_expiration if lifecycleRule.NoncurrentVersionExpiration != nil { e := make(map[string]interface{}) if lifecycleRule.NoncurrentVersionExpiration.NoncurrentDays != nil { - e["days"] = int(*lifecycleRule.NoncurrentVersionExpiration.NoncurrentDays) + e["days"] = int(aws.Int64Value(lifecycleRule.NoncurrentVersionExpiration.NoncurrentDays)) } - rule["noncurrent_version_expiration"] = schema.NewSet(expirationHash, []interface{}{e}) + rule["noncurrent_version_expiration"] = []interface{}{e} } //// transition if len(lifecycleRule.Transitions) > 0 { @@ -2036,48 +2031,53 @@ func resourceAwsS3BucketReplicationConfigurationUpdate(s3conn *s3.S3, d *schema. } ruleDestination := &s3.Destination{} - if dest, ok := rr["destination"].(*schema.Set); ok && dest.Len() > 0 { - bd := dest.List()[0].(map[string]interface{}) - ruleDestination.Bucket = aws.String(bd["bucket"].(string)) + if dest, ok := rr["destination"].([]interface{}); ok && len(dest) > 0 { + if dest[0] != nil { + bd := dest[0].(map[string]interface{}) + ruleDestination.Bucket = aws.String(bd["bucket"].(string)) - if storageClass, ok := bd["storage_class"]; ok && storageClass != "" { - ruleDestination.StorageClass = aws.String(storageClass.(string)) - } + if storageClass, ok := bd["storage_class"]; ok && storageClass != "" { + ruleDestination.StorageClass = aws.String(storageClass.(string)) + } - if replicaKmsKeyId, ok := bd["replica_kms_key_id"]; ok && replicaKmsKeyId != "" { - ruleDestination.EncryptionConfiguration = &s3.EncryptionConfiguration{ - ReplicaKmsKeyID: aws.String(replicaKmsKeyId.(string)), + if replicaKmsKeyId, ok := bd["replica_kms_key_id"]; ok && replicaKmsKeyId != "" { + ruleDestination.EncryptionConfiguration = &s3.EncryptionConfiguration{ + ReplicaKmsKeyID: aws.String(replicaKmsKeyId.(string)), + } } - } - if account, ok := bd["account_id"]; ok && account != "" { - ruleDestination.Account = aws.String(account.(string)) - } + if account, ok := bd["account_id"]; ok && account != "" { + ruleDestination.Account = aws.String(account.(string)) + } - if aclTranslation, ok := bd["access_control_translation"].([]interface{}); ok && len(aclTranslation) > 0 { - aclTranslationValues := aclTranslation[0].(map[string]interface{}) - ruleAclTranslation := &s3.AccessControlTranslation{} - ruleAclTranslation.Owner = aws.String(aclTranslationValues["owner"].(string)) - ruleDestination.AccessControlTranslation = ruleAclTranslation + if aclTranslation, ok := bd["access_control_translation"].([]interface{}); ok && len(aclTranslation) > 0 { + aclTranslationValues := aclTranslation[0].(map[string]interface{}) + ruleAclTranslation := &s3.AccessControlTranslation{} + ruleAclTranslation.Owner = aws.String(aclTranslationValues["owner"].(string)) + ruleDestination.AccessControlTranslation = ruleAclTranslation + } } - } rcRule.Destination = ruleDestination - if ssc, ok := rr["source_selection_criteria"].(*schema.Set); ok && ssc.Len() > 0 { - sscValues := ssc.List()[0].(map[string]interface{}) - ruleSsc := &s3.SourceSelectionCriteria{} - if sseKms, ok := sscValues["sse_kms_encrypted_objects"].(*schema.Set); ok && sseKms.Len() > 0 { - sseKmsValues := sseKms.List()[0].(map[string]interface{}) - sseKmsEncryptedObjects := &s3.SseKmsEncryptedObjects{} - if sseKmsValues["enabled"].(bool) { - sseKmsEncryptedObjects.Status = aws.String(s3.SseKmsEncryptedObjectsStatusEnabled) - } else { - sseKmsEncryptedObjects.Status = aws.String(s3.SseKmsEncryptedObjectsStatusDisabled) + if ssc, ok := rr["source_selection_criteria"].([]interface{}); ok && len(ssc) > 0 { + if ssc[0] != nil { + sscValues := ssc[0].(map[string]interface{}) + ruleSsc := &s3.SourceSelectionCriteria{} + if sseKms, ok := sscValues["sse_kms_encrypted_objects"].([]interface{}); ok && len(sseKms) > 0 { + if sseKms[0] != nil { + sseKmsValues := sseKms[0].(map[string]interface{}) + sseKmsEncryptedObjects := &s3.SseKmsEncryptedObjects{} + if sseKmsValues["enabled"].(bool) { + sseKmsEncryptedObjects.Status = aws.String(s3.SseKmsEncryptedObjectsStatusEnabled) + } else { + sseKmsEncryptedObjects.Status = aws.String(s3.SseKmsEncryptedObjectsStatusDisabled) + } + ruleSsc.SseKmsEncryptedObjects = sseKmsEncryptedObjects + } } - ruleSsc.SseKmsEncryptedObjects = sseKmsEncryptedObjects + rcRule.SourceSelectionCriteria = ruleSsc } - rcRule.SourceSelectionCriteria = ruleSsc } if f, ok := rr["filter"].([]interface{}); ok && len(f) > 0 && f[0] != nil { @@ -2191,8 +2191,8 @@ func resourceAwsS3BucketLifecycleUpdate(s3conn *s3.S3, d *schema.ResourceData) e } // Expiration - expiration := d.Get(fmt.Sprintf("lifecycle_rule.%d.expiration", i)).(*schema.Set).List() - if len(expiration) > 0 { + expiration := d.Get(fmt.Sprintf("lifecycle_rule.%d.expiration", i)).([]interface{}) + if len(expiration) > 0 && expiration[0] != nil { e := expiration[0].(map[string]interface{}) i := &s3.LifecycleExpiration{} @@ -2211,8 +2211,8 @@ func resourceAwsS3BucketLifecycleUpdate(s3conn *s3.S3, d *schema.ResourceData) e } // NoncurrentVersionExpiration - nc_expiration := d.Get(fmt.Sprintf("lifecycle_rule.%d.noncurrent_version_expiration", i)).(*schema.Set).List() - if len(nc_expiration) > 0 { + nc_expiration := d.Get(fmt.Sprintf("lifecycle_rule.%d.noncurrent_version_expiration", i)).([]interface{}) + if len(nc_expiration) > 0 && nc_expiration[0] != nil { e := nc_expiration[0].(map[string]interface{}) if val, ok := e["days"].(int); ok && val > 0 { @@ -2340,7 +2340,7 @@ func flattenAwsS3BucketReplicationConfiguration(r *s3.ReplicationConfiguration) } rd["access_control_translation"] = []interface{}{rdt} } - t["destination"] = schema.NewSet(destinationHash, []interface{}{rd}) + t["destination"] = []interface{}{rd} } if v.ID != nil { @@ -2361,9 +2361,9 @@ func flattenAwsS3BucketReplicationConfiguration(r *s3.ReplicationConfiguration) } else if *vssc.SseKmsEncryptedObjects.Status == s3.SseKmsEncryptedObjectsStatusDisabled { tSseKms["enabled"] = false } - tssc["sse_kms_encrypted_objects"] = schema.NewSet(sourceSseKmsObjectsHash, []interface{}{tSseKms}) + tssc["sse_kms_encrypted_objects"] = []interface{}{tSseKms} } - t["source_selection_criteria"] = schema.NewSet(sourceSelectionCriteriaHash, []interface{}{tssc}) + t["source_selection_criteria"] = []interface{}{tssc} } if v.Priority != nil { @@ -2504,26 +2504,6 @@ func grantHash(v interface{}) int { return hashcode.String(buf.String()) } -func expirationHash(v interface{}) int { - var buf bytes.Buffer - m, ok := v.(map[string]interface{}) - - if !ok { - return 0 - } - - if v, ok := m["date"]; ok { - buf.WriteString(fmt.Sprintf("%s-", v.(string))) - } - if v, ok := m["days"]; ok { - buf.WriteString(fmt.Sprintf("%d-", v.(int))) - } - if v, ok := m["expired_object_delete_marker"]; ok { - buf.WriteString(fmt.Sprintf("%t-", v.(bool))) - } - return hashcode.String(buf.String()) -} - func transitionHash(v interface{}) int { var buf bytes.Buffer m, ok := v.(map[string]interface{}) @@ -2561,11 +2541,11 @@ func rulesHash(v interface{}) int { if v, ok := m["status"]; ok { buf.WriteString(fmt.Sprintf("%s-", v.(string))) } - if v, ok := m["destination"].(*schema.Set); ok && v.Len() > 0 { - buf.WriteString(fmt.Sprintf("%d-", destinationHash(v.List()[0]))) + if v, ok := m["destination"].([]interface{}); ok && len(v) > 0 && v[0] != nil { + buf.WriteString(fmt.Sprintf("%d-", destinationHash(v[0]))) } - if v, ok := m["source_selection_criteria"].(*schema.Set); ok && v.Len() > 0 && v.List()[0] != nil { - buf.WriteString(fmt.Sprintf("%d-", sourceSelectionCriteriaHash(v.List()[0]))) + if v, ok := m["source_selection_criteria"].([]interface{}); ok && len(v) > 0 && v[0] != nil { + buf.WriteString(fmt.Sprintf("%d-", sourceSelectionCriteriaHash(v[0]))) } if v, ok := m["priority"]; ok { buf.WriteString(fmt.Sprintf("%d-", v.(int))) @@ -2641,8 +2621,8 @@ func sourceSelectionCriteriaHash(v interface{}) int { return 0 } - if v, ok := m["sse_kms_encrypted_objects"].(*schema.Set); ok && v.Len() > 0 { - buf.WriteString(fmt.Sprintf("%d-", sourceSseKmsObjectsHash(v.List()[0]))) + if v, ok := m["sse_kms_encrypted_objects"].([]interface{}); ok && len(v) > 0 && v[0] != nil { + buf.WriteString(fmt.Sprintf("%d-", sourceSseKmsObjectsHash(v[0]))) } return hashcode.String(buf.String()) } diff --git a/aws/resource_aws_s3_bucket_test.go b/aws/resource_aws_s3_bucket_test.go index 208255d9671..72e4ad3531c 100644 --- a/aws/resource_aws_s3_bucket_test.go +++ b/aws/resource_aws_s3_bucket_test.go @@ -1214,9 +1214,9 @@ func TestAccAWSS3Bucket_LifecycleBasic(t *testing.T) { testAccCheckAWSS3BucketExists(resourceName), resource.TestCheckResourceAttr(resourceName, "lifecycle_rule.0.id", "id1"), resource.TestCheckResourceAttr(resourceName, "lifecycle_rule.0.prefix", "path1/"), - resource.TestCheckResourceAttr(resourceName, "lifecycle_rule.0.expiration.2613713285.days", "365"), - resource.TestCheckResourceAttr(resourceName, "lifecycle_rule.0.expiration.2613713285.date", ""), - resource.TestCheckResourceAttr(resourceName, "lifecycle_rule.0.expiration.2613713285.expired_object_delete_marker", "false"), + resource.TestCheckResourceAttr(resourceName, "lifecycle_rule.0.expiration.0.days", "365"), + resource.TestCheckResourceAttr(resourceName, "lifecycle_rule.0.expiration.0.date", ""), + resource.TestCheckResourceAttr(resourceName, "lifecycle_rule.0.expiration.0.expired_object_delete_marker", "false"), resource.TestCheckResourceAttr(resourceName, "lifecycle_rule.0.transition.2000431762.date", ""), resource.TestCheckResourceAttr(resourceName, "lifecycle_rule.0.transition.2000431762.days", "30"), resource.TestCheckResourceAttr(resourceName, "lifecycle_rule.0.transition.2000431762.storage_class", "STANDARD_IA"), @@ -1234,9 +1234,9 @@ func TestAccAWSS3Bucket_LifecycleBasic(t *testing.T) { resource.TestCheckResourceAttr(resourceName, "lifecycle_rule.0.transition.1571523406.storage_class", "DEEP_ARCHIVE"), resource.TestCheckResourceAttr(resourceName, "lifecycle_rule.1.id", "id2"), resource.TestCheckResourceAttr(resourceName, "lifecycle_rule.1.prefix", "path2/"), - resource.TestCheckResourceAttr(resourceName, "lifecycle_rule.1.expiration.2855832418.date", "2016-01-12"), - resource.TestCheckResourceAttr(resourceName, "lifecycle_rule.1.expiration.2855832418.days", "0"), - resource.TestCheckResourceAttr(resourceName, "lifecycle_rule.1.expiration.2855832418.expired_object_delete_marker", "false"), + resource.TestCheckResourceAttr(resourceName, "lifecycle_rule.1.expiration.0.date", "2016-01-12"), + resource.TestCheckResourceAttr(resourceName, "lifecycle_rule.1.expiration.0.days", "0"), + resource.TestCheckResourceAttr(resourceName, "lifecycle_rule.1.expiration.0.expired_object_delete_marker", "false"), resource.TestCheckResourceAttr(resourceName, "lifecycle_rule.2.id", "id3"), resource.TestCheckResourceAttr(resourceName, "lifecycle_rule.2.prefix", "path3/"), resource.TestCheckResourceAttr(resourceName, "lifecycle_rule.2.transition.460947558.days", "0"), @@ -1268,7 +1268,7 @@ func TestAccAWSS3Bucket_LifecycleBasic(t *testing.T) { resource.TestCheckResourceAttr(resourceName, "lifecycle_rule.0.id", "id1"), resource.TestCheckResourceAttr(resourceName, "lifecycle_rule.0.prefix", "path1/"), resource.TestCheckResourceAttr(resourceName, "lifecycle_rule.0.enabled", "true"), - resource.TestCheckResourceAttr(resourceName, "lifecycle_rule.0.noncurrent_version_expiration.80908210.days", "365"), + resource.TestCheckResourceAttr(resourceName, "lifecycle_rule.0.noncurrent_version_expiration.0.days", "365"), resource.TestCheckResourceAttr(resourceName, "lifecycle_rule.0.noncurrent_version_transition.1377917700.days", "30"), resource.TestCheckResourceAttr(resourceName, "lifecycle_rule.0.noncurrent_version_transition.1377917700.storage_class", "STANDARD_IA"), resource.TestCheckResourceAttr(resourceName, "lifecycle_rule.0.noncurrent_version_transition.2528035817.days", "60"), @@ -1276,7 +1276,7 @@ func TestAccAWSS3Bucket_LifecycleBasic(t *testing.T) { resource.TestCheckResourceAttr(resourceName, "lifecycle_rule.1.id", "id2"), resource.TestCheckResourceAttr(resourceName, "lifecycle_rule.1.prefix", "path2/"), resource.TestCheckResourceAttr(resourceName, "lifecycle_rule.1.enabled", "false"), - resource.TestCheckResourceAttr(resourceName, "lifecycle_rule.1.noncurrent_version_expiration.80908210.days", "365"), + resource.TestCheckResourceAttr(resourceName, "lifecycle_rule.1.noncurrent_version_expiration.0.days", "365"), resource.TestCheckResourceAttr(resourceName, "lifecycle_rule.2.id", "id3"), resource.TestCheckResourceAttr(resourceName, "lifecycle_rule.2.prefix", "path3/"), resource.TestCheckResourceAttr(resourceName, "lifecycle_rule.2.noncurrent_version_transition.3732708140.days", "0"), @@ -1301,7 +1301,6 @@ func TestAccAWSS3Bucket_LifecycleExpireMarkerOnly(t *testing.T) { PreCheck: func() { testAccPreCheck(t) }, Providers: testAccProviders, CheckDestroy: testAccCheckAWSS3BucketDestroy, - DisableBinaryDriver: true, Steps: []resource.TestStep{ { Config: testAccAWSS3BucketConfigWithLifecycleExpireMarker(bucketName), @@ -1309,9 +1308,9 @@ func TestAccAWSS3Bucket_LifecycleExpireMarkerOnly(t *testing.T) { testAccCheckAWSS3BucketExists(resourceName), resource.TestCheckResourceAttr(resourceName, "lifecycle_rule.0.id", "id1"), resource.TestCheckResourceAttr(resourceName, "lifecycle_rule.0.prefix", "path1/"), - resource.TestCheckResourceAttr(resourceName, "lifecycle_rule.0.expiration.3591068768.days", "0"), - resource.TestCheckResourceAttr(resourceName, "lifecycle_rule.0.expiration.3591068768.date", ""), - resource.TestCheckResourceAttr(resourceName, "lifecycle_rule.0.expiration.3591068768.expired_object_delete_marker", "true"), + resource.TestCheckResourceAttr(resourceName, "lifecycle_rule.0.expiration.0.days", "0"), + resource.TestCheckResourceAttr(resourceName, "lifecycle_rule.0.expiration.0.date", ""), + resource.TestCheckResourceAttr(resourceName, "lifecycle_rule.0.expiration.0.expired_object_delete_marker", "true"), ), }, { From c80f16c84040ca9e7779c0f1e6ed9ab28ee0f259 Mon Sep 17 00:00:00 2001 From: Angie Pinilla Date: Wed, 20 May 2020 03:41:48 -0400 Subject: [PATCH 238/475] update disablebinary flag in test and ptr value conversions --- aws/resource_aws_s3_bucket.go | 82 +++++++++++++++++------------------ 1 file changed, 41 insertions(+), 41 deletions(-) diff --git a/aws/resource_aws_s3_bucket.go b/aws/resource_aws_s3_bucket.go index 6408f1b4ebb..281dfd5322a 100644 --- a/aws/resource_aws_s3_bucket.go +++ b/aws/resource_aws_s3_bucket.go @@ -882,7 +882,7 @@ func resourceAwsS3BucketRead(d *schema.ResourceData, meta interface{}) error { return err } } else { - policy, err := structure.NormalizeJsonString(*v) + policy, err := structure.NormalizeJsonString(aws.StringValue(v)) if err != nil { return fmt.Errorf("policy contains an invalid JSON: %s", err) } @@ -935,7 +935,7 @@ func resourceAwsS3BucketRead(d *schema.ResourceData, meta interface{}) error { rule["expose_headers"] = flattenStringList(ruleObject.ExposeHeaders) } if ruleObject.MaxAgeSeconds != nil { - rule["max_age_seconds"] = int(*ruleObject.MaxAgeSeconds) + rule["max_age_seconds"] = int(aws.Int64Value(ruleObject.MaxAgeSeconds)) } corsRules = append(corsRules, rule) } @@ -959,34 +959,34 @@ func resourceAwsS3BucketRead(d *schema.ResourceData, meta interface{}) error { w := make(map[string]interface{}) if v := ws.IndexDocument; v != nil { - w["index_document"] = *v.Suffix + w["index_document"] = aws.StringValue(v.Suffix) } if v := ws.ErrorDocument; v != nil { - w["error_document"] = *v.Key + w["error_document"] = aws.StringValue(v.Key) } if v := ws.RedirectAllRequestsTo; v != nil { if v.Protocol == nil { - w["redirect_all_requests_to"] = *v.HostName + w["redirect_all_requests_to"] = aws.StringValue(v.HostName) } else { var host string var path string var query string - parsedHostName, err := url.Parse(*v.HostName) + parsedHostName, err := url.Parse(aws.StringValue(v.HostName)) if err == nil { host = parsedHostName.Host path = parsedHostName.Path query = parsedHostName.RawQuery } else { - host = *v.HostName + host = aws.StringValue(v.HostName) path = "" } w["redirect_all_requests_to"] = (&url.URL{ Host: host, Path: path, - Scheme: *v.Protocol, + Scheme: aws.StringValue(v.Protocol), RawQuery: query, }).String() } @@ -1024,13 +1024,13 @@ func resourceAwsS3BucketRead(d *schema.ResourceData, meta interface{}) error { vcl := make([]map[string]interface{}, 0, 1) if versioning, ok := versioningResponse.(*s3.GetBucketVersioningOutput); ok { vc := make(map[string]interface{}) - if versioning.Status != nil && *versioning.Status == s3.BucketVersioningStatusEnabled { + if versioning.Status != nil && aws.StringValue(versioning.Status) == s3.BucketVersioningStatusEnabled { vc["enabled"] = true } else { vc["enabled"] = false } - if versioning.MFADelete != nil && *versioning.MFADelete == s3.MFADeleteEnabled { + if versioning.MFADelete != nil && aws.StringValue(versioning.MFADelete) == s3.MFADeleteEnabled { vc["mfa_delete"] = true } else { vc["mfa_delete"] = false @@ -1088,11 +1088,11 @@ func resourceAwsS3BucketRead(d *schema.ResourceData, meta interface{}) error { if logging, ok := loggingResponse.(*s3.GetBucketLoggingOutput); ok && logging.LoggingEnabled != nil { v := logging.LoggingEnabled lc := make(map[string]interface{}) - if *v.TargetBucket != "" { - lc["target_bucket"] = *v.TargetBucket + if aws.StringValue(v.TargetBucket) != "" { + lc["target_bucket"] = aws.StringValue(v.TargetBucket) } - if *v.TargetPrefix != "" { - lc["target_prefix"] = *v.TargetPrefix + if aws.StringValue(v.TargetPrefix) != "" { + lc["target_prefix"] = aws.StringValue(v.TargetPrefix) } lcl = append(lcl, lc) } @@ -1120,15 +1120,15 @@ func resourceAwsS3BucketRead(d *schema.ResourceData, meta interface{}) error { rule := make(map[string]interface{}) // ID - if lifecycleRule.ID != nil && *lifecycleRule.ID != "" { - rule["id"] = *lifecycleRule.ID + if lifecycleRule.ID != nil && aws.StringValue(lifecycleRule.ID) != "" { + rule["id"] = aws.StringValue(lifecycleRule.ID) } filter := lifecycleRule.Filter if filter != nil { if filter.And != nil { // Prefix - if filter.And.Prefix != nil && *filter.And.Prefix != "" { - rule["prefix"] = *filter.And.Prefix + if filter.And.Prefix != nil && aws.StringValue(filter.And.Prefix) != "" { + rule["prefix"] = aws.StringValue(filter.And.Prefix) } // Tag if len(filter.And.Tags) > 0 { @@ -1136,8 +1136,8 @@ func resourceAwsS3BucketRead(d *schema.ResourceData, meta interface{}) error { } } else { // Prefix - if filter.Prefix != nil && *filter.Prefix != "" { - rule["prefix"] = *filter.Prefix + if filter.Prefix != nil && aws.StringValue(filter.Prefix) != "" { + rule["prefix"] = aws.StringValue(filter.Prefix) } // Tag if filter.Tag != nil { @@ -1146,13 +1146,13 @@ func resourceAwsS3BucketRead(d *schema.ResourceData, meta interface{}) error { } } else { if lifecycleRule.Prefix != nil { - rule["prefix"] = *lifecycleRule.Prefix + rule["prefix"] = aws.StringValue(lifecycleRule.Prefix) } } // Enabled if lifecycleRule.Status != nil { - if *lifecycleRule.Status == s3.ExpirationStatusEnabled { + if aws.StringValue(lifecycleRule.Status) == s3.ExpirationStatusEnabled { rule["enabled"] = true } else { rule["enabled"] = false @@ -1162,7 +1162,7 @@ func resourceAwsS3BucketRead(d *schema.ResourceData, meta interface{}) error { // AbortIncompleteMultipartUploadDays if lifecycleRule.AbortIncompleteMultipartUpload != nil { if lifecycleRule.AbortIncompleteMultipartUpload.DaysAfterInitiation != nil { - rule["abort_incomplete_multipart_upload_days"] = int(*lifecycleRule.AbortIncompleteMultipartUpload.DaysAfterInitiation) + rule["abort_incomplete_multipart_upload_days"] = int(aws.Int64Value(lifecycleRule.AbortIncompleteMultipartUpload.DaysAfterInitiation)) } } @@ -1194,13 +1194,13 @@ func resourceAwsS3BucketRead(d *schema.ResourceData, meta interface{}) error { for _, v := range lifecycleRule.Transitions { t := make(map[string]interface{}) if v.Date != nil { - t["date"] = (*v.Date).Format("2006-01-02") + t["date"] = (aws.TimeValue(v.Date)).Format("2006-01-02") } if v.Days != nil { - t["days"] = int(*v.Days) + t["days"] = int(aws.Int64Value(v.Days)) } if v.StorageClass != nil { - t["storage_class"] = *v.StorageClass + t["storage_class"] = aws.StringValue(v.StorageClass) } transitions = append(transitions, t) } @@ -1212,10 +1212,10 @@ func resourceAwsS3BucketRead(d *schema.ResourceData, meta interface{}) error { for _, v := range lifecycleRule.NoncurrentVersionTransitions { t := make(map[string]interface{}) if v.NoncurrentDays != nil { - t["days"] = int(*v.NoncurrentDays) + t["days"] = int(aws.Int64Value(v.NoncurrentDays)) } if v.StorageClass != nil { - t["storage_class"] = *v.StorageClass + t["storage_class"] = aws.StringValue(v.StorageClass) } transitions = append(transitions, t) } @@ -1291,7 +1291,7 @@ func resourceAwsS3BucketRead(d *schema.ResourceData, meta interface{}) error { var region string if location, ok := locationResponse.(*s3.GetBucketLocationOutput); ok && location.LocationConstraint != nil { - region = *location.LocationConstraint + region = aws.StringValue(location.LocationConstraint) } region = normalizeRegion(region) if err := d.Set("region", region); err != nil { @@ -1708,7 +1708,7 @@ func websiteEndpoint(client *AWSClient, d *schema.ResourceData) (*S3Website, err location := locationResponse.(*s3.GetBucketLocationOutput) var region string if location.LocationConstraint != nil { - region = *location.LocationConstraint + region = aws.StringValue(location.LocationConstraint) } return WebsiteEndpoint(client, bucket, region), nil @@ -2311,8 +2311,8 @@ func flattenAwsS3BucketReplicationConfiguration(r *s3.ReplicationConfiguration) m := make(map[string]interface{}) - if r.Role != nil && *r.Role != "" { - m["role"] = *r.Role + if r.Role != nil && aws.StringValue(r.Role) != "" { + m["role"] = aws.StringValue(r.Role) } rules := make([]interface{}, 0, len(r.Rules)) @@ -2321,18 +2321,18 @@ func flattenAwsS3BucketReplicationConfiguration(r *s3.ReplicationConfiguration) if v.Destination != nil { rd := make(map[string]interface{}) if v.Destination.Bucket != nil { - rd["bucket"] = *v.Destination.Bucket + rd["bucket"] = aws.StringValue(v.Destination.Bucket) } if v.Destination.StorageClass != nil { - rd["storage_class"] = *v.Destination.StorageClass + rd["storage_class"] = aws.StringValue(v.Destination.StorageClass) } if v.Destination.EncryptionConfiguration != nil { if v.Destination.EncryptionConfiguration.ReplicaKmsKeyID != nil { - rd["replica_kms_key_id"] = *v.Destination.EncryptionConfiguration.ReplicaKmsKeyID + rd["replica_kms_key_id"] = aws.StringValue(v.Destination.EncryptionConfiguration.ReplicaKmsKeyID) } } if v.Destination.Account != nil { - rd["account_id"] = *v.Destination.Account + rd["account_id"] = aws.StringValue(v.Destination.Account) } if v.Destination.AccessControlTranslation != nil { rdt := map[string]interface{}{ @@ -2344,21 +2344,21 @@ func flattenAwsS3BucketReplicationConfiguration(r *s3.ReplicationConfiguration) } if v.ID != nil { - t["id"] = *v.ID + t["id"] = aws.StringValue(v.ID) } if v.Prefix != nil { - t["prefix"] = *v.Prefix + t["prefix"] = aws.StringValue(v.Prefix) } if v.Status != nil { - t["status"] = *v.Status + t["status"] = aws.StringValue(v.Status) } if vssc := v.SourceSelectionCriteria; vssc != nil { tssc := make(map[string]interface{}) if vssc.SseKmsEncryptedObjects != nil { tSseKms := make(map[string]interface{}) - if *vssc.SseKmsEncryptedObjects.Status == s3.SseKmsEncryptedObjectsStatusEnabled { + if aws.StringValue(vssc.SseKmsEncryptedObjects.Status) == s3.SseKmsEncryptedObjectsStatusEnabled { tSseKms["enabled"] = true - } else if *vssc.SseKmsEncryptedObjects.Status == s3.SseKmsEncryptedObjectsStatusDisabled { + } else if aws.StringValue(vssc.SseKmsEncryptedObjects.Status) == s3.SseKmsEncryptedObjectsStatusDisabled { tSseKms["enabled"] = false } tssc["sse_kms_encrypted_objects"] = []interface{}{tSseKms} From 772f18648f32e3e850d7d06ef722c5950fe2db10 Mon Sep 17 00:00:00 2001 From: Angie Pinilla Date: Wed, 20 May 2020 03:44:01 -0400 Subject: [PATCH 239/475] run go fmt --- aws/resource_aws_s3_bucket_test.go | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/aws/resource_aws_s3_bucket_test.go b/aws/resource_aws_s3_bucket_test.go index 72e4ad3531c..c5970d778ab 100644 --- a/aws/resource_aws_s3_bucket_test.go +++ b/aws/resource_aws_s3_bucket_test.go @@ -1298,9 +1298,9 @@ func TestAccAWSS3Bucket_LifecycleExpireMarkerOnly(t *testing.T) { resourceName := "aws_s3_bucket.bucket" resource.ParallelTest(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t) }, - Providers: testAccProviders, - CheckDestroy: testAccCheckAWSS3BucketDestroy, + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSS3BucketDestroy, Steps: []resource.TestStep{ { Config: testAccAWSS3BucketConfigWithLifecycleExpireMarker(bucketName), From 485838521b5df9f43cce01be4d17232c58449331 Mon Sep 17 00:00:00 2001 From: Angie Pinilla Date: Wed, 20 May 2020 05:08:28 -0400 Subject: [PATCH 240/475] handle empty expiration --- aws/resource_aws_s3_bucket.go | 32 ++++++++++++++++++++++++++++++-- 1 file changed, 30 insertions(+), 2 deletions(-) diff --git a/aws/resource_aws_s3_bucket.go b/aws/resource_aws_s3_bucket.go index 281dfd5322a..35676270e2f 100644 --- a/aws/resource_aws_s3_bucket.go +++ b/aws/resource_aws_s3_bucket.go @@ -2192,10 +2192,9 @@ func resourceAwsS3BucketLifecycleUpdate(s3conn *s3.S3, d *schema.ResourceData) e // Expiration expiration := d.Get(fmt.Sprintf("lifecycle_rule.%d.expiration", i)).([]interface{}) - if len(expiration) > 0 && expiration[0] != nil { + if len(expiration) > 0 && expiration[0] == nil { e := expiration[0].(map[string]interface{}) i := &s3.LifecycleExpiration{} - if val, ok := e["date"].(string); ok && val != "" { t, err := time.Parse(time.RFC3339, fmt.Sprintf("%sT00:00:00Z", val)) if err != nil { @@ -2222,6 +2221,7 @@ func resourceAwsS3BucketLifecycleUpdate(s3conn *s3.S3, d *schema.ResourceData) e } } + // Transitions transitions := d.Get(fmt.Sprintf("lifecycle_rule.%d.transition", i)).(*schema.Set).List() if len(transitions) > 0 { @@ -2263,6 +2263,14 @@ func resourceAwsS3BucketLifecycleUpdate(s3conn *s3.S3, d *schema.ResourceData) e } } + // As a lifecycle rule requires 1 or more transition/expiration actions, + // we explicitly pass a default ExpiredObjectDeleteMarker value to be able to create + // the rule while keeping the policy unaffected if the conditions are not met. + if rule.Expiration == nil && rule.NoncurrentVersionExpiration == nil && + rule.Transitions == nil && rule.NoncurrentVersionTransitions == nil { + rule.Expiration = &s3.LifecycleExpiration{ExpiredObjectDeleteMarker: aws.Bool(false)} + } + rules = append(rules, rule) } @@ -2504,6 +2512,26 @@ func grantHash(v interface{}) int { return hashcode.String(buf.String()) } +//func expirationHash(v interface{}) int { +// var buf bytes.Buffer +// m, ok := v.(map[string]interface{}) +// +// if !ok { +// return 0 +// } +// +// if v, ok := m["date"]; ok { +// buf.WriteString(fmt.Sprintf("%s-", v.(string))) +// } +// if v, ok := m["days"]; ok { +// buf.WriteString(fmt.Sprintf("%d-", v.(int))) +// } +// if v, ok := m["expired_object_delete_marker"]; ok { +// buf.WriteString(fmt.Sprintf("%t-", v.(bool))) +// } +// return hashcode.String(buf.String()) +//} + func transitionHash(v interface{}) int { var buf bytes.Buffer m, ok := v.(map[string]interface{}) From 12f3f3fac2feb9427a344655e4e67fdd8317158e Mon Sep 17 00:00:00 2001 From: Angie Pinilla Date: Wed, 20 May 2020 05:10:27 -0400 Subject: [PATCH 241/475] remove commented out function --- aws/resource_aws_s3_bucket.go | 21 --------------------- 1 file changed, 21 deletions(-) diff --git a/aws/resource_aws_s3_bucket.go b/aws/resource_aws_s3_bucket.go index 35676270e2f..2b20ce1a659 100644 --- a/aws/resource_aws_s3_bucket.go +++ b/aws/resource_aws_s3_bucket.go @@ -2221,7 +2221,6 @@ func resourceAwsS3BucketLifecycleUpdate(s3conn *s3.S3, d *schema.ResourceData) e } } - // Transitions transitions := d.Get(fmt.Sprintf("lifecycle_rule.%d.transition", i)).(*schema.Set).List() if len(transitions) > 0 { @@ -2512,26 +2511,6 @@ func grantHash(v interface{}) int { return hashcode.String(buf.String()) } -//func expirationHash(v interface{}) int { -// var buf bytes.Buffer -// m, ok := v.(map[string]interface{}) -// -// if !ok { -// return 0 -// } -// -// if v, ok := m["date"]; ok { -// buf.WriteString(fmt.Sprintf("%s-", v.(string))) -// } -// if v, ok := m["days"]; ok { -// buf.WriteString(fmt.Sprintf("%d-", v.(int))) -// } -// if v, ok := m["expired_object_delete_marker"]; ok { -// buf.WriteString(fmt.Sprintf("%t-", v.(bool))) -// } -// return hashcode.String(buf.String()) -//} - func transitionHash(v interface{}) int { var buf bytes.Buffer m, ok := v.(map[string]interface{}) From 431736eb2256b5f74a59a30e5d52b3b237e83f59 Mon Sep 17 00:00:00 2001 From: Angie Pinilla Date: Wed, 20 May 2020 10:55:35 -0400 Subject: [PATCH 242/475] add extra nil check and correct existing one --- aws/resource_aws_s3_bucket.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/aws/resource_aws_s3_bucket.go b/aws/resource_aws_s3_bucket.go index 2b20ce1a659..4ffe11aa591 100644 --- a/aws/resource_aws_s3_bucket.go +++ b/aws/resource_aws_s3_bucket.go @@ -2137,7 +2137,7 @@ func resourceAwsS3BucketLifecycleUpdate(s3conn *s3.S3, d *schema.ResourceData) e lifecycleRules := d.Get("lifecycle_rule").([]interface{}) - if len(lifecycleRules) == 0 { + if len(lifecycleRules) == 0 || lifecycleRules[0] == nil { i := &s3.DeleteBucketLifecycleInput{ Bucket: aws.String(bucket), } @@ -2192,7 +2192,7 @@ func resourceAwsS3BucketLifecycleUpdate(s3conn *s3.S3, d *schema.ResourceData) e // Expiration expiration := d.Get(fmt.Sprintf("lifecycle_rule.%d.expiration", i)).([]interface{}) - if len(expiration) > 0 && expiration[0] == nil { + if len(expiration) > 0 && expiration[0] != nil { e := expiration[0].(map[string]interface{}) i := &s3.LifecycleExpiration{} if val, ok := e["date"].(string); ok && val != "" { From 5f643861c36cd74edb40013c50ecbeed0f72a090 Mon Sep 17 00:00:00 2001 From: Angie Pinilla Date: Wed, 20 May 2020 11:50:23 -0400 Subject: [PATCH 243/475] update URLs for permanently moved sites --- website/docs/d/vpc_peering_connection.html.markdown | 4 ++-- website/docs/r/vpc_peering_connection.html.markdown | 4 ++-- website/docs/r/vpc_peering_connection_accepter.html.markdown | 4 ++-- website/docs/r/vpc_peering_connection_options.html.markdown | 4 ++-- website/docs/r/waf_size_constraint_set.html.markdown | 2 +- website/docs/r/wafregional_size_constraint_set.html.markdown | 2 +- 6 files changed, 10 insertions(+), 10 deletions(-) diff --git a/website/docs/d/vpc_peering_connection.html.markdown b/website/docs/d/vpc_peering_connection.html.markdown index 324f1ab570f..2d748eb0474 100644 --- a/website/docs/d/vpc_peering_connection.html.markdown +++ b/website/docs/d/vpc_peering_connection.html.markdown @@ -77,10 +77,10 @@ which take the following arguments: All of the argument attributes except `filter` are also exported as result attributes. * `accepter` - A configuration block that describes [VPC Peering Connection] -(http://docs.aws.amazon.com/AmazonVPC/latest/PeeringGuide) options set for the accepter VPC. +(https://docs.aws.amazon.com/vpc/latest/peering/what-is-vpc-peering.html) options set for the accepter VPC. * `requester` - A configuration block that describes [VPC Peering Connection] -(http://docs.aws.amazon.com/AmazonVPC/latest/PeeringGuide) options set for the requester VPC. +(https://docs.aws.amazon.com/vpc/latest/peering/what-is-vpc-peering.html) options set for the requester VPC. #### Accepter and Requester Attributes Reference diff --git a/website/docs/r/vpc_peering_connection.html.markdown b/website/docs/r/vpc_peering_connection.html.markdown index 9a2bd49ce46..e7133bffc89 100644 --- a/website/docs/r/vpc_peering_connection.html.markdown +++ b/website/docs/r/vpc_peering_connection.html.markdown @@ -112,10 +112,10 @@ The following arguments are supported: * `peer_region` - (Optional) The region of the accepter VPC of the [VPC Peering Connection]. `auto_accept` must be `false`, and use the `aws_vpc_peering_connection_accepter` to manage the accepter side. * `accepter` (Optional) - An optional configuration block that allows for [VPC Peering Connection] -(http://docs.aws.amazon.com/AmazonVPC/latest/PeeringGuide) options to be set for the VPC that accepts +(https://docs.aws.amazon.com/vpc/latest/peering/what-is-vpc-peering.html) options to be set for the VPC that accepts the peering connection (a maximum of one). * `requester` (Optional) - A optional configuration block that allows for [VPC Peering Connection] -(http://docs.aws.amazon.com/AmazonVPC/latest/PeeringGuide) options to be set for the VPC that requests +(https://docs.aws.amazon.com/vpc/latest/peering/what-is-vpc-peering.html) options to be set for the VPC that requests the peering connection (a maximum of one). * `tags` - (Optional) A map of tags to assign to the resource. diff --git a/website/docs/r/vpc_peering_connection_accepter.html.markdown b/website/docs/r/vpc_peering_connection_accepter.html.markdown index 345d0eadd31..6b6d4d19875 100644 --- a/website/docs/r/vpc_peering_connection_accepter.html.markdown +++ b/website/docs/r/vpc_peering_connection_accepter.html.markdown @@ -98,9 +98,9 @@ All of the argument attributes except `auto_accept` are also exported as result * `peer_owner_id` - The AWS account ID of the owner of the requester VPC. * `peer_region` - The region of the accepter VPC. * `accepter` - A configuration block that describes [VPC Peering Connection] -(http://docs.aws.amazon.com/AmazonVPC/latest/PeeringGuide) options set for the accepter VPC. +(https://docs.aws.amazon.com/vpc/latest/peering/what-is-vpc-peering.html) options set for the accepter VPC. * `requester` - A configuration block that describes [VPC Peering Connection] -(http://docs.aws.amazon.com/AmazonVPC/latest/PeeringGuide) options set for the requester VPC. +(https://docs.aws.amazon.com/vpc/latest/peering/what-is-vpc-peering.html) options set for the requester VPC. #### Accepter and Requester Attributes Reference diff --git a/website/docs/r/vpc_peering_connection_options.html.markdown b/website/docs/r/vpc_peering_connection_options.html.markdown index da47b676d3a..42248d66347 100644 --- a/website/docs/r/vpc_peering_connection_options.html.markdown +++ b/website/docs/r/vpc_peering_connection_options.html.markdown @@ -142,10 +142,10 @@ The following arguments are supported: * `vpc_peering_connection_id` - (Required) The ID of the requester VPC peering connection. * `accepter` (Optional) - An optional configuration block that allows for [VPC Peering Connection] -(http://docs.aws.amazon.com/AmazonVPC/latest/PeeringGuide) options to be set for the VPC that accepts +(https://docs.aws.amazon.com/vpc/latest/peering/what-is-vpc-peering.html) options to be set for the VPC that accepts the peering connection (a maximum of one). * `requester` (Optional) - A optional configuration block that allows for [VPC Peering Connection] -(http://docs.aws.amazon.com/AmazonVPC/latest/PeeringGuide) options to be set for the VPC that requests +(https://docs.aws.amazon.com/vpc/latest/peering/what-is-vpc-peering.html) options to be set for the VPC that requests the peering connection (a maximum of one). #### Accepter and Requester Arguments diff --git a/website/docs/r/waf_size_constraint_set.html.markdown b/website/docs/r/waf_size_constraint_set.html.markdown index 4b26a49b26b..7f71fa827e3 100644 --- a/website/docs/r/waf_size_constraint_set.html.markdown +++ b/website/docs/r/waf_size_constraint_set.html.markdown @@ -44,7 +44,7 @@ The following arguments are supported: * `field_to_match` - (Required) Specifies where in a web request to look for the size constraint. * `comparison_operator` - (Required) The type of comparison you want to perform. e.g. `EQ`, `NE`, `LT`, `GT`. - See [docs](http://docs.aws.amazon.com/waf/latest/APIReference/API_SizeConstraint.html#WAF-Type-SizeConstraint-ComparisonOperator) for all supported values. + See [docs](https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_SizeConstraint.html) for all supported values. * `size` - (Required) The size in bytes that you want to compare against the size of the specified `field_to_match`. Valid values are between 0 - 21474836480 bytes (0 - 20 GB). * `text_transformation` - (Required) Text transformations used to eliminate unusual formatting that attackers use in web requests in an effort to bypass AWS WAF. diff --git a/website/docs/r/wafregional_size_constraint_set.html.markdown b/website/docs/r/wafregional_size_constraint_set.html.markdown index f3a1f2dab92..aa4bc596e35 100644 --- a/website/docs/r/wafregional_size_constraint_set.html.markdown +++ b/website/docs/r/wafregional_size_constraint_set.html.markdown @@ -44,7 +44,7 @@ The following arguments are supported: * `field_to_match` - (Required) Specifies where in a web request to look for the size constraint. * `comparison_operator` - (Required) The type of comparison you want to perform. e.g. `EQ`, `NE`, `LT`, `GT`. - See [docs](http://docs.aws.amazon.com/waf/latest/APIReference/API_SizeConstraint.html#WAF-Type-SizeConstraint-ComparisonOperator) for all supported values. + See [docs](https://docs.aws.amazon.com/waf/latest/APIReference/API_wafRegional_SizeConstraint.html) for all supported values. * `size` - (Required) The size in bytes that you want to compare against the size of the specified `field_to_match`. Valid values are between 0 - 21474836480 bytes (0 - 20 GB). * `text_transformation` - (Required) Text transformations used to eliminate unusual formatting that attackers use in web requests in an effort to bypass AWS WAF. From b187f48c56fdca91f5e349644eb2c81086915d7f Mon Sep 17 00:00:00 2001 From: Simon Davis Date: Wed, 20 May 2020 09:20:37 -0700 Subject: [PATCH 244/475] add golang version update section move to top of dependency update section particular golang > go add go.mod section and add example pr --- docs/MAINTAINING.md | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/docs/MAINTAINING.md b/docs/MAINTAINING.md index f312b007e7e..d94ceaa578c 100644 --- a/docs/MAINTAINING.md +++ b/docs/MAINTAINING.md @@ -5,6 +5,7 @@ - [Pull Requests](#pull-requests) - [Pull Request Review Process](#pull-request-review-process) - [Dependency Updates](#dependency-updates) + - [Go Default Version Update](#go-default-version-update) - [AWS Go SDK Updates](#aws-go-sdk-updates) - [golangci-lint Updates](#golangci-lint-updates) - [Terraform Plugin SDK Updates](#terraform-plugin-sdk-updates) @@ -67,6 +68,24 @@ Output from acceptance testing in AWS GovCloud (US): #### Dependency Updates +##### Go Default Version Update + +This project typically upgrades its Go version for development and testing shortly after release to get the latest and greatest Go functionality. Before beginning the update process, ensure that you review the new version release notes to look for any areas of possible friction when updating. + +Create an issue to cover the update noting down any areas of particular interest or friction. + +Ensure that the following steps are tracked within the issue and completed within the resulting pull request. + +- Update go version in `go.mod` +- Verify all formatting, linting, and testing works as expected +- Verify `gox` builds for all currently supported architectures +- Verify `goenv` support for the new version +- Update `docs/DEVELOPMENT.md` +- Update `.travis.yml` +- Update `CHANGELOG.md` detailing the update and mention any notes practitioners need to be aware of. + +See [#9992](https://github.com/terraform-providers/terraform-provider-aws/issues/9992) / [#10206](https://github.com/terraform-providers/terraform-provider-aws/pull/10206) for a recent example. + ##### AWS Go SDK Updates Almost exclusively, `github.com/aws/aws-sdk-go` updates are additive in nature. It is generally safe to only scan through them before approving and merging. If you have any concerns about any of the service client updates such as suspicious code removals in the update, or deprecations introduced, run the acceptance testing for potentially affected resources before merging. From 24cb4ae36d81d15f8064bcceef052c7d61225c17 Mon Sep 17 00:00:00 2001 From: angie pinilla Date: Wed, 20 May 2020 14:52:37 -0400 Subject: [PATCH 245/475] Update CHANGELOG for #12788 --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index a8f6fb2099f..0a2a35baf67 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -3,6 +3,7 @@ FEATURES: * **New Data Source:** `aws_efs_access_point` [GH-11965] +* **New Data Source:** `aws_wafv2_ip_set` [GH-12788] * **New Resource:** `aws_efs_access_point` [GH-11965] * **New Resource:** `aws_wafv2_ip_set` [GH-12119] From 990916c0e38f26c40b42ea8e18301e48ce56a14f Mon Sep 17 00:00:00 2001 From: pvanbuijtene Date: Fri, 28 Feb 2020 00:11:13 +0100 Subject: [PATCH 246/475] Add resource aws_wafv2_regex_pattern_set --- aws/provider.go | 1 + aws/resource_aws_wafv2_regex_pattern_set.go | 336 +++++++++++++++++ ...source_aws_wafv2_regex_pattern_set_test.go | 348 ++++++++++++++++++ 3 files changed, 685 insertions(+) create mode 100644 aws/resource_aws_wafv2_regex_pattern_set.go create mode 100644 aws/resource_aws_wafv2_regex_pattern_set_test.go diff --git a/aws/provider.go b/aws/provider.go index 55a3d4c26df..6d17d999c04 100644 --- a/aws/provider.go +++ b/aws/provider.go @@ -886,6 +886,7 @@ func Provider() terraform.ResourceProvider { "aws_wafregional_web_acl": resourceAwsWafRegionalWebAcl(), "aws_wafregional_web_acl_association": resourceAwsWafRegionalWebAclAssociation(), "aws_wafv2_ip_set": resourceAwsWafv2IPSet(), + "aws_wafv2_regex_pattern_set": resourceAwsWafv2RegexPatternSet(), "aws_worklink_fleet": resourceAwsWorkLinkFleet(), "aws_worklink_website_certificate_authority_association": resourceAwsWorkLinkWebsiteCertificateAuthorityAssociation(), "aws_workspaces_directory": resourceAwsWorkspacesDirectory(), diff --git a/aws/resource_aws_wafv2_regex_pattern_set.go b/aws/resource_aws_wafv2_regex_pattern_set.go new file mode 100644 index 00000000000..27f5f0d5483 --- /dev/null +++ b/aws/resource_aws_wafv2_regex_pattern_set.go @@ -0,0 +1,336 @@ +package aws + +import ( + "fmt" + "log" + "strings" + "time" + + "github.com/aws/aws-sdk-go/aws" + "github.com/aws/aws-sdk-go/aws/awserr" + "github.com/aws/aws-sdk-go/service/wafv2" + "github.com/hashicorp/terraform-plugin-sdk/helper/resource" + "github.com/hashicorp/terraform-plugin-sdk/helper/schema" + "github.com/hashicorp/terraform-plugin-sdk/helper/validation" + "github.com/terraform-providers/terraform-provider-aws/aws/internal/keyvaluetags" +) + +func resourceAwsWafv2RegexPatternSet() *schema.Resource { + return &schema.Resource{ + Create: resourceAwsWafv2RegexPatternSetCreate, + Read: resourceAwsWafv2RegexPatternSetRead, + Update: resourceAwsWafv2RegexPatternSetUpdate, + Delete: resourceAwsWafv2RegexPatternSetDelete, + Importer: &schema.ResourceImporter{ + State: func(d *schema.ResourceData, meta interface{}) ([]*schema.ResourceData, error) { + idParts := strings.Split(d.Id(), "/") + if len(idParts) != 3 || idParts[0] == "" || idParts[1] == "" || idParts[2] == "" { + return nil, fmt.Errorf("Unexpected format of ID (%q), expected ID/NAME/SCOPE", d.Id()) + } + id := idParts[0] + name := idParts[1] + scope := idParts[2] + d.SetId(id) + d.Set("name", name) + d.Set("scope", scope) + return []*schema.ResourceData{d}, nil + }, + }, + + Schema: map[string]*schema.Schema{ + "arn": { + Type: schema.TypeString, + Computed: true, + }, + "description": { + Type: schema.TypeString, + Optional: true, + ValidateFunc: validation.StringLenBetween(1, 256), + }, + "name": { + Type: schema.TypeString, + Required: true, + ForceNew: true, + ValidateFunc: validation.StringLenBetween(1, 128), + }, + "regular_expression_list": { + Type: schema.TypeSet, + Required: true, + MinItems: 1, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "regex_string": { + Type: schema.TypeString, + Required: true, + ValidateFunc: validation.StringLenBetween(1, 512), + }, + }, + }, + }, + "scope": { + Type: schema.TypeString, + Required: true, + ForceNew: true, + ValidateFunc: validation.StringInSlice([]string{ + wafv2.ScopeCloudfront, + wafv2.ScopeRegional, + }, false), + }, + "tags": tagsSchema(), + }, + } +} + +func resourceAwsWafv2RegexPatternSetCreate(d *schema.ResourceData, meta interface{}) error { + conn := meta.(*AWSClient).wafv2conn + var resp *wafv2.CreateRegexPatternSetOutput + + params := &wafv2.CreateRegexPatternSetInput{ + Name: aws.String(d.Get("name").(string)), + Scope: aws.String(d.Get("scope").(string)), + } + + if d.HasChange("description") { + params.Description = aws.String(d.Get("description").(string)) + } + + if v, ok := d.GetOk("regular_expression_list"); ok && v.(*schema.Set).Len() > 0 { + params.RegularExpressionList = expandWafv2RegexPatternSet(d.Get("regular_expression_list").(*schema.Set).List()) + } + + if v := d.Get("tags").(map[string]interface{}); len(v) > 0 { + params.Tags = keyvaluetags.New(v).IgnoreAws().Wafv2Tags() + } + + err := resource.Retry(15*time.Minute, func() *resource.RetryError { + var err error + resp, err = conn.CreateRegexPatternSet(params) + if err != nil { + if isAWSErr(err, wafv2.ErrCodeWAFInternalErrorException, "AWS WAF couldn’t perform the operation because of a system problem") { + return resource.RetryableError(err) + } + if isAWSErr(err, wafv2.ErrCodeWAFTagOperationException, "An error occurred during the tagging operation") { + return resource.RetryableError(err) + } + if isAWSErr(err, wafv2.ErrCodeWAFTagOperationInternalErrorException, "AWS WAF couldn’t perform your tagging operation because of an internal error") { + return resource.RetryableError(err) + } + if isAWSErr(err, wafv2.ErrCodeWAFOptimisticLockException, "AWS WAF couldn’t save your changes because you tried to update or delete a resource that has changed since you last retrieved it") { + return resource.RetryableError(err) + } + return resource.NonRetryableError(err) + } + return nil + }) + if isResourceTimeoutError(err) { + _, err = conn.CreateRegexPatternSet(params) + } + if err != nil { + return err + } + d.SetId(*resp.Summary.Id) + + return resourceAwsWafv2RegexPatternSetRead(d, meta) +} + +func resourceAwsWafv2RegexPatternSetRead(d *schema.ResourceData, meta interface{}) error { + conn := meta.(*AWSClient).wafv2conn + + params := &wafv2.GetRegexPatternSetInput{ + Id: aws.String(d.Id()), + Name: aws.String(d.Get("name").(string)), + Scope: aws.String(d.Get("scope").(string)), + } + + resp, err := conn.GetRegexPatternSet(params) + if err != nil { + if awsErr, ok := err.(awserr.Error); ok && awsErr.Code() == wafv2.ErrCodeWAFNonexistentItemException { + log.Printf("[WARN] WAFV2 RegexPatternSet (%s) not found, removing from state", d.Id()) + d.SetId("") + return nil + } + + return err + } + + d.Set("name", resp.RegexPatternSet.Name) + d.Set("description", resp.RegexPatternSet.Description) + d.Set("arn", resp.RegexPatternSet.ARN) + + if err := d.Set("regular_expression_list", flattenWafv2RegexPatternSet(resp.RegexPatternSet.RegularExpressionList)); err != nil { + return fmt.Errorf("Error setting regular_expression_list: %s", err) + } + + tags, err := keyvaluetags.Wafv2ListTags(conn, *resp.RegexPatternSet.ARN) + if err != nil { + return fmt.Errorf("error listing tags for WAFV2 RegexPatternSet (%s): %s", *resp.RegexPatternSet.ARN, err) + } + + if err := d.Set("tags", tags.IgnoreAws().Map()); err != nil { + return fmt.Errorf("error setting tags: %s", err) + } + + return nil +} + +func flattenWafv2RegexPatternSet(r []*wafv2.Regex) interface{} { + regexPatterns := make([]interface{}, len(r)) + + for i, regexPattern := range r { + d := map[string]interface{}{ + "regex_string": *regexPattern.RegexString, + } + regexPatterns[i] = d + } + + return regexPatterns +} + +func resourceAwsWafv2RegexPatternSetUpdate(d *schema.ResourceData, meta interface{}) error { + conn := meta.(*AWSClient).wafv2conn + var resp *wafv2.GetRegexPatternSetOutput + params := &wafv2.GetRegexPatternSetInput{ + Id: aws.String(d.Id()), + Name: aws.String(d.Get("name").(string)), + Scope: aws.String(d.Get("scope").(string)), + } + log.Printf("[INFO] Updating WAFV2 RegexPatternSet %s", d.Id()) + + err := resource.Retry(15*time.Minute, func() *resource.RetryError { + var err error + resp, err = conn.GetRegexPatternSet(params) + if err != nil { + return resource.NonRetryableError(fmt.Errorf("Error getting lock token: %s", err)) + } + + u := &wafv2.UpdateRegexPatternSetInput{ + Id: aws.String(d.Id()), + Name: aws.String(d.Get("name").(string)), + Scope: aws.String(d.Get("scope").(string)), + Description: aws.String(d.Get("description").(string)), + LockToken: resp.LockToken, + } + + if v, ok := d.GetOk("regular_expression_list"); ok && v.(*schema.Set).Len() > 0 { + u.RegularExpressionList = expandWafv2RegexPatternSet(d.Get("regular_expression_list").(*schema.Set).List()) + } + + if d.HasChange("description") { + u.Description = aws.String(d.Get("description").(string)) + } + + _, err = conn.UpdateRegexPatternSet(u) + + if err != nil { + if isAWSErr(err, wafv2.ErrCodeWAFInternalErrorException, "AWS WAF couldn’t perform the operation because of a system problem") { + return resource.RetryableError(err) + } + if isAWSErr(err, wafv2.ErrCodeWAFOptimisticLockException, "AWS WAF couldn’t save your changes because you tried to update or delete a resource that has changed since you last retrieved it") { + return resource.RetryableError(err) + } + return resource.NonRetryableError(err) + } + return nil + }) + + if isResourceTimeoutError(err) { + _, err = conn.DeleteRegexPatternSet(&wafv2.DeleteRegexPatternSetInput{ + Id: aws.String(d.Id()), + Name: aws.String(d.Get("name").(string)), + Scope: aws.String(d.Get("scope").(string)), + LockToken: resp.LockToken, + }) + } + + if err != nil { + return fmt.Errorf("Error updating WAFV2 RegexPatternSet: %s", err) + } + + if d.HasChange("tags") { + o, n := d.GetChange("tags") + if err := keyvaluetags.Wafv2UpdateTags(conn, d.Get("arn").(string), o, n); err != nil { + return fmt.Errorf("error updating tags: %s", err) + } + } + + return resourceAwsWafv2RegexPatternSetRead(d, meta) +} + +func resourceAwsWafv2RegexPatternSetDelete(d *schema.ResourceData, meta interface{}) error { + conn := meta.(*AWSClient).wafv2conn + var resp *wafv2.GetRegexPatternSetOutput + params := &wafv2.GetRegexPatternSetInput{ + Id: aws.String(d.Id()), + Name: aws.String(d.Get("name").(string)), + Scope: aws.String(d.Get("scope").(string)), + } + log.Printf("[INFO] Deleting WAFV2 RegexPatternSet %s", d.Id()) + + err := resource.Retry(15*time.Minute, func() *resource.RetryError { + var err error + resp, err = conn.GetRegexPatternSet(params) + if err != nil { + return resource.NonRetryableError(fmt.Errorf("Error getting lock token: %s", err)) + } + + _, err = conn.DeleteRegexPatternSet(&wafv2.DeleteRegexPatternSetInput{ + Id: aws.String(d.Id()), + Name: aws.String(d.Get("name").(string)), + Scope: aws.String(d.Get("scope").(string)), + LockToken: resp.LockToken, + }) + + if err != nil { + if isAWSErr(err, wafv2.ErrCodeWAFInternalErrorException, "AWS WAF couldn’t perform the operation because of a system problem") { + return resource.RetryableError(err) + } + if isAWSErr(err, wafv2.ErrCodeWAFOptimisticLockException, "AWS WAF couldn’t save your changes because you tried to update or delete a resource that has changed since you last retrieved it") { + return resource.RetryableError(err) + } + return resource.NonRetryableError(err) + } + return nil + }) + + if isResourceTimeoutError(err) { + _, err = conn.DeleteRegexPatternSet(&wafv2.DeleteRegexPatternSetInput{ + Id: aws.String(d.Id()), + Name: aws.String(d.Get("name").(string)), + Scope: aws.String(d.Get("scope").(string)), + LockToken: resp.LockToken, + }) + } + + if err != nil { + return fmt.Errorf("Error deleting WAFV2 RegexPatternSet: %s", err) + } + + return nil +} + +func expandWafv2RegexPatternSet(l []interface{}) []*wafv2.Regex { + if len(l) == 0 || l[0] == nil { + return nil + } + + regexPatterns := make([]*wafv2.Regex, 0) + for _, regexPattern := range l { + if regexPattern == nil { + continue + } + + regexPatterns = append(regexPatterns, expandWafv2Regex(regexPattern.(map[string]interface{}))) + } + + return regexPatterns +} + +func expandWafv2Regex(m map[string]interface{}) *wafv2.Regex { + if m == nil { + return nil + } + + return &wafv2.Regex{ + RegexString: aws.String(m["regex_string"].(string)), + } +} diff --git a/aws/resource_aws_wafv2_regex_pattern_set_test.go b/aws/resource_aws_wafv2_regex_pattern_set_test.go new file mode 100644 index 00000000000..f8dd9a32ce6 --- /dev/null +++ b/aws/resource_aws_wafv2_regex_pattern_set_test.go @@ -0,0 +1,348 @@ +package aws + +import ( + "fmt" + "regexp" + "testing" + + "github.com/aws/aws-sdk-go/aws" + "github.com/aws/aws-sdk-go/aws/awserr" + "github.com/aws/aws-sdk-go/service/wafv2" + "github.com/hashicorp/terraform-plugin-sdk/helper/acctest" + "github.com/hashicorp/terraform-plugin-sdk/helper/resource" + "github.com/hashicorp/terraform-plugin-sdk/terraform" +) + +func TestAccAwsWafv2RegexPatternSet_basic(t *testing.T) { + var v wafv2.RegexPatternSet + regexPatternSetName := fmt.Sprintf("regex-pattern-set-%s", acctest.RandString(5)) + resourceName := "aws_wafv2_regex_pattern_set.test" + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSWafv2RegexPatternSetDestroy, + Steps: []resource.TestStep{ + { + Config: testAccAwsWafv2RegexPatternSetConfig(regexPatternSetName), + Check: resource.ComposeTestCheckFunc( + testAccCheckAWSWafv2RegexPatternSetExists("aws_wafv2_regex_pattern_set.test", &v), + testAccMatchResourceAttrRegionalARN(resourceName, "arn", "wafv2", regexp.MustCompile(`regional/regexpatternset/.+$`)), + resource.TestCheckResourceAttr(resourceName, "name", regexPatternSetName), + resource.TestCheckResourceAttr(resourceName, "description", regexPatternSetName), + resource.TestCheckResourceAttr(resourceName, "scope", wafv2.ScopeRegional), + resource.TestCheckResourceAttr(resourceName, "regular_expression_list.#", "2"), + resource.TestCheckResourceAttr(resourceName, "regular_expression_list.1641128102.regex_string", "one"), + resource.TestCheckResourceAttr(resourceName, "regular_expression_list.265355341.regex_string", "two"), + resource.TestCheckResourceAttr(resourceName, "tags.%", "2"), + resource.TestCheckResourceAttr(resourceName, "tags.Tag1", "Value1"), + resource.TestCheckResourceAttr(resourceName, "tags.Tag2", "Value2"), + ), + }, + { + Config: testAccAwsWafv2RegexPatternSetConfigUpdate(regexPatternSetName), + Check: resource.ComposeTestCheckFunc( + testAccCheckAWSWafv2RegexPatternSetExists("aws_wafv2_regex_pattern_set.test", &v), + testAccMatchResourceAttrRegionalARN(resourceName, "arn", "wafv2", regexp.MustCompile(`regional/regexpatternset/.+$`)), + resource.TestCheckResourceAttr(resourceName, "name", regexPatternSetName), + resource.TestCheckResourceAttr(resourceName, "description", "Updated"), + resource.TestCheckResourceAttr(resourceName, "scope", wafv2.ScopeRegional), + resource.TestCheckResourceAttr(resourceName, "regular_expression_list.#", "3"), + resource.TestCheckResourceAttr(resourceName, "regular_expression_list.1641128102.regex_string", "one"), + resource.TestCheckResourceAttr(resourceName, "regular_expression_list.265355341.regex_string", "two"), + resource.TestCheckResourceAttr(resourceName, "regular_expression_list.2339296779.regex_string", "three"), + ), + }, + { + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateIdFunc: testAccAWSWafv2RegexPatternSetImportStateIdFunc(resourceName), + }, + }, + }) +} + +func TestAccAwsWafv2RegexPatternSet_minimal(t *testing.T) { + var v wafv2.RegexPatternSet + regexPatternSetName := fmt.Sprintf("regex-pattern-set-%s", acctest.RandString(5)) + resourceName := "aws_wafv2_regex_pattern_set.test" + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSWafv2RegexPatternSetDestroy, + Steps: []resource.TestStep{ + { + Config: testAccAwsWafv2RegexPatternSetConfigMinimal(regexPatternSetName), + Check: resource.ComposeTestCheckFunc( + testAccCheckAWSWafv2RegexPatternSetExists("aws_wafv2_regex_pattern_set.test", &v), + testAccMatchResourceAttrRegionalARN(resourceName, "arn", "wafv2", regexp.MustCompile(`regional/regexpatternset/.+$`)), + resource.TestCheckResourceAttr(resourceName, "name", regexPatternSetName), + resource.TestCheckResourceAttr(resourceName, "description", ""), + resource.TestCheckResourceAttr(resourceName, "scope", wafv2.ScopeRegional), + resource.TestCheckResourceAttr(resourceName, "regular_expression_list.#", "1"), + ), + }, + }, + }) +} + +func TestAccAwsWafv2RegexPatternSet_changeNameForceNew(t *testing.T) { + var before, after wafv2.RegexPatternSet + regexPatternSetName := fmt.Sprintf("regex-pattern-set-%s", acctest.RandString(5)) + regexPatternSetNewName := fmt.Sprintf("regex-pattern-set-%s", acctest.RandString(5)) + resourceName := "aws_wafv2_regex_pattern_set.test" + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSWafv2RegexPatternSetDestroy, + Steps: []resource.TestStep{ + { + Config: testAccAwsWafv2RegexPatternSetConfig(regexPatternSetName), + Check: resource.ComposeTestCheckFunc( + testAccCheckAWSWafv2RegexPatternSetExists("aws_wafv2_regex_pattern_set.test", &before), + testAccMatchResourceAttrRegionalARN(resourceName, "arn", "wafv2", regexp.MustCompile(`regional/regexpatternset/.+$`)), + resource.TestCheckResourceAttr(resourceName, "name", regexPatternSetName), + resource.TestCheckResourceAttr(resourceName, "description", regexPatternSetName), + resource.TestCheckResourceAttr(resourceName, "scope", wafv2.ScopeRegional), + resource.TestCheckResourceAttr(resourceName, "regular_expression_list.#", "2"), + ), + }, + { + Config: testAccAwsWafv2RegexPatternSetConfig(regexPatternSetNewName), + Check: resource.ComposeTestCheckFunc( + testAccCheckAWSWafv2RegexPatternSetExists("aws_wafv2_regex_pattern_set.test", &after), + testAccMatchResourceAttrRegionalARN(resourceName, "arn", "wafv2", regexp.MustCompile(`regional/regexpatternset/.+$`)), + resource.TestCheckResourceAttr(resourceName, "name", regexPatternSetNewName), + resource.TestCheckResourceAttr(resourceName, "description", regexPatternSetNewName), + resource.TestCheckResourceAttr(resourceName, "scope", wafv2.ScopeRegional), + resource.TestCheckResourceAttr(resourceName, "regular_expression_list.#", "2"), + ), + }, + }, + }) +} + +func TestAccAwsWafv2RegexPatternSet_tags(t *testing.T) { + var v wafv2.RegexPatternSet + regexPatternSetName := fmt.Sprintf("regex-pattern-set-%s", acctest.RandString(5)) + resourceName := "aws_wafv2_regex_pattern_set.test" + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSWafv2RegexPatternSetDestroy, + Steps: []resource.TestStep{ + { + Config: testAccAwsWafv2RegexPatternSetConfigOneTag(regexPatternSetName, "Tag1", "Value1"), + Check: resource.ComposeTestCheckFunc( + testAccCheckAWSWafv2RegexPatternSetExists("aws_wafv2_regex_pattern_set.test", &v), + testAccMatchResourceAttrRegionalARN(resourceName, "arn", "wafv2", regexp.MustCompile(`regional/regexpatternset/.+$`)), + resource.TestCheckResourceAttr(resourceName, "tags.%", "1"), + resource.TestCheckResourceAttr(resourceName, "tags.Tag1", "Value1"), + ), + }, + { + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateIdFunc: testAccAWSWafv2RegexPatternSetImportStateIdFunc(resourceName), + }, + { + Config: testAccAwsWafv2RegexPatternSetConfigTwoTags(regexPatternSetName, "Tag1", "Value1Updated", "Tag2", "Value2"), + Check: resource.ComposeTestCheckFunc( + testAccCheckAWSWafv2RegexPatternSetExists("aws_wafv2_regex_pattern_set.test", &v), + testAccMatchResourceAttrRegionalARN(resourceName, "arn", "wafv2", regexp.MustCompile(`regional/regexpatternset/.+$`)), + resource.TestCheckResourceAttr(resourceName, "tags.%", "2"), + resource.TestCheckResourceAttr(resourceName, "tags.Tag1", "Value1Updated"), + resource.TestCheckResourceAttr(resourceName, "tags.Tag2", "Value2"), + ), + }, + { + Config: testAccAwsWafv2RegexPatternSetConfigOneTag(regexPatternSetName, "Tag2", "Value2"), + Check: resource.ComposeTestCheckFunc( + testAccCheckAWSWafv2RegexPatternSetExists("aws_wafv2_regex_pattern_set.test", &v), + testAccMatchResourceAttrRegionalARN(resourceName, "arn", "wafv2", regexp.MustCompile(`regional/regexpatternset/.+$`)), + resource.TestCheckResourceAttr(resourceName, "tags.%", "1"), + resource.TestCheckResourceAttr(resourceName, "tags.Tag2", "Value2"), + ), + }, + }, + }) +} + +func testAccCheckAWSWafv2RegexPatternSetDestroy(s *terraform.State) error { + for _, rs := range s.RootModule().Resources { + if rs.Type != "aws_wafv2_regex_pattern_set" { + continue + } + + conn := testAccProvider.Meta().(*AWSClient).wafv2conn + resp, err := conn.GetRegexPatternSet( + &wafv2.GetRegexPatternSetInput{ + Id: aws.String(rs.Primary.ID), + Name: aws.String(rs.Primary.Attributes["name"]), + Scope: aws.String(rs.Primary.Attributes["scope"]), + }) + + if err == nil { + if *resp.RegexPatternSet.Id == rs.Primary.ID { + return fmt.Errorf("WAFV2 RegexPatternSet %s still exists", rs.Primary.ID) + } + } + + // Return nil if the RegexPatternSet is already destroyed + if awsErr, ok := err.(awserr.Error); ok { + if awsErr.Code() == wafv2.ErrCodeWAFNonexistentItemException { + return nil + } + } + + return err + } + + return nil +} + +func testAccCheckAWSWafv2RegexPatternSetExists(n string, v *wafv2.RegexPatternSet) resource.TestCheckFunc { + return func(s *terraform.State) error { + rs, ok := s.RootModule().Resources[n] + if !ok { + return fmt.Errorf("Not found: %s", n) + } + + if rs.Primary.ID == "" { + return fmt.Errorf("No WAFV2 RegexPatternSet ID is set") + } + + conn := testAccProvider.Meta().(*AWSClient).wafv2conn + resp, err := conn.GetRegexPatternSet(&wafv2.GetRegexPatternSetInput{ + Id: aws.String(rs.Primary.ID), + Name: aws.String(rs.Primary.Attributes["name"]), + Scope: aws.String(rs.Primary.Attributes["scope"]), + }) + + if err != nil { + return err + } + + if *resp.RegexPatternSet.Id == rs.Primary.ID { + *v = *resp.RegexPatternSet + return nil + } + + return fmt.Errorf("WAFV2 RegexPatternSet (%s) not found", rs.Primary.ID) + } +} + +func testAccAwsWafv2RegexPatternSetConfig(name string) string { + return fmt.Sprintf(` +resource "aws_wafv2_regex_pattern_set" "test" { + name = "%s" + description = "%s" + scope = "REGIONAL" + + regular_expression_list { + regex_string = "one" + } + + regular_expression_list { + regex_string = "two" + } + + tags = { + Tag1 = "Value1" + Tag2 = "Value2" + } +} +`, name, name) +} + +func testAccAwsWafv2RegexPatternSetConfigUpdate(name string) string { + return fmt.Sprintf(` +resource "aws_wafv2_regex_pattern_set" "test" { + name = "%s" + description = "Updated" + scope = "REGIONAL" + + regular_expression_list { + regex_string = "one" + } + + regular_expression_list { + regex_string = "two" + } + + regular_expression_list { + regex_string = "three" + } +} +`, name) +} + +func testAccAwsWafv2RegexPatternSetConfigMinimal(name string) string { + return fmt.Sprintf(` +resource "aws_wafv2_regex_pattern_set" "test" { + name = "%s" + scope = "REGIONAL" + + regular_expression_list { + regex_string = "one" + } +} +`, name) +} + +func testAccAwsWafv2RegexPatternSetConfigOneTag(name, tagKey, tagValue string) string { + return fmt.Sprintf(` +resource "aws_wafv2_regex_pattern_set" "test" { + name = "%s" + description = "%s" + scope = "REGIONAL" + + regular_expression_list { + regex_string = "one" + } + + regular_expression_list { + regex_string = "two" + } + + tags = { + %q = %q + } +} +`, name, name, tagKey, tagValue) +} + +func testAccAwsWafv2RegexPatternSetConfigTwoTags(name, tag1Key, tag1Value, tag2Key, tag2Value string) string { + return fmt.Sprintf(` +resource "aws_wafv2_regex_pattern_set" "test" { + name = "%s" + description = "%s" + scope = "REGIONAL" + + regular_expression_list { + regex_string = "one" + } + + tags = { + %q = %q + %q = %q + } +} +`, name, name, tag1Key, tag1Value, tag2Key, tag2Value) +} + +func testAccAWSWafv2RegexPatternSetImportStateIdFunc(resourceName string) resource.ImportStateIdFunc { + return func(s *terraform.State) (string, error) { + rs, ok := s.RootModule().Resources[resourceName] + if !ok { + return "", fmt.Errorf("Not found: %s", resourceName) + } + + return fmt.Sprintf("%s/%s/%s", rs.Primary.ID, rs.Primary.Attributes["name"], rs.Primary.Attributes["scope"]), nil + } +} From 5bcae54b9a9496f24e8684badaa11c583c420e69 Mon Sep 17 00:00:00 2001 From: Pascal van Buijtene Date: Fri, 6 Mar 2020 13:53:58 +0100 Subject: [PATCH 247/475] Add docs --- website/aws.erb | 13 ++++ .../r/wafv2_regex_pattern_set.html.markdown | 65 +++++++++++++++++++ 2 files changed, 78 insertions(+) create mode 100644 website/docs/r/wafv2_regex_pattern_set.html.markdown diff --git a/website/aws.erb b/website/aws.erb index c87b9a1498d..99ee1ead717 100644 --- a/website/aws.erb +++ b/website/aws.erb @@ -3575,6 +3575,19 @@
          • +
        • + WAFv2 + +
        • WorkLink
            diff --git a/website/docs/r/wafv2_regex_pattern_set.html.markdown b/website/docs/r/wafv2_regex_pattern_set.html.markdown new file mode 100644 index 00000000000..e53fc93b1d5 --- /dev/null +++ b/website/docs/r/wafv2_regex_pattern_set.html.markdown @@ -0,0 +1,65 @@ +--- +subcategory: "WAFv2" +layout: "aws" +page_title: "AWS: aws_wafv2_regex_pattern_set" +description: |- + Provides an AWS WAFv2 Regex Pattern Set resource. +--- + +# Resource: aws_wafv2_regex_pattern_set + +Provides an AWS WAFv2 Regex Pattern Set Resource + +## Example Usage + +```hcl +resource "aws_wafv2_regex_pattern_set" "example" { + name = "example" + description = "Example regex pattern set" + scope = "REGIONAL" + + regular_expression_list { + regex_string = "one" + } + + regular_expression_list { + regex_string = "two" + } + + tags = { + Tag1 = "Value1" + Tag2 = "Value2" + } +} +``` + +## Argument Reference + +The following arguments are supported: + +* `name` - (Required) A friendly name of the regular expression pattern set. +* `description` - (Optional) A friendly description of the regular expression pattern set. +* `scope` - (Required) Specifies whether this is for an AWS CloudFront distribution or for a regional application. Valid values are `CLOUDFRONT` or `REGIONAL`. To work with CloudFront, you must also specify the Region US East (N. Virginia). +* `regular_expression_list` - (Required) One or more blocks of regular expression patterns that you want AWS WAF to search for, such as `B[a@]dB[o0]t`. +* `tags` - (Optional) An array of key:value pairs to associate with the resource. + +## Nested blocks + +### `regular_expression_list` + +* `regex_string` - (Required) The string representing the regular expression, see the AWS WAF [documentation](https://docs.aws.amazon.com/waf/latest/developerguide/waf-regex-pattern-set-creating.html) for more information. + +## Attributes Reference + +In addition to all arguments above, the following attributes are exported: + +* `id` - A unique identifier for the set. +* `arn` - The Amazon Resource Name (ARN) that identifies the cluster. + +## Import + +WAFv2 Regex Pattern Sets can be imported using their ID, Name and Scope e.g. + +``` +$ terraform import aws_wafv2_regex_pattern_set.example a1b2c3d4-d5f6-7777-8888-9999aaaabbbbcccc/example/REGIONAL +``` From 7ca601f3171dc282773380c3a5daeaf2a036bd0d Mon Sep 17 00:00:00 2001 From: Pascal van Buijtene Date: Fri, 27 Mar 2020 23:45:27 +0100 Subject: [PATCH 248/475] Make user aware of optimistic lock exception --- aws/resource_aws_wafv2_regex_pattern_set.go | 42 +++++++-------------- 1 file changed, 13 insertions(+), 29 deletions(-) diff --git a/aws/resource_aws_wafv2_regex_pattern_set.go b/aws/resource_aws_wafv2_regex_pattern_set.go index 27f5f0d5483..a2f5e75e126 100644 --- a/aws/resource_aws_wafv2_regex_pattern_set.go +++ b/aws/resource_aws_wafv2_regex_pattern_set.go @@ -7,7 +7,6 @@ import ( "time" "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/aws/awserr" "github.com/aws/aws-sdk-go/service/wafv2" "github.com/hashicorp/terraform-plugin-sdk/helper/resource" "github.com/hashicorp/terraform-plugin-sdk/helper/schema" @@ -47,6 +46,10 @@ func resourceAwsWafv2RegexPatternSet() *schema.Resource { Optional: true, ValidateFunc: validation.StringLenBetween(1, 256), }, + "lock_token": { + Type: schema.TypeString, + Computed: true, + }, "name": { Type: schema.TypeString, Required: true, @@ -115,9 +118,6 @@ func resourceAwsWafv2RegexPatternSetCreate(d *schema.ResourceData, meta interfac if isAWSErr(err, wafv2.ErrCodeWAFTagOperationInternalErrorException, "AWS WAF couldn’t perform your tagging operation because of an internal error") { return resource.RetryableError(err) } - if isAWSErr(err, wafv2.ErrCodeWAFOptimisticLockException, "AWS WAF couldn’t save your changes because you tried to update or delete a resource that has changed since you last retrieved it") { - return resource.RetryableError(err) - } return resource.NonRetryableError(err) } return nil @@ -144,7 +144,7 @@ func resourceAwsWafv2RegexPatternSetRead(d *schema.ResourceData, meta interface{ resp, err := conn.GetRegexPatternSet(params) if err != nil { - if awsErr, ok := err.(awserr.Error); ok && awsErr.Code() == wafv2.ErrCodeWAFNonexistentItemException { + if isAWSErr(err, wafv2.ErrCodeWAFNonexistentItemException, "AWS WAF couldn’t perform the operation because your resource doesn’t exist") { log.Printf("[WARN] WAFV2 RegexPatternSet (%s) not found, removing from state", d.Id()) d.SetId("") return nil @@ -156,6 +156,7 @@ func resourceAwsWafv2RegexPatternSetRead(d *schema.ResourceData, meta interface{ d.Set("name", resp.RegexPatternSet.Name) d.Set("description", resp.RegexPatternSet.Description) d.Set("arn", resp.RegexPatternSet.ARN) + d.Set("lock_token", resp.LockToken) if err := d.Set("regular_expression_list", flattenWafv2RegexPatternSet(resp.RegexPatternSet.RegularExpressionList)); err != nil { return fmt.Errorf("Error setting regular_expression_list: %s", err) @@ -188,27 +189,16 @@ func flattenWafv2RegexPatternSet(r []*wafv2.Regex) interface{} { func resourceAwsWafv2RegexPatternSetUpdate(d *schema.ResourceData, meta interface{}) error { conn := meta.(*AWSClient).wafv2conn - var resp *wafv2.GetRegexPatternSetOutput - params := &wafv2.GetRegexPatternSetInput{ - Id: aws.String(d.Id()), - Name: aws.String(d.Get("name").(string)), - Scope: aws.String(d.Get("scope").(string)), - } + log.Printf("[INFO] Updating WAFV2 RegexPatternSet %s", d.Id()) err := resource.Retry(15*time.Minute, func() *resource.RetryError { - var err error - resp, err = conn.GetRegexPatternSet(params) - if err != nil { - return resource.NonRetryableError(fmt.Errorf("Error getting lock token: %s", err)) - } - u := &wafv2.UpdateRegexPatternSetInput{ Id: aws.String(d.Id()), Name: aws.String(d.Get("name").(string)), Scope: aws.String(d.Get("scope").(string)), Description: aws.String(d.Get("description").(string)), - LockToken: resp.LockToken, + LockToken: aws.String(d.Get("lock_token").(string)), } if v, ok := d.GetOk("regular_expression_list"); ok && v.(*schema.Set).Len() > 0 { @@ -219,26 +209,23 @@ func resourceAwsWafv2RegexPatternSetUpdate(d *schema.ResourceData, meta interfac u.Description = aws.String(d.Get("description").(string)) } - _, err = conn.UpdateRegexPatternSet(u) + _, err := conn.UpdateRegexPatternSet(u) if err != nil { if isAWSErr(err, wafv2.ErrCodeWAFInternalErrorException, "AWS WAF couldn’t perform the operation because of a system problem") { return resource.RetryableError(err) } - if isAWSErr(err, wafv2.ErrCodeWAFOptimisticLockException, "AWS WAF couldn’t save your changes because you tried to update or delete a resource that has changed since you last retrieved it") { - return resource.RetryableError(err) - } return resource.NonRetryableError(err) } return nil }) if isResourceTimeoutError(err) { - _, err = conn.DeleteRegexPatternSet(&wafv2.DeleteRegexPatternSetInput{ + _, err = conn.UpdateRegexPatternSet(&wafv2.UpdateRegexPatternSetInput{ Id: aws.String(d.Id()), Name: aws.String(d.Get("name").(string)), Scope: aws.String(d.Get("scope").(string)), - LockToken: resp.LockToken, + LockToken: aws.String(d.Get("lock_token").(string)), }) } @@ -277,16 +264,13 @@ func resourceAwsWafv2RegexPatternSetDelete(d *schema.ResourceData, meta interfac Id: aws.String(d.Id()), Name: aws.String(d.Get("name").(string)), Scope: aws.String(d.Get("scope").(string)), - LockToken: resp.LockToken, + LockToken: aws.String(d.Get("lock_token").(string)), }) if err != nil { if isAWSErr(err, wafv2.ErrCodeWAFInternalErrorException, "AWS WAF couldn’t perform the operation because of a system problem") { return resource.RetryableError(err) } - if isAWSErr(err, wafv2.ErrCodeWAFOptimisticLockException, "AWS WAF couldn’t save your changes because you tried to update or delete a resource that has changed since you last retrieved it") { - return resource.RetryableError(err) - } return resource.NonRetryableError(err) } return nil @@ -297,7 +281,7 @@ func resourceAwsWafv2RegexPatternSetDelete(d *schema.ResourceData, meta interfac Id: aws.String(d.Id()), Name: aws.String(d.Get("name").(string)), Scope: aws.String(d.Get("scope").(string)), - LockToken: resp.LockToken, + LockToken: aws.String(d.Get("lock_token").(string)), }) } From 16424c1623c16af6e98a80b4ad2c7da2f2524147 Mon Sep 17 00:00:00 2001 From: Pascal van Buijtene Date: Sat, 28 Mar 2020 00:03:07 +0100 Subject: [PATCH 249/475] Cleanup --- aws/resource_aws_wafv2_regex_pattern_set.go | 15 ++------------- 1 file changed, 2 insertions(+), 13 deletions(-) diff --git a/aws/resource_aws_wafv2_regex_pattern_set.go b/aws/resource_aws_wafv2_regex_pattern_set.go index a2f5e75e126..0a1f72b626c 100644 --- a/aws/resource_aws_wafv2_regex_pattern_set.go +++ b/aws/resource_aws_wafv2_regex_pattern_set.go @@ -245,22 +245,11 @@ func resourceAwsWafv2RegexPatternSetUpdate(d *schema.ResourceData, meta interfac func resourceAwsWafv2RegexPatternSetDelete(d *schema.ResourceData, meta interface{}) error { conn := meta.(*AWSClient).wafv2conn - var resp *wafv2.GetRegexPatternSetOutput - params := &wafv2.GetRegexPatternSetInput{ - Id: aws.String(d.Id()), - Name: aws.String(d.Get("name").(string)), - Scope: aws.String(d.Get("scope").(string)), - } + log.Printf("[INFO] Deleting WAFV2 RegexPatternSet %s", d.Id()) err := resource.Retry(15*time.Minute, func() *resource.RetryError { - var err error - resp, err = conn.GetRegexPatternSet(params) - if err != nil { - return resource.NonRetryableError(fmt.Errorf("Error getting lock token: %s", err)) - } - - _, err = conn.DeleteRegexPatternSet(&wafv2.DeleteRegexPatternSetInput{ + _, err := conn.DeleteRegexPatternSet(&wafv2.DeleteRegexPatternSetInput{ Id: aws.String(d.Id()), Name: aws.String(d.Get("name").(string)), Scope: aws.String(d.Get("scope").(string)), From 5a852271d6290779590e6b7b37d679067145b428 Mon Sep 17 00:00:00 2001 From: Pascal van Buijtene Date: Tue, 31 Mar 2020 18:23:28 +0200 Subject: [PATCH 250/475] Retry in case association is being removed --- aws/resource_aws_wafv2_regex_pattern_set.go | 3 +++ 1 file changed, 3 insertions(+) diff --git a/aws/resource_aws_wafv2_regex_pattern_set.go b/aws/resource_aws_wafv2_regex_pattern_set.go index 0a1f72b626c..5b4f9446ee3 100644 --- a/aws/resource_aws_wafv2_regex_pattern_set.go +++ b/aws/resource_aws_wafv2_regex_pattern_set.go @@ -260,6 +260,9 @@ func resourceAwsWafv2RegexPatternSetDelete(d *schema.ResourceData, meta interfac if isAWSErr(err, wafv2.ErrCodeWAFInternalErrorException, "AWS WAF couldn’t perform the operation because of a system problem") { return resource.RetryableError(err) } + if isAWSErr(err, wafv2.ErrCodeWAFAssociatedItemException, "AWS WAF couldn’t perform the operation because your resource is being used by another resource or it’s associated with another resource") { + return resource.RetryableError(err) + } return resource.NonRetryableError(err) } return nil From d3fc8dbdeb12c68de04e846eac422f98c31cc019 Mon Sep 17 00:00:00 2001 From: Pascal van Buijtene Date: Sun, 5 Apr 2020 21:35:36 +0200 Subject: [PATCH 251/475] Format config code --- ...source_aws_wafv2_regex_pattern_set_test.go | 24 +++++++++---------- 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/aws/resource_aws_wafv2_regex_pattern_set_test.go b/aws/resource_aws_wafv2_regex_pattern_set_test.go index f8dd9a32ce6..518b9f12a8e 100644 --- a/aws/resource_aws_wafv2_regex_pattern_set_test.go +++ b/aws/resource_aws_wafv2_regex_pattern_set_test.go @@ -240,9 +240,9 @@ func testAccCheckAWSWafv2RegexPatternSetExists(n string, v *wafv2.RegexPatternSe func testAccAwsWafv2RegexPatternSetConfig(name string) string { return fmt.Sprintf(` resource "aws_wafv2_regex_pattern_set" "test" { - name = "%s" + name = "%s" description = "%s" - scope = "REGIONAL" + scope = "REGIONAL" regular_expression_list { regex_string = "one" @@ -263,9 +263,9 @@ resource "aws_wafv2_regex_pattern_set" "test" { func testAccAwsWafv2RegexPatternSetConfigUpdate(name string) string { return fmt.Sprintf(` resource "aws_wafv2_regex_pattern_set" "test" { - name = "%s" + name = "%s" description = "Updated" - scope = "REGIONAL" + scope = "REGIONAL" regular_expression_list { regex_string = "one" @@ -285,7 +285,7 @@ resource "aws_wafv2_regex_pattern_set" "test" { func testAccAwsWafv2RegexPatternSetConfigMinimal(name string) string { return fmt.Sprintf(` resource "aws_wafv2_regex_pattern_set" "test" { - name = "%s" + name = "%s" scope = "REGIONAL" regular_expression_list { @@ -298,9 +298,9 @@ resource "aws_wafv2_regex_pattern_set" "test" { func testAccAwsWafv2RegexPatternSetConfigOneTag(name, tagKey, tagValue string) string { return fmt.Sprintf(` resource "aws_wafv2_regex_pattern_set" "test" { - name = "%s" + name = "%s" description = "%s" - scope = "REGIONAL" + scope = "REGIONAL" regular_expression_list { regex_string = "one" @@ -311,7 +311,7 @@ resource "aws_wafv2_regex_pattern_set" "test" { } tags = { - %q = %q + "%s" = "%s" } } `, name, name, tagKey, tagValue) @@ -320,17 +320,17 @@ resource "aws_wafv2_regex_pattern_set" "test" { func testAccAwsWafv2RegexPatternSetConfigTwoTags(name, tag1Key, tag1Value, tag2Key, tag2Value string) string { return fmt.Sprintf(` resource "aws_wafv2_regex_pattern_set" "test" { - name = "%s" + name = "%s" description = "%s" - scope = "REGIONAL" + scope = "REGIONAL" regular_expression_list { regex_string = "one" } tags = { - %q = %q - %q = %q + "%s" = "%s" + "%s" = "%s" } } `, name, name, tag1Key, tag1Value, tag2Key, tag2Value) From 3ca1266e2c5f3c6c42d9323b23584c199b910605 Mon Sep 17 00:00:00 2001 From: Pascal van Buijtene Date: Thu, 9 Apr 2020 21:16:35 +0200 Subject: [PATCH 252/475] Regex not required on creation --- aws/resource_aws_wafv2_regex_pattern_set.go | 4 +-- ...source_aws_wafv2_regex_pattern_set_test.go | 30 ++++++++----------- 2 files changed, 15 insertions(+), 19 deletions(-) diff --git a/aws/resource_aws_wafv2_regex_pattern_set.go b/aws/resource_aws_wafv2_regex_pattern_set.go index 5b4f9446ee3..cb5311480d7 100644 --- a/aws/resource_aws_wafv2_regex_pattern_set.go +++ b/aws/resource_aws_wafv2_regex_pattern_set.go @@ -58,8 +58,8 @@ func resourceAwsWafv2RegexPatternSet() *schema.Resource { }, "regular_expression_list": { Type: schema.TypeSet, - Required: true, - MinItems: 1, + Optional: true, + MaxItems: 10, Elem: &schema.Resource{ Schema: map[string]*schema.Schema{ "regex_string": { diff --git a/aws/resource_aws_wafv2_regex_pattern_set_test.go b/aws/resource_aws_wafv2_regex_pattern_set_test.go index 518b9f12a8e..7e17ec82c09 100644 --- a/aws/resource_aws_wafv2_regex_pattern_set_test.go +++ b/aws/resource_aws_wafv2_regex_pattern_set_test.go @@ -13,7 +13,7 @@ import ( "github.com/hashicorp/terraform-plugin-sdk/terraform" ) -func TestAccAwsWafv2RegexPatternSet_basic(t *testing.T) { +func TestAccAwsWafv2RegexPatternSet_Basic(t *testing.T) { var v wafv2.RegexPatternSet regexPatternSetName := fmt.Sprintf("regex-pattern-set-%s", acctest.RandString(5)) resourceName := "aws_wafv2_regex_pattern_set.test" @@ -40,7 +40,7 @@ func TestAccAwsWafv2RegexPatternSet_basic(t *testing.T) { ), }, { - Config: testAccAwsWafv2RegexPatternSetConfigUpdate(regexPatternSetName), + Config: testAccAwsWafv2RegexPatternSetConfig_Update(regexPatternSetName), Check: resource.ComposeTestCheckFunc( testAccCheckAWSWafv2RegexPatternSetExists("aws_wafv2_regex_pattern_set.test", &v), testAccMatchResourceAttrRegionalARN(resourceName, "arn", "wafv2", regexp.MustCompile(`regional/regexpatternset/.+$`)), @@ -63,7 +63,7 @@ func TestAccAwsWafv2RegexPatternSet_basic(t *testing.T) { }) } -func TestAccAwsWafv2RegexPatternSet_minimal(t *testing.T) { +func TestAccAwsWafv2RegexPatternSet_Minimal(t *testing.T) { var v wafv2.RegexPatternSet regexPatternSetName := fmt.Sprintf("regex-pattern-set-%s", acctest.RandString(5)) resourceName := "aws_wafv2_regex_pattern_set.test" @@ -74,7 +74,7 @@ func TestAccAwsWafv2RegexPatternSet_minimal(t *testing.T) { CheckDestroy: testAccCheckAWSWafv2RegexPatternSetDestroy, Steps: []resource.TestStep{ { - Config: testAccAwsWafv2RegexPatternSetConfigMinimal(regexPatternSetName), + Config: testAccAwsWafv2RegexPatternSetConfig_Minimal(regexPatternSetName), Check: resource.ComposeTestCheckFunc( testAccCheckAWSWafv2RegexPatternSetExists("aws_wafv2_regex_pattern_set.test", &v), testAccMatchResourceAttrRegionalARN(resourceName, "arn", "wafv2", regexp.MustCompile(`regional/regexpatternset/.+$`)), @@ -88,7 +88,7 @@ func TestAccAwsWafv2RegexPatternSet_minimal(t *testing.T) { }) } -func TestAccAwsWafv2RegexPatternSet_changeNameForceNew(t *testing.T) { +func TestAccAwsWafv2RegexPatternSet_ChangeNameForceNew(t *testing.T) { var before, after wafv2.RegexPatternSet regexPatternSetName := fmt.Sprintf("regex-pattern-set-%s", acctest.RandString(5)) regexPatternSetNewName := fmt.Sprintf("regex-pattern-set-%s", acctest.RandString(5)) @@ -125,7 +125,7 @@ func TestAccAwsWafv2RegexPatternSet_changeNameForceNew(t *testing.T) { }) } -func TestAccAwsWafv2RegexPatternSet_tags(t *testing.T) { +func TestAccAwsWafv2RegexPatternSet_Tags(t *testing.T) { var v wafv2.RegexPatternSet regexPatternSetName := fmt.Sprintf("regex-pattern-set-%s", acctest.RandString(5)) resourceName := "aws_wafv2_regex_pattern_set.test" @@ -136,7 +136,7 @@ func TestAccAwsWafv2RegexPatternSet_tags(t *testing.T) { CheckDestroy: testAccCheckAWSWafv2RegexPatternSetDestroy, Steps: []resource.TestStep{ { - Config: testAccAwsWafv2RegexPatternSetConfigOneTag(regexPatternSetName, "Tag1", "Value1"), + Config: testAccAwsWafv2RegexPatternSetConfig_OneTag(regexPatternSetName, "Tag1", "Value1"), Check: resource.ComposeTestCheckFunc( testAccCheckAWSWafv2RegexPatternSetExists("aws_wafv2_regex_pattern_set.test", &v), testAccMatchResourceAttrRegionalARN(resourceName, "arn", "wafv2", regexp.MustCompile(`regional/regexpatternset/.+$`)), @@ -151,7 +151,7 @@ func TestAccAwsWafv2RegexPatternSet_tags(t *testing.T) { ImportStateIdFunc: testAccAWSWafv2RegexPatternSetImportStateIdFunc(resourceName), }, { - Config: testAccAwsWafv2RegexPatternSetConfigTwoTags(regexPatternSetName, "Tag1", "Value1Updated", "Tag2", "Value2"), + Config: testAccAwsWafv2RegexPatternSetConfig_TwoTags(regexPatternSetName, "Tag1", "Value1Updated", "Tag2", "Value2"), Check: resource.ComposeTestCheckFunc( testAccCheckAWSWafv2RegexPatternSetExists("aws_wafv2_regex_pattern_set.test", &v), testAccMatchResourceAttrRegionalARN(resourceName, "arn", "wafv2", regexp.MustCompile(`regional/regexpatternset/.+$`)), @@ -161,7 +161,7 @@ func TestAccAwsWafv2RegexPatternSet_tags(t *testing.T) { ), }, { - Config: testAccAwsWafv2RegexPatternSetConfigOneTag(regexPatternSetName, "Tag2", "Value2"), + Config: testAccAwsWafv2RegexPatternSetConfig_OneTag(regexPatternSetName, "Tag2", "Value2"), Check: resource.ComposeTestCheckFunc( testAccCheckAWSWafv2RegexPatternSetExists("aws_wafv2_regex_pattern_set.test", &v), testAccMatchResourceAttrRegionalARN(resourceName, "arn", "wafv2", regexp.MustCompile(`regional/regexpatternset/.+$`)), @@ -260,7 +260,7 @@ resource "aws_wafv2_regex_pattern_set" "test" { `, name, name) } -func testAccAwsWafv2RegexPatternSetConfigUpdate(name string) string { +func testAccAwsWafv2RegexPatternSetConfig_Update(name string) string { return fmt.Sprintf(` resource "aws_wafv2_regex_pattern_set" "test" { name = "%s" @@ -282,20 +282,16 @@ resource "aws_wafv2_regex_pattern_set" "test" { `, name) } -func testAccAwsWafv2RegexPatternSetConfigMinimal(name string) string { +func testAccAwsWafv2RegexPatternSetConfig_Minimal(name string) string { return fmt.Sprintf(` resource "aws_wafv2_regex_pattern_set" "test" { name = "%s" scope = "REGIONAL" - - regular_expression_list { - regex_string = "one" - } } `, name) } -func testAccAwsWafv2RegexPatternSetConfigOneTag(name, tagKey, tagValue string) string { +func testAccAwsWafv2RegexPatternSetConfig_OneTag(name, tagKey, tagValue string) string { return fmt.Sprintf(` resource "aws_wafv2_regex_pattern_set" "test" { name = "%s" @@ -317,7 +313,7 @@ resource "aws_wafv2_regex_pattern_set" "test" { `, name, name, tagKey, tagValue) } -func testAccAwsWafv2RegexPatternSetConfigTwoTags(name, tag1Key, tag1Value, tag2Key, tag2Value string) string { +func testAccAwsWafv2RegexPatternSetConfig_TwoTags(name, tag1Key, tag1Value, tag2Key, tag2Value string) string { return fmt.Sprintf(` resource "aws_wafv2_regex_pattern_set" "test" { name = "%s" From 1c2b57d916d18097edd3ba8c1c3b65b173a642ca Mon Sep 17 00:00:00 2001 From: Pascal van Buijtene Date: Thu, 9 Apr 2020 21:18:44 +0200 Subject: [PATCH 253/475] Regex has 200 character limit --- aws/resource_aws_wafv2_regex_pattern_set.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/aws/resource_aws_wafv2_regex_pattern_set.go b/aws/resource_aws_wafv2_regex_pattern_set.go index cb5311480d7..8c608438449 100644 --- a/aws/resource_aws_wafv2_regex_pattern_set.go +++ b/aws/resource_aws_wafv2_regex_pattern_set.go @@ -65,7 +65,7 @@ func resourceAwsWafv2RegexPatternSet() *schema.Resource { "regex_string": { Type: schema.TypeString, Required: true, - ValidateFunc: validation.StringLenBetween(1, 512), + ValidateFunc: validation.StringLenBetween(1, 200), }, }, }, From 39c36d33f69f8580c92d6ca742f1ccbdc6497ae1 Mon Sep 17 00:00:00 2001 From: Pascal van Buijtene Date: Tue, 5 May 2020 00:52:15 +0200 Subject: [PATCH 254/475] Duplicate code --- aws/config.go | 38 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 38 insertions(+) diff --git a/aws/config.go b/aws/config.go index 733c3e8c00c..435838ab68e 100644 --- a/aws/config.go +++ b/aws/config.go @@ -4,6 +4,7 @@ import ( "fmt" "log" "strings" + "time" "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/awserr" @@ -150,6 +151,7 @@ import ( "github.com/aws/aws-sdk-go/service/xray" awsbase "github.com/hashicorp/aws-sdk-go-base" "github.com/hashicorp/terraform-plugin-sdk/helper/logging" + "github.com/hashicorp/terraform-plugin-sdk/helper/resource" "github.com/terraform-providers/terraform-provider-aws/aws/internal/keyvaluetags" ) @@ -781,3 +783,39 @@ func GetSupportedEC2Platforms(conn *ec2.EC2) ([]string, error) { return platforms, nil } + +type wafv2CallFunc func() (interface{}, error) + +// Calls a WAFv2 action and retries on a retryable error +func callWafv2WithRetry(f wafv2CallFunc) (interface{}, error) { + var out interface{} + err := resource.Retry(15*time.Minute, func() *resource.RetryError { + var err error + out, err = f() + if err != nil { + if isAWSErr(err, wafv2.ErrCodeWAFInternalErrorException, "AWS WAF couldn’t perform the operation because of a system problem") { + return resource.RetryableError(err) + } + if isAWSErr(err, wafv2.ErrCodeWAFTagOperationException, "An error occurred during the tagging operation") { + return resource.RetryableError(err) + } + if isAWSErr(err, wafv2.ErrCodeWAFTagOperationInternalErrorException, "AWS WAF couldn’t perform your tagging operation because of an internal error") { + return resource.RetryableError(err) + } + if isAWSErr(err, wafv2.ErrCodeWAFAssociatedItemException, "AWS WAF couldn’t perform the operation because your resource is being used by another resource or it’s associated with another resource") { + return resource.RetryableError(err) + } + return resource.NonRetryableError(err) + } + return nil + }) + + if isResourceTimeoutError(err) { + _, err = f() + } + if err != nil { + return nil, err + } + + return out, nil +} From 4d6c60e825fa2a8da99a8933959f8c7d7c39d071 Mon Sep 17 00:00:00 2001 From: Pascal van Buijtene Date: Tue, 5 May 2020 13:17:16 +0200 Subject: [PATCH 255/475] Apply changes based on review --- aws/config.go | 40 +---- aws/resource_aws_wafv2_regex_pattern_set.go | 158 +++++++----------- ...source_aws_wafv2_regex_pattern_set_test.go | 69 ++++++-- 3 files changed, 115 insertions(+), 152 deletions(-) diff --git a/aws/config.go b/aws/config.go index 435838ab68e..d9858b2b596 100644 --- a/aws/config.go +++ b/aws/config.go @@ -4,7 +4,6 @@ import ( "fmt" "log" "strings" - "time" "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/awserr" @@ -151,7 +150,6 @@ import ( "github.com/aws/aws-sdk-go/service/xray" awsbase "github.com/hashicorp/aws-sdk-go-base" "github.com/hashicorp/terraform-plugin-sdk/helper/logging" - "github.com/hashicorp/terraform-plugin-sdk/helper/resource" "github.com/terraform-providers/terraform-provider-aws/aws/internal/keyvaluetags" ) @@ -722,7 +720,7 @@ func (c *Config) Client() (interface{}, error) { r.Retryable = aws.Bool(true) } - if r.Operation.Name == "CreateIPSet" { + if r.Operation.Name == "CreateIPSet" || r.Operation.Name == "CreateRegexPatternSet" { // WAFv2 supports tag on create which can result in the below error codes according to the documentation if isAWSErr(r.Error, wafv2.ErrCodeWAFTagOperationException, "Retry your request") { r.Retryable = aws.Bool(true) @@ -783,39 +781,3 @@ func GetSupportedEC2Platforms(conn *ec2.EC2) ([]string, error) { return platforms, nil } - -type wafv2CallFunc func() (interface{}, error) - -// Calls a WAFv2 action and retries on a retryable error -func callWafv2WithRetry(f wafv2CallFunc) (interface{}, error) { - var out interface{} - err := resource.Retry(15*time.Minute, func() *resource.RetryError { - var err error - out, err = f() - if err != nil { - if isAWSErr(err, wafv2.ErrCodeWAFInternalErrorException, "AWS WAF couldn’t perform the operation because of a system problem") { - return resource.RetryableError(err) - } - if isAWSErr(err, wafv2.ErrCodeWAFTagOperationException, "An error occurred during the tagging operation") { - return resource.RetryableError(err) - } - if isAWSErr(err, wafv2.ErrCodeWAFTagOperationInternalErrorException, "AWS WAF couldn’t perform your tagging operation because of an internal error") { - return resource.RetryableError(err) - } - if isAWSErr(err, wafv2.ErrCodeWAFAssociatedItemException, "AWS WAF couldn’t perform the operation because your resource is being used by another resource or it’s associated with another resource") { - return resource.RetryableError(err) - } - return resource.NonRetryableError(err) - } - return nil - }) - - if isResourceTimeoutError(err) { - _, err = f() - } - if err != nil { - return nil, err - } - - return out, nil -} diff --git a/aws/resource_aws_wafv2_regex_pattern_set.go b/aws/resource_aws_wafv2_regex_pattern_set.go index 8c608438449..391eb0f72df 100644 --- a/aws/resource_aws_wafv2_regex_pattern_set.go +++ b/aws/resource_aws_wafv2_regex_pattern_set.go @@ -86,48 +86,30 @@ func resourceAwsWafv2RegexPatternSet() *schema.Resource { func resourceAwsWafv2RegexPatternSetCreate(d *schema.ResourceData, meta interface{}) error { conn := meta.(*AWSClient).wafv2conn - var resp *wafv2.CreateRegexPatternSetOutput - params := &wafv2.CreateRegexPatternSetInput{ - Name: aws.String(d.Get("name").(string)), - Scope: aws.String(d.Get("scope").(string)), + Name: aws.String(d.Get("name").(string)), + Scope: aws.String(d.Get("scope").(string)), + RegularExpressionList: []*wafv2.Regex{}, } - if d.HasChange("description") { - params.Description = aws.String(d.Get("description").(string)) + if v, ok := d.GetOk("description"); ok { + params.Description = aws.String(v.(string)) } if v, ok := d.GetOk("regular_expression_list"); ok && v.(*schema.Set).Len() > 0 { - params.RegularExpressionList = expandWafv2RegexPatternSet(d.Get("regular_expression_list").(*schema.Set).List()) + params.RegularExpressionList = expandWafv2RegexPatternSet(v.(*schema.Set).List()) } if v := d.Get("tags").(map[string]interface{}); len(v) > 0 { params.Tags = keyvaluetags.New(v).IgnoreAws().Wafv2Tags() } - err := resource.Retry(15*time.Minute, func() *resource.RetryError { - var err error - resp, err = conn.CreateRegexPatternSet(params) - if err != nil { - if isAWSErr(err, wafv2.ErrCodeWAFInternalErrorException, "AWS WAF couldn’t perform the operation because of a system problem") { - return resource.RetryableError(err) - } - if isAWSErr(err, wafv2.ErrCodeWAFTagOperationException, "An error occurred during the tagging operation") { - return resource.RetryableError(err) - } - if isAWSErr(err, wafv2.ErrCodeWAFTagOperationInternalErrorException, "AWS WAF couldn’t perform your tagging operation because of an internal error") { - return resource.RetryableError(err) - } - return resource.NonRetryableError(err) - } - return nil - }) - if isResourceTimeoutError(err) { - _, err = conn.CreateRegexPatternSet(params) - } + resp, err := conn.CreateRegexPatternSet(params) + if err != nil { - return err + return fmt.Errorf("Error creating WAFv2 RegexPatternSet: %s", err) } + d.SetId(*resp.Summary.Id) return resourceAwsWafv2RegexPatternSetRead(d, meta) @@ -135,7 +117,7 @@ func resourceAwsWafv2RegexPatternSetCreate(d *schema.ResourceData, meta interfac func resourceAwsWafv2RegexPatternSetRead(d *schema.ResourceData, meta interface{}) error { conn := meta.(*AWSClient).wafv2conn - + ignoreTagsConfig := meta.(*AWSClient).IgnoreTagsConfig params := &wafv2.GetRegexPatternSetInput{ Id: aws.String(d.Id()), Name: aws.String(d.Get("name").(string)), @@ -145,7 +127,7 @@ func resourceAwsWafv2RegexPatternSetRead(d *schema.ResourceData, meta interface{ resp, err := conn.GetRegexPatternSet(params) if err != nil { if isAWSErr(err, wafv2.ErrCodeWAFNonexistentItemException, "AWS WAF couldn’t perform the operation because your resource doesn’t exist") { - log.Printf("[WARN] WAFV2 RegexPatternSet (%s) not found, removing from state", d.Id()) + log.Printf("[WARN] WAFv2 RegexPatternSet (%s) not found, removing from state", d.Id()) d.SetId("") return nil } @@ -164,79 +146,48 @@ func resourceAwsWafv2RegexPatternSetRead(d *schema.ResourceData, meta interface{ tags, err := keyvaluetags.Wafv2ListTags(conn, *resp.RegexPatternSet.ARN) if err != nil { - return fmt.Errorf("error listing tags for WAFV2 RegexPatternSet (%s): %s", *resp.RegexPatternSet.ARN, err) + return fmt.Errorf("Error listing tags for WAFv2 RegexPatternSet (%s): %s", *resp.RegexPatternSet.ARN, err) } - if err := d.Set("tags", tags.IgnoreAws().Map()); err != nil { - return fmt.Errorf("error setting tags: %s", err) + if err := d.Set("tags", tags.IgnoreAws().IgnoreConfig(ignoreTagsConfig).Map()); err != nil { + return fmt.Errorf("Error setting tags: %s", err) } return nil } -func flattenWafv2RegexPatternSet(r []*wafv2.Regex) interface{} { - regexPatterns := make([]interface{}, len(r)) - - for i, regexPattern := range r { - d := map[string]interface{}{ - "regex_string": *regexPattern.RegexString, - } - regexPatterns[i] = d - } - - return regexPatterns -} - func resourceAwsWafv2RegexPatternSetUpdate(d *schema.ResourceData, meta interface{}) error { conn := meta.(*AWSClient).wafv2conn - log.Printf("[INFO] Updating WAFV2 RegexPatternSet %s", d.Id()) - - err := resource.Retry(15*time.Minute, func() *resource.RetryError { - u := &wafv2.UpdateRegexPatternSetInput{ - Id: aws.String(d.Id()), - Name: aws.String(d.Get("name").(string)), - Scope: aws.String(d.Get("scope").(string)), - Description: aws.String(d.Get("description").(string)), - LockToken: aws.String(d.Get("lock_token").(string)), - } - - if v, ok := d.GetOk("regular_expression_list"); ok && v.(*schema.Set).Len() > 0 { - u.RegularExpressionList = expandWafv2RegexPatternSet(d.Get("regular_expression_list").(*schema.Set).List()) - } - - if d.HasChange("description") { - u.Description = aws.String(d.Get("description").(string)) - } + log.Printf("[INFO] Updating WAFv2 RegexPatternSet %s", d.Id()) - _, err := conn.UpdateRegexPatternSet(u) + params := &wafv2.UpdateRegexPatternSetInput{ + Id: aws.String(d.Id()), + Name: aws.String(d.Get("name").(string)), + Scope: aws.String(d.Get("scope").(string)), + Description: aws.String(d.Get("description").(string)), + LockToken: aws.String(d.Get("lock_token").(string)), + RegularExpressionList: []*wafv2.Regex{}, + } - if err != nil { - if isAWSErr(err, wafv2.ErrCodeWAFInternalErrorException, "AWS WAF couldn’t perform the operation because of a system problem") { - return resource.RetryableError(err) - } - return resource.NonRetryableError(err) - } - return nil - }) + if v, ok := d.GetOk("regular_expression_list"); ok && v.(*schema.Set).Len() > 0 { + params.RegularExpressionList = expandWafv2RegexPatternSet(v.(*schema.Set).List()) + } - if isResourceTimeoutError(err) { - _, err = conn.UpdateRegexPatternSet(&wafv2.UpdateRegexPatternSetInput{ - Id: aws.String(d.Id()), - Name: aws.String(d.Get("name").(string)), - Scope: aws.String(d.Get("scope").(string)), - LockToken: aws.String(d.Get("lock_token").(string)), - }) + if v, ok := d.GetOk("description"); ok { + params.Description = aws.String(v.(string)) } + _, err := conn.UpdateRegexPatternSet(params) + if err != nil { - return fmt.Errorf("Error updating WAFV2 RegexPatternSet: %s", err) + return fmt.Errorf("Error updating WAFv2 RegexPatternSet: %s", err) } if d.HasChange("tags") { o, n := d.GetChange("tags") if err := keyvaluetags.Wafv2UpdateTags(conn, d.Get("arn").(string), o, n); err != nil { - return fmt.Errorf("error updating tags: %s", err) + return fmt.Errorf("Error updating tags: %s", err) } } @@ -246,20 +197,17 @@ func resourceAwsWafv2RegexPatternSetUpdate(d *schema.ResourceData, meta interfac func resourceAwsWafv2RegexPatternSetDelete(d *schema.ResourceData, meta interface{}) error { conn := meta.(*AWSClient).wafv2conn - log.Printf("[INFO] Deleting WAFV2 RegexPatternSet %s", d.Id()) - - err := resource.Retry(15*time.Minute, func() *resource.RetryError { - _, err := conn.DeleteRegexPatternSet(&wafv2.DeleteRegexPatternSetInput{ - Id: aws.String(d.Id()), - Name: aws.String(d.Get("name").(string)), - Scope: aws.String(d.Get("scope").(string)), - LockToken: aws.String(d.Get("lock_token").(string)), - }) + log.Printf("[INFO] Deleting WAFv2 RegexPatternSet %s", d.Id()) + params := &wafv2.DeleteRegexPatternSetInput{ + Id: aws.String(d.Id()), + Name: aws.String(d.Get("name").(string)), + Scope: aws.String(d.Get("scope").(string)), + LockToken: aws.String(d.Get("lock_token").(string)), + } + err := resource.Retry(5*time.Minute, func() *resource.RetryError { + _, err := conn.DeleteRegexPatternSet(params) if err != nil { - if isAWSErr(err, wafv2.ErrCodeWAFInternalErrorException, "AWS WAF couldn’t perform the operation because of a system problem") { - return resource.RetryableError(err) - } if isAWSErr(err, wafv2.ErrCodeWAFAssociatedItemException, "AWS WAF couldn’t perform the operation because your resource is being used by another resource or it’s associated with another resource") { return resource.RetryableError(err) } @@ -269,16 +217,11 @@ func resourceAwsWafv2RegexPatternSetDelete(d *schema.ResourceData, meta interfac }) if isResourceTimeoutError(err) { - _, err = conn.DeleteRegexPatternSet(&wafv2.DeleteRegexPatternSetInput{ - Id: aws.String(d.Id()), - Name: aws.String(d.Get("name").(string)), - Scope: aws.String(d.Get("scope").(string)), - LockToken: aws.String(d.Get("lock_token").(string)), - }) + _, err = conn.DeleteRegexPatternSet(params) } if err != nil { - return fmt.Errorf("Error deleting WAFV2 RegexPatternSet: %s", err) + return fmt.Errorf("Error deleting WAFv2 RegexPatternSet: %s", err) } return nil @@ -310,3 +253,16 @@ func expandWafv2Regex(m map[string]interface{}) *wafv2.Regex { RegexString: aws.String(m["regex_string"].(string)), } } + +func flattenWafv2RegexPatternSet(r []*wafv2.Regex) interface{} { + regexPatterns := make([]interface{}, len(r)) + + for i, regexPattern := range r { + d := map[string]interface{}{ + "regex_string": *regexPattern.RegexString, + } + regexPatterns[i] = d + } + + return regexPatterns +} diff --git a/aws/resource_aws_wafv2_regex_pattern_set_test.go b/aws/resource_aws_wafv2_regex_pattern_set_test.go index 7e17ec82c09..d4df7d96254 100644 --- a/aws/resource_aws_wafv2_regex_pattern_set_test.go +++ b/aws/resource_aws_wafv2_regex_pattern_set_test.go @@ -26,7 +26,7 @@ func TestAccAwsWafv2RegexPatternSet_Basic(t *testing.T) { { Config: testAccAwsWafv2RegexPatternSetConfig(regexPatternSetName), Check: resource.ComposeTestCheckFunc( - testAccCheckAWSWafv2RegexPatternSetExists("aws_wafv2_regex_pattern_set.test", &v), + testAccCheckAWSWafv2RegexPatternSetExists(resourceName, &v), testAccMatchResourceAttrRegionalARN(resourceName, "arn", "wafv2", regexp.MustCompile(`regional/regexpatternset/.+$`)), resource.TestCheckResourceAttr(resourceName, "name", regexPatternSetName), resource.TestCheckResourceAttr(resourceName, "description", regexPatternSetName), @@ -42,7 +42,7 @@ func TestAccAwsWafv2RegexPatternSet_Basic(t *testing.T) { { Config: testAccAwsWafv2RegexPatternSetConfig_Update(regexPatternSetName), Check: resource.ComposeTestCheckFunc( - testAccCheckAWSWafv2RegexPatternSetExists("aws_wafv2_regex_pattern_set.test", &v), + testAccCheckAWSWafv2RegexPatternSetExists(resourceName, &v), testAccMatchResourceAttrRegionalARN(resourceName, "arn", "wafv2", regexp.MustCompile(`regional/regexpatternset/.+$`)), resource.TestCheckResourceAttr(resourceName, "name", regexPatternSetName), resource.TestCheckResourceAttr(resourceName, "description", "Updated"), @@ -63,6 +63,28 @@ func TestAccAwsWafv2RegexPatternSet_Basic(t *testing.T) { }) } +func TestAccAwsWafv2RegexPatternSet_Disappears(t *testing.T) { + var v wafv2.RegexPatternSet + regexPatternSetName := fmt.Sprintf("regex-pattern-set-%s", acctest.RandString(5)) + resourceName := "aws_wafv2_regex_pattern_set.test" + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSWafv2RegexPatternSetDestroy, + Steps: []resource.TestStep{ + { + Config: testAccAwsWafv2RegexPatternSetConfig_Minimal(regexPatternSetName), + Check: resource.ComposeTestCheckFunc( + testAccCheckAWSWafv2RegexPatternSetExists(resourceName, &v), + testAccCheckAWSWafv2RegexPatternSetDisappears(resourceName), + ), + ExpectNonEmptyPlan: true, + }, + }, + }) +} + func TestAccAwsWafv2RegexPatternSet_Minimal(t *testing.T) { var v wafv2.RegexPatternSet regexPatternSetName := fmt.Sprintf("regex-pattern-set-%s", acctest.RandString(5)) @@ -76,12 +98,12 @@ func TestAccAwsWafv2RegexPatternSet_Minimal(t *testing.T) { { Config: testAccAwsWafv2RegexPatternSetConfig_Minimal(regexPatternSetName), Check: resource.ComposeTestCheckFunc( - testAccCheckAWSWafv2RegexPatternSetExists("aws_wafv2_regex_pattern_set.test", &v), + testAccCheckAWSWafv2RegexPatternSetExists(resourceName, &v), testAccMatchResourceAttrRegionalARN(resourceName, "arn", "wafv2", regexp.MustCompile(`regional/regexpatternset/.+$`)), resource.TestCheckResourceAttr(resourceName, "name", regexPatternSetName), resource.TestCheckResourceAttr(resourceName, "description", ""), resource.TestCheckResourceAttr(resourceName, "scope", wafv2.ScopeRegional), - resource.TestCheckResourceAttr(resourceName, "regular_expression_list.#", "1"), + resource.TestCheckResourceAttr(resourceName, "regular_expression_list.#", "0"), ), }, }, @@ -102,7 +124,7 @@ func TestAccAwsWafv2RegexPatternSet_ChangeNameForceNew(t *testing.T) { { Config: testAccAwsWafv2RegexPatternSetConfig(regexPatternSetName), Check: resource.ComposeTestCheckFunc( - testAccCheckAWSWafv2RegexPatternSetExists("aws_wafv2_regex_pattern_set.test", &before), + testAccCheckAWSWafv2RegexPatternSetExists(resourceName, &before), testAccMatchResourceAttrRegionalARN(resourceName, "arn", "wafv2", regexp.MustCompile(`regional/regexpatternset/.+$`)), resource.TestCheckResourceAttr(resourceName, "name", regexPatternSetName), resource.TestCheckResourceAttr(resourceName, "description", regexPatternSetName), @@ -113,7 +135,7 @@ func TestAccAwsWafv2RegexPatternSet_ChangeNameForceNew(t *testing.T) { { Config: testAccAwsWafv2RegexPatternSetConfig(regexPatternSetNewName), Check: resource.ComposeTestCheckFunc( - testAccCheckAWSWafv2RegexPatternSetExists("aws_wafv2_regex_pattern_set.test", &after), + testAccCheckAWSWafv2RegexPatternSetExists(resourceName, &after), testAccMatchResourceAttrRegionalARN(resourceName, "arn", "wafv2", regexp.MustCompile(`regional/regexpatternset/.+$`)), resource.TestCheckResourceAttr(resourceName, "name", regexPatternSetNewName), resource.TestCheckResourceAttr(resourceName, "description", regexPatternSetNewName), @@ -138,7 +160,7 @@ func TestAccAwsWafv2RegexPatternSet_Tags(t *testing.T) { { Config: testAccAwsWafv2RegexPatternSetConfig_OneTag(regexPatternSetName, "Tag1", "Value1"), Check: resource.ComposeTestCheckFunc( - testAccCheckAWSWafv2RegexPatternSetExists("aws_wafv2_regex_pattern_set.test", &v), + testAccCheckAWSWafv2RegexPatternSetExists(resourceName, &v), testAccMatchResourceAttrRegionalARN(resourceName, "arn", "wafv2", regexp.MustCompile(`regional/regexpatternset/.+$`)), resource.TestCheckResourceAttr(resourceName, "tags.%", "1"), resource.TestCheckResourceAttr(resourceName, "tags.Tag1", "Value1"), @@ -153,7 +175,7 @@ func TestAccAwsWafv2RegexPatternSet_Tags(t *testing.T) { { Config: testAccAwsWafv2RegexPatternSetConfig_TwoTags(regexPatternSetName, "Tag1", "Value1Updated", "Tag2", "Value2"), Check: resource.ComposeTestCheckFunc( - testAccCheckAWSWafv2RegexPatternSetExists("aws_wafv2_regex_pattern_set.test", &v), + testAccCheckAWSWafv2RegexPatternSetExists(resourceName, &v), testAccMatchResourceAttrRegionalARN(resourceName, "arn", "wafv2", regexp.MustCompile(`regional/regexpatternset/.+$`)), resource.TestCheckResourceAttr(resourceName, "tags.%", "2"), resource.TestCheckResourceAttr(resourceName, "tags.Tag1", "Value1Updated"), @@ -163,7 +185,7 @@ func TestAccAwsWafv2RegexPatternSet_Tags(t *testing.T) { { Config: testAccAwsWafv2RegexPatternSetConfig_OneTag(regexPatternSetName, "Tag2", "Value2"), Check: resource.ComposeTestCheckFunc( - testAccCheckAWSWafv2RegexPatternSetExists("aws_wafv2_regex_pattern_set.test", &v), + testAccCheckAWSWafv2RegexPatternSetExists(resourceName, &v), testAccMatchResourceAttrRegionalARN(resourceName, "arn", "wafv2", regexp.MustCompile(`regional/regexpatternset/.+$`)), resource.TestCheckResourceAttr(resourceName, "tags.%", "1"), resource.TestCheckResourceAttr(resourceName, "tags.Tag2", "Value2"), @@ -189,7 +211,7 @@ func testAccCheckAWSWafv2RegexPatternSetDestroy(s *terraform.State) error { if err == nil { if *resp.RegexPatternSet.Id == rs.Primary.ID { - return fmt.Errorf("WAFV2 RegexPatternSet %s still exists", rs.Primary.ID) + return fmt.Errorf("WAFv2 RegexPatternSet %s still exists", rs.Primary.ID) } } @@ -206,6 +228,29 @@ func testAccCheckAWSWafv2RegexPatternSetDestroy(s *terraform.State) error { return nil } +func testAccCheckAWSWafv2RegexPatternSetDisappears(n string) resource.TestCheckFunc { + return func(s *terraform.State) error { + rs, ok := s.RootModule().Resources[n] + if !ok { + return fmt.Errorf("not found: %s", n) + } + + if rs.Primary.ID == "" { + return fmt.Errorf("no WAFv2 RegexPatternSet ID is set") + } + + conn := testAccProvider.Meta().(*AWSClient).wafv2conn + _, err := conn.DeleteRegexPatternSet(&wafv2.DeleteRegexPatternSetInput{ + Id: aws.String(rs.Primary.ID), + Name: aws.String(rs.Primary.Attributes["name"]), + Scope: aws.String(rs.Primary.Attributes["scope"]), + LockToken: aws.String(rs.Primary.Attributes["lock_token"]), + }) + + return err + } +} + func testAccCheckAWSWafv2RegexPatternSetExists(n string, v *wafv2.RegexPatternSet) resource.TestCheckFunc { return func(s *terraform.State) error { rs, ok := s.RootModule().Resources[n] @@ -214,7 +259,7 @@ func testAccCheckAWSWafv2RegexPatternSetExists(n string, v *wafv2.RegexPatternSe } if rs.Primary.ID == "" { - return fmt.Errorf("No WAFV2 RegexPatternSet ID is set") + return fmt.Errorf("No WAFv2 RegexPatternSet ID is set") } conn := testAccProvider.Meta().(*AWSClient).wafv2conn @@ -233,7 +278,7 @@ func testAccCheckAWSWafv2RegexPatternSetExists(n string, v *wafv2.RegexPatternSe return nil } - return fmt.Errorf("WAFV2 RegexPatternSet (%s) not found", rs.Primary.ID) + return fmt.Errorf("WAFv2 RegexPatternSet (%s) not found", rs.Primary.ID) } } From f2eb285784ca9b1fcdda9c21b55bd1fb4c1466d5 Mon Sep 17 00:00:00 2001 From: Pascal van Buijtene Date: Wed, 6 May 2020 23:23:30 +0200 Subject: [PATCH 256/475] Apply review comments --- aws/resource_aws_wafv2_regex_pattern_set.go | 1 - ...source_aws_wafv2_regex_pattern_set_test.go | 25 +------------------ .../r/wafv2_regex_pattern_set.html.markdown | 2 +- 3 files changed, 2 insertions(+), 26 deletions(-) diff --git a/aws/resource_aws_wafv2_regex_pattern_set.go b/aws/resource_aws_wafv2_regex_pattern_set.go index 391eb0f72df..3a84f3a8b46 100644 --- a/aws/resource_aws_wafv2_regex_pattern_set.go +++ b/aws/resource_aws_wafv2_regex_pattern_set.go @@ -165,7 +165,6 @@ func resourceAwsWafv2RegexPatternSetUpdate(d *schema.ResourceData, meta interfac Id: aws.String(d.Id()), Name: aws.String(d.Get("name").(string)), Scope: aws.String(d.Get("scope").(string)), - Description: aws.String(d.Get("description").(string)), LockToken: aws.String(d.Get("lock_token").(string)), RegularExpressionList: []*wafv2.Regex{}, } diff --git a/aws/resource_aws_wafv2_regex_pattern_set_test.go b/aws/resource_aws_wafv2_regex_pattern_set_test.go index d4df7d96254..5c84eb1d7b8 100644 --- a/aws/resource_aws_wafv2_regex_pattern_set_test.go +++ b/aws/resource_aws_wafv2_regex_pattern_set_test.go @@ -77,7 +77,7 @@ func TestAccAwsWafv2RegexPatternSet_Disappears(t *testing.T) { Config: testAccAwsWafv2RegexPatternSetConfig_Minimal(regexPatternSetName), Check: resource.ComposeTestCheckFunc( testAccCheckAWSWafv2RegexPatternSetExists(resourceName, &v), - testAccCheckAWSWafv2RegexPatternSetDisappears(resourceName), + testAccCheckResourceDisappears(testAccProvider, resourceAwsWafv2RegexPatternSet(), resourceName), ), ExpectNonEmptyPlan: true, }, @@ -228,29 +228,6 @@ func testAccCheckAWSWafv2RegexPatternSetDestroy(s *terraform.State) error { return nil } -func testAccCheckAWSWafv2RegexPatternSetDisappears(n string) resource.TestCheckFunc { - return func(s *terraform.State) error { - rs, ok := s.RootModule().Resources[n] - if !ok { - return fmt.Errorf("not found: %s", n) - } - - if rs.Primary.ID == "" { - return fmt.Errorf("no WAFv2 RegexPatternSet ID is set") - } - - conn := testAccProvider.Meta().(*AWSClient).wafv2conn - _, err := conn.DeleteRegexPatternSet(&wafv2.DeleteRegexPatternSetInput{ - Id: aws.String(rs.Primary.ID), - Name: aws.String(rs.Primary.Attributes["name"]), - Scope: aws.String(rs.Primary.Attributes["scope"]), - LockToken: aws.String(rs.Primary.Attributes["lock_token"]), - }) - - return err - } -} - func testAccCheckAWSWafv2RegexPatternSetExists(n string, v *wafv2.RegexPatternSet) resource.TestCheckFunc { return func(s *terraform.State) error { rs, ok := s.RootModule().Resources[n] diff --git a/website/docs/r/wafv2_regex_pattern_set.html.markdown b/website/docs/r/wafv2_regex_pattern_set.html.markdown index e53fc93b1d5..9fe0bc034b9 100644 --- a/website/docs/r/wafv2_regex_pattern_set.html.markdown +++ b/website/docs/r/wafv2_regex_pattern_set.html.markdown @@ -40,7 +40,7 @@ The following arguments are supported: * `name` - (Required) A friendly name of the regular expression pattern set. * `description` - (Optional) A friendly description of the regular expression pattern set. * `scope` - (Required) Specifies whether this is for an AWS CloudFront distribution or for a regional application. Valid values are `CLOUDFRONT` or `REGIONAL`. To work with CloudFront, you must also specify the Region US East (N. Virginia). -* `regular_expression_list` - (Required) One or more blocks of regular expression patterns that you want AWS WAF to search for, such as `B[a@]dB[o0]t`. +* `regular_expression_list` - (Optional) One or more blocks of regular expression patterns that you want AWS WAF to search for, such as `B[a@]dB[o0]t`. * `tags` - (Optional) An array of key:value pairs to associate with the resource. ## Nested blocks From fabcd500c045a160800fec0b55cd157ea651e8a9 Mon Sep 17 00:00:00 2001 From: Pascal van Buijtene Date: Mon, 11 May 2020 22:04:31 +0200 Subject: [PATCH 257/475] Remove error message condition --- aws/resource_aws_wafv2_regex_pattern_set.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/aws/resource_aws_wafv2_regex_pattern_set.go b/aws/resource_aws_wafv2_regex_pattern_set.go index 3a84f3a8b46..6d2fb831e96 100644 --- a/aws/resource_aws_wafv2_regex_pattern_set.go +++ b/aws/resource_aws_wafv2_regex_pattern_set.go @@ -126,7 +126,7 @@ func resourceAwsWafv2RegexPatternSetRead(d *schema.ResourceData, meta interface{ resp, err := conn.GetRegexPatternSet(params) if err != nil { - if isAWSErr(err, wafv2.ErrCodeWAFNonexistentItemException, "AWS WAF couldn’t perform the operation because your resource doesn’t exist") { + if isAWSErr(err, wafv2.ErrCodeWAFNonexistentItemException, "") { log.Printf("[WARN] WAFv2 RegexPatternSet (%s) not found, removing from state", d.Id()) d.SetId("") return nil @@ -207,7 +207,7 @@ func resourceAwsWafv2RegexPatternSetDelete(d *schema.ResourceData, meta interfac _, err := conn.DeleteRegexPatternSet(params) if err != nil { - if isAWSErr(err, wafv2.ErrCodeWAFAssociatedItemException, "AWS WAF couldn’t perform the operation because your resource is being used by another resource or it’s associated with another resource") { + if isAWSErr(err, wafv2.ErrCodeWAFAssociatedItemException, "") { return resource.RetryableError(err) } return resource.NonRetryableError(err) From c5746c6d119034fc69c5e5660bf69da631a3e394 Mon Sep 17 00:00:00 2001 From: Pascal van Buijtene Date: Thu, 14 May 2020 22:17:15 +0200 Subject: [PATCH 258/475] Apply review comments --- aws/resource_aws_wafv2_regex_pattern_set.go | 50 +++++++++++------- ...source_aws_wafv2_regex_pattern_set_test.go | 52 ++++++++++--------- .../r/wafv2_regex_pattern_set.html.markdown | 10 ++-- 3 files changed, 62 insertions(+), 50 deletions(-) diff --git a/aws/resource_aws_wafv2_regex_pattern_set.go b/aws/resource_aws_wafv2_regex_pattern_set.go index 6d2fb831e96..89622bb031f 100644 --- a/aws/resource_aws_wafv2_regex_pattern_set.go +++ b/aws/resource_aws_wafv2_regex_pattern_set.go @@ -56,7 +56,7 @@ func resourceAwsWafv2RegexPatternSet() *schema.Resource { ForceNew: true, ValidateFunc: validation.StringLenBetween(1, 128), }, - "regular_expression_list": { + "regular_expression": { Type: schema.TypeSet, Optional: true, MaxItems: 10, @@ -96,7 +96,7 @@ func resourceAwsWafv2RegexPatternSetCreate(d *schema.ResourceData, meta interfac params.Description = aws.String(v.(string)) } - if v, ok := d.GetOk("regular_expression_list"); ok && v.(*schema.Set).Len() > 0 { + if v, ok := d.GetOk("regular_expression"); ok && v.(*schema.Set).Len() > 0 { params.RegularExpressionList = expandWafv2RegexPatternSet(v.(*schema.Set).List()) } @@ -110,7 +110,11 @@ func resourceAwsWafv2RegexPatternSetCreate(d *schema.ResourceData, meta interfac return fmt.Errorf("Error creating WAFv2 RegexPatternSet: %s", err) } - d.SetId(*resp.Summary.Id) + if resp == nil || resp.Summary == nil { + return fmt.Errorf("Error creating WAFv2 RegexPatternSet") + } + + d.SetId(aws.StringValue(resp.Summary.Id)) return resourceAwsWafv2RegexPatternSetRead(d, meta) } @@ -131,22 +135,25 @@ func resourceAwsWafv2RegexPatternSetRead(d *schema.ResourceData, meta interface{ d.SetId("") return nil } - return err } - d.Set("name", resp.RegexPatternSet.Name) - d.Set("description", resp.RegexPatternSet.Description) - d.Set("arn", resp.RegexPatternSet.ARN) - d.Set("lock_token", resp.LockToken) + if resp == nil || resp.RegexPatternSet == nil { + return fmt.Errorf("Error getting WAFv2 RegexPatternSet") + } + + d.Set("name", aws.StringValue(resp.RegexPatternSet.Name)) + d.Set("description", aws.StringValue(resp.RegexPatternSet.Description)) + d.Set("arn", aws.StringValue(resp.RegexPatternSet.ARN)) + d.Set("lock_token", aws.StringValue(resp.LockToken)) - if err := d.Set("regular_expression_list", flattenWafv2RegexPatternSet(resp.RegexPatternSet.RegularExpressionList)); err != nil { - return fmt.Errorf("Error setting regular_expression_list: %s", err) + if err := d.Set("regular_expression", flattenWafv2RegexPatternSet(resp.RegexPatternSet.RegularExpressionList)); err != nil { + return fmt.Errorf("Error setting regular_expression: %s", err) } - tags, err := keyvaluetags.Wafv2ListTags(conn, *resp.RegexPatternSet.ARN) + tags, err := keyvaluetags.Wafv2ListTags(conn, aws.StringValue(resp.RegexPatternSet.ARN)) if err != nil { - return fmt.Errorf("Error listing tags for WAFv2 RegexPatternSet (%s): %s", *resp.RegexPatternSet.ARN, err) + return fmt.Errorf("Error listing tags for WAFv2 RegexPatternSet (%s): %s", aws.StringValue(resp.RegexPatternSet.ARN), err) } if err := d.Set("tags", tags.IgnoreAws().IgnoreConfig(ignoreTagsConfig).Map()); err != nil { @@ -169,7 +176,7 @@ func resourceAwsWafv2RegexPatternSetUpdate(d *schema.ResourceData, meta interfac RegularExpressionList: []*wafv2.Regex{}, } - if v, ok := d.GetOk("regular_expression_list"); ok && v.(*schema.Set).Len() > 0 { + if v, ok := d.GetOk("regular_expression"); ok && v.(*schema.Set).Len() > 0 { params.RegularExpressionList = expandWafv2RegexPatternSet(v.(*schema.Set).List()) } @@ -205,7 +212,6 @@ func resourceAwsWafv2RegexPatternSetDelete(d *schema.ResourceData, meta interfac } err := resource.Retry(5*time.Minute, func() *resource.RetryError { _, err := conn.DeleteRegexPatternSet(params) - if err != nil { if isAWSErr(err, wafv2.ErrCodeWAFAssociatedItemException, "") { return resource.RetryableError(err) @@ -236,7 +242,6 @@ func expandWafv2RegexPatternSet(l []interface{}) []*wafv2.Regex { if regexPattern == nil { continue } - regexPatterns = append(regexPatterns, expandWafv2Regex(regexPattern.(map[string]interface{}))) } @@ -254,13 +259,20 @@ func expandWafv2Regex(m map[string]interface{}) *wafv2.Regex { } func flattenWafv2RegexPatternSet(r []*wafv2.Regex) interface{} { - regexPatterns := make([]interface{}, len(r)) + if r == nil { + return []interface{}{} + } + + regexPatterns := make([]interface{}, 0) - for i, regexPattern := range r { + for _, regexPattern := range r { + if regexPattern == nil { + continue + } d := map[string]interface{}{ - "regex_string": *regexPattern.RegexString, + "regex_string": aws.StringValue(regexPattern.RegexString), } - regexPatterns[i] = d + regexPatterns = append(regexPatterns, d) } return regexPatterns diff --git a/aws/resource_aws_wafv2_regex_pattern_set_test.go b/aws/resource_aws_wafv2_regex_pattern_set_test.go index 5c84eb1d7b8..aae5860ed35 100644 --- a/aws/resource_aws_wafv2_regex_pattern_set_test.go +++ b/aws/resource_aws_wafv2_regex_pattern_set_test.go @@ -6,7 +6,6 @@ import ( "testing" "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/aws/awserr" "github.com/aws/aws-sdk-go/service/wafv2" "github.com/hashicorp/terraform-plugin-sdk/helper/acctest" "github.com/hashicorp/terraform-plugin-sdk/helper/resource" @@ -31,9 +30,9 @@ func TestAccAwsWafv2RegexPatternSet_Basic(t *testing.T) { resource.TestCheckResourceAttr(resourceName, "name", regexPatternSetName), resource.TestCheckResourceAttr(resourceName, "description", regexPatternSetName), resource.TestCheckResourceAttr(resourceName, "scope", wafv2.ScopeRegional), - resource.TestCheckResourceAttr(resourceName, "regular_expression_list.#", "2"), - resource.TestCheckResourceAttr(resourceName, "regular_expression_list.1641128102.regex_string", "one"), - resource.TestCheckResourceAttr(resourceName, "regular_expression_list.265355341.regex_string", "two"), + resource.TestCheckResourceAttr(resourceName, "regular_expression.#", "2"), + resource.TestCheckResourceAttr(resourceName, "regular_expression.1641128102.regex_string", "one"), + resource.TestCheckResourceAttr(resourceName, "regular_expression.265355341.regex_string", "two"), resource.TestCheckResourceAttr(resourceName, "tags.%", "2"), resource.TestCheckResourceAttr(resourceName, "tags.Tag1", "Value1"), resource.TestCheckResourceAttr(resourceName, "tags.Tag2", "Value2"), @@ -47,10 +46,10 @@ func TestAccAwsWafv2RegexPatternSet_Basic(t *testing.T) { resource.TestCheckResourceAttr(resourceName, "name", regexPatternSetName), resource.TestCheckResourceAttr(resourceName, "description", "Updated"), resource.TestCheckResourceAttr(resourceName, "scope", wafv2.ScopeRegional), - resource.TestCheckResourceAttr(resourceName, "regular_expression_list.#", "3"), - resource.TestCheckResourceAttr(resourceName, "regular_expression_list.1641128102.regex_string", "one"), - resource.TestCheckResourceAttr(resourceName, "regular_expression_list.265355341.regex_string", "two"), - resource.TestCheckResourceAttr(resourceName, "regular_expression_list.2339296779.regex_string", "three"), + resource.TestCheckResourceAttr(resourceName, "regular_expression.#", "3"), + resource.TestCheckResourceAttr(resourceName, "regular_expression.1641128102.regex_string", "one"), + resource.TestCheckResourceAttr(resourceName, "regular_expression.265355341.regex_string", "two"), + resource.TestCheckResourceAttr(resourceName, "regular_expression.2339296779.regex_string", "three"), ), }, { @@ -103,7 +102,7 @@ func TestAccAwsWafv2RegexPatternSet_Minimal(t *testing.T) { resource.TestCheckResourceAttr(resourceName, "name", regexPatternSetName), resource.TestCheckResourceAttr(resourceName, "description", ""), resource.TestCheckResourceAttr(resourceName, "scope", wafv2.ScopeRegional), - resource.TestCheckResourceAttr(resourceName, "regular_expression_list.#", "0"), + resource.TestCheckResourceAttr(resourceName, "regular_expression.#", "0"), ), }, }, @@ -129,7 +128,7 @@ func TestAccAwsWafv2RegexPatternSet_ChangeNameForceNew(t *testing.T) { resource.TestCheckResourceAttr(resourceName, "name", regexPatternSetName), resource.TestCheckResourceAttr(resourceName, "description", regexPatternSetName), resource.TestCheckResourceAttr(resourceName, "scope", wafv2.ScopeRegional), - resource.TestCheckResourceAttr(resourceName, "regular_expression_list.#", "2"), + resource.TestCheckResourceAttr(resourceName, "regular_expression.#", "2"), ), }, { @@ -140,7 +139,7 @@ func TestAccAwsWafv2RegexPatternSet_ChangeNameForceNew(t *testing.T) { resource.TestCheckResourceAttr(resourceName, "name", regexPatternSetNewName), resource.TestCheckResourceAttr(resourceName, "description", regexPatternSetNewName), resource.TestCheckResourceAttr(resourceName, "scope", wafv2.ScopeRegional), - resource.TestCheckResourceAttr(resourceName, "regular_expression_list.#", "2"), + resource.TestCheckResourceAttr(resourceName, "regular_expression.#", "2"), ), }, }, @@ -210,16 +209,15 @@ func testAccCheckAWSWafv2RegexPatternSetDestroy(s *terraform.State) error { }) if err == nil { - if *resp.RegexPatternSet.Id == rs.Primary.ID { + if resp != nil && resp.RegexPatternSet != nil && aws.StringValue(resp.RegexPatternSet.Id) == rs.Primary.ID { return fmt.Errorf("WAFv2 RegexPatternSet %s still exists", rs.Primary.ID) } + return nil } // Return nil if the RegexPatternSet is already destroyed - if awsErr, ok := err.(awserr.Error); ok { - if awsErr.Code() == wafv2.ErrCodeWAFNonexistentItemException { - return nil - } + if isAWSErr(err, wafv2.ErrCodeWAFNonexistentItemException, "") { + return nil } return err @@ -250,7 +248,11 @@ func testAccCheckAWSWafv2RegexPatternSetExists(n string, v *wafv2.RegexPatternSe return err } - if *resp.RegexPatternSet.Id == rs.Primary.ID { + if resp == nil || resp.RegexPatternSet == nil { + return fmt.Errorf("Error getting WAFv2 RegexPatternSet for %s", rs.Primary.ID) + } + + if aws.StringValue(resp.RegexPatternSet.Id) == rs.Primary.ID { *v = *resp.RegexPatternSet return nil } @@ -266,11 +268,11 @@ resource "aws_wafv2_regex_pattern_set" "test" { description = "%s" scope = "REGIONAL" - regular_expression_list { + regular_expression { regex_string = "one" } - regular_expression_list { + regular_expression { regex_string = "two" } @@ -289,15 +291,15 @@ resource "aws_wafv2_regex_pattern_set" "test" { description = "Updated" scope = "REGIONAL" - regular_expression_list { + regular_expression { regex_string = "one" } - regular_expression_list { + regular_expression { regex_string = "two" } - regular_expression_list { + regular_expression { regex_string = "three" } } @@ -320,11 +322,11 @@ resource "aws_wafv2_regex_pattern_set" "test" { description = "%s" scope = "REGIONAL" - regular_expression_list { + regular_expression { regex_string = "one" } - regular_expression_list { + regular_expression { regex_string = "two" } @@ -342,7 +344,7 @@ resource "aws_wafv2_regex_pattern_set" "test" { description = "%s" scope = "REGIONAL" - regular_expression_list { + regular_expression { regex_string = "one" } diff --git a/website/docs/r/wafv2_regex_pattern_set.html.markdown b/website/docs/r/wafv2_regex_pattern_set.html.markdown index 9fe0bc034b9..5c74811375e 100644 --- a/website/docs/r/wafv2_regex_pattern_set.html.markdown +++ b/website/docs/r/wafv2_regex_pattern_set.html.markdown @@ -18,11 +18,11 @@ resource "aws_wafv2_regex_pattern_set" "example" { description = "Example regex pattern set" scope = "REGIONAL" - regular_expression_list { + regular_expression { regex_string = "one" } - regular_expression_list { + regular_expression { regex_string = "two" } @@ -40,12 +40,10 @@ The following arguments are supported: * `name` - (Required) A friendly name of the regular expression pattern set. * `description` - (Optional) A friendly description of the regular expression pattern set. * `scope` - (Required) Specifies whether this is for an AWS CloudFront distribution or for a regional application. Valid values are `CLOUDFRONT` or `REGIONAL`. To work with CloudFront, you must also specify the Region US East (N. Virginia). -* `regular_expression_list` - (Optional) One or more blocks of regular expression patterns that you want AWS WAF to search for, such as `B[a@]dB[o0]t`. +* `regular_expression` - (Optional) One or more blocks of regular expression patterns that you want AWS WAF to search for, such as `B[a@]dB[o0]t`. See [Visibility Configuration](#regular-expression) below for details. * `tags` - (Optional) An array of key:value pairs to associate with the resource. -## Nested blocks - -### `regular_expression_list` +### Regular Expression * `regex_string` - (Required) The string representing the regular expression, see the AWS WAF [documentation](https://docs.aws.amazon.com/waf/latest/developerguide/waf-regex-pattern-set-creating.html) for more information. From 021c86a5d9323fce7a5a227c9dbce4fc6e04c6d6 Mon Sep 17 00:00:00 2001 From: Pascal van Buijtene Date: Fri, 15 May 2020 18:31:52 +0200 Subject: [PATCH 259/475] Fix docs --- website/docs/r/wafv2_regex_pattern_set.html.markdown | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/website/docs/r/wafv2_regex_pattern_set.html.markdown b/website/docs/r/wafv2_regex_pattern_set.html.markdown index 5c74811375e..cf49446fbd0 100644 --- a/website/docs/r/wafv2_regex_pattern_set.html.markdown +++ b/website/docs/r/wafv2_regex_pattern_set.html.markdown @@ -40,7 +40,7 @@ The following arguments are supported: * `name` - (Required) A friendly name of the regular expression pattern set. * `description` - (Optional) A friendly description of the regular expression pattern set. * `scope` - (Required) Specifies whether this is for an AWS CloudFront distribution or for a regional application. Valid values are `CLOUDFRONT` or `REGIONAL`. To work with CloudFront, you must also specify the Region US East (N. Virginia). -* `regular_expression` - (Optional) One or more blocks of regular expression patterns that you want AWS WAF to search for, such as `B[a@]dB[o0]t`. See [Visibility Configuration](#regular-expression) below for details. +* `regular_expression` - (Optional) One or more blocks of regular expression patterns that you want AWS WAF to search for, such as `B[a@]dB[o0]t`. See [Regular Expression](#regular-expression) below for details. * `tags` - (Optional) An array of key:value pairs to associate with the resource. ### Regular Expression @@ -56,7 +56,7 @@ In addition to all arguments above, the following attributes are exported: ## Import -WAFv2 Regex Pattern Sets can be imported using their ID, Name and Scope e.g. +WAFv2 Regex Pattern Sets can be imported using `ID/name/scope` e.g. ``` $ terraform import aws_wafv2_regex_pattern_set.example a1b2c3d4-d5f6-7777-8888-9999aaaabbbbcccc/example/REGIONAL From 26dea32b59dcd60092f655d9f5ba497d2d2824c1 Mon Sep 17 00:00:00 2001 From: Pascal van Buijtene Date: Tue, 19 May 2020 19:32:42 +0200 Subject: [PATCH 260/475] Apply review comments --- ...source_aws_wafv2_regex_pattern_set_test.go | 56 +++++++++---------- 1 file changed, 25 insertions(+), 31 deletions(-) diff --git a/aws/resource_aws_wafv2_regex_pattern_set_test.go b/aws/resource_aws_wafv2_regex_pattern_set_test.go index aae5860ed35..c3333dfeba2 100644 --- a/aws/resource_aws_wafv2_regex_pattern_set_test.go +++ b/aws/resource_aws_wafv2_regex_pattern_set_test.go @@ -14,7 +14,7 @@ import ( func TestAccAwsWafv2RegexPatternSet_Basic(t *testing.T) { var v wafv2.RegexPatternSet - regexPatternSetName := fmt.Sprintf("regex-pattern-set-%s", acctest.RandString(5)) + rName := acctest.RandomWithPrefix("tf-acc-test") resourceName := "aws_wafv2_regex_pattern_set.test" resource.ParallelTest(t, resource.TestCase{ @@ -23,33 +23,32 @@ func TestAccAwsWafv2RegexPatternSet_Basic(t *testing.T) { CheckDestroy: testAccCheckAWSWafv2RegexPatternSetDestroy, Steps: []resource.TestStep{ { - Config: testAccAwsWafv2RegexPatternSetConfig(regexPatternSetName), + Config: testAccAwsWafv2RegexPatternSetConfig(rName), Check: resource.ComposeTestCheckFunc( testAccCheckAWSWafv2RegexPatternSetExists(resourceName, &v), testAccMatchResourceAttrRegionalARN(resourceName, "arn", "wafv2", regexp.MustCompile(`regional/regexpatternset/.+$`)), - resource.TestCheckResourceAttr(resourceName, "name", regexPatternSetName), - resource.TestCheckResourceAttr(resourceName, "description", regexPatternSetName), + resource.TestCheckResourceAttr(resourceName, "name", rName), + resource.TestCheckResourceAttr(resourceName, "description", rName), resource.TestCheckResourceAttr(resourceName, "scope", wafv2.ScopeRegional), resource.TestCheckResourceAttr(resourceName, "regular_expression.#", "2"), resource.TestCheckResourceAttr(resourceName, "regular_expression.1641128102.regex_string", "one"), resource.TestCheckResourceAttr(resourceName, "regular_expression.265355341.regex_string", "two"), - resource.TestCheckResourceAttr(resourceName, "tags.%", "2"), - resource.TestCheckResourceAttr(resourceName, "tags.Tag1", "Value1"), - resource.TestCheckResourceAttr(resourceName, "tags.Tag2", "Value2"), + resource.TestCheckResourceAttr(resourceName, "tags.%", "0"), ), }, { - Config: testAccAwsWafv2RegexPatternSetConfig_Update(regexPatternSetName), + Config: testAccAwsWafv2RegexPatternSetConfig_Update(rName), Check: resource.ComposeTestCheckFunc( testAccCheckAWSWafv2RegexPatternSetExists(resourceName, &v), testAccMatchResourceAttrRegionalARN(resourceName, "arn", "wafv2", regexp.MustCompile(`regional/regexpatternset/.+$`)), - resource.TestCheckResourceAttr(resourceName, "name", regexPatternSetName), + resource.TestCheckResourceAttr(resourceName, "name", rName), resource.TestCheckResourceAttr(resourceName, "description", "Updated"), resource.TestCheckResourceAttr(resourceName, "scope", wafv2.ScopeRegional), resource.TestCheckResourceAttr(resourceName, "regular_expression.#", "3"), resource.TestCheckResourceAttr(resourceName, "regular_expression.1641128102.regex_string", "one"), resource.TestCheckResourceAttr(resourceName, "regular_expression.265355341.regex_string", "two"), resource.TestCheckResourceAttr(resourceName, "regular_expression.2339296779.regex_string", "three"), + resource.TestCheckResourceAttr(resourceName, "tags.%", "0"), ), }, { @@ -64,7 +63,7 @@ func TestAccAwsWafv2RegexPatternSet_Basic(t *testing.T) { func TestAccAwsWafv2RegexPatternSet_Disappears(t *testing.T) { var v wafv2.RegexPatternSet - regexPatternSetName := fmt.Sprintf("regex-pattern-set-%s", acctest.RandString(5)) + rName := acctest.RandomWithPrefix("tf-acc-test") resourceName := "aws_wafv2_regex_pattern_set.test" resource.ParallelTest(t, resource.TestCase{ @@ -73,7 +72,7 @@ func TestAccAwsWafv2RegexPatternSet_Disappears(t *testing.T) { CheckDestroy: testAccCheckAWSWafv2RegexPatternSetDestroy, Steps: []resource.TestStep{ { - Config: testAccAwsWafv2RegexPatternSetConfig_Minimal(regexPatternSetName), + Config: testAccAwsWafv2RegexPatternSetConfig_Minimal(rName), Check: resource.ComposeTestCheckFunc( testAccCheckAWSWafv2RegexPatternSetExists(resourceName, &v), testAccCheckResourceDisappears(testAccProvider, resourceAwsWafv2RegexPatternSet(), resourceName), @@ -86,7 +85,7 @@ func TestAccAwsWafv2RegexPatternSet_Disappears(t *testing.T) { func TestAccAwsWafv2RegexPatternSet_Minimal(t *testing.T) { var v wafv2.RegexPatternSet - regexPatternSetName := fmt.Sprintf("regex-pattern-set-%s", acctest.RandString(5)) + rName := acctest.RandomWithPrefix("tf-acc-test") resourceName := "aws_wafv2_regex_pattern_set.test" resource.ParallelTest(t, resource.TestCase{ @@ -95,11 +94,11 @@ func TestAccAwsWafv2RegexPatternSet_Minimal(t *testing.T) { CheckDestroy: testAccCheckAWSWafv2RegexPatternSetDestroy, Steps: []resource.TestStep{ { - Config: testAccAwsWafv2RegexPatternSetConfig_Minimal(regexPatternSetName), + Config: testAccAwsWafv2RegexPatternSetConfig_Minimal(rName), Check: resource.ComposeTestCheckFunc( testAccCheckAWSWafv2RegexPatternSetExists(resourceName, &v), testAccMatchResourceAttrRegionalARN(resourceName, "arn", "wafv2", regexp.MustCompile(`regional/regexpatternset/.+$`)), - resource.TestCheckResourceAttr(resourceName, "name", regexPatternSetName), + resource.TestCheckResourceAttr(resourceName, "name", rName), resource.TestCheckResourceAttr(resourceName, "description", ""), resource.TestCheckResourceAttr(resourceName, "scope", wafv2.ScopeRegional), resource.TestCheckResourceAttr(resourceName, "regular_expression.#", "0"), @@ -111,8 +110,8 @@ func TestAccAwsWafv2RegexPatternSet_Minimal(t *testing.T) { func TestAccAwsWafv2RegexPatternSet_ChangeNameForceNew(t *testing.T) { var before, after wafv2.RegexPatternSet - regexPatternSetName := fmt.Sprintf("regex-pattern-set-%s", acctest.RandString(5)) - regexPatternSetNewName := fmt.Sprintf("regex-pattern-set-%s", acctest.RandString(5)) + rName := acctest.RandomWithPrefix("tf-acc-test") + rNewName := fmt.Sprintf("regex-pattern-set-%s", acctest.RandString(5)) resourceName := "aws_wafv2_regex_pattern_set.test" resource.ParallelTest(t, resource.TestCase{ @@ -121,23 +120,23 @@ func TestAccAwsWafv2RegexPatternSet_ChangeNameForceNew(t *testing.T) { CheckDestroy: testAccCheckAWSWafv2RegexPatternSetDestroy, Steps: []resource.TestStep{ { - Config: testAccAwsWafv2RegexPatternSetConfig(regexPatternSetName), + Config: testAccAwsWafv2RegexPatternSetConfig(rName), Check: resource.ComposeTestCheckFunc( testAccCheckAWSWafv2RegexPatternSetExists(resourceName, &before), testAccMatchResourceAttrRegionalARN(resourceName, "arn", "wafv2", regexp.MustCompile(`regional/regexpatternset/.+$`)), - resource.TestCheckResourceAttr(resourceName, "name", regexPatternSetName), - resource.TestCheckResourceAttr(resourceName, "description", regexPatternSetName), + resource.TestCheckResourceAttr(resourceName, "name", rName), + resource.TestCheckResourceAttr(resourceName, "description", rName), resource.TestCheckResourceAttr(resourceName, "scope", wafv2.ScopeRegional), resource.TestCheckResourceAttr(resourceName, "regular_expression.#", "2"), ), }, { - Config: testAccAwsWafv2RegexPatternSetConfig(regexPatternSetNewName), + Config: testAccAwsWafv2RegexPatternSetConfig(rNewName), Check: resource.ComposeTestCheckFunc( testAccCheckAWSWafv2RegexPatternSetExists(resourceName, &after), testAccMatchResourceAttrRegionalARN(resourceName, "arn", "wafv2", regexp.MustCompile(`regional/regexpatternset/.+$`)), - resource.TestCheckResourceAttr(resourceName, "name", regexPatternSetNewName), - resource.TestCheckResourceAttr(resourceName, "description", regexPatternSetNewName), + resource.TestCheckResourceAttr(resourceName, "name", rNewName), + resource.TestCheckResourceAttr(resourceName, "description", rNewName), resource.TestCheckResourceAttr(resourceName, "scope", wafv2.ScopeRegional), resource.TestCheckResourceAttr(resourceName, "regular_expression.#", "2"), ), @@ -148,7 +147,7 @@ func TestAccAwsWafv2RegexPatternSet_ChangeNameForceNew(t *testing.T) { func TestAccAwsWafv2RegexPatternSet_Tags(t *testing.T) { var v wafv2.RegexPatternSet - regexPatternSetName := fmt.Sprintf("regex-pattern-set-%s", acctest.RandString(5)) + rName := acctest.RandomWithPrefix("tf-acc-test") resourceName := "aws_wafv2_regex_pattern_set.test" resource.ParallelTest(t, resource.TestCase{ @@ -157,7 +156,7 @@ func TestAccAwsWafv2RegexPatternSet_Tags(t *testing.T) { CheckDestroy: testAccCheckAWSWafv2RegexPatternSetDestroy, Steps: []resource.TestStep{ { - Config: testAccAwsWafv2RegexPatternSetConfig_OneTag(regexPatternSetName, "Tag1", "Value1"), + Config: testAccAwsWafv2RegexPatternSetConfig_OneTag(rName, "Tag1", "Value1"), Check: resource.ComposeTestCheckFunc( testAccCheckAWSWafv2RegexPatternSetExists(resourceName, &v), testAccMatchResourceAttrRegionalARN(resourceName, "arn", "wafv2", regexp.MustCompile(`regional/regexpatternset/.+$`)), @@ -172,7 +171,7 @@ func TestAccAwsWafv2RegexPatternSet_Tags(t *testing.T) { ImportStateIdFunc: testAccAWSWafv2RegexPatternSetImportStateIdFunc(resourceName), }, { - Config: testAccAwsWafv2RegexPatternSetConfig_TwoTags(regexPatternSetName, "Tag1", "Value1Updated", "Tag2", "Value2"), + Config: testAccAwsWafv2RegexPatternSetConfig_TwoTags(rName, "Tag1", "Value1Updated", "Tag2", "Value2"), Check: resource.ComposeTestCheckFunc( testAccCheckAWSWafv2RegexPatternSetExists(resourceName, &v), testAccMatchResourceAttrRegionalARN(resourceName, "arn", "wafv2", regexp.MustCompile(`regional/regexpatternset/.+$`)), @@ -182,7 +181,7 @@ func TestAccAwsWafv2RegexPatternSet_Tags(t *testing.T) { ), }, { - Config: testAccAwsWafv2RegexPatternSetConfig_OneTag(regexPatternSetName, "Tag2", "Value2"), + Config: testAccAwsWafv2RegexPatternSetConfig_OneTag(rName, "Tag2", "Value2"), Check: resource.ComposeTestCheckFunc( testAccCheckAWSWafv2RegexPatternSetExists(resourceName, &v), testAccMatchResourceAttrRegionalARN(resourceName, "arn", "wafv2", regexp.MustCompile(`regional/regexpatternset/.+$`)), @@ -275,11 +274,6 @@ resource "aws_wafv2_regex_pattern_set" "test" { regular_expression { regex_string = "two" } - - tags = { - Tag1 = "Value1" - Tag2 = "Value2" - } } `, name, name) } From 056b7edc94694ac9993698c6240595a88a5317ba Mon Sep 17 00:00:00 2001 From: Pascal van Buijtene Date: Wed, 20 May 2020 17:12:13 +0200 Subject: [PATCH 261/475] Update docs --- website/docs/r/wafv2_regex_pattern_set.html.markdown | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/website/docs/r/wafv2_regex_pattern_set.html.markdown b/website/docs/r/wafv2_regex_pattern_set.html.markdown index cf49446fbd0..02e643041a5 100644 --- a/website/docs/r/wafv2_regex_pattern_set.html.markdown +++ b/website/docs/r/wafv2_regex_pattern_set.html.markdown @@ -39,7 +39,7 @@ The following arguments are supported: * `name` - (Required) A friendly name of the regular expression pattern set. * `description` - (Optional) A friendly description of the regular expression pattern set. -* `scope` - (Required) Specifies whether this is for an AWS CloudFront distribution or for a regional application. Valid values are `CLOUDFRONT` or `REGIONAL`. To work with CloudFront, you must also specify the Region US East (N. Virginia). +* `scope` - (Required) Specifies whether this is for an AWS CloudFront distribution or for a regional application. Valid values are `CLOUDFRONT` or `REGIONAL`. To work with CloudFront, you must also specify the region `us-east-1` (N. Virginia) on the AWS provider. * `regular_expression` - (Optional) One or more blocks of regular expression patterns that you want AWS WAF to search for, such as `B[a@]dB[o0]t`. See [Regular Expression](#regular-expression) below for details. * `tags` - (Optional) An array of key:value pairs to associate with the resource. From b271f7d507ba5bd1af68fb3f06653ca6015432a1 Mon Sep 17 00:00:00 2001 From: Pascal van Buijtene Date: Wed, 20 May 2020 21:19:58 +0200 Subject: [PATCH 262/475] Fix docs --- website/aws.erb | 10 ---------- 1 file changed, 10 deletions(-) diff --git a/website/aws.erb b/website/aws.erb index 99ee1ead717..883dddb4d6a 100644 --- a/website/aws.erb +++ b/website/aws.erb @@ -3571,16 +3571,6 @@
          • aws_wafv2_ip_set
            • -
          -
          • -
        -
        • -
      • - WAFv2 -
          -
        • - Resources -
          • aws_wafv2_regex_pattern_set
            • From 322c917a64fd63350979305c85a2d7ce9cecd109 Mon Sep 17 00:00:00 2001 From: angie pinilla Date: Wed, 20 May 2020 15:35:08 -0400 Subject: [PATCH 263/475] Update CHANGELOG for #12284 --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 0a2a35baf67..ee544b8be2d 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -6,6 +6,7 @@ FEATURES: * **New Data Source:** `aws_wafv2_ip_set` [GH-12788] * **New Resource:** `aws_efs_access_point` [GH-11965] * **New Resource:** `aws_wafv2_ip_set` [GH-12119] +* **New Resource:** `aws_wafv2_regex_pattern_set` [GH-12284] ENHANCEMENTS: From c5d2343ec17c69965c640f2bfabfed11f2fab8e2 Mon Sep 17 00:00:00 2001 From: Scott <56265551+scottclk@users.noreply.github.com> Date: Wed, 20 May 2020 20:41:48 +0100 Subject: [PATCH 264/475] resource/aws_network_acl: Fix issue with updating subnet associations returning InvalidAssociationID.NotFound (#13382) Output from acceptance testing: ``` --- PASS: TestAccAWSNetworkAcl_basic (37.40s) --- PASS: TestAccAWSNetworkAcl_CaseSensitivityNoChanges (51.54s) --- PASS: TestAccAWSNetworkAcl_disappears (22.76s) --- PASS: TestAccAWSNetworkAcl_Egress_ConfigMode (75.61s) --- PASS: TestAccAWSNetworkAcl_EgressAndIngressRules (60.15s) --- PASS: TestAccAWSNetworkAcl_espProtocol (18.73s) --- PASS: TestAccAWSNetworkAcl_Ingress_ConfigMode (97.83s) --- PASS: TestAccAWSNetworkAcl_ipv6ICMPRules (36.94s) --- PASS: TestAccAWSNetworkAcl_ipv6Rules (45.59s) --- PASS: TestAccAWSNetworkAcl_ipv6VpcRules (27.91s) --- PASS: TestAccAWSNetworkAcl_OnlyEgressRules (56.36s) --- PASS: TestAccAWSNetworkAcl_OnlyIngressRules_basic (52.51s) --- PASS: TestAccAWSNetworkAcl_OnlyIngressRules_update (53.47s) --- PASS: TestAccAWSNetworkAcl_SubnetChange (67.85s) --- PASS: TestAccAWSNetworkAcl_Subnets (50.49s) --- PASS: TestAccAWSNetworkAcl_SubnetsDelete (40.37s) ``` --- aws/resource_aws_network_acl.go | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/aws/resource_aws_network_acl.go b/aws/resource_aws_network_acl.go index aed8ea1ed99..59c4264e9f2 100644 --- a/aws/resource_aws_network_acl.go +++ b/aws/resource_aws_network_acl.go @@ -303,13 +303,16 @@ func resourceAwsNetworkAclUpdate(d *schema.ResourceData, meta interface{}) error } return fmt.Errorf("Failed to find acl association: acl %s with subnet %s: %s", d.Id(), r, err) } - log.Printf("DEBUG] Replacing Network Acl Association (%s) with Default Network ACL ID (%s)", *association.NetworkAclAssociationId, *defaultAcl.NetworkAclId) + log.Printf("[DEBUG] Replacing Network Acl Association (%s) with Default Network ACL ID (%s)", *association.NetworkAclAssociationId, *defaultAcl.NetworkAclId) _, err = conn.ReplaceNetworkAclAssociation(&ec2.ReplaceNetworkAclAssociationInput{ AssociationId: association.NetworkAclAssociationId, NetworkAclId: defaultAcl.NetworkAclId, }) if err != nil { - return err + if isAWSErr(err, "InvalidAssociationID.NotFound", "") { + continue + } + return fmt.Errorf("Error Replacing Default Network Acl Association: %s", err) } } } From d799f3e4833a7054b69294c7d5390fd389b4a8ab Mon Sep 17 00:00:00 2001 From: Brian Flad Date: Wed, 20 May 2020 15:43:50 -0400 Subject: [PATCH 265/475] Update CHANGELOG for #13382 --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index ee544b8be2d..ce73d765c7f 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -19,6 +19,7 @@ BUG FIXES: * data-source/aws_db_instance: `auto_minor_version_upgrade` attribute now properly set [GH-13362] * resource/aws_autoscaling_group: `tags` `propagate_at_launch` attribute now properly set [GH-13360] +* resource/aws_network_acl: Fix issue with updating subnet associations returning `InvalidAssociationID.NotFound` [GH-13382] ## 2.62.0 (May 15, 2020) From 7225857475d8c47051c3f5c303ce36a181b7672c Mon Sep 17 00:00:00 2001 From: Brian Flad Date: Wed, 20 May 2020 15:47:44 -0400 Subject: [PATCH 266/475] resource/aws_eks_node_group: Only pass ReleaseVersion during UpdateNodegroupVersion if changed (#13407) Reference: https://github.com/terraform-providers/terraform-provider-aws/issues/12675 It was expected to see an error similar to the issue report about the incompatible update and Terraform was previously submitting the state value for `release_version`, however the EKS API as of today was automatically fixing the incorrect value instead of returning an error. The resource change is to ensure that we will only submit correct API parameters should the API return errors for this situation in the future again. Output from acceptance testing: ``` --- PASS: TestAccAWSEksNodeGroup_disappears (1356.93s) --- PASS: TestAccAWSEksNodeGroup_InstanceTypes (1519.46s) --- PASS: TestAccAWSEksNodeGroup_ScalingConfig_MaxSize (1540.56s) --- PASS: TestAccAWSEksNodeGroup_DiskSize (1550.40s) --- PASS: TestAccAWSEksNodeGroup_basic (1581.83s) --- PASS: TestAccAWSEksNodeGroup_AmiType (1591.47s) --- PASS: TestAccAWSEksNodeGroup_RemoteAccess_SourceSecurityGroupIds (1602.60s) --- PASS: TestAccAWSEksNodeGroup_ScalingConfig_DesiredSize (1632.41s) --- PASS: TestAccAWSEksNodeGroup_ScalingConfig_MinSize (1683.52s) --- PASS: TestAccAWSEksNodeGroup_Tags (1712.30s) --- PASS: TestAccAWSEksNodeGroup_Labels (1765.19s) --- PASS: TestAccAWSEksNodeGroup_RemoteAccess_Ec2SshKey (1767.20s) --- PASS: TestAccAWSEksNodeGroup_ReleaseVersion (2853.92s) --- PASS: TestAccAWSEksNodeGroup_Version (3045.62s) ``` --- aws/resource_aws_eks_node_group.go | 2 +- aws/resource_aws_eks_node_group_test.go | 25 ++++++++++++++++++++----- 2 files changed, 21 insertions(+), 6 deletions(-) diff --git a/aws/resource_aws_eks_node_group.go b/aws/resource_aws_eks_node_group.go index a646912cdaa..4c9a485a36b 100644 --- a/aws/resource_aws_eks_node_group.go +++ b/aws/resource_aws_eks_node_group.go @@ -378,7 +378,7 @@ func resourceAwsEksNodeGroupUpdate(d *schema.ResourceData, meta interface{}) err NodegroupName: aws.String(nodeGroupName), } - if v, ok := d.GetOk("release_version"); ok { + if v, ok := d.GetOk("release_version"); ok && d.HasChange("release_version") { input.ReleaseVersion = aws.String(v.(string)) } diff --git a/aws/resource_aws_eks_node_group_test.go b/aws/resource_aws_eks_node_group_test.go index 42a1cc87816..90f44843ab0 100644 --- a/aws/resource_aws_eks_node_group_test.go +++ b/aws/resource_aws_eks_node_group_test.go @@ -280,7 +280,7 @@ func TestAccAWSEksNodeGroup_ReleaseVersion(t *testing.T) { CheckDestroy: testAccCheckAWSEksNodeGroupDestroy, Steps: []resource.TestStep{ { - Config: testAccAWSEksNodeGroupConfigReleaseVersion(rName), + Config: testAccAWSEksNodeGroupConfigReleaseVersion(rName, "1.15"), Check: resource.ComposeTestCheckFunc( testAccCheckAWSEksNodeGroupExists(resourceName, &nodeGroup1), resource.TestCheckResourceAttrPair(resourceName, "release_version", ssmParameterDataSourceName, "value"), @@ -291,6 +291,13 @@ func TestAccAWSEksNodeGroup_ReleaseVersion(t *testing.T) { ImportState: true, ImportStateVerify: true, }, + { + Config: testAccAWSEksNodeGroupConfigReleaseVersion(rName, "1.16"), + Check: resource.ComposeTestCheckFunc( + testAccCheckAWSEksNodeGroupExists(resourceName, &nodeGroup1), + resource.TestCheckResourceAttrPair(resourceName, "release_version", ssmParameterDataSourceName, "value"), + ), + }, }, }) } @@ -521,10 +528,10 @@ func TestAccAWSEksNodeGroup_Version(t *testing.T) { CheckDestroy: testAccCheckAWSEksNodeGroupDestroy, Steps: []resource.TestStep{ { - Config: testAccAWSEksNodeGroupConfigVersion(rName, "1.14"), + Config: testAccAWSEksNodeGroupConfigVersion(rName, "1.15"), Check: resource.ComposeTestCheckFunc( testAccCheckAWSEksNodeGroupExists(resourceName, &nodeGroup1), - resource.TestCheckResourceAttr(resourceName, "version", "1.14"), + resource.TestCheckResourceAttr(resourceName, "version", "1.15"), ), }, { @@ -532,6 +539,13 @@ func TestAccAWSEksNodeGroup_Version(t *testing.T) { ImportState: true, ImportStateVerify: true, }, + { + Config: testAccAWSEksNodeGroupConfigVersion(rName, "1.16"), + Check: resource.ComposeTestCheckFunc( + testAccCheckAWSEksNodeGroupExists(resourceName, &nodeGroup1), + resource.TestCheckResourceAttr(resourceName, "version", "1.16"), + ), + }, }, }) } @@ -966,8 +980,8 @@ resource "aws_eks_node_group" "test" { `, rName, labelKey1, labelValue1, labelKey2, labelValue2) } -func testAccAWSEksNodeGroupConfigReleaseVersion(rName string) string { - return testAccAWSEksNodeGroupConfigBase(rName) + fmt.Sprintf(` +func testAccAWSEksNodeGroupConfigReleaseVersion(rName string, version string) string { + return testAccAWSEksNodeGroupConfigBaseVersion(rName, version) + fmt.Sprintf(` data "aws_ssm_parameter" "test" { name = "/aws/service/eks/optimized-ami/${aws_eks_cluster.test.version}/amazon-linux-2/recommended/release_version" } @@ -978,6 +992,7 @@ resource "aws_eks_node_group" "test" { node_role_arn = aws_iam_role.node.arn release_version = data.aws_ssm_parameter.test.value subnet_ids = aws_subnet.test[*].id + version = aws_eks_cluster.test.version scaling_config { desired_size = 1 From 2e921f366f16f30a0f9fe61f8876557a546c84ca Mon Sep 17 00:00:00 2001 From: Pascal van Buijtene Date: Wed, 8 Apr 2020 21:25:29 +0200 Subject: [PATCH 267/475] Add aws_wafv2_regex_pattern_set data source --- ...data_source_aws_wafv2_regex_pattern_set.go | 77 +++++++++++++++++++ ...source_aws_wafv2_regex_pattern_set_test.go | 73 ++++++++++++++++++ aws/provider.go | 1 + 3 files changed, 151 insertions(+) create mode 100644 aws/data_source_aws_wafv2_regex_pattern_set.go create mode 100644 aws/data_source_aws_wafv2_regex_pattern_set_test.go diff --git a/aws/data_source_aws_wafv2_regex_pattern_set.go b/aws/data_source_aws_wafv2_regex_pattern_set.go new file mode 100644 index 00000000000..c820164c411 --- /dev/null +++ b/aws/data_source_aws_wafv2_regex_pattern_set.go @@ -0,0 +1,77 @@ +package aws + +import ( + "fmt" + + "github.com/aws/aws-sdk-go/aws" + "github.com/aws/aws-sdk-go/service/wafv2" + "github.com/hashicorp/terraform-plugin-sdk/helper/schema" + "github.com/hashicorp/terraform-plugin-sdk/helper/validation" +) + +func dataSourceAwsWafv2RegexPatternSet() *schema.Resource { + return &schema.Resource{ + Read: dataSourceAwsWafv2RegexPatternSetRead, + + Schema: map[string]*schema.Schema{ + "arn": { + Type: schema.TypeString, + Computed: true, + }, + "description": { + Type: schema.TypeString, + Computed: true, + }, + "name": { + Type: schema.TypeString, + Required: true, + }, + "scope": { + Type: schema.TypeString, + Required: true, + ValidateFunc: validation.StringInSlice([]string{ + wafv2.ScopeCloudfront, + wafv2.ScopeRegional, + }, false), + }, + }, + } +} + +func dataSourceAwsWafv2RegexPatternSetRead(d *schema.ResourceData, meta interface{}) error { + conn := meta.(*AWSClient).wafv2conn + name := d.Get("name").(string) + + var foundRegexPatternSet *wafv2.RegexPatternSetSummary + input := &wafv2.ListRegexPatternSetsInput{ + Scope: aws.String(d.Get("scope").(string)), + } + for { + output, err := conn.ListRegexPatternSets(input) + if err != nil { + return fmt.Errorf("Error reading WAFV2 RegexPatternSets: %s", err) + } + + for _, regexPatternSet := range output.RegexPatternSets { + if aws.StringValue(regexPatternSet.Name) == name { + foundRegexPatternSet = regexPatternSet + break + } + } + + if output.NextMarker == nil || foundRegexPatternSet != nil { + break + } + input.NextMarker = output.NextMarker + } + + if foundRegexPatternSet == nil { + return fmt.Errorf("WAFV2 RegexPatternSet not found for name: %s", name) + } + + d.SetId(aws.StringValue(foundRegexPatternSet.Id)) + d.Set("arn", foundRegexPatternSet.ARN) + d.Set("description", aws.StringValue(foundRegexPatternSet.Description)) + + return nil +} diff --git a/aws/data_source_aws_wafv2_regex_pattern_set_test.go b/aws/data_source_aws_wafv2_regex_pattern_set_test.go new file mode 100644 index 00000000000..f26d8bf7df1 --- /dev/null +++ b/aws/data_source_aws_wafv2_regex_pattern_set_test.go @@ -0,0 +1,73 @@ +package aws + +import ( + "fmt" + "regexp" + "testing" + + "github.com/hashicorp/terraform-plugin-sdk/helper/acctest" + "github.com/hashicorp/terraform-plugin-sdk/helper/resource" +) + +func TestAccDataSourceAwsWafv2RegexPatternSet_Basic(t *testing.T) { + name := acctest.RandomWithPrefix("tf-acc-test") + resourceName := "aws_wafv2_regex_pattern_set.test" + datasourceName := "data.aws_wafv2_regex_pattern_set.test" + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + Steps: []resource.TestStep{ + { + Config: testAccDataSourceAwsWafv2RegexPatternSet_NonExistent(name), + ExpectError: regexp.MustCompile(`WAFV2 RegexPatternSet not found`), + }, + { + Config: testAccDataSourceAwsWafv2RegexPatternSet_Name(name), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttrPair(datasourceName, "arn", resourceName, "arn"), + resource.TestCheckResourceAttrPair(datasourceName, "description", resourceName, "description"), + resource.TestCheckResourceAttrPair(datasourceName, "id", resourceName, "id"), + resource.TestCheckResourceAttrPair(datasourceName, "name", resourceName, "name"), + resource.TestCheckResourceAttrPair(datasourceName, "scope", resourceName, "scope"), + ), + }, + }, + }) +} + +func testAccDataSourceAwsWafv2RegexPatternSet_Name(name string) string { + return fmt.Sprintf(` +resource "aws_wafv2_regex_pattern_set" "test" { + name = "%s" + scope = "REGIONAL" + + regular_expression_list { + regex_string = "one" + } +} + +data "aws_wafv2_regex_pattern_set" "test" { + name = aws_wafv2_regex_pattern_set.test.name + scope = "REGIONAL" +} +`, name) +} + +func testAccDataSourceAwsWafv2RegexPatternSet_NonExistent(name string) string { + return fmt.Sprintf(` +resource "aws_wafv2_regex_pattern_set" "test" { + name = "%s" + scope = "REGIONAL" + + regular_expression_list { + regex_string = "one" + } +} + +data "aws_wafv2_regex_pattern_set" "test" { + name = "tf-acc-test-does-not-exist" + scope = "REGIONAL" +} +`, name) +} diff --git a/aws/provider.go b/aws/provider.go index 6d17d999c04..9509cdba161 100644 --- a/aws/provider.go +++ b/aws/provider.go @@ -335,6 +335,7 @@ func Provider() terraform.ResourceProvider { "aws_wafregional_rate_based_rule": dataSourceAwsWafRegionalRateBasedRule(), "aws_wafregional_web_acl": dataSourceAwsWafRegionalWebAcl(), "aws_wafv2_ip_set": dataSourceAwsWafv2IPSet(), + "aws_wafv2_regex_pattern_set": dataSourceAwsWafv2RegexPatternSet(), "aws_workspaces_bundle": dataSourceAwsWorkspaceBundle(), // Adding the Aliases for the ALB -> LB Rename From 8a06ab248beeda2c26dcd13edd828a547e6c4355 Mon Sep 17 00:00:00 2001 From: Pascal van Buijtene Date: Thu, 9 Apr 2020 20:50:07 +0200 Subject: [PATCH 268/475] Add documentation --- website/aws.erb | 13 +++++++ .../d/wafv2_regex_pattern_set.html.markdown | 35 +++++++++++++++++++ 2 files changed, 48 insertions(+) create mode 100644 website/docs/d/wafv2_regex_pattern_set.html.markdown diff --git a/website/aws.erb b/website/aws.erb index 883dddb4d6a..b89754ac691 100644 --- a/website/aws.erb +++ b/website/aws.erb @@ -3578,6 +3578,19 @@
          • +
        • + WAFv2 + +
        • WorkLink
            diff --git a/website/docs/d/wafv2_regex_pattern_set.html.markdown b/website/docs/d/wafv2_regex_pattern_set.html.markdown new file mode 100644 index 00000000000..006af0af738 --- /dev/null +++ b/website/docs/d/wafv2_regex_pattern_set.html.markdown @@ -0,0 +1,35 @@ +--- +subcategory: "WAFv2" +layout: "aws" +page_title: "AWS: aws_wafv2_regex_pattern_set" +description: |- + Retrieves the summary of a WAFv2 Regex Pattern Set. +--- + +# Data Source: aws_wafv2_regex_pattern_set + +Retrieves the summary of a WAFv2 Regex Pattern Set. + +## Example Usage + +```hcl +data "aws_wafv2_regex_pattern_set" "example" { + name = "some-regex-pattern-set" + scope = "REGIONAL" +} +``` + +## Argument Reference + +The following arguments are supported: + +* `name` - (Required) The name of the WAFv2 Regex Pattern Set. +* `scope` - (Required) Specifies whether this is for an AWS CloudFront distribution or for a regional application. To work with CloudFront, you must also specify the Region US East (N. Virginia). + +## Attributes Reference + +In addition to all arguments above, the following attributes are exported: + +* `arn` - The Amazon Resource Name (ARN) of the entity. +* `description` - The description of the set that helps with identification. +* `id` - The unique identifier for the set. From c172ee25b55aaa53103f470a2fc94e21ed8da49a Mon Sep 17 00:00:00 2001 From: Pascal van Buijtene Date: Fri, 8 May 2020 21:52:42 +0200 Subject: [PATCH 269/475] Apply review comments --- ...data_source_aws_wafv2_regex_pattern_set.go | 56 +++++++++++++++---- ...source_aws_wafv2_regex_pattern_set_test.go | 8 ++- .../d/wafv2_regex_pattern_set.html.markdown | 7 +++ 3 files changed, 58 insertions(+), 13 deletions(-) diff --git a/aws/data_source_aws_wafv2_regex_pattern_set.go b/aws/data_source_aws_wafv2_regex_pattern_set.go index c820164c411..fa163aaef1b 100644 --- a/aws/data_source_aws_wafv2_regex_pattern_set.go +++ b/aws/data_source_aws_wafv2_regex_pattern_set.go @@ -26,6 +26,18 @@ func dataSourceAwsWafv2RegexPatternSet() *schema.Resource { Type: schema.TypeString, Required: true, }, + "regular_expression": { + Type: schema.TypeSet, + Computed: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "regex_string": { + Type: schema.TypeString, + Computed: true, + }, + }, + }, + }, "scope": { Type: schema.TypeString, Required: true, @@ -45,33 +57,57 @@ func dataSourceAwsWafv2RegexPatternSetRead(d *schema.ResourceData, meta interfac var foundRegexPatternSet *wafv2.RegexPatternSetSummary input := &wafv2.ListRegexPatternSetsInput{ Scope: aws.String(d.Get("scope").(string)), + Limit: aws.Int64(100), } + for { - output, err := conn.ListRegexPatternSets(input) + resp, err := conn.ListRegexPatternSets(input) if err != nil { - return fmt.Errorf("Error reading WAFV2 RegexPatternSets: %s", err) + return fmt.Errorf("Error reading WAFv2 RegexPatternSets: %s", err) } - for _, regexPatternSet := range output.RegexPatternSets { - if aws.StringValue(regexPatternSet.Name) == name { + if resp == nil || resp.RegexPatternSets == nil { + return fmt.Errorf("Error reading WAFv2 RegexPatternSets") + } + + for _, regexPatternSet := range resp.RegexPatternSets { + if regexPatternSet != nil && aws.StringValue(regexPatternSet.Name) == name { foundRegexPatternSet = regexPatternSet break } } - if output.NextMarker == nil || foundRegexPatternSet != nil { + if resp.NextMarker == nil || foundRegexPatternSet != nil { break } - input.NextMarker = output.NextMarker + input.NextMarker = resp.NextMarker } if foundRegexPatternSet == nil { - return fmt.Errorf("WAFV2 RegexPatternSet not found for name: %s", name) + return fmt.Errorf("WAFv2 RegexPatternSet not found for name: %s", name) } - d.SetId(aws.StringValue(foundRegexPatternSet.Id)) - d.Set("arn", foundRegexPatternSet.ARN) - d.Set("description", aws.StringValue(foundRegexPatternSet.Description)) + resp, err := conn.GetRegexPatternSet(&wafv2.GetRegexPatternSetInput{ + Id: foundRegexPatternSet.Id, + Name: foundRegexPatternSet.Name, + Scope: aws.String(d.Get("scope").(string)), + }) + + if err != nil { + return fmt.Errorf("Error reading WAFv2 RegexPatternSet: %s", err) + } + + if resp == nil || resp.RegexPatternSet == nil { + return fmt.Errorf("Error reading WAFv2 RegexPatternSet") + } + + d.SetId(aws.StringValue(resp.RegexPatternSet.Id)) + d.Set("arn", aws.StringValue(resp.RegexPatternSet.ARN)) + d.Set("description", aws.StringValue(resp.RegexPatternSet.Description)) + + if err := d.Set("regular_expression", flattenWafv2RegexPatternSet(resp.RegexPatternSet.RegularExpressionList)); err != nil { + return fmt.Errorf("Error setting regular_expression: %s", err) + } return nil } diff --git a/aws/data_source_aws_wafv2_regex_pattern_set_test.go b/aws/data_source_aws_wafv2_regex_pattern_set_test.go index f26d8bf7df1..4ef797f2603 100644 --- a/aws/data_source_aws_wafv2_regex_pattern_set_test.go +++ b/aws/data_source_aws_wafv2_regex_pattern_set_test.go @@ -20,15 +20,17 @@ func TestAccDataSourceAwsWafv2RegexPatternSet_Basic(t *testing.T) { Steps: []resource.TestStep{ { Config: testAccDataSourceAwsWafv2RegexPatternSet_NonExistent(name), - ExpectError: regexp.MustCompile(`WAFV2 RegexPatternSet not found`), + ExpectError: regexp.MustCompile(`WAFv2 RegexPatternSet not found`), }, { Config: testAccDataSourceAwsWafv2RegexPatternSet_Name(name), Check: resource.ComposeTestCheckFunc( resource.TestCheckResourceAttrPair(datasourceName, "arn", resourceName, "arn"), + testAccMatchResourceAttrRegionalARN(datasourceName, "arn", "wafv2", regexp.MustCompile(fmt.Sprintf("regional/regexpatternset/%v/.+$", name))), resource.TestCheckResourceAttrPair(datasourceName, "description", resourceName, "description"), resource.TestCheckResourceAttrPair(datasourceName, "id", resourceName, "id"), resource.TestCheckResourceAttrPair(datasourceName, "name", resourceName, "name"), + resource.TestCheckResourceAttrPair(datasourceName, "regular_expression_list", resourceName, "regular_expression_list"), resource.TestCheckResourceAttrPair(datasourceName, "scope", resourceName, "scope"), ), }, @@ -42,7 +44,7 @@ resource "aws_wafv2_regex_pattern_set" "test" { name = "%s" scope = "REGIONAL" - regular_expression_list { + regular_expression { regex_string = "one" } } @@ -60,7 +62,7 @@ resource "aws_wafv2_regex_pattern_set" "test" { name = "%s" scope = "REGIONAL" - regular_expression_list { + regular_expression { regex_string = "one" } } diff --git a/website/docs/d/wafv2_regex_pattern_set.html.markdown b/website/docs/d/wafv2_regex_pattern_set.html.markdown index 006af0af738..f65976d5c69 100644 --- a/website/docs/d/wafv2_regex_pattern_set.html.markdown +++ b/website/docs/d/wafv2_regex_pattern_set.html.markdown @@ -33,3 +33,10 @@ In addition to all arguments above, the following attributes are exported: * `arn` - The Amazon Resource Name (ARN) of the entity. * `description` - The description of the set that helps with identification. * `id` - The unique identifier for the set. +* `regular_expression_list` - One or more blocks of regular expression patterns that AWS WAF is searching for. See [Regular Expression](#regular-expression) below for details. + +### Regular Expression + +Each `regular_expression_list` supports the following argument: + +* `regex_string` - (Required) The string representing the regular expression, see the AWS WAF [documentation](https://docs.aws.amazon.com/waf/latest/developerguide/waf-regex-pattern-set-creating.html) for more information. From d410b55d584bf5e38048fe6eef385b4ce015aa6e Mon Sep 17 00:00:00 2001 From: Pascal van Buijtene Date: Fri, 15 May 2020 18:37:41 +0200 Subject: [PATCH 270/475] Fix docs --- website/docs/d/wafv2_regex_pattern_set.html.markdown | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/website/docs/d/wafv2_regex_pattern_set.html.markdown b/website/docs/d/wafv2_regex_pattern_set.html.markdown index f65976d5c69..a082d1ab661 100644 --- a/website/docs/d/wafv2_regex_pattern_set.html.markdown +++ b/website/docs/d/wafv2_regex_pattern_set.html.markdown @@ -33,10 +33,10 @@ In addition to all arguments above, the following attributes are exported: * `arn` - The Amazon Resource Name (ARN) of the entity. * `description` - The description of the set that helps with identification. * `id` - The unique identifier for the set. -* `regular_expression_list` - One or more blocks of regular expression patterns that AWS WAF is searching for. See [Regular Expression](#regular-expression) below for details. +* `regular_expression` - One or more blocks of regular expression patterns that AWS WAF is searching for. See [Regular Expression](#regular-expression) below for details. ### Regular Expression -Each `regular_expression_list` supports the following argument: +Each `regular_expression` supports the following argument: * `regex_string` - (Required) The string representing the regular expression, see the AWS WAF [documentation](https://docs.aws.amazon.com/waf/latest/developerguide/waf-regex-pattern-set-creating.html) for more information. From 7b1c565f599886736b38cc3e36c00a2673eddbb8 Mon Sep 17 00:00:00 2001 From: Pascal van Buijtene Date: Wed, 20 May 2020 17:16:22 +0200 Subject: [PATCH 271/475] Clarify CloudFront usage --- website/docs/d/wafv2_regex_pattern_set.html.markdown | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/website/docs/d/wafv2_regex_pattern_set.html.markdown b/website/docs/d/wafv2_regex_pattern_set.html.markdown index a082d1ab661..fae35fe7c76 100644 --- a/website/docs/d/wafv2_regex_pattern_set.html.markdown +++ b/website/docs/d/wafv2_regex_pattern_set.html.markdown @@ -24,7 +24,7 @@ data "aws_wafv2_regex_pattern_set" "example" { The following arguments are supported: * `name` - (Required) The name of the WAFv2 Regex Pattern Set. -* `scope` - (Required) Specifies whether this is for an AWS CloudFront distribution or for a regional application. To work with CloudFront, you must also specify the Region US East (N. Virginia). +* `scope` - (Required) Specifies whether this is for an AWS CloudFront distribution or for a regional application. To work with CloudFront, you must also specify the region `us-east-1` (N. Virginia) on the AWS provider. ## Attributes Reference From 333f2da1739d8da0387f09060493bf0396fbaf8d Mon Sep 17 00:00:00 2001 From: Pascal van Buijtene Date: Wed, 20 May 2020 17:21:36 +0200 Subject: [PATCH 272/475] Clarify CloudFront usage --- website/docs/d/wafv2_regex_pattern_set.html.markdown | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/website/docs/d/wafv2_regex_pattern_set.html.markdown b/website/docs/d/wafv2_regex_pattern_set.html.markdown index fae35fe7c76..43c4db2bfec 100644 --- a/website/docs/d/wafv2_regex_pattern_set.html.markdown +++ b/website/docs/d/wafv2_regex_pattern_set.html.markdown @@ -24,7 +24,7 @@ data "aws_wafv2_regex_pattern_set" "example" { The following arguments are supported: * `name` - (Required) The name of the WAFv2 Regex Pattern Set. -* `scope` - (Required) Specifies whether this is for an AWS CloudFront distribution or for a regional application. To work with CloudFront, you must also specify the region `us-east-1` (N. Virginia) on the AWS provider. +* `scope` - (Required) Specifies whether this is for an AWS CloudFront distribution or for a regional application. Valid values are `CLOUDFRONT` or `REGIONAL`. To work with CloudFront, you must also specify the region `us-east-1` (N. Virginia) on the AWS provider. ## Attributes Reference From 4ef7995e39343f59c6c85418f5c095ee13739b43 Mon Sep 17 00:00:00 2001 From: Brian Flad Date: Wed, 20 May 2020 15:50:36 -0400 Subject: [PATCH 273/475] Update CHANGELOG for #13407 --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index ce73d765c7f..30d061897b5 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -19,6 +19,7 @@ BUG FIXES: * data-source/aws_db_instance: `auto_minor_version_upgrade` attribute now properly set [GH-13362] * resource/aws_autoscaling_group: `tags` `propagate_at_launch` attribute now properly set [GH-13360] +* resource/aws_eks_node_group: Only pass `release_version` value during `UpdateNodegroupVersion` if changed [GH-13407] * resource/aws_network_acl: Fix issue with updating subnet associations returning `InvalidAssociationID.NotFound` [GH-13382] ## 2.62.0 (May 15, 2020) From a04cdb900a6ce269fbd84c3f2ea5b3075067b363 Mon Sep 17 00:00:00 2001 From: Pascal van Buijtene Date: Wed, 20 May 2020 21:53:05 +0200 Subject: [PATCH 274/475] Fix docs --- website/aws.erb | 16 +++------------- 1 file changed, 3 insertions(+), 13 deletions(-) diff --git a/website/aws.erb b/website/aws.erb index b89754ac691..edaf5cf6958 100644 --- a/website/aws.erb +++ b/website/aws.erb @@ -3563,6 +3563,9 @@
          • aws_wafv2_ip_set
            • +
          • + aws_wafv2_regex_pattern_set +
        • @@ -3578,19 +3581,6 @@
        • -
      • - WAFv2 - -
      • WorkLink
          From a49a26a5377b0ccdaa98e093e94f1c93525f5d0b Mon Sep 17 00:00:00 2001 From: DrFaust92 Date: Wed, 20 May 2020 23:31:09 +0300 Subject: [PATCH 275/475] add import support add disappears test --- ..._cognito_identity_pool_roles_attachment.go | 12 ++- ...ito_identity_pool_roles_attachment_test.go | 92 +++++++++++++------ ...to_identity_pool_roles_attachment.markdown | 8 ++ 3 files changed, 78 insertions(+), 34 deletions(-) diff --git a/aws/resource_aws_cognito_identity_pool_roles_attachment.go b/aws/resource_aws_cognito_identity_pool_roles_attachment.go index ff89172578d..90b24919835 100644 --- a/aws/resource_aws_cognito_identity_pool_roles_attachment.go +++ b/aws/resource_aws_cognito_identity_pool_roles_attachment.go @@ -5,7 +5,6 @@ import ( "log" "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/aws/awserr" "github.com/aws/aws-sdk-go/service/cognitoidentity" "github.com/hashicorp/terraform-plugin-sdk/helper/schema" "github.com/hashicorp/terraform-plugin-sdk/helper/validation" @@ -17,6 +16,9 @@ func resourceAwsCognitoIdentityPoolRolesAttachment() *schema.Resource { Read: resourceAwsCognitoIdentityPoolRolesAttachmentRead, Update: resourceAwsCognitoIdentityPoolRolesAttachmentUpdate, Delete: resourceAwsCognitoIdentityPoolRolesAttachmentDelete, + Importer: &schema.ResourceImporter{ + State: schema.ImportStatePassthrough, + }, Schema: map[string]*schema.Schema{ "identity_pool_id": { @@ -141,10 +143,10 @@ func resourceAwsCognitoIdentityPoolRolesAttachmentRead(d *schema.ResourceData, m log.Printf("[DEBUG] Reading Cognito Identity Pool Roles Association: %s", d.Id()) ip, err := conn.GetIdentityPoolRoles(&cognitoidentity.GetIdentityPoolRolesInput{ - IdentityPoolId: aws.String(d.Get("identity_pool_id").(string)), + IdentityPoolId: aws.String(d.Id()), }) if err != nil { - if awsErr, ok := err.(awserr.Error); ok && awsErr.Code() == "ResourceNotFoundException" { + if isAWSErr(err, cognitoidentity.ErrCodeResourceNotFoundException, "") { log.Printf("[WARN] Cognito Identity Pool Roles Association %s not found, removing from state", d.Id()) d.SetId("") return nil @@ -152,6 +154,8 @@ func resourceAwsCognitoIdentityPoolRolesAttachmentRead(d *schema.ResourceData, m return err } + d.Set("identity_pool_id", d.Id()) + if err := d.Set("roles", flattenCognitoIdentityPoolRoles(ip.Roles)); err != nil { return fmt.Errorf("Error setting roles error: %#v", err) } @@ -211,7 +215,7 @@ func resourceAwsCognitoIdentityPoolRolesAttachmentDelete(d *schema.ResourceData, log.Printf("[DEBUG] Deleting Cognito Identity Pool Roles Association: %s", d.Id()) _, err := conn.SetIdentityPoolRoles(&cognitoidentity.SetIdentityPoolRolesInput{ - IdentityPoolId: aws.String(d.Get("identity_pool_id").(string)), + IdentityPoolId: aws.String(d.Id()), Roles: expandCognitoIdentityPoolRoles(make(map[string]interface{})), RoleMappings: expandCognitoIdentityPoolRoleMappingsAttachment([]interface{}{}), }) diff --git a/aws/resource_aws_cognito_identity_pool_roles_attachment_test.go b/aws/resource_aws_cognito_identity_pool_roles_attachment_test.go index 02b88589ca5..7b43c5fec27 100644 --- a/aws/resource_aws_cognito_identity_pool_roles_attachment_test.go +++ b/aws/resource_aws_cognito_identity_pool_roles_attachment_test.go @@ -7,7 +7,6 @@ import ( "testing" "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/aws/awserr" "github.com/aws/aws-sdk-go/service/cognitoidentity" "github.com/hashicorp/terraform-plugin-sdk/helper/acctest" "github.com/hashicorp/terraform-plugin-sdk/helper/resource" @@ -15,6 +14,7 @@ import ( ) func TestAccAWSCognitoIdentityPoolRolesAttachment_basic(t *testing.T) { + resourceName := "aws_cognito_identity_pool_roles_attachment.test" name := acctest.RandStringFromCharSet(10, acctest.CharSetAlphaNum) updatedName := acctest.RandStringFromCharSet(10, acctest.CharSetAlphaNum) @@ -26,17 +26,22 @@ func TestAccAWSCognitoIdentityPoolRolesAttachment_basic(t *testing.T) { { Config: testAccAWSCognitoIdentityPoolRolesAttachmentConfig_basic(name), Check: resource.ComposeAggregateTestCheckFunc( - testAccCheckAWSCognitoIdentityPoolRolesAttachmentExists("aws_cognito_identity_pool_roles_attachment.main"), - resource.TestCheckResourceAttrSet("aws_cognito_identity_pool_roles_attachment.main", "identity_pool_id"), - resource.TestCheckResourceAttrSet("aws_cognito_identity_pool_roles_attachment.main", "roles.authenticated"), + testAccCheckAWSCognitoIdentityPoolRolesAttachmentExists(resourceName), + resource.TestCheckResourceAttrSet(resourceName, "identity_pool_id"), + resource.TestCheckResourceAttrSet(resourceName, "roles.authenticated"), ), }, + { + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + }, { Config: testAccAWSCognitoIdentityPoolRolesAttachmentConfig_basic(updatedName), Check: resource.ComposeAggregateTestCheckFunc( - testAccCheckAWSCognitoIdentityPoolRolesAttachmentExists("aws_cognito_identity_pool_roles_attachment.main"), - resource.TestCheckResourceAttrSet("aws_cognito_identity_pool_roles_attachment.main", "identity_pool_id"), - resource.TestCheckResourceAttrSet("aws_cognito_identity_pool_roles_attachment.main", "roles.authenticated"), + testAccCheckAWSCognitoIdentityPoolRolesAttachmentExists(resourceName), + resource.TestCheckResourceAttrSet(resourceName, "identity_pool_id"), + resource.TestCheckResourceAttrSet(resourceName, "roles.authenticated"), ), }, }, @@ -44,6 +49,7 @@ func TestAccAWSCognitoIdentityPoolRolesAttachment_basic(t *testing.T) { } func TestAccAWSCognitoIdentityPoolRolesAttachment_roleMappings(t *testing.T) { + resourceName := "aws_cognito_identity_pool_roles_attachment.test" name := acctest.RandStringFromCharSet(10, acctest.CharSetAlphaNum) resource.ParallelTest(t, resource.TestCase{ @@ -54,38 +60,64 @@ func TestAccAWSCognitoIdentityPoolRolesAttachment_roleMappings(t *testing.T) { { Config: testAccAWSCognitoIdentityPoolRolesAttachmentConfig_basic(name), Check: resource.ComposeAggregateTestCheckFunc( - testAccCheckAWSCognitoIdentityPoolRolesAttachmentExists("aws_cognito_identity_pool_roles_attachment.main"), - resource.TestCheckResourceAttrSet("aws_cognito_identity_pool_roles_attachment.main", "identity_pool_id"), - resource.TestCheckResourceAttr("aws_cognito_identity_pool_roles_attachment.main", "role_mapping.#", "0"), - resource.TestCheckResourceAttrSet("aws_cognito_identity_pool_roles_attachment.main", "roles.authenticated"), + testAccCheckAWSCognitoIdentityPoolRolesAttachmentExists(resourceName), + resource.TestCheckResourceAttrSet(resourceName, "identity_pool_id"), + resource.TestCheckResourceAttr(resourceName, "role_mapping.#", "0"), + resource.TestCheckResourceAttrSet(resourceName, "roles.authenticated"), ), }, { Config: testAccAWSCognitoIdentityPoolRolesAttachmentConfig_roleMappings(name), Check: resource.ComposeAggregateTestCheckFunc( - testAccCheckAWSCognitoIdentityPoolRolesAttachmentExists("aws_cognito_identity_pool_roles_attachment.main"), - resource.TestCheckResourceAttrSet("aws_cognito_identity_pool_roles_attachment.main", "identity_pool_id"), - resource.TestCheckResourceAttr("aws_cognito_identity_pool_roles_attachment.main", "role_mapping.#", "1"), - resource.TestCheckResourceAttrSet("aws_cognito_identity_pool_roles_attachment.main", "roles.authenticated"), + testAccCheckAWSCognitoIdentityPoolRolesAttachmentExists(resourceName), + resource.TestCheckResourceAttrSet(resourceName, "identity_pool_id"), + resource.TestCheckResourceAttr(resourceName, "role_mapping.#", "1"), + resource.TestCheckResourceAttrSet(resourceName, "roles.authenticated"), ), }, + { + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + }, { Config: testAccAWSCognitoIdentityPoolRolesAttachmentConfig_roleMappingsUpdated(name), Check: resource.ComposeAggregateTestCheckFunc( - testAccCheckAWSCognitoIdentityPoolRolesAttachmentExists("aws_cognito_identity_pool_roles_attachment.main"), - resource.TestCheckResourceAttrSet("aws_cognito_identity_pool_roles_attachment.main", "identity_pool_id"), - resource.TestCheckResourceAttr("aws_cognito_identity_pool_roles_attachment.main", "role_mapping.#", "1"), - resource.TestCheckResourceAttrSet("aws_cognito_identity_pool_roles_attachment.main", "roles.authenticated"), + testAccCheckAWSCognitoIdentityPoolRolesAttachmentExists(resourceName), + resource.TestCheckResourceAttrSet(resourceName, "identity_pool_id"), + resource.TestCheckResourceAttr(resourceName, "role_mapping.#", "1"), + resource.TestCheckResourceAttrSet(resourceName, "roles.authenticated"), + ), + }, + { + Config: testAccAWSCognitoIdentityPoolRolesAttachmentConfig_basic(name), + Check: resource.ComposeAggregateTestCheckFunc( + testAccCheckAWSCognitoIdentityPoolRolesAttachmentExists(resourceName), + resource.TestCheckResourceAttrSet(resourceName, "identity_pool_id"), + resource.TestCheckResourceAttr(resourceName, "role_mapping.#", "0"), + resource.TestCheckResourceAttrSet(resourceName, "roles.authenticated"), ), }, + }, + }) +} + +func TestAccAWSCognitoIdentityPoolRolesAttachment_disappears(t *testing.T) { + resourceName := "aws_cognito_identity_pool_roles_attachment.test" + name := acctest.RandStringFromCharSet(10, acctest.CharSetAlphaNum) + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSCognitoIdentity(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSCognitoIdentityPoolRolesAttachmentDestroy, + Steps: []resource.TestStep{ { Config: testAccAWSCognitoIdentityPoolRolesAttachmentConfig_basic(name), Check: resource.ComposeAggregateTestCheckFunc( - testAccCheckAWSCognitoIdentityPoolRolesAttachmentExists("aws_cognito_identity_pool_roles_attachment.main"), - resource.TestCheckResourceAttrSet("aws_cognito_identity_pool_roles_attachment.main", "identity_pool_id"), - resource.TestCheckResourceAttr("aws_cognito_identity_pool_roles_attachment.main", "role_mapping.#", "0"), - resource.TestCheckResourceAttrSet("aws_cognito_identity_pool_roles_attachment.main", "roles.authenticated"), + testAccCheckAWSCognitoIdentityPoolRolesAttachmentExists(resourceName), + testAccCheckResourceDisappears(testAccProvider, resourceAwsCognitoIdentityPoolRolesAttachment(), resourceName), ), + ExpectNonEmptyPlan: true, }, }, }) @@ -173,7 +205,7 @@ func testAccCheckAWSCognitoIdentityPoolRolesAttachmentDestroy(s *terraform.State }) if err != nil { - if wserr, ok := err.(awserr.Error); ok && wserr.Code() == "ResourceNotFoundException" { + if isAWSErr(err, cognitoidentity.ErrCodeResourceNotFoundException, "") { return nil } return err @@ -301,7 +333,7 @@ EOF func testAccAWSCognitoIdentityPoolRolesAttachmentConfig_basic(name string) string { return fmt.Sprintf(baseAWSCognitoIdentityPoolRolesAttachmentConfig(name) + ` -resource "aws_cognito_identity_pool_roles_attachment" "main" { +resource "aws_cognito_identity_pool_roles_attachment" "test" { identity_pool_id = "${aws_cognito_identity_pool.main.id}" roles = { @@ -313,7 +345,7 @@ resource "aws_cognito_identity_pool_roles_attachment" "main" { func testAccAWSCognitoIdentityPoolRolesAttachmentConfig_roleMappings(name string) string { return fmt.Sprintf(baseAWSCognitoIdentityPoolRolesAttachmentConfig(name) + ` -resource "aws_cognito_identity_pool_roles_attachment" "main" { +resource "aws_cognito_identity_pool_roles_attachment" "test" { identity_pool_id = "${aws_cognito_identity_pool.main.id}" role_mapping { @@ -338,7 +370,7 @@ resource "aws_cognito_identity_pool_roles_attachment" "main" { func testAccAWSCognitoIdentityPoolRolesAttachmentConfig_roleMappingsUpdated(name string) string { return fmt.Sprintf(baseAWSCognitoIdentityPoolRolesAttachmentConfig(name) + ` -resource "aws_cognito_identity_pool_roles_attachment" "main" { +resource "aws_cognito_identity_pool_roles_attachment" "test" { identity_pool_id = "${aws_cognito_identity_pool.main.id}" role_mapping { @@ -370,7 +402,7 @@ resource "aws_cognito_identity_pool_roles_attachment" "main" { func testAccAWSCognitoIdentityPoolRolesAttachmentConfig_roleMappingsWithAmbiguousRoleResolutionError(name string) string { return fmt.Sprintf(baseAWSCognitoIdentityPoolRolesAttachmentConfig(name) + ` -resource "aws_cognito_identity_pool_roles_attachment" "main" { +resource "aws_cognito_identity_pool_roles_attachment" "test" { identity_pool_id = "${aws_cognito_identity_pool.main.id}" role_mapping { @@ -394,7 +426,7 @@ resource "aws_cognito_identity_pool_roles_attachment" "main" { func testAccAWSCognitoIdentityPoolRolesAttachmentConfig_roleMappingsWithRulesTypeError(name string) string { return fmt.Sprintf(baseAWSCognitoIdentityPoolRolesAttachmentConfig(name) + ` -resource "aws_cognito_identity_pool_roles_attachment" "main" { +resource "aws_cognito_identity_pool_roles_attachment" "test" { identity_pool_id = "${aws_cognito_identity_pool.main.id}" role_mapping { @@ -412,7 +444,7 @@ resource "aws_cognito_identity_pool_roles_attachment" "main" { func testAccAWSCognitoIdentityPoolRolesAttachmentConfig_roleMappingsWithTokenTypeError(name string) string { return fmt.Sprintf(baseAWSCognitoIdentityPoolRolesAttachmentConfig(name) + ` -resource "aws_cognito_identity_pool_roles_attachment" "main" { +resource "aws_cognito_identity_pool_roles_attachment" "test" { identity_pool_id = "${aws_cognito_identity_pool.main.id}" role_mapping { diff --git a/website/docs/r/cognito_identity_pool_roles_attachment.markdown b/website/docs/r/cognito_identity_pool_roles_attachment.markdown index 4887460512f..b7b46997244 100644 --- a/website/docs/r/cognito_identity_pool_roles_attachment.markdown +++ b/website/docs/r/cognito_identity_pool_roles_attachment.markdown @@ -125,3 +125,11 @@ In addition to the arguments, which are exported, the following attributes are e * `identity_pool_id` (Required) - An identity pool ID in the format REGION:GUID. * `role_mapping` (Optional) - The List of [Role Mapping](#role-mappings). * `roles` (Required) - The map of roles associated with this pool. For a given role, the key will be either "authenticated" or "unauthenticated" and the value will be the Role ARN. + +## Import + +Cognito Identity Pool Roles Attachment can be imported using the Identity Pool id, e.g. + +``` +$ terraform import aws_cognito_identity_pool_roles_attachment.example +``` \ No newline at end of file From 7dc145fa9fe3e7cb08982c7cdececc2ee4dfce16 Mon Sep 17 00:00:00 2001 From: Ilia Lazebnik Date: Thu, 21 May 2020 00:04:29 +0300 Subject: [PATCH 276/475] Update efs_file_system_policy.html.markdown --- website/docs/r/efs_file_system_policy.html.markdown | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/website/docs/r/efs_file_system_policy.html.markdown b/website/docs/r/efs_file_system_policy.html.markdown index db4da868b24..375dc2bd907 100644 --- a/website/docs/r/efs_file_system_policy.html.markdown +++ b/website/docs/r/efs_file_system_policy.html.markdown @@ -53,7 +53,7 @@ POLICY The following arguments are supported: * `file_system_id` - (Required) The ID of the EFS file system. -* `policy` - (Required) The JSON formatted file system policy for the EFS file system. +* `policy` - (Required) The JSON formatted file system policy for the EFS file system. see [Docs](https://docs.aws.amazon.com/efs/latest/ug/access-control-overview.html#access-control-manage-access-intro-resource-policies) for more info. ## Attributes Reference From cd162b35f064069642b97bb158146b14f509751c Mon Sep 17 00:00:00 2001 From: angie pinilla Date: Wed, 20 May 2020 17:13:25 -0400 Subject: [PATCH 277/475] Update CHANGELOG for #12789 --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 30d061897b5..19ad0e2c953 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,6 +4,7 @@ FEATURES: * **New Data Source:** `aws_efs_access_point` [GH-11965] * **New Data Source:** `aws_wafv2_ip_set` [GH-12788] +* **New Data Source:** `aws_wafv2_regex_pattern_set` [GH-12789] * **New Resource:** `aws_efs_access_point` [GH-11965] * **New Resource:** `aws_wafv2_ip_set` [GH-12119] * **New Resource:** `aws_wafv2_regex_pattern_set` [GH-12284] From d6fdab12d36ea26536427f3e7bc63e4a7a23995a Mon Sep 17 00:00:00 2001 From: appilon Date: Wed, 20 May 2020 17:25:45 -0400 Subject: [PATCH 278/475] service/elbv2: Fix elbv2 errors by exporting attributes (#13400) * Fix elbv2 errors by exporting attributes Export `ip_address_type` and `load_balancing_algorithm_type` * Add test checks --- aws/data_source_aws_lb.go | 5 +++++ aws/data_source_aws_lb_target_group.go | 5 +++++ aws/data_source_aws_lb_target_group_test.go | 3 ++- aws/data_source_aws_lb_test.go | 2 ++ 4 files changed, 14 insertions(+), 1 deletion(-) diff --git a/aws/data_source_aws_lb.go b/aws/data_source_aws_lb.go index f855bff7459..6f5b35b448a 100644 --- a/aws/data_source_aws_lb.go +++ b/aws/data_source_aws_lb.go @@ -122,6 +122,11 @@ func dataSourceAwsLb() *schema.Resource { Computed: true, }, + "ip_address_type": { + Type: schema.TypeString, + Computed: true, + }, + "tags": tagsSchemaComputed(), }, } diff --git a/aws/data_source_aws_lb_target_group.go b/aws/data_source_aws_lb_target_group.go index a9f241bd08e..e23abd51fc4 100644 --- a/aws/data_source_aws_lb_target_group.go +++ b/aws/data_source_aws_lb_target_group.go @@ -65,6 +65,11 @@ func dataSourceAwsLbTargetGroup() *schema.Resource { Computed: true, }, + "load_balancing_algorithm_type": { + Type: schema.TypeString, + Computed: true, + }, + "target_type": { Type: schema.TypeString, Computed: true, diff --git a/aws/data_source_aws_lb_target_group_test.go b/aws/data_source_aws_lb_target_group_test.go index 6d2bf779ae7..742427d080a 100644 --- a/aws/data_source_aws_lb_target_group_test.go +++ b/aws/data_source_aws_lb_target_group_test.go @@ -26,8 +26,8 @@ func TestAccDataSourceAWSALBTargetGroup_basic(t *testing.T) { resource.TestCheckResourceAttrSet(resourceNameArn, "arn_suffix"), resource.TestCheckResourceAttr(resourceNameArn, "port", "8080"), resource.TestCheckResourceAttr(resourceNameArn, "protocol", "HTTP"), - resource.TestCheckResourceAttr(resourceNameArn, "protocol", "HTTP"), resource.TestCheckResourceAttrSet(resourceNameArn, "vpc_id"), + resource.TestCheckResourceAttrSet(resourceNameArn, "load_balancing_algorithm_type"), resource.TestCheckResourceAttr(resourceNameArn, "deregistration_delay", "300"), resource.TestCheckResourceAttr(resourceNameArn, "slow_start", "0"), resource.TestCheckResourceAttr(resourceNameArn, "tags.%", "1"), @@ -47,6 +47,7 @@ func TestAccDataSourceAWSALBTargetGroup_basic(t *testing.T) { resource.TestCheckResourceAttrSet(resourceName, "arn_suffix"), resource.TestCheckResourceAttr(resourceName, "port", "8080"), resource.TestCheckResourceAttr(resourceName, "protocol", "HTTP"), + resource.TestCheckResourceAttrSet(resourceName, "load_balancing_algorithm_type"), resource.TestCheckResourceAttrSet(resourceName, "vpc_id"), resource.TestCheckResourceAttr(resourceName, "deregistration_delay", "300"), resource.TestCheckResourceAttr(resourceName, "slow_start", "0"), diff --git a/aws/data_source_aws_lb_test.go b/aws/data_source_aws_lb_test.go index b1cd11e1184..0e9cea0fbb8 100644 --- a/aws/data_source_aws_lb_test.go +++ b/aws/data_source_aws_lb_test.go @@ -32,6 +32,7 @@ func TestAccDataSourceAWSLB_basic(t *testing.T) { resource.TestCheckResourceAttrSet(dataSourceName, "zone_id"), resource.TestCheckResourceAttrSet(dataSourceName, "dns_name"), resource.TestCheckResourceAttrSet(dataSourceName, "arn"), + resource.TestCheckResourceAttrSet(dataSourceName, "ip_address_type"), resource.TestCheckResourceAttr(dataSourceName2, "name", lbName), resource.TestCheckResourceAttr(dataSourceName2, "internal", "true"), resource.TestCheckResourceAttr(dataSourceName2, "subnets.#", "2"), @@ -44,6 +45,7 @@ func TestAccDataSourceAWSLB_basic(t *testing.T) { resource.TestCheckResourceAttrSet(dataSourceName2, "zone_id"), resource.TestCheckResourceAttrSet(dataSourceName2, "dns_name"), resource.TestCheckResourceAttrSet(dataSourceName2, "arn"), + resource.TestCheckResourceAttrSet(dataSourceName2, "ip_address_type"), ), }, }, From 65cfa8de9acb8a4ee9307efadd63fc48f6b8835b Mon Sep 17 00:00:00 2001 From: appilon Date: Wed, 20 May 2020 17:27:08 -0400 Subject: [PATCH 279/475] Update CHANGELOG.md --- CHANGELOG.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 19ad0e2c953..857be945916 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -11,6 +11,8 @@ FEATURES: ENHANCEMENTS: +* data-source/aws_lb: `ip_address_type` is now available [GH-13400] +* data-source/aws_lb_target_group: `load_balancing_algorithm_type` is now available [GH-13400] * data-source/aws_rds_cluster: `backtrack_window` attribute now available [GH-13362] * resource/aws_ecs_service: Add `force_new_deployment` argument [GH-13376] * resource/aws_ecs_service: Support in-place updates for `ordered_placement_strategy` and `placement_constraints` [GH-13376] From 23d3ebc23e23c5578092f303640a451819a31f7e Mon Sep 17 00:00:00 2001 From: appilon Date: Wed, 20 May 2020 17:31:23 -0400 Subject: [PATCH 280/475] Update CHANGELOG.md --- CHANGELOG.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 857be945916..cead4eb06ec 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -11,8 +11,8 @@ FEATURES: ENHANCEMENTS: -* data-source/aws_lb: `ip_address_type` is now available [GH-13400] -* data-source/aws_lb_target_group: `load_balancing_algorithm_type` is now available [GH-13400] +* data-source/aws_lb: Add `ip_address_type` attribute [GH-13400] +* data-source/aws_lb_target_group: Add `load_balancing_algorithm_type` attribute [GH-13400] * data-source/aws_rds_cluster: `backtrack_window` attribute now available [GH-13362] * resource/aws_ecs_service: Add `force_new_deployment` argument [GH-13376] * resource/aws_ecs_service: Support in-place updates for `ordered_placement_strategy` and `placement_constraints` [GH-13376] From 487f0ced81ab3aa665b0e1d6d59f60ca2ef9fb79 Mon Sep 17 00:00:00 2001 From: Simon Davis Date: Wed, 20 May 2020 14:33:28 -0700 Subject: [PATCH 281/475] add new files. Teamcity snippet --- docs/MAINTAINING.md | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/docs/MAINTAINING.md b/docs/MAINTAINING.md index d94ceaa578c..c44e8f82f69 100644 --- a/docs/MAINTAINING.md +++ b/docs/MAINTAINING.md @@ -78,9 +78,14 @@ Ensure that the following steps are tracked within the issue and completed withi - Update go version in `go.mod` - Verify all formatting, linting, and testing works as expected -- Verify `gox` builds for all currently supported architectures +- Verify `gox` builds for all currently supported architectures: +``` +gox -os='linux darwin windows freebsd openbsd solaris' -arch='386 amd64 arm' -osarch='!darwin/arm !darwin/386' -ldflags '-s -w -X aws/version.ProviderVersion=99.99.99 -X aws/version.ProtocolVersion=4' -output 'results/{{.OS}}_{{.Arch}}/terraform-provider-aws_v99.99.99_x4' . +``` - Verify `goenv` support for the new version - Update `docs/DEVELOPMENT.md` +- Update `.github/workflows/*.yml` +- Update `.go-version` - Update `.travis.yml` - Update `CHANGELOG.md` detailing the update and mention any notes practitioners need to be aware of. From 477ee311b4b2cd8746ac1209dea8d0c5bd2e48b8 Mon Sep 17 00:00:00 2001 From: appilon Date: Wed, 20 May 2020 17:40:02 -0400 Subject: [PATCH 282/475] service/cloudwatchlog: Fix schema error (#13411) * Fix schema error convert float to string, use aws value helpers * use aws.Float64Value * Update aws/resource_aws_cloudwatch_log_metric_filter.go Co-authored-by: Brian Flad Co-authored-by: Brian Flad --- aws/resource_aws_cloudwatch_log_metric_filter.go | 4 +++- aws/structure.go | 8 ++++---- 2 files changed, 7 insertions(+), 5 deletions(-) diff --git a/aws/resource_aws_cloudwatch_log_metric_filter.go b/aws/resource_aws_cloudwatch_log_metric_filter.go index e8cd1b08f33..91389c3fd2c 100644 --- a/aws/resource_aws_cloudwatch_log_metric_filter.go +++ b/aws/resource_aws_cloudwatch_log_metric_filter.go @@ -139,7 +139,9 @@ func resourceAwsCloudWatchLogMetricFilterRead(d *schema.ResourceData, meta inter d.Set("name", mf.FilterName) d.Set("pattern", mf.FilterPattern) - d.Set("metric_transformation", flattenCloudWatchLogMetricTransformations(mf.MetricTransformations)) + if err := d.Set("metric_transformation", flattenCloudWatchLogMetricTransformations(mf.MetricTransformations)); err != nil { + return fmt.Errorf("error setting metric_transformation: %s", err) + } return nil } diff --git a/aws/structure.go b/aws/structure.go index 71997fe1ef0..167cc95cf4c 100644 --- a/aws/structure.go +++ b/aws/structure.go @@ -1986,14 +1986,14 @@ func flattenCloudWatchLogMetricTransformations(ts []*cloudwatchlogs.MetricTransf mts := make([]interface{}, 0) m := make(map[string]interface{}) - m["name"] = *ts[0].MetricName - m["namespace"] = *ts[0].MetricNamespace - m["value"] = *ts[0].MetricValue + m["name"] = aws.StringValue(ts[0].MetricName) + m["namespace"] = aws.StringValue(ts[0].MetricNamespace) + m["value"] = aws.StringValue(ts[0].MetricValue) if ts[0].DefaultValue == nil { m["default_value"] = "" } else { - m["default_value"] = *ts[0].DefaultValue + m["default_value"] = strconv.FormatFloat(aws.Float64Value(ts[0].DefaultValue), 'f', -1, 64) } mts = append(mts, m) From 5740e713f487f49598ae7b6cc093688965414feb Mon Sep 17 00:00:00 2001 From: appilon Date: Wed, 20 May 2020 17:41:04 -0400 Subject: [PATCH 283/475] Update CHANGELOG.md --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index cead4eb06ec..bfe62c2299c 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -20,6 +20,7 @@ ENHANCEMENTS: BUG FIXES: +* resource/cloudwatch_log_metric_filter: `metric_transformation` `default_value` now properly set [GH-13411] * data-source/aws_db_instance: `auto_minor_version_upgrade` attribute now properly set [GH-13362] * resource/aws_autoscaling_group: `tags` `propagate_at_launch` attribute now properly set [GH-13360] * resource/aws_eks_node_group: Only pass `release_version` value during `UpdateNodegroupVersion` if changed [GH-13407] From 290cad0cefc61d57ee2f4095b1d29b61062becde Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 20 May 2020 19:24:37 -0400 Subject: [PATCH 284/475] Update module hashicorp/terraform-plugin-sdk to v1.13.0 (#13429) Co-authored-by: Renovate Bot --- go.mod | 2 +- go.sum | 4 ++-- .../terraform-plugin-sdk/helper/hashcode/hashcode.go | 8 ++++++++ .../terraform-plugin-sdk/helper/mutexkv/mutexkv.go | 12 ++++++++++++ .../terraform-plugin-sdk/helper/resource/testing.go | 3 ++- .../terraform-plugin-sdk/httpclient/useragent.go | 4 ++++ .../hashicorp/terraform-plugin-sdk/meta/meta.go | 2 +- vendor/modules.txt | 2 +- 8 files changed, 31 insertions(+), 6 deletions(-) diff --git a/go.mod b/go.mod index 573f3a61b1f..e6353d0a3fa 100644 --- a/go.mod +++ b/go.mod @@ -13,7 +13,7 @@ require ( github.com/hashicorp/go-cleanhttp v0.5.1 github.com/hashicorp/go-multierror v1.0.0 github.com/hashicorp/go-version v1.2.0 - github.com/hashicorp/terraform-plugin-sdk v1.12.0 + github.com/hashicorp/terraform-plugin-sdk v1.13.0 github.com/hashicorp/vault v0.10.4 github.com/jen20/awspolicyequivalence v1.1.0 github.com/katbyte/terrafmt v0.2.1-0.20200303174203-e6a3e82cb21b diff --git a/go.sum b/go.sum index ad5339e2676..a0b133ecb19 100644 --- a/go.sum +++ b/go.sum @@ -266,8 +266,8 @@ github.com/hashicorp/terraform-json v0.5.0 h1:7TV3/F3y7QVSuN4r9BEXqnWqrAyeOtON8f github.com/hashicorp/terraform-json v0.5.0/go.mod h1:eAbqb4w0pSlRmdvl8fOyHAi/+8jnkVYN28gJkSJrLhU= github.com/hashicorp/terraform-plugin-sdk v1.7.0 h1:B//oq0ZORG+EkVrIJy0uPGSonvmXqxSzXe8+GhknoW0= github.com/hashicorp/terraform-plugin-sdk v1.7.0/go.mod h1:OjgQmey5VxnPej/buEhe+YqKm0KNvV3QqU4hkqHqPCY= -github.com/hashicorp/terraform-plugin-sdk v1.12.0 h1:HPp65ShSsKUMPf6jD50UQn/xAjyrGVO4FxI63bvu+pc= -github.com/hashicorp/terraform-plugin-sdk v1.12.0/go.mod h1:HiWIPD/T9HixIhQUwaSoDQxo4BLFdmiBi/Qz5gjB8Q0= +github.com/hashicorp/terraform-plugin-sdk v1.13.0 h1:8v2/ZNiI12OHxEn8pzJ3noCHyRc0biKbKj+iFv5ZWKw= +github.com/hashicorp/terraform-plugin-sdk v1.13.0/go.mod h1:HiWIPD/T9HixIhQUwaSoDQxo4BLFdmiBi/Qz5gjB8Q0= github.com/hashicorp/terraform-plugin-test v1.2.0 h1:AWFdqyfnOj04sxTdaAF57QqvW7XXrT8PseUHkbKsE8I= github.com/hashicorp/terraform-plugin-test v1.2.0/go.mod h1:QIJHYz8j+xJtdtLrFTlzQVC0ocr3rf/OjIpgZLK56Hs= github.com/hashicorp/terraform-plugin-test v1.3.0 h1:hU5LoxrOn9qvOo+LTKN6mSav2J+dAMprbdxJPEQvp4U= diff --git a/vendor/github.com/hashicorp/terraform-plugin-sdk/helper/hashcode/hashcode.go b/vendor/github.com/hashicorp/terraform-plugin-sdk/helper/hashcode/hashcode.go index 6ccc5231834..f0c022dd235 100644 --- a/vendor/github.com/hashicorp/terraform-plugin-sdk/helper/hashcode/hashcode.go +++ b/vendor/github.com/hashicorp/terraform-plugin-sdk/helper/hashcode/hashcode.go @@ -8,6 +8,10 @@ import ( // String hashes a string to a unique hashcode. // +// Deprecated: This will be removed in v2 without replacement. If you need +// its functionality, you can copy it, import crc32 directly, or reference the +// v1 package. +// // crc32 returns a uint32, but for our use we need // and non negative integer. Here we cast to an integer // and invert it if the result is negative. @@ -24,6 +28,10 @@ func String(s string) int { } // Strings hashes a list of strings to a unique hashcode. +// +// Deprecated: This will be removed in v2 without replacement. If you need +// its functionality, you can copy it, import crc32 directly, or reference the +// v1 package. func Strings(strings []string) string { var buf bytes.Buffer diff --git a/vendor/github.com/hashicorp/terraform-plugin-sdk/helper/mutexkv/mutexkv.go b/vendor/github.com/hashicorp/terraform-plugin-sdk/helper/mutexkv/mutexkv.go index 6917f2142bd..427ac9c88ad 100644 --- a/vendor/github.com/hashicorp/terraform-plugin-sdk/helper/mutexkv/mutexkv.go +++ b/vendor/github.com/hashicorp/terraform-plugin-sdk/helper/mutexkv/mutexkv.go @@ -9,6 +9,9 @@ import ( // serialize changes across arbitrary collaborators that share knowledge of the // keys they must serialize on. // +// Deprecated: This will be removed in v2 without replacement. If you need +// its functionality, you can copy it or reference the v1 package. +// // The initial use case is to let aws_security_group_rule resources serialize // their access to individual security groups based on SG ID. type MutexKV struct { @@ -18,6 +21,9 @@ type MutexKV struct { // Locks the mutex for the given key. Caller is responsible for calling Unlock // for the same key +// +// Deprecated: This will be removed in v2 without replacement. If you need +// its functionality, you can copy it or reference the v1 package. func (m *MutexKV) Lock(key string) { log.Printf("[DEBUG] Locking %q", key) m.get(key).Lock() @@ -25,6 +31,9 @@ func (m *MutexKV) Lock(key string) { } // Unlock the mutex for the given key. Caller must have called Lock for the same key first +// +// Deprecated: This will be removed in v2 without replacement. If you need +// its functionality, you can copy it or reference the v1 package. func (m *MutexKV) Unlock(key string) { log.Printf("[DEBUG] Unlocking %q", key) m.get(key).Unlock() @@ -44,6 +53,9 @@ func (m *MutexKV) get(key string) *sync.Mutex { } // Returns a properly initalized MutexKV +// +// Deprecated: This will be removed in v2 without replacement. If you need +// its functionality, you can copy it or reference the v1 package. func NewMutexKV() *MutexKV { return &MutexKV{ store: make(map[string]*sync.Mutex), diff --git a/vendor/github.com/hashicorp/terraform-plugin-sdk/helper/resource/testing.go b/vendor/github.com/hashicorp/terraform-plugin-sdk/helper/resource/testing.go index 1f63e615d29..e9e8129827a 100644 --- a/vendor/github.com/hashicorp/terraform-plugin-sdk/helper/resource/testing.go +++ b/vendor/github.com/hashicorp/terraform-plugin-sdk/helper/resource/testing.go @@ -338,7 +338,8 @@ type TestCase struct { // DisableBinaryDriver forces this test case to run using the legacy test // driver, even if the binary test driver has been enabled. - // This property will be removed in version 2.0.0 of the SDK. + // + // Deprecated: This property will be removed in version 2.0.0 of the SDK. DisableBinaryDriver bool } diff --git a/vendor/github.com/hashicorp/terraform-plugin-sdk/httpclient/useragent.go b/vendor/github.com/hashicorp/terraform-plugin-sdk/httpclient/useragent.go index 36b494c0149..158b499e7c3 100644 --- a/vendor/github.com/hashicorp/terraform-plugin-sdk/httpclient/useragent.go +++ b/vendor/github.com/hashicorp/terraform-plugin-sdk/httpclient/useragent.go @@ -11,6 +11,10 @@ import ( const uaEnvVar = "TF_APPEND_USER_AGENT" +// TerraformUserAgent returns a User-Agent header for a Terraform version string. +// +// Deprecated: This will be removed in v2 without replacement. If you need +// its functionality, you can copy it or reference the v1 package. func TerraformUserAgent(version string) string { ua := fmt.Sprintf("HashiCorp Terraform/%s (+https://www.terraform.io) Terraform Plugin SDK/%s", version, meta.SDKVersionString()) diff --git a/vendor/github.com/hashicorp/terraform-plugin-sdk/meta/meta.go b/vendor/github.com/hashicorp/terraform-plugin-sdk/meta/meta.go index 345d1cab6d4..f4a2182124f 100644 --- a/vendor/github.com/hashicorp/terraform-plugin-sdk/meta/meta.go +++ b/vendor/github.com/hashicorp/terraform-plugin-sdk/meta/meta.go @@ -11,7 +11,7 @@ import ( ) // The main version number that is being run at the moment. -var SDKVersion = "1.12.0" +var SDKVersion = "1.13.0" // A pre-release marker for the version. If this is "" (empty string) // then it means that it is a final release. Otherwise, this is a pre-release diff --git a/vendor/modules.txt b/vendor/modules.txt index 7d6434710d2..c263e525970 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -529,7 +529,7 @@ github.com/hashicorp/logutils github.com/hashicorp/terraform-config-inspect/tfconfig # github.com/hashicorp/terraform-json v0.5.0 github.com/hashicorp/terraform-json -# github.com/hashicorp/terraform-plugin-sdk v1.12.0 +# github.com/hashicorp/terraform-plugin-sdk v1.13.0 github.com/hashicorp/terraform-plugin-sdk/acctest github.com/hashicorp/terraform-plugin-sdk/helper/acctest github.com/hashicorp/terraform-plugin-sdk/helper/customdiff From c187e6faa8f5403b0e8f26fe74988389b3c5b6cd Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 20 May 2020 20:55:38 -0400 Subject: [PATCH 285/475] Update module aws/aws-sdk-go to v1.31.2 (#13399) * Update module aws/aws-sdk-go to v1.31.2 * deps: Add missing github.com/aws/aws-sdk-go@v1.31.2 checksum Co-authored-by: Renovate Bot Co-authored-by: Brian Flad --- go.mod | 2 +- go.sum | 4 +- .../aws/aws-sdk-go/aws/endpoints/defaults.go | 12 + .../github.com/aws/aws-sdk-go/aws/version.go | 2 +- .../service/applicationautoscaling/api.go | 83 +- .../service/applicationautoscaling/doc.go | 2 +- .../aws/aws-sdk-go/service/appmesh/api.go | 205 ++- .../aws/aws-sdk-go/service/appmesh/doc.go | 2 +- .../aws/aws-sdk-go/service/appmesh/errors.go | 2 +- .../aws/aws-sdk-go/service/backup/api.go | 330 ++++- .../aws/aws-sdk-go/service/codedeploy/api.go | 485 +++++- .../aws-sdk-go/service/codedeploy/errors.go | 12 +- .../aws/aws-sdk-go/service/ec2/api.go | 96 +- .../aws/aws-sdk-go/service/medialive/api.go | 1311 ++++++++++++++++- .../aws-sdk-go/service/medialive/waiters.go | 173 +++ .../aws/aws-sdk-go/service/securityhub/api.go | 228 ++- vendor/modules.txt | 2 +- 17 files changed, 2639 insertions(+), 312 deletions(-) diff --git a/go.mod b/go.mod index e6353d0a3fa..a6f0a85b5de 100644 --- a/go.mod +++ b/go.mod @@ -3,7 +3,7 @@ module github.com/terraform-providers/terraform-provider-aws go 1.13 require ( - github.com/aws/aws-sdk-go v1.31.0 + github.com/aws/aws-sdk-go v1.31.2 github.com/beevik/etree v1.1.0 github.com/bflad/tfproviderdocs v0.6.0 github.com/bflad/tfproviderlint v0.14.0 diff --git a/go.sum b/go.sum index a0b133ecb19..ee2aecf6890 100644 --- a/go.sum +++ b/go.sum @@ -39,8 +39,8 @@ github.com/armon/go-radix v1.0.0 h1:F4z6KzEeeQIMeLFa97iZU6vupzoecKdU5TX24SNppXI= github.com/armon/go-radix v1.0.0/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgIH9cCH8= github.com/aws/aws-sdk-go v1.15.78/go.mod h1:E3/ieXAlvM0XWO57iftYVDLLvQ824smPP3ATZkfNZeM= github.com/aws/aws-sdk-go v1.25.3/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpiN924inxo= -github.com/aws/aws-sdk-go v1.31.0 h1:ITLZ0oy7IOB1NGt2Ee75bLevBaH1jaAXE2eyGbPRbCg= -github.com/aws/aws-sdk-go v1.31.0/go.mod h1:5zCpMtNQVjRREroY7sYe8lOMRSxkhG6MZveU8YkpAk0= +github.com/aws/aws-sdk-go v1.31.2 h1:REYLkyG1EGES8SJS0QsUwvWix9oQwUbJ8HLgMxUHpKo= +github.com/aws/aws-sdk-go v1.31.2/go.mod h1:5zCpMtNQVjRREroY7sYe8lOMRSxkhG6MZveU8YkpAk0= github.com/beevik/etree v1.1.0 h1:T0xke/WvNtMoCqgzPhkX2r4rjY3GDZFi+FjpRZY2Jbs= github.com/beevik/etree v1.1.0/go.mod h1:r8Aw8JqVegEf0w2fDnATrX9VpkMcyFeM0FhwO62wh+A= github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= diff --git a/vendor/github.com/aws/aws-sdk-go/aws/endpoints/defaults.go b/vendor/github.com/aws/aws-sdk-go/aws/endpoints/defaults.go index b976086aba7..4202e826aa5 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/endpoints/defaults.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/endpoints/defaults.go @@ -4717,10 +4717,22 @@ var awsPartition = partition{ "schemas": service{ Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, + "ap-northeast-2": endpoint{}, + "ap-south-1": endpoint{}, + "ap-southeast-1": endpoint{}, + "ap-southeast-2": endpoint{}, + "ca-central-1": endpoint{}, + "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, "eu-west-1": endpoint{}, + "eu-west-2": endpoint{}, + "eu-west-3": endpoint{}, + "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, + "us-west-1": endpoint{}, "us-west-2": endpoint{}, }, }, diff --git a/vendor/github.com/aws/aws-sdk-go/aws/version.go b/vendor/github.com/aws/aws-sdk-go/aws/version.go index 8b19a543464..2569d20f9ac 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/version.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/version.go @@ -5,4 +5,4 @@ package aws const SDKName = "aws-sdk-go" // SDKVersion is the version of this SDK -const SDKVersion = "1.31.0" +const SDKVersion = "1.31.2" diff --git a/vendor/github.com/aws/aws-sdk-go/service/applicationautoscaling/api.go b/vendor/github.com/aws/aws-sdk-go/service/applicationautoscaling/api.go index a4cce2c0b42..3ff3af132a8 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/applicationautoscaling/api.go +++ b/vendor/github.com/aws/aws-sdk-go/service/applicationautoscaling/api.go @@ -998,6 +998,14 @@ func (c *ApplicationAutoScaling) PutScalingPolicyRequest(input *PutScalingPolicy // uses the policy with the highest calculated capacity (200% of 10 = 20) and // scales out to 30. // +// We recommend caution, however, when using target tracking scaling policies +// with step scaling policies because conflicts between these policies can cause +// undesirable behavior. For example, if the step scaling policy initiates a +// scale-in activity before the target tracking policy is ready to scale in, +// the scale-in activity will not be blocked. After the scale-in activity completes, +// the target tracking policy could instruct the scalable target to scale out +// again. +// // For more information, see Target Tracking Scaling Policies (https://docs.aws.amazon.com/autoscaling/application/userguide/application-auto-scaling-target-tracking.html) // and Step Scaling Policies (https://docs.aws.amazon.com/autoscaling/application/userguide/application-auto-scaling-step-scaling-policies.html) // in the Application Auto Scaling User Guide. @@ -3332,7 +3340,7 @@ type PutScalingPolicyInput struct { // TargetTrackingScaling—Not supported for Amazon EMR // // StepScaling—Not supported for DynamoDB, Amazon Comprehend, Lambda, or Amazon - // Keyspaces for Apache Cassandra. + // Keyspaces (for Apache Cassandra). // // For more information, see Target Tracking Scaling Policies (https://docs.aws.amazon.com/autoscaling/application/userguide/application-auto-scaling-target-tracking.html) // and Step Scaling Policies (https://docs.aws.amazon.com/autoscaling/application/userguide/application-auto-scaling-step-scaling-policies.html) @@ -4084,12 +4092,12 @@ type ScalableTarget struct { // CreationTime is a required field CreationTime *time.Time `type:"timestamp" required:"true"` - // The maximum value to scale to in response to a scale-out event. + // The maximum value to scale to in response to a scale-out activity. // // MaxCapacity is a required field MaxCapacity *int64 `type:"integer" required:"true"` - // The minimum value to scale to in response to a scale-in event. + // The minimum value to scale to in response to a scale-in activity. // // MinCapacity is a required field MinCapacity *int64 `type:"integer" required:"true"` @@ -5062,27 +5070,27 @@ type StepScalingPolicyConfiguration struct { // AdjustmentType is required if you are adding a new step scaling policy configuration. AdjustmentType *string `type:"string" enum:"AdjustmentType"` - // The amount of time, in seconds, after a scaling activity completes where - // previous trigger-related scaling activities can influence future scaling - // events. - // - // For scale-out policies, while the cooldown period is in effect, the capacity - // that has been added by the previous scale-out action that initiated the cooldown - // is calculated as part of the desired capacity for the next scale out. The - // intention is to continuously (but not excessively) scale out. For example, - // an alarm triggers a step scaling policy to scale out an Amazon ECS service - // by 2 tasks, the scaling activity completes successfully, and a cooldown period - // of 5 minutes starts. During the cooldown period, if the alarm triggers the - // same policy again but at a more aggressive step adjustment to scale out the - // service by 3 tasks, the 2 tasks that were added in the previous scale-out - // action are considered part of that capacity and only 1 additional task is - // added to the desired count. - // - // For scale-in policies, the cooldown period is used to block subsequent scale-in - // requests until it has expired. The intention is to scale in conservatively - // to protect your application's availability. However, if another alarm triggers - // a scale-out policy during the cooldown period after a scale-in, Application - // Auto Scaling scales out your scalable target immediately. + // The amount of time, in seconds, to wait for a previous scaling activity to + // take effect. + // + // With scale-out policies, the intention is to continuously (but not excessively) + // scale out. After Application Auto Scaling successfully scales out using a + // step scaling policy, it starts to calculate the cooldown time. While the + // cooldown period is in effect, capacity added by the initiating scale-out + // activity is calculated as part of the desired capacity for the next scale-out + // activity. For example, when an alarm triggers a step scaling policy to increase + // the capacity by 2, the scaling activity completes successfully, and a cooldown + // period starts. If the alarm triggers again during the cooldown period but + // at a more aggressive step adjustment of 3, the previous increase of 2 is + // considered part of the current capacity. Therefore, only 1 is added to the + // capacity. + // + // With scale-in policies, the intention is to scale in conservatively to protect + // your application’s availability, so scale-in activities are blocked until + // the cooldown period has expired. However, if another alarm triggers a scale-out + // activity during the cooldown period after a scale-in activity, Application + // Auto Scaling scales out the target immediately. In this case, the cooldown + // period for the scale-in activity stops and doesn't complete. // // Application Auto Scaling provides a default value of 300 for the following // scalable targets: @@ -5267,13 +5275,14 @@ type TargetTrackingScalingPolicyConfiguration struct { PredefinedMetricSpecification *PredefinedMetricSpecification `type:"structure"` // The amount of time, in seconds, after a scale-in activity completes before - // another scale in activity can start. + // another scale-in activity can start. // - // The cooldown period is used to block subsequent scale-in requests until it - // has expired. The intention is to scale in conservatively to protect your - // application's availability. However, if another alarm triggers a scale-out - // policy during the cooldown period after a scale-in, Application Auto Scaling - // scales out your scalable target immediately. + // With the scale-in cooldown period, the intention is to scale in conservatively + // to protect your application’s availability, so scale-in activities are + // blocked until the cooldown period has expired. However, if another alarm + // triggers a scale-out activity during the scale-in cooldown period, Application + // Auto Scaling scales out the target immediately. In this case, the scale-in + // cooldown period stops and doesn't complete. // // Application Auto Scaling provides a default value of 300 for the following // scalable targets: @@ -5305,13 +5314,15 @@ type TargetTrackingScalingPolicyConfiguration struct { // * Amazon Keyspaces tables ScaleInCooldown *int64 `type:"integer"` - // The amount of time, in seconds, after a scale-out activity completes before - // another scale-out activity can start. + // The amount of time, in seconds, to wait for a previous scale-out activity + // to take effect. // - // While the cooldown period is in effect, the capacity that has been added - // by the previous scale-out action that initiated the cooldown is calculated - // as part of the desired capacity for the next scale out. The intention is - // to continuously (but not excessively) scale out. + // With the scale-out cooldown period, the intention is to continuously (but + // not excessively) scale out. After Application Auto Scaling successfully scales + // out using a target tracking scaling policy, it starts to calculate the cooldown + // time. While the scale-out cooldown period is in effect, the capacity added + // by the initiating scale-out activity is calculated as part of the desired + // capacity for the next scale-out activity. // // Application Auto Scaling provides a default value of 300 for the following // scalable targets: diff --git a/vendor/github.com/aws/aws-sdk-go/service/applicationautoscaling/doc.go b/vendor/github.com/aws/aws-sdk-go/service/applicationautoscaling/doc.go index 88feeb8edb1..8bc83b04ef5 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/applicationautoscaling/doc.go +++ b/vendor/github.com/aws/aws-sdk-go/service/applicationautoscaling/doc.go @@ -26,7 +26,7 @@ // // * AWS Lambda function provisioned concurrency // -// * Amazon Keyspaces for Apache Cassandra tables +// * Amazon Keyspaces (for Apache Cassandra) tables // // API Summary // diff --git a/vendor/github.com/aws/aws-sdk-go/service/appmesh/api.go b/vendor/github.com/aws/aws-sdk-go/service/appmesh/api.go index 18cb1a9452a..7e56ed429fb 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/appmesh/api.go +++ b/vendor/github.com/aws/aws-sdk-go/service/appmesh/api.go @@ -57,12 +57,14 @@ func (c *AppMesh) CreateMeshRequest(input *CreateMeshInput) (req *request.Reques // CreateMesh API operation for AWS App Mesh. // -// Creates a service mesh. A service mesh is a logical boundary for network -// traffic between the services that reside within it. +// Creates a service mesh. // -// After you create your service mesh, you can create virtual services, virtual -// nodes, virtual routers, and routes to distribute traffic between the applications -// in your mesh. +// A service mesh is a logical boundary for network traffic between services +// that are represented by resources within the mesh. After you create your +// service mesh, you can create virtual services, virtual nodes, virtual routers, +// and routes to distribute traffic between the applications in your mesh. +// +// For more information about service meshes, see Service meshes (https://docs.aws.amazon.com/app-mesh/latest/userguide/meshes.html). // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -89,7 +91,7 @@ func (c *AppMesh) CreateMeshRequest(input *CreateMeshInput) (req *request.Reques // // * LimitExceededException // You have exceeded a service limit for your account. For more information, -// see Service Limits (https://docs.aws.amazon.com/app-mesh/latest/userguide/service_limits.html) +// see Service Limits (https://docs.aws.amazon.com/app-mesh/latest/userguide/service-quotas.html) // in the AWS App Mesh User Guide. // // * NotFoundException @@ -171,13 +173,8 @@ func (c *AppMesh) CreateRouteRequest(input *CreateRouteInput) (req *request.Requ // // Creates a route that is associated with a virtual router. // -// You can use the prefix parameter in your route specification for path-based -// routing of requests. For example, if your virtual service name is my-service.local -// and you want the route to match requests to my-service.local/metrics, your -// prefix should be /metrics. -// -// If your route matches a request, you can distribute traffic to one or more -// target virtual nodes with relative weighting. +// You can route several different protocols and define a retry policy for a +// route. Traffic can be routed to one or more virtual nodes. // // For more information about routes, see Routes (https://docs.aws.amazon.com/app-mesh/latest/userguide/routes.html). // @@ -206,7 +203,7 @@ func (c *AppMesh) CreateRouteRequest(input *CreateRouteInput) (req *request.Requ // // * LimitExceededException // You have exceeded a service limit for your account. For more information, -// see Service Limits (https://docs.aws.amazon.com/app-mesh/latest/userguide/service_limits.html) +// see Service Limits (https://docs.aws.amazon.com/app-mesh/latest/userguide/service-quotas.html) // in the AWS App Mesh User Guide. // // * NotFoundException @@ -290,11 +287,13 @@ func (c *AppMesh) CreateVirtualNodeRequest(input *CreateVirtualNodeInput) (req * // // A virtual node acts as a logical pointer to a particular task group, such // as an Amazon ECS service or a Kubernetes deployment. When you create a virtual -// node, you can specify the service discovery information for your task group. +// node, you can specify the service discovery information for your task group, +// and whether the proxy running in a task group will communicate with other +// proxies using Transport Layer Security (TLS). // -// Any inbound traffic that your virtual node expects should be specified as -// a listener. Any outbound traffic that your virtual node expects to reach -// should be specified as a backend. +// You define a listener for any inbound traffic that your virtual node expects. +// Any virtual service that your virtual node expects to communicate to is specified +// as a backend. // // The response metadata for your new virtual node contains the arn that is // associated with the virtual node. Set this value (either the full ARN or @@ -307,7 +306,7 @@ func (c *AppMesh) CreateVirtualNodeRequest(input *CreateVirtualNodeInput) (req * // override the node.cluster value that is set by APPMESH_VIRTUAL_NODE_NAME // with the APPMESH_VIRTUAL_NODE_CLUSTER environment variable. // -// For more information about virtual nodes, see Virtual Nodes (https://docs.aws.amazon.com/app-mesh/latest/userguide/virtual_nodes.html). +// For more information about virtual nodes, see Virtual nodes (https://docs.aws.amazon.com/app-mesh/latest/userguide/virtual_nodes.html). // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -334,7 +333,7 @@ func (c *AppMesh) CreateVirtualNodeRequest(input *CreateVirtualNodeInput) (req * // // * LimitExceededException // You have exceeded a service limit for your account. For more information, -// see Service Limits (https://docs.aws.amazon.com/app-mesh/latest/userguide/service_limits.html) +// see Service Limits (https://docs.aws.amazon.com/app-mesh/latest/userguide/service-quotas.html) // in the AWS App Mesh User Guide. // // * NotFoundException @@ -416,14 +415,13 @@ func (c *AppMesh) CreateVirtualRouterRequest(input *CreateVirtualRouterInput) (r // // Creates a virtual router within a service mesh. // -// Any inbound traffic that your virtual router expects should be specified -// as a listener. -// +// Specify a listener for any inbound traffic that your virtual router receives. +// Create a virtual router for each protocol and port that you need to route. // Virtual routers handle traffic for one or more virtual services within your // mesh. After you create your virtual router, create and associate routes for // your virtual router that direct incoming requests to different virtual nodes. // -// For more information about virtual routers, see Virtual Routers (https://docs.aws.amazon.com/app-mesh/latest/userguide/virtual_routers.html). +// For more information about virtual routers, see Virtual routers (https://docs.aws.amazon.com/app-mesh/latest/userguide/virtual_routers.html). // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -450,7 +448,7 @@ func (c *AppMesh) CreateVirtualRouterRequest(input *CreateVirtualRouterInput) (r // // * LimitExceededException // You have exceeded a service limit for your account. For more information, -// see Service Limits (https://docs.aws.amazon.com/app-mesh/latest/userguide/service_limits.html) +// see Service Limits (https://docs.aws.amazon.com/app-mesh/latest/userguide/service-quotas.html) // in the AWS App Mesh User Guide. // // * NotFoundException @@ -538,7 +536,7 @@ func (c *AppMesh) CreateVirtualServiceRequest(input *CreateVirtualServiceInput) // are routed to the virtual node or virtual router that is specified as the // provider for the virtual service. // -// For more information about virtual services, see Virtual Services (https://docs.aws.amazon.com/app-mesh/latest/userguide/virtual_services.html). +// For more information about virtual services, see Virtual services (https://docs.aws.amazon.com/app-mesh/latest/userguide/virtual_services.html). // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -565,7 +563,7 @@ func (c *AppMesh) CreateVirtualServiceRequest(input *CreateVirtualServiceInput) // // * LimitExceededException // You have exceeded a service limit for your account. For more information, -// see Service Limits (https://docs.aws.amazon.com/app-mesh/latest/userguide/service_limits.html) +// see Service Limits (https://docs.aws.amazon.com/app-mesh/latest/userguide/service-quotas.html) // in the AWS App Mesh User Guide. // // * NotFoundException @@ -1081,6 +1079,10 @@ func (c *AppMesh) DeleteVirtualServiceRequest(input *DeleteVirtualServiceInput) // * NotFoundException // The specified resource doesn't exist. Check your request syntax and try again. // +// * ResourceInUseException +// You can't delete the specified resource because it's in use or required by +// another resource. +// // * ServiceUnavailableException // The request has failed due to a temporary failure of the service. // @@ -2903,7 +2905,7 @@ func (c *AppMesh) UpdateRouteRequest(input *UpdateRouteInput) (req *request.Requ // // * LimitExceededException // You have exceeded a service limit for your account. For more information, -// see Service Limits (https://docs.aws.amazon.com/app-mesh/latest/userguide/service_limits.html) +// see Service Limits (https://docs.aws.amazon.com/app-mesh/latest/userguide/service-quotas.html) // in the AWS App Mesh User Guide. // // * NotFoundException @@ -3010,7 +3012,7 @@ func (c *AppMesh) UpdateVirtualNodeRequest(input *UpdateVirtualNodeInput) (req * // // * LimitExceededException // You have exceeded a service limit for your account. For more information, -// see Service Limits (https://docs.aws.amazon.com/app-mesh/latest/userguide/service_limits.html) +// see Service Limits (https://docs.aws.amazon.com/app-mesh/latest/userguide/service-quotas.html) // in the AWS App Mesh User Guide. // // * NotFoundException @@ -3117,7 +3119,7 @@ func (c *AppMesh) UpdateVirtualRouterRequest(input *UpdateVirtualRouterInput) (r // // * LimitExceededException // You have exceeded a service limit for your account. For more information, -// see Service Limits (https://docs.aws.amazon.com/app-mesh/latest/userguide/service_limits.html) +// see Service Limits (https://docs.aws.amazon.com/app-mesh/latest/userguide/service-quotas.html) // in the AWS App Mesh User Guide. // // * NotFoundException @@ -3224,7 +3226,7 @@ func (c *AppMesh) UpdateVirtualServiceRequest(input *UpdateVirtualServiceInput) // // * LimitExceededException // You have exceeded a service limit for your account. For more information, -// see Service Limits (https://docs.aws.amazon.com/app-mesh/latest/userguide/service_limits.html) +// see Service Limits (https://docs.aws.amazon.com/app-mesh/latest/userguide/service-quotas.html) // in the AWS App Mesh User Guide. // // * NotFoundException @@ -6500,7 +6502,7 @@ func (s *InternalServerErrorException) RequestID() string { } // You have exceeded a service limit for your account. For more information, -// see Service Limits (https://docs.aws.amazon.com/app-mesh/latest/userguide/service_limits.html) +// see Service Limits (https://docs.aws.amazon.com/app-mesh/latest/userguide/service-quotas.html) // in the AWS App Mesh User Guide. type LimitExceededException struct { _ struct{} `type:"structure"` @@ -7308,7 +7310,7 @@ type ListenerTlsCertificate struct { // An object that represents a local file certificate. The certificate must // meet specific requirements and you must have proxy authorization enabled. - // For more information, see Transport Layer Security (TLS) (https://docs.aws.amazon.com/app-mesh/latest/userguide/virtual-node-tls.html#virtual-node-tls-prerequisites). + // For more information, see Transport Layer Security (TLS) (https://docs.aws.amazon.com/app-mesh/latest/userguide/tls.html#virtual-node-tls-prerequisites). File *ListenerTlsFileCertificate `locationName:"file" type:"structure"` } @@ -7356,7 +7358,7 @@ func (s *ListenerTlsCertificate) SetFile(v *ListenerTlsFileCertificate) *Listene // An object that represents a local file certificate. The certificate must // meet specific requirements and you must have proxy authorization enabled. -// For more information, see Transport Layer Security (TLS) (https://docs.aws.amazon.com/app-mesh/latest/userguide/virtual-node-tls.html#virtual-node-tls-prerequisites). +// For more information, see Transport Layer Security (TLS) (https://docs.aws.amazon.com/app-mesh/latest/userguide/tls.html#virtual-node-tls-prerequisites). type ListenerTlsFileCertificate struct { _ struct{} `type:"structure"` @@ -7566,6 +7568,12 @@ type MeshRef struct { // Arn is a required field Arn *string `locationName:"arn" type:"string" required:"true"` + // CreatedAt is a required field + CreatedAt *time.Time `locationName:"createdAt" type:"timestamp" required:"true"` + + // LastUpdatedAt is a required field + LastUpdatedAt *time.Time `locationName:"lastUpdatedAt" type:"timestamp" required:"true"` + // MeshName is a required field MeshName *string `locationName:"meshName" min:"1" type:"string" required:"true"` @@ -7574,6 +7582,9 @@ type MeshRef struct { // ResourceOwner is a required field ResourceOwner *string `locationName:"resourceOwner" min:"12" type:"string" required:"true"` + + // Version is a required field + Version *int64 `locationName:"version" type:"long" required:"true"` } // String returns the string representation @@ -7592,6 +7603,18 @@ func (s *MeshRef) SetArn(v string) *MeshRef { return s } +// SetCreatedAt sets the CreatedAt field's value. +func (s *MeshRef) SetCreatedAt(v time.Time) *MeshRef { + s.CreatedAt = &v + return s +} + +// SetLastUpdatedAt sets the LastUpdatedAt field's value. +func (s *MeshRef) SetLastUpdatedAt(v time.Time) *MeshRef { + s.LastUpdatedAt = &v + return s +} + // SetMeshName sets the MeshName field's value. func (s *MeshRef) SetMeshName(v string) *MeshRef { s.MeshName = &v @@ -7610,6 +7633,12 @@ func (s *MeshRef) SetResourceOwner(v string) *MeshRef { return s } +// SetVersion sets the Version field's value. +func (s *MeshRef) SetVersion(v int64) *MeshRef { + s.Version = &v + return s +} + // An object that represents the specification of a service mesh. type MeshSpec struct { _ struct{} `type:"structure"` @@ -7997,6 +8026,12 @@ type RouteRef struct { // Arn is a required field Arn *string `locationName:"arn" type:"string" required:"true"` + // CreatedAt is a required field + CreatedAt *time.Time `locationName:"createdAt" type:"timestamp" required:"true"` + + // LastUpdatedAt is a required field + LastUpdatedAt *time.Time `locationName:"lastUpdatedAt" type:"timestamp" required:"true"` + // MeshName is a required field MeshName *string `locationName:"meshName" min:"1" type:"string" required:"true"` @@ -8009,6 +8044,9 @@ type RouteRef struct { // RouteName is a required field RouteName *string `locationName:"routeName" min:"1" type:"string" required:"true"` + // Version is a required field + Version *int64 `locationName:"version" type:"long" required:"true"` + // VirtualRouterName is a required field VirtualRouterName *string `locationName:"virtualRouterName" min:"1" type:"string" required:"true"` } @@ -8029,6 +8067,18 @@ func (s *RouteRef) SetArn(v string) *RouteRef { return s } +// SetCreatedAt sets the CreatedAt field's value. +func (s *RouteRef) SetCreatedAt(v time.Time) *RouteRef { + s.CreatedAt = &v + return s +} + +// SetLastUpdatedAt sets the LastUpdatedAt field's value. +func (s *RouteRef) SetLastUpdatedAt(v time.Time) *RouteRef { + s.LastUpdatedAt = &v + return s +} + // SetMeshName sets the MeshName field's value. func (s *RouteRef) SetMeshName(v string) *RouteRef { s.MeshName = &v @@ -8053,6 +8103,12 @@ func (s *RouteRef) SetRouteName(v string) *RouteRef { return s } +// SetVersion sets the Version field's value. +func (s *RouteRef) SetVersion(v int64) *RouteRef { + s.Version = &v + return s +} + // SetVirtualRouterName sets the VirtualRouterName field's value. func (s *RouteRef) SetVirtualRouterName(v string) *RouteRef { s.VirtualRouterName = &v @@ -9504,6 +9560,12 @@ type VirtualNodeRef struct { // Arn is a required field Arn *string `locationName:"arn" type:"string" required:"true"` + // CreatedAt is a required field + CreatedAt *time.Time `locationName:"createdAt" type:"timestamp" required:"true"` + + // LastUpdatedAt is a required field + LastUpdatedAt *time.Time `locationName:"lastUpdatedAt" type:"timestamp" required:"true"` + // MeshName is a required field MeshName *string `locationName:"meshName" min:"1" type:"string" required:"true"` @@ -9513,6 +9575,9 @@ type VirtualNodeRef struct { // ResourceOwner is a required field ResourceOwner *string `locationName:"resourceOwner" min:"12" type:"string" required:"true"` + // Version is a required field + Version *int64 `locationName:"version" type:"long" required:"true"` + // VirtualNodeName is a required field VirtualNodeName *string `locationName:"virtualNodeName" min:"1" type:"string" required:"true"` } @@ -9533,6 +9598,18 @@ func (s *VirtualNodeRef) SetArn(v string) *VirtualNodeRef { return s } +// SetCreatedAt sets the CreatedAt field's value. +func (s *VirtualNodeRef) SetCreatedAt(v time.Time) *VirtualNodeRef { + s.CreatedAt = &v + return s +} + +// SetLastUpdatedAt sets the LastUpdatedAt field's value. +func (s *VirtualNodeRef) SetLastUpdatedAt(v time.Time) *VirtualNodeRef { + s.LastUpdatedAt = &v + return s +} + // SetMeshName sets the MeshName field's value. func (s *VirtualNodeRef) SetMeshName(v string) *VirtualNodeRef { s.MeshName = &v @@ -9551,6 +9628,12 @@ func (s *VirtualNodeRef) SetResourceOwner(v string) *VirtualNodeRef { return s } +// SetVersion sets the Version field's value. +func (s *VirtualNodeRef) SetVersion(v int64) *VirtualNodeRef { + s.Version = &v + return s +} + // SetVirtualNodeName sets the VirtualNodeName field's value. func (s *VirtualNodeRef) SetVirtualNodeName(v string) *VirtualNodeRef { s.VirtualNodeName = &v @@ -9842,6 +9925,12 @@ type VirtualRouterRef struct { // Arn is a required field Arn *string `locationName:"arn" type:"string" required:"true"` + // CreatedAt is a required field + CreatedAt *time.Time `locationName:"createdAt" type:"timestamp" required:"true"` + + // LastUpdatedAt is a required field + LastUpdatedAt *time.Time `locationName:"lastUpdatedAt" type:"timestamp" required:"true"` + // MeshName is a required field MeshName *string `locationName:"meshName" min:"1" type:"string" required:"true"` @@ -9851,6 +9940,9 @@ type VirtualRouterRef struct { // ResourceOwner is a required field ResourceOwner *string `locationName:"resourceOwner" min:"12" type:"string" required:"true"` + // Version is a required field + Version *int64 `locationName:"version" type:"long" required:"true"` + // VirtualRouterName is a required field VirtualRouterName *string `locationName:"virtualRouterName" min:"1" type:"string" required:"true"` } @@ -9871,6 +9963,18 @@ func (s *VirtualRouterRef) SetArn(v string) *VirtualRouterRef { return s } +// SetCreatedAt sets the CreatedAt field's value. +func (s *VirtualRouterRef) SetCreatedAt(v time.Time) *VirtualRouterRef { + s.CreatedAt = &v + return s +} + +// SetLastUpdatedAt sets the LastUpdatedAt field's value. +func (s *VirtualRouterRef) SetLastUpdatedAt(v time.Time) *VirtualRouterRef { + s.LastUpdatedAt = &v + return s +} + // SetMeshName sets the MeshName field's value. func (s *VirtualRouterRef) SetMeshName(v string) *VirtualRouterRef { s.MeshName = &v @@ -9889,6 +9993,12 @@ func (s *VirtualRouterRef) SetResourceOwner(v string) *VirtualRouterRef { return s } +// SetVersion sets the Version field's value. +func (s *VirtualRouterRef) SetVersion(v int64) *VirtualRouterRef { + s.Version = &v + return s +} + // SetVirtualRouterName sets the VirtualRouterName field's value. func (s *VirtualRouterRef) SetVirtualRouterName(v string) *VirtualRouterRef { s.VirtualRouterName = &v @@ -10182,6 +10292,12 @@ type VirtualServiceRef struct { // Arn is a required field Arn *string `locationName:"arn" type:"string" required:"true"` + // CreatedAt is a required field + CreatedAt *time.Time `locationName:"createdAt" type:"timestamp" required:"true"` + + // LastUpdatedAt is a required field + LastUpdatedAt *time.Time `locationName:"lastUpdatedAt" type:"timestamp" required:"true"` + // MeshName is a required field MeshName *string `locationName:"meshName" min:"1" type:"string" required:"true"` @@ -10191,6 +10307,9 @@ type VirtualServiceRef struct { // ResourceOwner is a required field ResourceOwner *string `locationName:"resourceOwner" min:"12" type:"string" required:"true"` + // Version is a required field + Version *int64 `locationName:"version" type:"long" required:"true"` + // VirtualServiceName is a required field VirtualServiceName *string `locationName:"virtualServiceName" type:"string" required:"true"` } @@ -10211,6 +10330,18 @@ func (s *VirtualServiceRef) SetArn(v string) *VirtualServiceRef { return s } +// SetCreatedAt sets the CreatedAt field's value. +func (s *VirtualServiceRef) SetCreatedAt(v time.Time) *VirtualServiceRef { + s.CreatedAt = &v + return s +} + +// SetLastUpdatedAt sets the LastUpdatedAt field's value. +func (s *VirtualServiceRef) SetLastUpdatedAt(v time.Time) *VirtualServiceRef { + s.LastUpdatedAt = &v + return s +} + // SetMeshName sets the MeshName field's value. func (s *VirtualServiceRef) SetMeshName(v string) *VirtualServiceRef { s.MeshName = &v @@ -10229,6 +10360,12 @@ func (s *VirtualServiceRef) SetResourceOwner(v string) *VirtualServiceRef { return s } +// SetVersion sets the Version field's value. +func (s *VirtualServiceRef) SetVersion(v int64) *VirtualServiceRef { + s.Version = &v + return s +} + // SetVirtualServiceName sets the VirtualServiceName field's value. func (s *VirtualServiceRef) SetVirtualServiceName(v string) *VirtualServiceRef { s.VirtualServiceName = &v diff --git a/vendor/github.com/aws/aws-sdk-go/service/appmesh/doc.go b/vendor/github.com/aws/aws-sdk-go/service/appmesh/doc.go index 09a02953834..66f3509f3e4 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/appmesh/doc.go +++ b/vendor/github.com/aws/aws-sdk-go/service/appmesh/doc.go @@ -14,7 +14,7 @@ // // App Mesh supports microservice applications that use service discovery naming // for their components. For more information about service discovery on Amazon -// ECS, see Service Discovery (http://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-discovery.html) +// ECS, see Service Discovery (https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-discovery.html) // in the Amazon Elastic Container Service Developer Guide. Kubernetes kube-dns // and coredns are supported. For more information, see DNS for Services and // Pods (https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/) diff --git a/vendor/github.com/aws/aws-sdk-go/service/appmesh/errors.go b/vendor/github.com/aws/aws-sdk-go/service/appmesh/errors.go index 9e60da8d1d0..96973b8dae2 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/appmesh/errors.go +++ b/vendor/github.com/aws/aws-sdk-go/service/appmesh/errors.go @@ -39,7 +39,7 @@ const ( // "LimitExceededException". // // You have exceeded a service limit for your account. For more information, - // see Service Limits (https://docs.aws.amazon.com/app-mesh/latest/userguide/service_limits.html) + // see Service Limits (https://docs.aws.amazon.com/app-mesh/latest/userguide/service-quotas.html) // in the AWS App Mesh User Guide. ErrCodeLimitExceededException = "LimitExceededException" diff --git a/vendor/github.com/aws/aws-sdk-go/service/backup/api.go b/vendor/github.com/aws/aws-sdk-go/service/backup/api.go index 8804a28f688..df947601a14 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/backup/api.go +++ b/vendor/github.com/aws/aws-sdk-go/service/backup/api.go @@ -1193,7 +1193,7 @@ func (c *Backup) DescribeProtectedResourceRequest(input *DescribeProtectedResour // DescribeProtectedResource API operation for AWS Backup. // // Returns information about a saved resource, including the last time it was -// backed-up, its Amazon Resource Name (ARN), and the AWS service type of the +// backed up, its Amazon Resource Name (ARN), and the AWS service type of the // saved resource. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -1329,6 +1329,89 @@ func (c *Backup) DescribeRecoveryPointWithContext(ctx aws.Context, input *Descri return out, req.Send() } +const opDescribeRegionSettings = "DescribeRegionSettings" + +// DescribeRegionSettingsRequest generates a "aws/request.Request" representing the +// client's request for the DescribeRegionSettings operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DescribeRegionSettings for more information on using the DescribeRegionSettings +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DescribeRegionSettingsRequest method. +// req, resp := client.DescribeRegionSettingsRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/backup-2018-11-15/DescribeRegionSettings +func (c *Backup) DescribeRegionSettingsRequest(input *DescribeRegionSettingsInput) (req *request.Request, output *DescribeRegionSettingsOutput) { + op := &request.Operation{ + Name: opDescribeRegionSettings, + HTTPMethod: "GET", + HTTPPath: "/account-settings", + } + + if input == nil { + input = &DescribeRegionSettingsInput{} + } + + output = &DescribeRegionSettingsOutput{} + req = c.newRequest(op, input, output) + return +} + +// DescribeRegionSettings API operation for AWS Backup. +// +// Returns the current service opt-in settings for the region. If the service +// has a value set to true, AWS Backup will attempt to protect that service's +// resources in this region, when included in an on-demand backup or scheduled +// backup plan. If the value is set to false for a service, AWS Backup will +// not attempt to protect that service's resources in this region. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Backup's +// API operation DescribeRegionSettings for usage and error information. +// +// Returned Error Types: +// * ServiceUnavailableException +// The request failed due to a temporary failure of the server. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/backup-2018-11-15/DescribeRegionSettings +func (c *Backup) DescribeRegionSettings(input *DescribeRegionSettingsInput) (*DescribeRegionSettingsOutput, error) { + req, out := c.DescribeRegionSettingsRequest(input) + return out, req.Send() +} + +// DescribeRegionSettingsWithContext is the same as DescribeRegionSettings with the addition of +// the ability to pass a context and additional request options. +// +// See DescribeRegionSettings for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *Backup) DescribeRegionSettingsWithContext(ctx aws.Context, input *DescribeRegionSettingsInput, opts ...request.Option) (*DescribeRegionSettingsOutput, error) { + req, out := c.DescribeRegionSettingsRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opDescribeRestoreJob = "DescribeRestoreJob" // DescribeRestoreJobRequest generates a "aws/request.Request" representing the @@ -3889,6 +3972,8 @@ func (c *Backup) ListTagsRequest(input *ListTagsInput) (req *request.Request, ou // Returns a list of key-value pairs assigned to a target recovery point, backup // plan, or backup vault. // +// ListTags are currently only supported with Amazon EFS backups. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -4915,6 +5000,97 @@ func (c *Backup) UpdateRecoveryPointLifecycleWithContext(ctx aws.Context, input return out, req.Send() } +const opUpdateRegionSettings = "UpdateRegionSettings" + +// UpdateRegionSettingsRequest generates a "aws/request.Request" representing the +// client's request for the UpdateRegionSettings operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See UpdateRegionSettings for more information on using the UpdateRegionSettings +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the UpdateRegionSettingsRequest method. +// req, resp := client.UpdateRegionSettingsRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/backup-2018-11-15/UpdateRegionSettings +func (c *Backup) UpdateRegionSettingsRequest(input *UpdateRegionSettingsInput) (req *request.Request, output *UpdateRegionSettingsOutput) { + op := &request.Operation{ + Name: opUpdateRegionSettings, + HTTPMethod: "PUT", + HTTPPath: "/account-settings", + } + + if input == nil { + input = &UpdateRegionSettingsInput{} + } + + output = &UpdateRegionSettingsOutput{} + req = c.newRequest(op, input, output) + req.Handlers.Unmarshal.Swap(restjson.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) + return +} + +// UpdateRegionSettings API operation for AWS Backup. +// +// Updates the current service opt-in settings for the region. If the service +// has a value set to true, AWS Backup will attempt to protect that service's +// resources in this region, when included in an on-demand backup or scheduled +// backup plan. If the value is set to false for a service, AWS Backup will +// not attempt to protect that service's resources in this region. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Backup's +// API operation UpdateRegionSettings for usage and error information. +// +// Returned Error Types: +// * ServiceUnavailableException +// The request failed due to a temporary failure of the server. +// +// * MissingParameterValueException +// Indicates that a required parameter is missing. +// +// * InvalidParameterValueException +// Indicates that something is wrong with a parameter's value. For example, +// the value is out of range. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/backup-2018-11-15/UpdateRegionSettings +func (c *Backup) UpdateRegionSettings(input *UpdateRegionSettingsInput) (*UpdateRegionSettingsOutput, error) { + req, out := c.UpdateRegionSettingsRequest(input) + return out, req.Send() +} + +// UpdateRegionSettingsWithContext is the same as UpdateRegionSettings with the addition of +// the ability to pass a context and additional request options. +// +// See UpdateRegionSettings for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *Backup) UpdateRegionSettingsWithContext(ctx aws.Context, input *UpdateRegionSettingsInput, opts ...request.Option) (*UpdateRegionSettingsOutput, error) { + req, out := c.UpdateRegionSettingsRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + // The required resource already exists. type AlreadyExistsException struct { _ struct{} `type:"structure"` @@ -5160,13 +5336,13 @@ type CopyJob struct { // The size, in bytes, of a copy job. BackupSizeInBytes *int64 `type:"long"` - // The date and time a job to create a copy job is completed, in Unix format - // and Coordinated Universal Time (UTC). The value of CompletionDate is accurate - // to milliseconds. For example, the value 1516925490.087 represents Friday, - // January 26, 2018 12:11:30.087 AM. + // The date and time a copy job is completed, in Unix format and Coordinated + // Universal Time (UTC). The value of CompletionDate is accurate to milliseconds. + // For example, the value 1516925490.087 represents Friday, January 26, 2018 + // 12:11:30.087 AM. CompletionDate *time.Time `type:"timestamp"` - // Uniquely identifies a request to AWS Backup to copy a resource. + // Uniquely identifies a copy job. CopyJobId *string `type:"string"` // Contains information about the backup plan and rule that AWS Backup used @@ -5191,9 +5367,9 @@ type CopyJob struct { // arn:aws:iam::123456789012:role/S3Access. IamRoleArn *string `type:"string"` - // The type of AWS resource to be copied; for example, an Amazon Elastic Block - // Store (Amazon EBS) volume or an Amazon Relational Database Service (Amazon - // RDS) database. + // The AWS resource to be copied; for example, an Amazon Elastic Block Store + // (Amazon EBS) volume or an Amazon Relational Database Service (Amazon RDS) + // database. ResourceArn *string `type:"string"` // The type of AWS resource to be copied; for example, an Amazon Elastic Block @@ -5208,10 +5384,10 @@ type CopyJob struct { // An ARN that uniquely identifies a source recovery point; for example, arn:aws:backup:us-east-1:123456789012:recovery-point:1EB3B5E7-9EB0-435A-A80B-108B488B0D45. SourceRecoveryPointArn *string `type:"string"` - // The current state of a resource recovery point. + // The current state of a copy job. State *string `type:"string" enum:"CopyJobState"` - // A detailed message explaining the status of the job that to copy a resource. + // A detailed message explaining the status of the job to copy a resource. StatusMessage *string `type:"string"` } @@ -5393,7 +5569,7 @@ type CreateBackupPlanOutput struct { CreationDate *time.Time `type:"timestamp"` // Unique, randomly generated, Unicode, UTF-8 encoded strings that are at most - // 1024 bytes long. They cannot be edited. + // 1,024 bytes long. They cannot be edited. VersionId *string `type:"string"` } @@ -5902,7 +6078,7 @@ type DeleteBackupVaultInput struct { // The name of a logical container where backups are stored. Backup vaults are // identified by names that are unique to the account used to create them and - // theAWS Region where they are created. They consist of lowercase letters, + // the AWS Region where they are created. They consist of lowercase letters, // numbers, and hyphens. // // BackupVaultName is a required field @@ -6254,7 +6430,7 @@ type DescribeBackupJobOutput struct { // on the resource type. ResourceArn *string `type:"string"` - // The type of AWS resource to be backed-up; for example, an Amazon Elastic + // The type of AWS resource to be backed up; for example, an Amazon Elastic // Block Store (Amazon EBS) volume or an Amazon Relational Database Service // (Amazon RDS) database. ResourceType *string `type:"string"` @@ -6511,7 +6687,7 @@ func (s *DescribeBackupVaultOutput) SetNumberOfRecoveryPoints(v int64) *Describe type DescribeCopyJobInput struct { _ struct{} `type:"structure"` - // Uniquely identifies a request to AWS Backup to copy a resource. + // Uniquely identifies a copy job. // // CopyJobId is a required field CopyJobId *string `location:"uri" locationName:"copyJobId" type:"string" required:"true"` @@ -6922,6 +7098,43 @@ func (s *DescribeRecoveryPointOutput) SetStorageClass(v string) *DescribeRecover return s } +type DescribeRegionSettingsInput struct { + _ struct{} `type:"structure"` +} + +// String returns the string representation +func (s DescribeRegionSettingsInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeRegionSettingsInput) GoString() string { + return s.String() +} + +type DescribeRegionSettingsOutput struct { + _ struct{} `type:"structure"` + + // Returns a list of all services along with the opt-in preferences in the region. + ResourceTypeOptInPreference map[string]*bool `type:"map"` +} + +// String returns the string representation +func (s DescribeRegionSettingsOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeRegionSettingsOutput) GoString() string { + return s.String() +} + +// SetResourceTypeOptInPreference sets the ResourceTypeOptInPreference field's value. +func (s *DescribeRegionSettingsOutput) SetResourceTypeOptInPreference(v map[string]*bool) *DescribeRegionSettingsOutput { + s.ResourceTypeOptInPreference = v + return s +} + type DescribeRestoreJobInput struct { _ struct{} `type:"structure"` @@ -8085,7 +8298,7 @@ type Job struct { // on the resource type. ResourceArn *string `type:"string"` - // The type of AWS resource to be backed-up; for example, an Amazon Elastic + // The type of AWS resource to be backed up; for example, an Amazon Elastic // Block Store (Amazon EBS) volume or an Amazon Relational Database Service // (Amazon RDS) database. ResourceType *string `type:"string"` @@ -8958,8 +9171,6 @@ type ListCopyJobsInput struct { // Returns only backup jobs for the specified resources: // - // * DynamoDB for Amazon DynamoDB - // // * EBS for Amazon Elastic Block Store // // * EFS for Amazon Elastic File System @@ -10632,7 +10843,7 @@ type Rule struct { _ struct{} `type:"structure"` // A value in minutes after a backup job is successfully started before it must - // be completed or it is canceled by AWS Backup. This value is optional. + // be completed or it will be canceled by AWS Backup. This value is optional. CompletionWindowMinutes *int64 `type:"long"` // An array of CopyAction objects, which contains the details of the copy operation. @@ -10665,8 +10876,8 @@ type Rule struct { // A CRON expression specifying when AWS Backup initiates a backup job. ScheduleExpression *string `type:"string"` - // An optional value that specifies a period of time in minutes after a backup - // is scheduled before a job is canceled if it doesn't start successfully. + // A value in minutes after a backup is scheduled before a job will be canceled + // if it doesn't start successfully. This value is optional. StartWindowMinutes *int64 `type:"long"` // The name of a logical container where backups are stored. Backup vaults are @@ -10746,8 +10957,8 @@ func (s *Rule) SetTargetBackupVaultName(v string) *Rule { type RuleInput struct { _ struct{} `type:"structure"` - // The amount of time AWS Backup attempts a backup before canceling the job - // and returning an error. + // A value in minutes after a backup job is successfully started before it must + // be completed or it will be canceled by AWS Backup. This value is optional. CompletionWindowMinutes *int64 `type:"long"` // An array of CopyAction objects, which contains the details of the copy operation. @@ -10759,16 +10970,16 @@ type RuleInput struct { // // Backups transitioned to cold storage must be stored in cold storage for a // minimum of 90 days. Therefore, the “expire after days” setting must be - // 90 days greater than the “transition to cold after days”. The “transition - // to cold after days” setting cannot be changed after a backup has been transitioned - // to cold. + // 90 days greater than the “transition to cold after days” setting. The + // “transition to cold after days” setting cannot be changed after a backup + // has been transitioned to cold. Lifecycle *Lifecycle `type:"structure"` // To help organize your resources, you can assign your own metadata to the // resources that you create. Each tag is a key-value pair. RecoveryPointTags map[string]*string `type:"map" sensitive:"true"` - // >An optional display name for a backup rule. + // An optional display name for a backup rule. // // RuleName is a required field RuleName *string `type:"string" required:"true"` @@ -10776,7 +10987,8 @@ type RuleInput struct { // A CRON expression specifying when AWS Backup initiates a backup job. ScheduleExpression *string `type:"string"` - // The amount of time in minutes before beginning a backup. + // A value in minutes after a backup is scheduled before a job will be canceled + // if it doesn't start successfully. This value is optional. StartWindowMinutes *int64 `type:"long"` // The name of a logical container where backups are stored. Backup vaults are @@ -11104,8 +11316,8 @@ type StartBackupJobInput struct { // BackupVaultName is a required field BackupVaultName *string `type:"string" required:"true"` - // The amount of time AWS Backup attempts a backup before canceling the job - // and returning an error. + // A value in minutes after a backup job is successfully started before it must + // be completed or it will be canceled by AWS Backup. This value is optional. CompleteWindowMinutes *int64 `type:"long"` // Specifies the IAM role ARN used to create the target recovery point; for @@ -11139,7 +11351,8 @@ type StartBackupJobInput struct { // ResourceArn is a required field ResourceArn *string `type:"string" required:"true"` - // The amount of time in minutes before beginning a backup. + // A value in minutes after a backup is scheduled before a job will be canceled + // if it doesn't start successfully. This value is optional. StartWindowMinutes *int64 `type:"long"` } @@ -11302,7 +11515,7 @@ type StartCopyJobInput struct { // The name of a logical source container where backups are stored. Backup vaults // are identified by names that are unique to the account used to create them // and the AWS Region where they are created. They consist of lowercase letters, - // numbers, and hyphens. > + // numbers, and hyphens. // // SourceBackupVaultName is a required field SourceBackupVaultName *string `type:"string" required:"true"` @@ -11379,13 +11592,13 @@ func (s *StartCopyJobInput) SetSourceBackupVaultName(v string) *StartCopyJobInpu type StartCopyJobOutput struct { _ struct{} `type:"structure"` - // Uniquely identifies a request to AWS Backup to copy a resource. + // Uniquely identifies a copy job. CopyJobId *string `type:"string"` - // The date and time that a backup job is started, in Unix format and Coordinated + // The date and time that a copy job is started, in Unix format and Coordinated // Universal Time (UTC). The value of CreationDate is accurate to milliseconds. // For example, the value 1516925490.087 represents Friday, January 26, 2018 - // 12:11:30.087 AM. > + // 12:11:30.087 AM. CreationDate *time.Time `type:"timestamp"` } @@ -11427,11 +11640,11 @@ type StartRestoreJobInput struct { // A set of metadata key-value pairs. Contains information, such as a resource // name, required to restore a recovery point. // - // You can get configuration metadata about a resource at the time it was backed-up - // by calling GetRecoveryPointRestoreMetadata. However, values in addition to - // those provided by GetRecoveryPointRestoreMetadata might be required to restore - // a resource. For example, you might need to provide a new resource name if - // the original already exists. + // You can get configuration metadata about a resource at the time it was backed + // up by calling GetRecoveryPointRestoreMetadata. However, values in addition + // to those provided by GetRecoveryPointRestoreMetadata might be required to + // restore a resource. For example, you might need to provide a new resource + // name if the original already exists. // // You need to specify specific metadata to restore an Amazon Elastic File System // (Amazon EFS) instance: @@ -12008,6 +12221,43 @@ func (s *UpdateRecoveryPointLifecycleOutput) SetRecoveryPointArn(v string) *Upda return s } +type UpdateRegionSettingsInput struct { + _ struct{} `type:"structure"` + + // Updates the list of services along with the opt-in preferences for the region. + ResourceTypeOptInPreference map[string]*bool `type:"map"` +} + +// String returns the string representation +func (s UpdateRegionSettingsInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s UpdateRegionSettingsInput) GoString() string { + return s.String() +} + +// SetResourceTypeOptInPreference sets the ResourceTypeOptInPreference field's value. +func (s *UpdateRegionSettingsInput) SetResourceTypeOptInPreference(v map[string]*bool) *UpdateRegionSettingsInput { + s.ResourceTypeOptInPreference = v + return s +} + +type UpdateRegionSettingsOutput struct { + _ struct{} `type:"structure"` +} + +// String returns the string representation +func (s UpdateRegionSettingsOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s UpdateRegionSettingsOutput) GoString() string { + return s.String() +} + // Contains metadata about a backup vault. type VaultListMember struct { _ struct{} `type:"structure"` diff --git a/vendor/github.com/aws/aws-sdk-go/service/codedeploy/api.go b/vendor/github.com/aws/aws-sdk-go/service/codedeploy/api.go index 33832844aa3..13b9566952d 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/codedeploy/api.go +++ b/vendor/github.com/aws/aws-sdk-go/service/codedeploy/api.go @@ -252,7 +252,7 @@ func (c *CodeDeploy) BatchGetApplicationsRequest(input *BatchGetApplicationsInpu // BatchGetApplications API operation for AWS CodeDeploy. // // Gets information about one or more applications. The maximum number of applications -// that can be returned is 25. +// that can be returned is 100. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -477,7 +477,8 @@ func (c *CodeDeploy) BatchGetDeploymentInstancesRequest(input *BatchGetDeploymen // The maximum number of names or IDs allowed for this request (100) was exceeded. // // * InvalidComputePlatformException -// The computePlatform is invalid. The computePlatform should be Lambda or Server. +// The computePlatform is invalid. The computePlatform should be Lambda, Server, +// or ECS. // // See also, https://docs.aws.amazon.com/goto/WebAPI/codedeploy-2014-10-06/BatchGetDeploymentInstances // @@ -554,7 +555,8 @@ func (c *CodeDeploy) BatchGetDeploymentTargetsRequest(input *BatchGetDeploymentT // BatchGetDeploymentInstances. The maximum number of targets that can be returned // is 25. // -// The type of targets returned depends on the deployment's compute platform: +// The type of targets returned depends on the deployment's compute platform +// or deployment method: // // * EC2/On-premises: Information about EC2 instance targets. // @@ -562,6 +564,9 @@ func (c *CodeDeploy) BatchGetDeploymentTargetsRequest(input *BatchGetDeploymentT // // * Amazon ECS: Information about Amazon ECS service targets. // +// * CloudFormation: Information about targets of blue/green deployments +// initiated by a CloudFormation stack update. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -597,6 +602,9 @@ func (c *CodeDeploy) BatchGetDeploymentTargetsRequest(input *BatchGetDeploymentT // must have exactly one item. This exception does not apply to EC2/On-premises // deployments. // +// * InstanceDoesNotExistException +// The specified instance does not exist in the deployment group. +// // See also, https://docs.aws.amazon.com/goto/WebAPI/codedeploy-2014-10-06/BatchGetDeploymentTargets func (c *CodeDeploy) BatchGetDeploymentTargets(input *BatchGetDeploymentTargetsInput) (*BatchGetDeploymentTargetsOutput, error) { req, out := c.BatchGetDeploymentTargetsRequest(input) @@ -965,7 +973,8 @@ func (c *CodeDeploy) CreateApplicationRequest(input *CreateApplicationInput) (re // More applications were attempted to be created than are allowed. // // * InvalidComputePlatformException -// The computePlatform is invalid. The computePlatform should be Lambda or Server. +// The computePlatform is invalid. The computePlatform should be Lambda, Server, +// or ECS. // // * InvalidTagsToAddException // The specified tags are not valid. @@ -1133,6 +1142,10 @@ func (c *CodeDeploy) CreateDeploymentRequest(input *CreateDeploymentInput) (req // * InvalidGitHubAccountTokenException // The GitHub token is not valid. // +// * InvalidTrafficRoutingConfigurationException +// The configuration that specifies how traffic is routed during a deployment +// is invalid. +// // See also, https://docs.aws.amazon.com/goto/WebAPI/codedeploy-2014-10-06/CreateDeployment func (c *CodeDeploy) CreateDeployment(input *CreateDeploymentInput) (*CreateDeploymentOutput, error) { req, out := c.CreateDeploymentRequest(input) @@ -1217,7 +1230,7 @@ func (c *CodeDeploy) CreateDeploymentConfigRequest(input *CreateDeploymentConfig // // * DeploymentConfigAlreadyExistsException // A deployment configuration with the specified name with the IAM user or AWS -// account already exists . +// account already exists. // // * InvalidMinimumHealthyHostValueException // The minimum healthy instance value was specified in an invalid format. @@ -1226,7 +1239,8 @@ func (c *CodeDeploy) CreateDeploymentConfigRequest(input *CreateDeploymentConfig // The deployment configurations limit was exceeded. // // * InvalidComputePlatformException -// The computePlatform is invalid. The computePlatform should be Lambda or Server. +// The computePlatform is invalid. The computePlatform should be Lambda, Server, +// or ECS. // // * InvalidTrafficRoutingConfigurationException // The configuration that specifies how traffic is routed during a deployment @@ -1427,6 +1441,10 @@ func (c *CodeDeploy) CreateDeploymentGroupRequest(input *CreateDeploymentGroupIn // * InvalidTagsToAddException // The specified tags are not valid. // +// * InvalidTrafficRoutingConfigurationException +// The configuration that specifies how traffic is routed during a deployment +// is invalid. +// // See also, https://docs.aws.amazon.com/goto/WebAPI/codedeploy-2014-10-06/CreateDeploymentGroup func (c *CodeDeploy) CreateDeploymentGroup(input *CreateDeploymentGroupInput) (*CreateDeploymentGroupOutput, error) { req, out := c.CreateDeploymentGroupRequest(input) @@ -1813,6 +1831,81 @@ func (c *CodeDeploy) DeleteGitHubAccountTokenWithContext(ctx aws.Context, input return out, req.Send() } +const opDeleteResourcesByExternalId = "DeleteResourcesByExternalId" + +// DeleteResourcesByExternalIdRequest generates a "aws/request.Request" representing the +// client's request for the DeleteResourcesByExternalId operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DeleteResourcesByExternalId for more information on using the DeleteResourcesByExternalId +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DeleteResourcesByExternalIdRequest method. +// req, resp := client.DeleteResourcesByExternalIdRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/codedeploy-2014-10-06/DeleteResourcesByExternalId +func (c *CodeDeploy) DeleteResourcesByExternalIdRequest(input *DeleteResourcesByExternalIdInput) (req *request.Request, output *DeleteResourcesByExternalIdOutput) { + op := &request.Operation{ + Name: opDeleteResourcesByExternalId, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &DeleteResourcesByExternalIdInput{} + } + + output = &DeleteResourcesByExternalIdOutput{} + req = c.newRequest(op, input, output) + req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) + return +} + +// DeleteResourcesByExternalId API operation for AWS CodeDeploy. +// +// Deletes resources linked to an external ID. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS CodeDeploy's +// API operation DeleteResourcesByExternalId for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/codedeploy-2014-10-06/DeleteResourcesByExternalId +func (c *CodeDeploy) DeleteResourcesByExternalId(input *DeleteResourcesByExternalIdInput) (*DeleteResourcesByExternalIdOutput, error) { + req, out := c.DeleteResourcesByExternalIdRequest(input) + return out, req.Send() +} + +// DeleteResourcesByExternalIdWithContext is the same as DeleteResourcesByExternalId with the addition of +// the ability to pass a context and additional request options. +// +// See DeleteResourcesByExternalId for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *CodeDeploy) DeleteResourcesByExternalIdWithContext(ctx aws.Context, input *DeleteResourcesByExternalIdInput, opts ...request.Option) (*DeleteResourcesByExternalIdOutput, error) { + req, out := c.DeleteResourcesByExternalIdRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opDeregisterOnPremisesInstance = "DeregisterOnPremisesInstance" // DeregisterOnPremisesInstanceRequest generates a "aws/request.Request" representing the @@ -2229,7 +2322,8 @@ func (c *CodeDeploy) GetDeploymentConfigRequest(input *GetDeploymentConfigInput) // The deployment configuration does not exist with the IAM user or AWS account. // // * InvalidComputePlatformException -// The computePlatform is invalid. The computePlatform should be Lambda or Server. +// The computePlatform is invalid. The computePlatform should be Lambda, Server, +// or ECS. // // See also, https://docs.aws.amazon.com/goto/WebAPI/codedeploy-2014-10-06/GetDeploymentConfig func (c *CodeDeploy) GetDeploymentConfig(input *GetDeploymentConfigInput) (*GetDeploymentConfigOutput, error) { @@ -2428,7 +2522,8 @@ func (c *CodeDeploy) GetDeploymentInstanceRequest(input *GetDeploymentInstanceIn // The on-premises instance name was specified in an invalid format. // // * InvalidComputePlatformException -// The computePlatform is invalid. The computePlatform should be Lambda or Server. +// The computePlatform is invalid. The computePlatform should be Lambda, Server, +// or ECS. // // See also, https://docs.aws.amazon.com/goto/WebAPI/codedeploy-2014-10-06/GetDeploymentInstance // @@ -3328,7 +3423,8 @@ func (c *CodeDeploy) ListDeploymentInstancesRequest(input *ListDeploymentInstanc // The target filter name is invalid. // // * InvalidComputePlatformException -// The computePlatform is invalid. The computePlatform should be Lambda or Server. +// The computePlatform is invalid. The computePlatform should be Lambda, Server, +// or ECS. // // See also, https://docs.aws.amazon.com/goto/WebAPI/codedeploy-2014-10-06/ListDeploymentInstances // @@ -3603,6 +3699,12 @@ func (c *CodeDeploy) ListDeploymentsRequest(input *ListDeploymentsInput) (req *r // * InvalidNextTokenException // The next token was specified in an invalid format. // +// * InvalidExternalIdException +// The external ID was specified in an invalid format. +// +// * InvalidInputException +// The input was specified in an invalid format. +// // See also, https://docs.aws.amazon.com/goto/WebAPI/codedeploy-2014-10-06/ListDeployments func (c *CodeDeploy) ListDeployments(input *ListDeploymentsInput) (*ListDeploymentsOutput, error) { req, out := c.ListDeploymentsRequest(input) @@ -3895,8 +3997,9 @@ func (c *CodeDeploy) ListTagsForResourceRequest(input *ListTagsForResourceInput) // ListTagsForResource API operation for AWS CodeDeploy. // -// Returns a list of tags for the resource identified by a specified ARN. Tags -// are used to organize and categorize your CodeDeploy resources. +// Returns a list of tags for the resource identified by a specified Amazon +// Resource Name (ARN). Tags are used to organize and categorize your CodeDeploy +// resources. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -3982,9 +4085,15 @@ func (c *CodeDeploy) PutLifecycleEventHookExecutionStatusRequest(input *PutLifec // PutLifecycleEventHookExecutionStatus API operation for AWS CodeDeploy. // -// Sets the result of a Lambda validation function. The function validates one -// or both lifecycle events (BeforeAllowTraffic and AfterAllowTraffic) and returns -// Succeeded or Failed. +// Sets the result of a Lambda validation function. The function validates lifecycle +// hooks during a deployment that uses the AWS Lambda or Amazon ECS compute +// platform. For AWS Lambda deployments, the available lifecycle hooks are BeforeAllowTraffic +// and AfterAllowTraffic. For Amazon ECS deployments, the available lifecycle +// hooks are BeforeInstall, AfterInstall, AfterAllowTestTraffic, BeforeAllowTraffic, +// and AfterAllowTraffic. Lambda validation functions return Succeeded or Failed. +// For more information, see AppSpec 'hooks' Section for an AWS Lambda Deployment +// (https://docs.aws.amazon.com/codedeploy/latest/userguide/reference-appspec-file-structure-hooks.html#appspec-hooks-lambda) +// and AppSpec 'hooks' Section for an Amazon ECS Deployment (https://docs.aws.amazon.com/codedeploy/latest/userguide/reference-appspec-file-structure-hooks.html#appspec-hooks-ecs). // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -4520,6 +4629,9 @@ func (c *CodeDeploy) StopDeploymentRequest(input *StopDeploymentInput) (req *req // * InvalidDeploymentIdException // At least one of the deployment IDs was specified in an invalid format. // +// * UnsupportedActionForDeploymentTypeException +// A call was submitted that is not supported for the specified deployment type. +// // See also, https://docs.aws.amazon.com/goto/WebAPI/codedeploy-2014-10-06/StopDeployment func (c *CodeDeploy) StopDeployment(input *StopDeploymentInput) (*StopDeploymentOutput, error) { req, out := c.StopDeploymentRequest(input) @@ -4691,7 +4803,7 @@ func (c *CodeDeploy) UntagResourceRequest(input *UntagResourceInput) (req *reque // UntagResource API operation for AWS CodeDeploy. // // Disassociates a resource from a list of tags. The resource is identified -// by the ResourceArn input parameter. The tags are identfied by the list of +// by the ResourceArn input parameter. The tags are identified by the list of // keys in the TagKeys input parameter. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -5006,6 +5118,10 @@ func (c *CodeDeploy) UpdateDeploymentGroupRequest(input *UpdateDeploymentGroupIn // The Amazon ECS service is associated with more than one deployment groups. // An Amazon ECS service can be associated with only one deployment group. // +// * InvalidTrafficRoutingConfigurationException +// The configuration that specifies how traffic is routed during a deployment +// is invalid. +// // See also, https://docs.aws.amazon.com/goto/WebAPI/codedeploy-2014-10-06/UpdateDeploymentGroup func (c *CodeDeploy) UpdateDeploymentGroup(input *UpdateDeploymentGroupInput) (*UpdateDeploymentGroupOutput, error) { req, out := c.UpdateDeploymentGroupRequest(input) @@ -5803,7 +5919,7 @@ type BatchGetApplicationsInput struct { _ struct{} `type:"structure"` // A list of application names separated by spaces. The maximum number of application - // names you can specify is 25. + // names you can specify is 100. // // ApplicationNames is a required field ApplicationNames []*string `locationName:"applicationNames" type:"list" required:"true"` @@ -6058,6 +6174,9 @@ type BatchGetDeploymentTargetsInput struct { // * For deployments that use the Amazon ECS compute platform, the target // IDs are pairs of Amazon ECS clusters and services specified using the // format :. Their target type is ecsTarget. + // + // * For deployments that are deployed with AWS CloudFormation, the target + // IDs are CloudFormation stack IDs. Their target type is cloudFormationTarget. TargetIds []*string `locationName:"targetIds" type:"list"` } @@ -6096,6 +6215,9 @@ type BatchGetDeploymentTargetsOutput struct { // function. // // * Amazon ECS: The target object is an Amazon ECS service. + // + // * CloudFormation: The target object is an AWS CloudFormation blue/green + // deployment. DeploymentTargets []*DeploymentTarget `locationName:"deploymentTargets" type:"list"` } @@ -6448,6 +6570,89 @@ func (s *BucketNameFilterRequiredException) RequestID() string { return s.RespMetadata.RequestID } +// Information about the target to be updated by an AWS CloudFormation blue/green +// deployment. This target type is used for all deployments initiated by a CloudFormation +// stack update. +type CloudFormationTarget struct { + _ struct{} `type:"structure"` + + // The unique ID of an AWS CloudFormation blue/green deployment. + DeploymentId *string `locationName:"deploymentId" type:"string"` + + // The date and time when the target application was updated by an AWS CloudFormation + // blue/green deployment. + LastUpdatedAt *time.Time `locationName:"lastUpdatedAt" type:"timestamp"` + + // The lifecycle events of the AWS CloudFormation blue/green deployment to this + // target application. + LifecycleEvents []*LifecycleEvent `locationName:"lifecycleEvents" type:"list"` + + // The resource type for the AWS CloudFormation blue/green deployment. + ResourceType *string `locationName:"resourceType" type:"string"` + + // The status of an AWS CloudFormation blue/green deployment's target application. + Status *string `locationName:"status" type:"string" enum:"TargetStatus"` + + // The unique ID of a deployment target that has a type of CloudFormationTarget. + TargetId *string `locationName:"targetId" type:"string"` + + // The percentage of production traffic that the target version of an AWS CloudFormation + // blue/green deployment receives. + TargetVersionWeight *float64 `locationName:"targetVersionWeight" type:"double"` +} + +// String returns the string representation +func (s CloudFormationTarget) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s CloudFormationTarget) GoString() string { + return s.String() +} + +// SetDeploymentId sets the DeploymentId field's value. +func (s *CloudFormationTarget) SetDeploymentId(v string) *CloudFormationTarget { + s.DeploymentId = &v + return s +} + +// SetLastUpdatedAt sets the LastUpdatedAt field's value. +func (s *CloudFormationTarget) SetLastUpdatedAt(v time.Time) *CloudFormationTarget { + s.LastUpdatedAt = &v + return s +} + +// SetLifecycleEvents sets the LifecycleEvents field's value. +func (s *CloudFormationTarget) SetLifecycleEvents(v []*LifecycleEvent) *CloudFormationTarget { + s.LifecycleEvents = v + return s +} + +// SetResourceType sets the ResourceType field's value. +func (s *CloudFormationTarget) SetResourceType(v string) *CloudFormationTarget { + s.ResourceType = &v + return s +} + +// SetStatus sets the Status field's value. +func (s *CloudFormationTarget) SetStatus(v string) *CloudFormationTarget { + s.Status = &v + return s +} + +// SetTargetId sets the TargetId field's value. +func (s *CloudFormationTarget) SetTargetId(v string) *CloudFormationTarget { + s.TargetId = &v + return s +} + +// SetTargetVersionWeight sets the TargetVersionWeight field's value. +func (s *CloudFormationTarget) SetTargetVersionWeight(v float64) *CloudFormationTarget { + s.TargetVersionWeight = &v + return s +} + type ContinueDeploymentInput struct { _ struct{} `type:"structure"` @@ -6455,9 +6660,9 @@ type ContinueDeploymentInput struct { // traffic to the replacement environment. DeploymentId *string `locationName:"deploymentId" type:"string"` - // The status of the deployment's waiting period. READY_WAIT indicates the deployment - // is ready to start shifting traffic. TERMINATION_WAIT indicates the traffic - // is shifted, but the original target is not terminated. + // The status of the deployment's waiting period. READY_WAIT indicates that + // the deployment is ready to start shifting traffic. TERMINATION_WAIT indicates + // that the traffic is shifted, but the original target is not terminated. DeploymentWaitType *string `locationName:"deploymentWaitType" type:"string" enum:"DeploymentWaitType"` } @@ -6608,7 +6813,7 @@ type CreateDeploymentConfigInput struct { // * FLEET_PERCENT: The value parameter represents the minimum number of // healthy instances as a percentage of the total number of instances in // the deployment. If you specify FLEET_PERCENT, at the start of the deployment, - // AWS CodeDeploy converts the percentage to the equivalent number of instance + // AWS CodeDeploy converts the percentage to the equivalent number of instances // and rounds up fractional instances. // // The value parameter takes an integer. @@ -6729,7 +6934,7 @@ type CreateDeploymentGroupInput struct { // group. // // For more information about the predefined deployment configurations in AWS - // CodeDeploy, see Working with Deployment Groups in AWS CodeDeploy (https://docs.aws.amazon.com/codedeploy/latest/userguide/deployment-configurations.html) + // CodeDeploy, see Working with Deployment Configurations in CodeDeploy (https://docs.aws.amazon.com/codedeploy/latest/userguide/deployment-configurations.html) // in the AWS CodeDeploy User Guide. DeploymentConfigName *string `locationName:"deploymentConfigName" min:"1" type:"string"` @@ -6771,8 +6976,8 @@ type CreateDeploymentGroupInput struct { // Cannot be used in the same call as onPremisesInstanceTagFilters. OnPremisesTagSet *OnPremisesTagSet `locationName:"onPremisesTagSet" type:"structure"` - // A service role ARN that allows AWS CodeDeploy to act on the user's behalf - // when interacting with AWS services. + // A service role Amazon Resource Name (ARN) that allows AWS CodeDeploy to act + // on the user's behalf when interacting with AWS services. // // ServiceRoleArn is a required field ServiceRoleArn *string `locationName:"serviceRoleArn" type:"string" required:"true"` @@ -7400,6 +7605,44 @@ func (s *DeleteGitHubAccountTokenOutput) SetTokenName(v string) *DeleteGitHubAcc return s } +type DeleteResourcesByExternalIdInput struct { + _ struct{} `type:"structure"` + + // The unique ID of an external resource (for example, a CloudFormation stack + // ID) that is linked to one or more CodeDeploy resources. + ExternalId *string `locationName:"externalId" type:"string"` +} + +// String returns the string representation +func (s DeleteResourcesByExternalIdInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DeleteResourcesByExternalIdInput) GoString() string { + return s.String() +} + +// SetExternalId sets the ExternalId field's value. +func (s *DeleteResourcesByExternalIdInput) SetExternalId(v string) *DeleteResourcesByExternalIdInput { + s.ExternalId = &v + return s +} + +type DeleteResourcesByExternalIdOutput struct { + _ struct{} `type:"structure"` +} + +// String returns the string representation +func (s DeleteResourcesByExternalIdOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DeleteResourcesByExternalIdOutput) GoString() string { + return s.String() +} + // The deployment is already complete. type DeploymentAlreadyCompletedException struct { _ struct{} `type:"structure"` @@ -7457,7 +7700,7 @@ func (s *DeploymentAlreadyCompletedException) RequestID() string { } // A deployment configuration with the specified name with the IAM user or AWS -// account already exists . +// account already exists. type DeploymentConfigAlreadyExistsException struct { _ struct{} `type:"structure"` RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` @@ -7644,8 +7887,8 @@ type DeploymentConfigInfo struct { // Information about the number or percentage of minimum healthy instance. MinimumHealthyHosts *MinimumHealthyHosts `locationName:"minimumHealthyHosts" type:"structure"` - // The configuration that specifies how the deployment traffic is routed. Only - // deployments with a Lambda compute platform can specify this. + // The configuration that specifies how the deployment traffic is routed. Used + // for deployments with a Lambda or ECS compute platform only. TrafficRoutingConfig *TrafficRoutingConfig `locationName:"trafficRoutingConfig" type:"structure"` } @@ -8426,6 +8669,10 @@ type DeploymentInfo struct { // Information about any error associated with this deployment. ErrorInformation *ErrorInformation `locationName:"errorInformation" type:"structure"` + // The unique ID for an external resource (for example, a CloudFormation stack + // ID) that is linked to this deployment. + ExternalId *string `locationName:"externalId" type:"string"` + // Information about how AWS CodeDeploy handles files that already exist in // a deployment target location but weren't part of the previous successful // deployment. @@ -8611,6 +8858,12 @@ func (s *DeploymentInfo) SetErrorInformation(v *ErrorInformation) *DeploymentInf return s } +// SetExternalId sets the ExternalId field's value. +func (s *DeploymentInfo) SetExternalId(v string) *DeploymentInfo { + s.ExternalId = &v + return s +} + // SetFileExistsBehavior sets the FileExistsBehavior field's value. func (s *DeploymentInfo) SetFileExistsBehavior(v string) *DeploymentInfo { s.FileExistsBehavior = &v @@ -8936,7 +9189,7 @@ type DeploymentReadyOption struct { // The number of minutes to wait before the status of a blue/green deployment // is changed to Stopped if rerouting is not started manually. Applies only - // to the STOP_DEPLOYMENT option for actionOnTimeout + // to the STOP_DEPLOYMENT option for actionOnTimeout. WaitTimeInMinutes *int64 `locationName:"waitTimeInMinutes" type:"integer"` } @@ -9000,7 +9253,13 @@ func (s *DeploymentStyle) SetDeploymentType(v string) *DeploymentStyle { type DeploymentTarget struct { _ struct{} `type:"structure"` - // The deployment type that is specific to the deployment's compute platform. + // Information about the target to be updated by an AWS CloudFormation blue/green + // deployment. This target type is used for all deployments initiated by a CloudFormation + // stack update. + CloudFormationTarget *CloudFormationTarget `locationName:"cloudFormationTarget" type:"structure"` + + // The deployment type that is specific to the deployment's compute platform + // or deployments initiated by a CloudFormation stack update. DeploymentTargetType *string `locationName:"deploymentTargetType" type:"string" enum:"DeploymentTargetType"` // Information about the target for a deployment that uses the Amazon ECS compute @@ -9026,6 +9285,12 @@ func (s DeploymentTarget) GoString() string { return s.String() } +// SetCloudFormationTarget sets the CloudFormationTarget field's value. +func (s *DeploymentTarget) SetCloudFormationTarget(v *CloudFormationTarget) *DeploymentTarget { + s.CloudFormationTarget = v + return s +} + // SetDeploymentTargetType sets the DeploymentTargetType field's value. func (s *DeploymentTarget) SetDeploymentTargetType(v string) *DeploymentTarget { s.DeploymentTargetType = &v @@ -9580,7 +9845,7 @@ type ECSTarget struct { // The status an Amazon ECS deployment's target ECS application. Status *string `locationName:"status" type:"string" enum:"TargetStatus"` - // The ARN of the target. + // The Amazon Resource Name (ARN) of the target. TargetArn *string `locationName:"targetArn" type:"string"` // The unique ID of a deployment target that has a type of ecsTarget. @@ -10404,7 +10669,7 @@ type GetDeploymentTargetOutput struct { _ struct{} `type:"structure"` // A deployment target that contains information about a deployment such as - // its status, lifecyle events, and when it was last updated. It also contains + // its status, lifecycle events, and when it was last updated. It also contains // metadata about the deployment target. The deployment target metadata depends // on the deployment target's type (instanceTarget, lambdaTarget, or ecsTarget). DeploymentTarget *DeploymentTarget `locationName:"deploymentTarget" type:"structure"` @@ -11335,7 +11600,7 @@ type InstanceSummary struct { // * GREEN: The instance is part of the replacement environment. InstanceType *string `locationName:"instanceType" type:"string" enum:"InstanceType"` - // A timestamp that indicaties when the instance information was last updated. + // A timestamp that indicates when the instance information was last updated. LastUpdatedAt *time.Time `locationName:"lastUpdatedAt" type:"timestamp"` // A list of lifecycle events for this instance. @@ -11424,7 +11689,7 @@ type InstanceTarget struct { // The status an EC2/On-premises deployment's target instance. Status *string `locationName:"status" type:"string" enum:"TargetStatus"` - // The ARN of the target. + // The Amazon Resource Name (ARN) of the target. TargetArn *string `locationName:"targetArn" type:"string"` // The unique ID of a deployment target that has a type of instanceTarget. @@ -11889,7 +12154,8 @@ func (s *InvalidBucketNameFilterException) RequestID() string { return s.RespMetadata.RequestID } -// The computePlatform is invalid. The computePlatform should be Lambda or Server. +// The computePlatform is invalid. The computePlatform should be Lambda, Server, +// or ECS. type InvalidComputePlatformException struct { _ struct{} `type:"structure"` RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` @@ -12621,6 +12887,62 @@ func (s *InvalidECSServiceException) RequestID() string { return s.RespMetadata.RequestID } +// The external ID was specified in an invalid format. +type InvalidExternalIdException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation +func (s InvalidExternalIdException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s InvalidExternalIdException) GoString() string { + return s.String() +} + +func newErrorInvalidExternalIdException(v protocol.ResponseMetadata) error { + return &InvalidExternalIdException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. +func (s *InvalidExternalIdException) Code() string { + return "InvalidExternalIdException" +} + +// Message returns the exception's message. +func (s *InvalidExternalIdException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *InvalidExternalIdException) OrigErr() error { + return nil +} + +func (s *InvalidExternalIdException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *InvalidExternalIdException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *InvalidExternalIdException) RequestID() string { + return s.RespMetadata.RequestID +} + // An invalid fileExistsBehavior option was specified to determine how AWS CodeDeploy // handles files or directories that already exist in a deployment target location, // but weren't part of the previous successful deployment. Valid values include @@ -14499,8 +14821,9 @@ type LambdaFunctionInfo struct { // The version of a Lambda function that production traffic points to. CurrentVersion *string `locationName:"currentVersion" type:"string"` - // The alias of a Lambda function. For more information, see Introduction to - // AWS Lambda Aliases (https://docs.aws.amazon.com/lambda/latest/dg/aliases-intro.html). + // The alias of a Lambda function. For more information, see AWS Lambda Function + // Aliases (https://docs.aws.amazon.com/lambda/latest/dg/aliases-intro.html) + // in the AWS Lambda Developer Guide. FunctionAlias *string `locationName:"functionAlias" type:"string"` // The name of a Lambda function. @@ -14574,7 +14897,7 @@ type LambdaTarget struct { // The status an AWS Lambda deployment's target Lambda function. Status *string `locationName:"status" type:"string" enum:"TargetStatus"` - // The ARN of the target. + // The Amazon Resource Name (ARN) of the target. TargetArn *string `locationName:"targetArn" type:"string"` // The unique ID of a deployment target that has a type of lambdaTarget. @@ -14883,7 +15206,7 @@ type ListApplicationRevisionsInput struct { ApplicationName *string `locationName:"applicationName" min:"1" type:"string" required:"true"` // Whether to list revisions based on whether the revision is the target revision - // of an deployment group: + // of a deployment group: // // * include: List revisions that are target revisions of a deployment group. // @@ -15469,6 +15792,10 @@ type ListDeploymentsInput struct { // If it is not specified, then applicationName must not be specified. DeploymentGroupName *string `locationName:"deploymentGroupName" min:"1" type:"string"` + // The unique ID of an external resource for returning deployments linked to + // the external resource. + ExternalId *string `locationName:"externalId" type:"string"` + // A subset of deployments to list by status: // // * Created: Include created deployments in the resulting list. @@ -15533,6 +15860,12 @@ func (s *ListDeploymentsInput) SetDeploymentGroupName(v string) *ListDeployments return s } +// SetExternalId sets the ExternalId field's value. +func (s *ListDeploymentsInput) SetExternalId(v string) *ListDeploymentsInput { + s.ExternalId = &v + return s +} + // SetIncludeOnlyStatuses sets the IncludeOnlyStatuses field's value. func (s *ListDeploymentsInput) SetIncludeOnlyStatuses(v []*string) *ListDeploymentsInput { s.IncludeOnlyStatuses = v @@ -15870,16 +16203,16 @@ type MinimumHealthyHosts struct { // The minimum healthy instance type: // - // * HOST_COUNT: The minimum number of healthy instance as an absolute value. + // * HOST_COUNT: The minimum number of healthy instances as an absolute value. // - // * FLEET_PERCENT: The minimum number of healthy instance as a percentage - // of the total number of instance in the deployment. + // * FLEET_PERCENT: The minimum number of healthy instances as a percentage + // of the total number of instances in the deployment. // - // In an example of nine instance, if a HOST_COUNT of six is specified, deploy + // In an example of nine instances, if a HOST_COUNT of six is specified, deploy // to up to three instances at a time. The deployment is successful if six or // more instances are deployed to successfully. Otherwise, the deployment fails. - // If a FLEET_PERCENT of 40 is specified, deploy to up to five instance at a - // time. The deployment is successful if four or more instance are deployed + // If a FLEET_PERCENT of 40 is specified, deploy to up to five instances at + // a time. The deployment is successful if four or more instances are deployed // to successfully. Otherwise, the deployment fails. // // In a call to the GetDeploymentConfig, CodeDeployDefault.OneAtATime returns @@ -16609,6 +16942,10 @@ type RevisionLocation struct { // // * String: A YAML-formatted or JSON-formatted string (AWS Lambda deployments // only). + // + // * AppSpecContent: An AppSpecContent object that contains the contents + // of an AppSpec file for an AWS Lambda or Amazon ECS deployment. The content + // is formatted as JSON or YAML stored as a RawString. RevisionType *string `locationName:"revisionType" type:"string" enum:"RevisionLocationType"` // Information about the location of a revision stored in Amazon S3. @@ -17520,8 +17857,9 @@ func (s *ThrottlingException) RequestID() string { } // A configuration that shifts traffic from one version of a Lambda function -// to another in two increments. The original and target Lambda function versions -// are specified in the deployment's AppSpec file. +// or ECS task set to another in two increments. The original and target Lambda +// function versions or ECS task sets are specified in the deployment's AppSpec +// file. type TimeBasedCanary struct { _ struct{} `type:"structure"` @@ -17557,9 +17895,9 @@ func (s *TimeBasedCanary) SetCanaryPercentage(v int64) *TimeBasedCanary { } // A configuration that shifts traffic from one version of a Lambda function -// to another in equal increments, with an equal number of minutes between each -// increment. The original and target Lambda function versions are specified -// in the deployment's AppSpec file. +// or ECS task set to another in equal increments, with an equal number of minutes +// between each increment. The original and target Lambda function versions +// or ECS task sets are specified in the deployment's AppSpec file. type TimeBasedLinear struct { _ struct{} `type:"structure"` @@ -17636,9 +17974,9 @@ func (s *TimeRange) SetStart(v time.Time) *TimeRange { type TrafficRoute struct { _ struct{} `type:"structure"` - // The ARN of one listener. The listener identifies the route between a target - // group and a load balancer. This is an array of strings with a maximum size - // of one. + // The Amazon Resource Name (ARN) of one listener. The listener identifies the + // route between a target group and a load balancer. This is an array of strings + // with a maximum size of one. ListenerArns []*string `locationName:"listenerArns" type:"list"` } @@ -17659,23 +17997,25 @@ func (s *TrafficRoute) SetListenerArns(v []*string) *TrafficRoute { } // The configuration that specifies how traffic is shifted from one version -// of a Lambda function to another version during an AWS Lambda deployment. +// of a Lambda function to another version during an AWS Lambda deployment, +// or from one Amazon ECS task set to another during an Amazon ECS deployment. type TrafficRoutingConfig struct { _ struct{} `type:"structure"` // A configuration that shifts traffic from one version of a Lambda function - // to another in two increments. The original and target Lambda function versions - // are specified in the deployment's AppSpec file. + // or ECS task set to another in two increments. The original and target Lambda + // function versions or ECS task sets are specified in the deployment's AppSpec + // file. TimeBasedCanary *TimeBasedCanary `locationName:"timeBasedCanary" type:"structure"` // A configuration that shifts traffic from one version of a Lambda function - // to another in equal increments, with an equal number of minutes between each - // increment. The original and target Lambda function versions are specified - // in the deployment's AppSpec file. + // or ECS task set to another in equal increments, with an equal number of minutes + // between each increment. The original and target Lambda function versions + // or ECS task sets are specified in the deployment's AppSpec file. TimeBasedLinear *TimeBasedLinear `locationName:"timeBasedLinear" type:"structure"` // The type of traffic shifting (TimeBasedCanary or TimeBasedLinear) used by - // a deployment configuration . + // a deployment configuration. Type *string `locationName:"type" type:"string" enum:"TrafficRoutingType"` } @@ -17717,8 +18057,9 @@ type TriggerConfig struct { // The name of the notification trigger. TriggerName *string `locationName:"triggerName" type:"string"` - // The ARN of the Amazon Simple Notification Service topic through which notifications - // about deployment or instance events are sent. + // The Amazon Resource Name (ARN) of the Amazon Simple Notification Service + // topic through which notifications about deployment or instance events are + // sent. TriggerTargetArn *string `locationName:"triggerTargetArn" type:"string"` } @@ -17865,8 +18206,8 @@ func (s *UnsupportedActionForDeploymentTypeException) RequestID() string { type UntagResourceInput struct { _ struct{} `type:"structure"` - // The ARN that specifies from which resource to disassociate the tags with - // the keys in the TagKeys input paramter. + // The Amazon Resource Name (ARN) that specifies from which resource to disassociate + // the tags with the keys in the TagKeys input parameter. // // ResourceArn is a required field ResourceArn *string `min:"1" type:"string" required:"true"` @@ -18069,7 +18410,7 @@ type UpdateDeploymentGroupInput struct { ServiceRoleArn *string `locationName:"serviceRoleArn" type:"string"` // Information about triggers to change when the deployment group is updated. - // For examples, see Modify Triggers in an AWS CodeDeploy Deployment Group (https://docs.aws.amazon.com/codedeploy/latest/userguide/how-to-notify-edit.html) + // For examples, see Edit a Trigger in a CodeDeploy Deployment Group (https://docs.aws.amazon.com/codedeploy/latest/userguide/how-to-notify-edit.html) // in the AWS CodeDeploy User Guide. TriggerConfigurations []*TriggerConfig `locationName:"triggerConfigurations" type:"list"` } @@ -18301,6 +18642,15 @@ const ( // DeploymentCreatorCodeDeployRollback is a DeploymentCreator enum value DeploymentCreatorCodeDeployRollback = "codeDeployRollback" + + // DeploymentCreatorCodeDeploy is a DeploymentCreator enum value + DeploymentCreatorCodeDeploy = "CodeDeploy" + + // DeploymentCreatorCloudFormation is a DeploymentCreator enum value + DeploymentCreatorCloudFormation = "CloudFormation" + + // DeploymentCreatorCloudFormationRollback is a DeploymentCreator enum value + DeploymentCreatorCloudFormationRollback = "CloudFormationRollback" ) const ( @@ -18329,6 +18679,9 @@ const ( // DeploymentStatusInProgress is a DeploymentStatus enum value DeploymentStatusInProgress = "InProgress" + // DeploymentStatusBaking is a DeploymentStatus enum value + DeploymentStatusBaking = "Baking" + // DeploymentStatusSucceeded is a DeploymentStatus enum value DeploymentStatusSucceeded = "Succeeded" @@ -18351,6 +18704,9 @@ const ( // DeploymentTargetTypeEcstarget is a DeploymentTargetType enum value DeploymentTargetTypeEcstarget = "ECSTarget" + + // DeploymentTargetTypeCloudFormationTarget is a DeploymentTargetType enum value + DeploymentTargetTypeCloudFormationTarget = "CloudFormationTarget" ) const ( @@ -18479,6 +18835,9 @@ const ( // ErrorCodeTimeout is a ErrorCode enum value ErrorCodeTimeout = "TIMEOUT" + + // ErrorCodeCloudformationStackFailure is a ErrorCode enum value + ErrorCodeCloudformationStackFailure = "CLOUDFORMATION_STACK_FAILURE" ) const ( diff --git a/vendor/github.com/aws/aws-sdk-go/service/codedeploy/errors.go b/vendor/github.com/aws/aws-sdk-go/service/codedeploy/errors.go index 89a7dac6881..11057d7b21e 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/codedeploy/errors.go +++ b/vendor/github.com/aws/aws-sdk-go/service/codedeploy/errors.go @@ -68,7 +68,7 @@ const ( // "DeploymentConfigAlreadyExistsException". // // A deployment configuration with the specified name with the IAM user or AWS - // account already exists . + // account already exists. ErrCodeDeploymentConfigAlreadyExistsException = "DeploymentConfigAlreadyExistsException" // ErrCodeDeploymentConfigDoesNotExistException for service response error code @@ -318,7 +318,8 @@ const ( // ErrCodeInvalidComputePlatformException for service response error code // "InvalidComputePlatformException". // - // The computePlatform is invalid. The computePlatform should be Lambda or Server. + // The computePlatform is invalid. The computePlatform should be Lambda, Server, + // or ECS. ErrCodeInvalidComputePlatformException = "InvalidComputePlatformException" // ErrCodeInvalidDeployedStateFilterException for service response error code @@ -397,6 +398,12 @@ const ( // The Amazon ECS service identifier is not valid. ErrCodeInvalidECSServiceException = "InvalidECSServiceException" + // ErrCodeInvalidExternalIdException for service response error code + // "InvalidExternalIdException". + // + // The external ID was specified in an invalid format. + ErrCodeInvalidExternalIdException = "InvalidExternalIdException" + // ErrCodeInvalidFileExistsBehaviorException for service response error code // "InvalidFileExistsBehaviorException". // @@ -772,6 +779,7 @@ var exceptionFromCode = map[string]func(protocol.ResponseMetadata) error{ "InvalidEC2TagCombinationException": newErrorInvalidEC2TagCombinationException, "InvalidEC2TagException": newErrorInvalidEC2TagException, "InvalidECSServiceException": newErrorInvalidECSServiceException, + "InvalidExternalIdException": newErrorInvalidExternalIdException, "InvalidFileExistsBehaviorException": newErrorInvalidFileExistsBehaviorException, "InvalidGitHubAccountTokenException": newErrorInvalidGitHubAccountTokenException, "InvalidGitHubAccountTokenNameException": newErrorInvalidGitHubAccountTokenNameException, diff --git a/vendor/github.com/aws/aws-sdk-go/service/ec2/api.go b/vendor/github.com/aws/aws-sdk-go/service/ec2/api.go index 33af5505174..12e7f421b12 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/ec2/api.go +++ b/vendor/github.com/aws/aws-sdk-go/service/ec2/api.go @@ -11239,9 +11239,13 @@ func (c *EC2) DeleteVpnConnectionRequest(input *DeleteVpnConnectionInput) (req * // your VPN connection have been compromised, you can delete the VPN connection // and create a new one that has new keys, without needing to delete the VPC // or virtual private gateway. If you create a new VPN connection, you must -// reconfigure the customer gateway using the new configuration information +// reconfigure the customer gateway device using the new configuration information // returned with the new VPN connection ID. // +// For certificate-based authentication, delete all AWS Certificate Manager +// (ACM) private certificates used for the AWS-side tunnel endpoints for the +// VPN connection before deleting the VPN connection. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -32603,8 +32607,9 @@ func (c *EC2) ModifyVpnConnectionRequest(input *ModifyVpnConnectionInput) (req * // ModifyVpnConnection API operation for Amazon Elastic Compute Cloud. // -// Modifies the target gateway of an AWS Site-to-Site VPN connection. The following -// migration options are available: +// Modifies the customer gateway or the target gateway of an AWS Site-to-Site +// VPN connection. To modify the target gateway, the following migration options +// are available: // // * An existing virtual private gateway to a new virtual private gateway // @@ -40234,7 +40239,8 @@ func (s *AuthorizationRule) SetStatus(v *ClientVpnAuthorizationRuleStatus) *Auth type AuthorizeClientVpnIngressInput struct { _ struct{} `type:"structure"` - // The ID of the Active Directory group to grant access. + // The ID of the group to grant access to, for example, the Active Directory + // group or identity provider (IdP) group. AccessGroupId *string `type:"string"` // Indicates whether to grant access to all clients. Use true to grant all clients @@ -42717,9 +42723,8 @@ func (s *ClientData) SetUploadStart(v time.Time) *ClientData { return s } -// Describes the authentication methods used by a Client VPN endpoint. Client -// VPN supports Active Directory and mutual authentication. For more information, -// see Authentication (https://docs.aws.amazon.com/vpn/latest/clientvpn-admin/authentication-authrization.html#client-authentication) +// Describes the authentication methods used by a Client VPN endpoint. For more +// information, see Authentication (https://docs.aws.amazon.com/vpn/latest/clientvpn-admin/authentication-authrization.html#client-authentication) // in the AWS Client VPN Administrator Guide. type ClientVpnAuthentication struct { _ struct{} `type:"structure"` @@ -42727,6 +42732,9 @@ type ClientVpnAuthentication struct { // Information about the Active Directory, if applicable. ActiveDirectory *DirectoryServiceAuthentication `locationName:"activeDirectory" type:"structure"` + // Information about the IAM SAML identity provider, if applicable. + FederatedAuthentication *FederatedAuthentication `locationName:"federatedAuthentication" type:"structure"` + // Information about the authentication certificates, if applicable. MutualAuthentication *CertificateAuthentication `locationName:"mutualAuthentication" type:"structure"` @@ -42750,6 +42758,12 @@ func (s *ClientVpnAuthentication) SetActiveDirectory(v *DirectoryServiceAuthenti return s } +// SetFederatedAuthentication sets the FederatedAuthentication field's value. +func (s *ClientVpnAuthentication) SetFederatedAuthentication(v *FederatedAuthentication) *ClientVpnAuthentication { + s.FederatedAuthentication = v + return s +} + // SetMutualAuthentication sets the MutualAuthentication field's value. func (s *ClientVpnAuthentication) SetMutualAuthentication(v *CertificateAuthentication) *ClientVpnAuthentication { s.MutualAuthentication = v @@ -42763,8 +42777,7 @@ func (s *ClientVpnAuthentication) SetType(v string) *ClientVpnAuthentication { } // Describes the authentication method to be used by a Client VPN endpoint. -// Client VPN supports Active Directory and mutual authentication. For more -// information, see Authentication (https://docs.aws.amazon.com/vpn/latest/clientvpn-admin/authentication-authrization.html#client-authentication) +// For more information, see Authentication (https://docs.aws.amazon.com/vpn/latest/clientvpn-admin/authentication-authrization.html#client-authentication) // in the AWS Client VPN Administrator Guide. type ClientVpnAuthenticationRequest struct { _ struct{} `type:"structure"` @@ -42773,13 +42786,15 @@ type ClientVpnAuthenticationRequest struct { // provide this information if Type is directory-service-authentication. ActiveDirectory *DirectoryServiceAuthenticationRequest `type:"structure"` + // Information about the IAM SAML identity provider to be used, if applicable. + // You must provide this information if Type is federated-authentication. + FederatedAuthentication *FederatedAuthenticationRequest `type:"structure"` + // Information about the authentication certificates to be used, if applicable. // You must provide this information if Type is certificate-authentication. MutualAuthentication *CertificateAuthenticationRequest `type:"structure"` - // The type of client authentication to be used. Specify certificate-authentication - // to use certificate-based authentication, or directory-service-authentication - // to use Active Directory authentication. + // The type of client authentication to be used. Type *string `type:"string" enum:"ClientVpnAuthenticationType"` } @@ -42799,6 +42814,12 @@ func (s *ClientVpnAuthenticationRequest) SetActiveDirectory(v *DirectoryServiceA return s } +// SetFederatedAuthentication sets the FederatedAuthentication field's value. +func (s *ClientVpnAuthenticationRequest) SetFederatedAuthentication(v *FederatedAuthenticationRequest) *ClientVpnAuthenticationRequest { + s.FederatedAuthentication = v + return s +} + // SetMutualAuthentication sets the MutualAuthentication field's value. func (s *ClientVpnAuthenticationRequest) SetMutualAuthentication(v *CertificateAuthenticationRequest) *ClientVpnAuthenticationRequest { s.MutualAuthentication = v @@ -73771,6 +73792,54 @@ func (s *FailedQueuedPurchaseDeletion) SetReservedInstancesId(v string) *FailedQ return s } +// Describes the IAM SAML identity provider used for federated authentication. +type FederatedAuthentication struct { + _ struct{} `type:"structure"` + + // The Amazon Resource Name (ARN) of the IAM SAML identity provider. + SamlProviderArn *string `locationName:"samlProviderArn" type:"string"` +} + +// String returns the string representation +func (s FederatedAuthentication) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s FederatedAuthentication) GoString() string { + return s.String() +} + +// SetSamlProviderArn sets the SamlProviderArn field's value. +func (s *FederatedAuthentication) SetSamlProviderArn(v string) *FederatedAuthentication { + s.SamlProviderArn = &v + return s +} + +// The IAM SAML identity provider used for federated authentication. +type FederatedAuthenticationRequest struct { + _ struct{} `type:"structure"` + + // The Amazon Resource Name (ARN) of the IAM SAML identity provider. + SAMLProviderArn *string `type:"string"` +} + +// String returns the string representation +func (s FederatedAuthenticationRequest) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s FederatedAuthenticationRequest) GoString() string { + return s.String() +} + +// SetSAMLProviderArn sets the SAMLProviderArn field's value. +func (s *FederatedAuthenticationRequest) SetSAMLProviderArn(v string) *FederatedAuthenticationRequest { + s.SAMLProviderArn = &v + return s +} + // A filter name and value pair that is used to return a more specific list // of results from a describe operation. Filters can be used to match a set // of resources by specific criteria, such as tags, attributes, or IDs. The @@ -109975,6 +110044,9 @@ const ( // ClientVpnAuthenticationTypeDirectoryServiceAuthentication is a ClientVpnAuthenticationType enum value ClientVpnAuthenticationTypeDirectoryServiceAuthentication = "directory-service-authentication" + + // ClientVpnAuthenticationTypeFederatedAuthentication is a ClientVpnAuthenticationType enum value + ClientVpnAuthenticationTypeFederatedAuthentication = "federated-authentication" ) const ( diff --git a/vendor/github.com/aws/aws-sdk-go/service/medialive/api.go b/vendor/github.com/aws/aws-sdk-go/service/medialive/api.go index 5683e77eeb6..bfe4e981d0a 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/medialive/api.go +++ b/vendor/github.com/aws/aws-sdk-go/service/medialive/api.go @@ -1549,6 +1549,96 @@ func (c *MediaLive) DescribeInputWithContext(ctx aws.Context, input *DescribeInp return out, req.Send() } +const opDescribeInputDevice = "DescribeInputDevice" + +// DescribeInputDeviceRequest generates a "aws/request.Request" representing the +// client's request for the DescribeInputDevice operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DescribeInputDevice for more information on using the DescribeInputDevice +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DescribeInputDeviceRequest method. +// req, resp := client.DescribeInputDeviceRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/medialive-2017-10-14/DescribeInputDevice +func (c *MediaLive) DescribeInputDeviceRequest(input *DescribeInputDeviceInput) (req *request.Request, output *DescribeInputDeviceOutput) { + op := &request.Operation{ + Name: opDescribeInputDevice, + HTTPMethod: "GET", + HTTPPath: "/prod/inputDevices/{inputDeviceId}", + } + + if input == nil { + input = &DescribeInputDeviceInput{} + } + + output = &DescribeInputDeviceOutput{} + req = c.newRequest(op, input, output) + return +} + +// DescribeInputDevice API operation for AWS Elemental MediaLive. +// +// Gets the details for the input device +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Elemental MediaLive's +// API operation DescribeInputDevice for usage and error information. +// +// Returned Error Types: +// * BadRequestException +// +// * InternalServerErrorException +// +// * ForbiddenException +// +// * BadGatewayException +// +// * NotFoundException +// +// * GatewayTimeoutException +// +// * TooManyRequestsException +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/medialive-2017-10-14/DescribeInputDevice +func (c *MediaLive) DescribeInputDevice(input *DescribeInputDeviceInput) (*DescribeInputDeviceOutput, error) { + req, out := c.DescribeInputDeviceRequest(input) + return out, req.Send() +} + +// DescribeInputDeviceWithContext is the same as DescribeInputDevice with the addition of +// the ability to pass a context and additional request options. +// +// See DescribeInputDevice for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *MediaLive) DescribeInputDeviceWithContext(ctx aws.Context, input *DescribeInputDeviceInput, opts ...request.Option) (*DescribeInputDeviceOutput, error) { + req, out := c.DescribeInputDeviceRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opDescribeInputSecurityGroup = "DescribeInputSecurityGroup" // DescribeInputSecurityGroupRequest generates a "aws/request.Request" representing the @@ -2293,6 +2383,152 @@ func (c *MediaLive) ListChannelsPagesWithContext(ctx aws.Context, input *ListCha return p.Err() } +const opListInputDevices = "ListInputDevices" + +// ListInputDevicesRequest generates a "aws/request.Request" representing the +// client's request for the ListInputDevices operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See ListInputDevices for more information on using the ListInputDevices +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the ListInputDevicesRequest method. +// req, resp := client.ListInputDevicesRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/medialive-2017-10-14/ListInputDevices +func (c *MediaLive) ListInputDevicesRequest(input *ListInputDevicesInput) (req *request.Request, output *ListInputDevicesOutput) { + op := &request.Operation{ + Name: opListInputDevices, + HTTPMethod: "GET", + HTTPPath: "/prod/inputDevices", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, + } + + if input == nil { + input = &ListInputDevicesInput{} + } + + output = &ListInputDevicesOutput{} + req = c.newRequest(op, input, output) + return +} + +// ListInputDevices API operation for AWS Elemental MediaLive. +// +// List input devices +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Elemental MediaLive's +// API operation ListInputDevices for usage and error information. +// +// Returned Error Types: +// * BadRequestException +// +// * InternalServerErrorException +// +// * ForbiddenException +// +// * BadGatewayException +// +// * GatewayTimeoutException +// +// * TooManyRequestsException +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/medialive-2017-10-14/ListInputDevices +func (c *MediaLive) ListInputDevices(input *ListInputDevicesInput) (*ListInputDevicesOutput, error) { + req, out := c.ListInputDevicesRequest(input) + return out, req.Send() +} + +// ListInputDevicesWithContext is the same as ListInputDevices with the addition of +// the ability to pass a context and additional request options. +// +// See ListInputDevices for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *MediaLive) ListInputDevicesWithContext(ctx aws.Context, input *ListInputDevicesInput, opts ...request.Option) (*ListInputDevicesOutput, error) { + req, out := c.ListInputDevicesRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +// ListInputDevicesPages iterates over the pages of a ListInputDevices operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See ListInputDevices method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a ListInputDevices operation. +// pageNum := 0 +// err := client.ListInputDevicesPages(params, +// func(page *medialive.ListInputDevicesOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *MediaLive) ListInputDevicesPages(input *ListInputDevicesInput, fn func(*ListInputDevicesOutput, bool) bool) error { + return c.ListInputDevicesPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// ListInputDevicesPagesWithContext same as ListInputDevicesPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *MediaLive) ListInputDevicesPagesWithContext(ctx aws.Context, input *ListInputDevicesInput, fn func(*ListInputDevicesOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *ListInputDevicesInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.ListInputDevicesRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*ListInputDevicesOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opListInputSecurityGroups = "ListInputSecurityGroups" // ListInputSecurityGroupsRequest generates a "aws/request.Request" representing the @@ -3991,6 +4227,98 @@ func (c *MediaLive) UpdateInputWithContext(ctx aws.Context, input *UpdateInputIn return out, req.Send() } +const opUpdateInputDevice = "UpdateInputDevice" + +// UpdateInputDeviceRequest generates a "aws/request.Request" representing the +// client's request for the UpdateInputDevice operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See UpdateInputDevice for more information on using the UpdateInputDevice +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the UpdateInputDeviceRequest method. +// req, resp := client.UpdateInputDeviceRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/medialive-2017-10-14/UpdateInputDevice +func (c *MediaLive) UpdateInputDeviceRequest(input *UpdateInputDeviceInput) (req *request.Request, output *UpdateInputDeviceOutput) { + op := &request.Operation{ + Name: opUpdateInputDevice, + HTTPMethod: "PUT", + HTTPPath: "/prod/inputDevices/{inputDeviceId}", + } + + if input == nil { + input = &UpdateInputDeviceInput{} + } + + output = &UpdateInputDeviceOutput{} + req = c.newRequest(op, input, output) + return +} + +// UpdateInputDevice API operation for AWS Elemental MediaLive. +// +// Updates the parameters for the input device. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Elemental MediaLive's +// API operation UpdateInputDevice for usage and error information. +// +// Returned Error Types: +// * BadRequestException +// +// * UnprocessableEntityException +// +// * InternalServerErrorException +// +// * ForbiddenException +// +// * BadGatewayException +// +// * NotFoundException +// +// * GatewayTimeoutException +// +// * TooManyRequestsException +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/medialive-2017-10-14/UpdateInputDevice +func (c *MediaLive) UpdateInputDevice(input *UpdateInputDeviceInput) (*UpdateInputDeviceOutput, error) { + req, out := c.UpdateInputDeviceRequest(input) + return out, req.Send() +} + +// UpdateInputDeviceWithContext is the same as UpdateInputDevice with the addition of +// the ability to pass a context and additional request options. +// +// See UpdateInputDevice for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *MediaLive) UpdateInputDeviceWithContext(ctx aws.Context, input *UpdateInputDeviceInput, opts ...request.Option) (*UpdateInputDeviceOutput, error) { + req, out := c.UpdateInputDeviceRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opUpdateInputSecurityGroup = "UpdateInputSecurityGroup" // UpdateInputSecurityGroupRequest generates a "aws/request.Request" representing the @@ -7360,6 +7688,8 @@ type CreateInputInput struct { Destinations []*InputDestinationRequest `locationName:"destinations" type:"list"` + InputDevices []*InputDeviceSettings `locationName:"inputDevices" type:"list"` + InputSecurityGroups []*string `locationName:"inputSecurityGroups" type:"list"` MediaConnectFlows []*MediaConnectFlowRequest `locationName:"mediaConnectFlows" type:"list"` @@ -7414,6 +7744,12 @@ func (s *CreateInputInput) SetDestinations(v []*InputDestinationRequest) *Create return s } +// SetInputDevices sets the InputDevices field's value. +func (s *CreateInputInput) SetInputDevices(v []*InputDeviceSettings) *CreateInputInput { + s.InputDevices = v + return s +} + // SetInputSecurityGroups sets the InputSecurityGroups field's value. func (s *CreateInputInput) SetInputSecurityGroups(v []*string) *CreateInputInput { s.InputSecurityGroups = v @@ -8827,10 +9163,154 @@ func (s *DescribeChannelOutput) SetTags(v map[string]*string) *DescribeChannelOu return s } -type DescribeInputInput struct { +type DescribeInputDeviceInput struct { _ struct{} `type:"structure"` - // InputId is a required field + // InputDeviceId is a required field + InputDeviceId *string `location:"uri" locationName:"inputDeviceId" type:"string" required:"true"` +} + +// String returns the string representation +func (s DescribeInputDeviceInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeInputDeviceInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeInputDeviceInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeInputDeviceInput"} + if s.InputDeviceId == nil { + invalidParams.Add(request.NewErrParamRequired("InputDeviceId")) + } + if s.InputDeviceId != nil && len(*s.InputDeviceId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("InputDeviceId", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetInputDeviceId sets the InputDeviceId field's value. +func (s *DescribeInputDeviceInput) SetInputDeviceId(v string) *DescribeInputDeviceInput { + s.InputDeviceId = &v + return s +} + +type DescribeInputDeviceOutput struct { + _ struct{} `type:"structure"` + + Arn *string `locationName:"arn" type:"string"` + + // The state of the connection between the input device and AWS. + ConnectionState *string `locationName:"connectionState" type:"string" enum:"InputDeviceConnectionState"` + + // The status of the action to synchronize the device configuration. If you + // change the configuration of the input device (for example, the maximum bitrate), + // MediaLive sends the new data to the device. The device might not update itself + // immediately. SYNCED means the device has updated its configuration. SYNCING + // means that it has not updated its configuration. + DeviceSettingsSyncState *string `locationName:"deviceSettingsSyncState" type:"string" enum:"DeviceSettingsSyncState"` + + // Settings that describe the active source from the input device, and the video + // characteristics of that source. + HdDeviceSettings *InputDeviceHdSettings `locationName:"hdDeviceSettings" type:"structure"` + + Id *string `locationName:"id" type:"string"` + + MacAddress *string `locationName:"macAddress" type:"string"` + + Name *string `locationName:"name" type:"string"` + + // The network settings for the input device. + NetworkSettings *InputDeviceNetworkSettings `locationName:"networkSettings" type:"structure"` + + SerialNumber *string `locationName:"serialNumber" type:"string"` + + // The type of the input device. For an AWS Elemental Link device that outputs + // resolutions up to 1080, choose "HD". + Type *string `locationName:"type" type:"string" enum:"InputDeviceType"` +} + +// String returns the string representation +func (s DescribeInputDeviceOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeInputDeviceOutput) GoString() string { + return s.String() +} + +// SetArn sets the Arn field's value. +func (s *DescribeInputDeviceOutput) SetArn(v string) *DescribeInputDeviceOutput { + s.Arn = &v + return s +} + +// SetConnectionState sets the ConnectionState field's value. +func (s *DescribeInputDeviceOutput) SetConnectionState(v string) *DescribeInputDeviceOutput { + s.ConnectionState = &v + return s +} + +// SetDeviceSettingsSyncState sets the DeviceSettingsSyncState field's value. +func (s *DescribeInputDeviceOutput) SetDeviceSettingsSyncState(v string) *DescribeInputDeviceOutput { + s.DeviceSettingsSyncState = &v + return s +} + +// SetHdDeviceSettings sets the HdDeviceSettings field's value. +func (s *DescribeInputDeviceOutput) SetHdDeviceSettings(v *InputDeviceHdSettings) *DescribeInputDeviceOutput { + s.HdDeviceSettings = v + return s +} + +// SetId sets the Id field's value. +func (s *DescribeInputDeviceOutput) SetId(v string) *DescribeInputDeviceOutput { + s.Id = &v + return s +} + +// SetMacAddress sets the MacAddress field's value. +func (s *DescribeInputDeviceOutput) SetMacAddress(v string) *DescribeInputDeviceOutput { + s.MacAddress = &v + return s +} + +// SetName sets the Name field's value. +func (s *DescribeInputDeviceOutput) SetName(v string) *DescribeInputDeviceOutput { + s.Name = &v + return s +} + +// SetNetworkSettings sets the NetworkSettings field's value. +func (s *DescribeInputDeviceOutput) SetNetworkSettings(v *InputDeviceNetworkSettings) *DescribeInputDeviceOutput { + s.NetworkSettings = v + return s +} + +// SetSerialNumber sets the SerialNumber field's value. +func (s *DescribeInputDeviceOutput) SetSerialNumber(v string) *DescribeInputDeviceOutput { + s.SerialNumber = &v + return s +} + +// SetType sets the Type field's value. +func (s *DescribeInputDeviceOutput) SetType(v string) *DescribeInputDeviceOutput { + s.Type = &v + return s +} + +type DescribeInputInput struct { + _ struct{} `type:"structure"` + + // InputId is a required field InputId *string `location:"uri" locationName:"inputId" type:"string" required:"true"` } @@ -8880,6 +9360,8 @@ type DescribeInputOutput struct { // A standard input has two sources and a single pipeline input only has one. InputClass *string `locationName:"inputClass" type:"string" enum:"InputClass"` + InputDevices []*InputDeviceSettings `locationName:"inputDevices" type:"list"` + // There are two types of input sources, static and dynamic. If an input source // is dynamic you canchange the source url of the input dynamically using an // input switch action. However, the only input typeto support a dynamic url @@ -8943,6 +9425,12 @@ func (s *DescribeInputOutput) SetInputClass(v string) *DescribeInputOutput { return s } +// SetInputDevices sets the InputDevices field's value. +func (s *DescribeInputOutput) SetInputDevices(v []*InputDeviceSettings) *DescribeInputOutput { + s.InputDevices = v + return s +} + // SetInputSourceType sets the InputSourceType field's value. func (s *DescribeInputOutput) SetInputSourceType(v string) *DescribeInputOutput { s.InputSourceType = &v @@ -11200,8 +11688,8 @@ type GlobalConfiguration struct { // Settings for system actions when input is lost. InputLossBehavior *InputLossBehavior `locationName:"inputLossBehavior" type:"structure"` - // Indicates how MediaLive pipelines are synchronized.PIPELINELOCKING - MediaLive - // will attempt to synchronize the output of each pipeline to the other.EPOCHLOCKING + // Indicates how MediaLive pipelines are synchronized.PIPELINE_LOCKING - MediaLive + // will attempt to synchronize the output of each pipeline to the other.EPOCH_LOCKING // - MediaLive will attempt to synchronize the output of each pipeline to the // Unix epoch. OutputLockingMode *string `locationName:"outputLockingMode" type:"string" enum:"GlobalConfigurationOutputLockingMode"` @@ -11383,7 +11871,7 @@ type H264Settings struct { // Entropy encoding mode. Use cabac (must be in Main or High profile) or cavlc. EntropyEncoding *string `locationName:"entropyEncoding" type:"string" enum:"H264EntropyEncoding"` - // Settings associated with the specified filter. + // Optional filters that you can apply to an encode. FilterSettings *H264FilterSettings `locationName:"filterSettings" type:"structure"` // Four bit AFD value to write on all frames of video in the output stream. @@ -11479,9 +11967,12 @@ type H264Settings struct { // H.264 Profile. Profile *string `locationName:"profile" type:"string" enum:"H264Profile"` - // If set to "ENHANCEDQUALITY," improves visual quality at an increased output - // cost. If this video is being delivered to a MediaLive Multiplex, "ENHANCEDQUALITY" - // is always used. + // Leave as STANDARD_QUALITY or choose a different value (which might result + // in additional costs to run the channel).- ENHANCED_QUALITY: Produces a slightly + // better video quality without an increase in the bitrate. Has an effect only + // when the Rate control mode is QVBR or CBR. If this channel is in a MediaLive + // multiplex, the value must be ENHANCED_QUALITY.- STANDARD_QUALITY: Valid for + // any Rate control mode. QualityLevel *string `locationName:"qualityLevel" type:"string" enum:"H264QualityLevel"` // Controls the target quality for the video encode. Applies only when the rate @@ -12604,9 +13095,9 @@ type HlsGroupSettings struct { // converting it to a "VOD" type manifest on completion of the stream. Mode *string `locationName:"mode" type:"string" enum:"HlsMode"` - // MANIFESTSANDSEGMENTS: Generates manifests (master manifest, if applicable, - // and media manifests) for this output group.VARIANTMANIFESTSANDSEGMENTS: Generates - // media manifests for this output group, but not a master manifest.SEGMENTSONLY: + // MANIFESTS_AND_SEGMENTS: Generates manifests (master manifest, if applicable, + // and media manifests) for this output group.VARIANT_MANIFESTS_AND_SEGMENTS: + // Generates media manifests for this output group, but not a master manifest.SEGMENTS_ONLY: // Does not generate any manifests for this output group. OutputSelection *string `locationName:"outputSelection" type:"string" enum:"HlsOutputSelection"` @@ -12659,7 +13150,7 @@ type HlsGroupSettings struct { // Provides an extra millisecond delta offset to fine tune the timestamps. TimestampDeltaMilliseconds *int64 `locationName:"timestampDeltaMilliseconds" type:"integer"` - // SEGMENTEDFILES: Emit the program as segments - multiple .ts media files.SINGLEFILE: + // SEGMENTED_FILES: Emit the program as segments - multiple .ts media files.SINGLE_FILE: // Applies only if Mode field is VOD. Emit the program as a single .ts media // file. The media manifest includes #EXT-X-BYTERANGE tags to index segments // for playback. A typical use for this value is when sending the output to @@ -13405,6 +13896,9 @@ type Input struct { // value is not valid because the channel requires two sources in the input. InputClass *string `locationName:"inputClass" type:"string" enum:"InputClass"` + // Settings for the input devices. + InputDevices []*InputDeviceSettings `locationName:"inputDevices" type:"list"` + // Certain pull input sources can be dynamic, meaning that they can have their // URL's dynamically changesduring input switch actions. Presently, this functionality // only works with MP4_FILE inputs. @@ -13474,6 +13968,12 @@ func (s *Input) SetInputClass(v string) *Input { return s } +// SetInputDevices sets the InputDevices field's value. +func (s *Input) SetInputDevices(v []*InputDeviceSettings) *Input { + s.InputDevices = v + return s +} + // SetInputSourceType sets the InputSourceType field's value. func (s *Input) SetInputSourceType(v string) *Input { s.InputSourceType = &v @@ -13807,20 +14307,366 @@ func (s InputDestinationVpc) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation -func (s InputDestinationVpc) GoString() string { - return s.String() +// GoString returns the string representation +func (s InputDestinationVpc) GoString() string { + return s.String() +} + +// SetAvailabilityZone sets the AvailabilityZone field's value. +func (s *InputDestinationVpc) SetAvailabilityZone(v string) *InputDestinationVpc { + s.AvailabilityZone = &v + return s +} + +// SetNetworkInterfaceId sets the NetworkInterfaceId field's value. +func (s *InputDestinationVpc) SetNetworkInterfaceId(v string) *InputDestinationVpc { + s.NetworkInterfaceId = &v + return s +} + +// Configurable settings for the input device. +type InputDeviceConfigurableSettings struct { + _ struct{} `type:"structure"` + + // The input source that you want to use. If the device has a source connected + // to only one of its input ports, or if you don't care which source the device + // sends, specify Auto. If the device has sources connected to both its input + // ports, and you want to use a specific source, specify the source. + ConfiguredInput *string `locationName:"configuredInput" type:"string" enum:"InputDeviceConfiguredInput"` + + // The maximum bitrate in bits per second. Set a value here to throttle the + // bitrate of the source video. + MaxBitrate *int64 `locationName:"maxBitrate" type:"integer"` +} + +// String returns the string representation +func (s InputDeviceConfigurableSettings) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s InputDeviceConfigurableSettings) GoString() string { + return s.String() +} + +// SetConfiguredInput sets the ConfiguredInput field's value. +func (s *InputDeviceConfigurableSettings) SetConfiguredInput(v string) *InputDeviceConfigurableSettings { + s.ConfiguredInput = &v + return s +} + +// SetMaxBitrate sets the MaxBitrate field's value. +func (s *InputDeviceConfigurableSettings) SetMaxBitrate(v int64) *InputDeviceConfigurableSettings { + s.MaxBitrate = &v + return s +} + +// Settings that describe the active source from the input device, and the video +// characteristics of that source. +type InputDeviceHdSettings struct { + _ struct{} `type:"structure"` + + // If you specified Auto as the configured input, specifies which of the sources + // is currently active (SDI or HDMI). + ActiveInput *string `locationName:"activeInput" type:"string" enum:"InputDeviceActiveInput"` + + // The source at the input device that is currently active. You can specify + // this source. + ConfiguredInput *string `locationName:"configuredInput" type:"string" enum:"InputDeviceConfiguredInput"` + + // The state of the input device. + DeviceState *string `locationName:"deviceState" type:"string" enum:"InputDeviceState"` + + // The frame rate of the video source. + Framerate *float64 `locationName:"framerate" type:"double"` + + // The height of the video source, in pixels. + Height *int64 `locationName:"height" type:"integer"` + + // The current maximum bitrate for ingesting this source, in bits per second. + // You can specify this maximum. + MaxBitrate *int64 `locationName:"maxBitrate" type:"integer"` + + // The scan type of the video source. + ScanType *string `locationName:"scanType" type:"string" enum:"InputDeviceScanType"` + + // The width of the video source, in pixels. + Width *int64 `locationName:"width" type:"integer"` +} + +// String returns the string representation +func (s InputDeviceHdSettings) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s InputDeviceHdSettings) GoString() string { + return s.String() +} + +// SetActiveInput sets the ActiveInput field's value. +func (s *InputDeviceHdSettings) SetActiveInput(v string) *InputDeviceHdSettings { + s.ActiveInput = &v + return s +} + +// SetConfiguredInput sets the ConfiguredInput field's value. +func (s *InputDeviceHdSettings) SetConfiguredInput(v string) *InputDeviceHdSettings { + s.ConfiguredInput = &v + return s +} + +// SetDeviceState sets the DeviceState field's value. +func (s *InputDeviceHdSettings) SetDeviceState(v string) *InputDeviceHdSettings { + s.DeviceState = &v + return s +} + +// SetFramerate sets the Framerate field's value. +func (s *InputDeviceHdSettings) SetFramerate(v float64) *InputDeviceHdSettings { + s.Framerate = &v + return s +} + +// SetHeight sets the Height field's value. +func (s *InputDeviceHdSettings) SetHeight(v int64) *InputDeviceHdSettings { + s.Height = &v + return s +} + +// SetMaxBitrate sets the MaxBitrate field's value. +func (s *InputDeviceHdSettings) SetMaxBitrate(v int64) *InputDeviceHdSettings { + s.MaxBitrate = &v + return s +} + +// SetScanType sets the ScanType field's value. +func (s *InputDeviceHdSettings) SetScanType(v string) *InputDeviceHdSettings { + s.ScanType = &v + return s +} + +// SetWidth sets the Width field's value. +func (s *InputDeviceHdSettings) SetWidth(v int64) *InputDeviceHdSettings { + s.Width = &v + return s +} + +// The network settings for the input device. +type InputDeviceNetworkSettings struct { + _ struct{} `type:"structure"` + + // The DNS addresses of the input device. + DnsAddresses []*string `locationName:"dnsAddresses" type:"list"` + + // The network gateway IP address. + Gateway *string `locationName:"gateway" type:"string"` + + // The IP address of the input device. + IpAddress *string `locationName:"ipAddress" type:"string"` + + // Specifies whether the input device has been configured (outside of MediaLive) + // to use a dynamic IP address assignment (DHCP) or a static IP address. + IpScheme *string `locationName:"ipScheme" type:"string" enum:"InputDeviceIpScheme"` + + // The subnet mask of the input device. + SubnetMask *string `locationName:"subnetMask" type:"string"` +} + +// String returns the string representation +func (s InputDeviceNetworkSettings) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s InputDeviceNetworkSettings) GoString() string { + return s.String() +} + +// SetDnsAddresses sets the DnsAddresses field's value. +func (s *InputDeviceNetworkSettings) SetDnsAddresses(v []*string) *InputDeviceNetworkSettings { + s.DnsAddresses = v + return s +} + +// SetGateway sets the Gateway field's value. +func (s *InputDeviceNetworkSettings) SetGateway(v string) *InputDeviceNetworkSettings { + s.Gateway = &v + return s +} + +// SetIpAddress sets the IpAddress field's value. +func (s *InputDeviceNetworkSettings) SetIpAddress(v string) *InputDeviceNetworkSettings { + s.IpAddress = &v + return s +} + +// SetIpScheme sets the IpScheme field's value. +func (s *InputDeviceNetworkSettings) SetIpScheme(v string) *InputDeviceNetworkSettings { + s.IpScheme = &v + return s +} + +// SetSubnetMask sets the SubnetMask field's value. +func (s *InputDeviceNetworkSettings) SetSubnetMask(v string) *InputDeviceNetworkSettings { + s.SubnetMask = &v + return s +} + +// Settings for an input device. +type InputDeviceRequest struct { + _ struct{} `type:"structure"` + + // The unique ID for the device. + Id *string `locationName:"id" type:"string"` +} + +// String returns the string representation +func (s InputDeviceRequest) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s InputDeviceRequest) GoString() string { + return s.String() +} + +// SetId sets the Id field's value. +func (s *InputDeviceRequest) SetId(v string) *InputDeviceRequest { + s.Id = &v + return s +} + +// Settings for an input device. +type InputDeviceSettings struct { + _ struct{} `type:"structure"` + + // The unique ID for the device. + Id *string `locationName:"id" type:"string"` +} + +// String returns the string representation +func (s InputDeviceSettings) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s InputDeviceSettings) GoString() string { + return s.String() +} + +// SetId sets the Id field's value. +func (s *InputDeviceSettings) SetId(v string) *InputDeviceSettings { + s.Id = &v + return s +} + +// Details of the input device. +type InputDeviceSummary struct { + _ struct{} `type:"structure"` + + // The unique ARN of the input device. + Arn *string `locationName:"arn" type:"string"` + + // The state of the connection between the input device and AWS. + ConnectionState *string `locationName:"connectionState" type:"string" enum:"InputDeviceConnectionState"` + + // The status of the action to synchronize the device configuration. If you + // change the configuration of the input device (for example, the maximum bitrate), + // MediaLive sends the new data to the device. The device might not update itself + // immediately. SYNCED means the device has updated its configuration. SYNCING + // means that it has not updated its configuration. + DeviceSettingsSyncState *string `locationName:"deviceSettingsSyncState" type:"string" enum:"DeviceSettingsSyncState"` + + // Settings that describe an input device that is type HD. + HdDeviceSettings *InputDeviceHdSettings `locationName:"hdDeviceSettings" type:"structure"` + + // The unique ID of the input device. + Id *string `locationName:"id" type:"string"` + + // The network MAC address of the input device. + MacAddress *string `locationName:"macAddress" type:"string"` + + // A name that you specify for the input device. + Name *string `locationName:"name" type:"string"` + + // Network settings for the input device. + NetworkSettings *InputDeviceNetworkSettings `locationName:"networkSettings" type:"structure"` + + // The unique serial number of the input device. + SerialNumber *string `locationName:"serialNumber" type:"string"` + + // The type of the input device. + Type *string `locationName:"type" type:"string" enum:"InputDeviceType"` +} + +// String returns the string representation +func (s InputDeviceSummary) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s InputDeviceSummary) GoString() string { + return s.String() +} + +// SetArn sets the Arn field's value. +func (s *InputDeviceSummary) SetArn(v string) *InputDeviceSummary { + s.Arn = &v + return s +} + +// SetConnectionState sets the ConnectionState field's value. +func (s *InputDeviceSummary) SetConnectionState(v string) *InputDeviceSummary { + s.ConnectionState = &v + return s +} + +// SetDeviceSettingsSyncState sets the DeviceSettingsSyncState field's value. +func (s *InputDeviceSummary) SetDeviceSettingsSyncState(v string) *InputDeviceSummary { + s.DeviceSettingsSyncState = &v + return s +} + +// SetHdDeviceSettings sets the HdDeviceSettings field's value. +func (s *InputDeviceSummary) SetHdDeviceSettings(v *InputDeviceHdSettings) *InputDeviceSummary { + s.HdDeviceSettings = v + return s +} + +// SetId sets the Id field's value. +func (s *InputDeviceSummary) SetId(v string) *InputDeviceSummary { + s.Id = &v + return s +} + +// SetMacAddress sets the MacAddress field's value. +func (s *InputDeviceSummary) SetMacAddress(v string) *InputDeviceSummary { + s.MacAddress = &v + return s +} + +// SetName sets the Name field's value. +func (s *InputDeviceSummary) SetName(v string) *InputDeviceSummary { + s.Name = &v + return s +} + +// SetNetworkSettings sets the NetworkSettings field's value. +func (s *InputDeviceSummary) SetNetworkSettings(v *InputDeviceNetworkSettings) *InputDeviceSummary { + s.NetworkSettings = v + return s } -// SetAvailabilityZone sets the AvailabilityZone field's value. -func (s *InputDestinationVpc) SetAvailabilityZone(v string) *InputDestinationVpc { - s.AvailabilityZone = &v +// SetSerialNumber sets the SerialNumber field's value. +func (s *InputDeviceSummary) SetSerialNumber(v string) *InputDeviceSummary { + s.SerialNumber = &v return s } -// SetNetworkInterfaceId sets the NetworkInterfaceId field's value. -func (s *InputDestinationVpc) SetNetworkInterfaceId(v string) *InputDestinationVpc { - s.NetworkInterfaceId = &v +// SetType sets the Type field's value. +func (s *InputDeviceSummary) SetType(v string) *InputDeviceSummary { + s.Type = &v return s } @@ -14070,6 +14916,13 @@ type InputSettings struct { // Input settings. NetworkInputSettings *NetworkInputSettings `locationName:"networkInputSettings" type:"structure"` + // Specifies whether to extract applicable ancillary data from a SMPTE-2038 + // source in this input. Applicable data types are captions, timecode, AFD, + // and SCTE-104 messages.- PREFER: Extract from SMPTE-2038 if present in this + // input, otherwise extract from another source (if any).- IGNORE: Never extract + // any ancillary data from SMPTE-2038. + Smpte2038DataPreference *string `locationName:"smpte2038DataPreference" type:"string" enum:"Smpte2038DataPreference"` + // Loop input if it is a file. This allows a file input to be streamed indefinitely. SourceEndBehavior *string `locationName:"sourceEndBehavior" type:"string" enum:"InputSourceEndBehavior"` @@ -14163,6 +15016,12 @@ func (s *InputSettings) SetNetworkInputSettings(v *NetworkInputSettings) *InputS return s } +// SetSmpte2038DataPreference sets the Smpte2038DataPreference field's value. +func (s *InputSettings) SetSmpte2038DataPreference(v string) *InputSettings { + s.Smpte2038DataPreference = &v + return s +} + // SetSourceEndBehavior sets the SourceEndBehavior field's value. func (s *InputSettings) SetSourceEndBehavior(v string) *InputSettings { s.SourceEndBehavior = &v @@ -14637,6 +15496,79 @@ func (s *ListChannelsOutput) SetNextToken(v string) *ListChannelsOutput { return s } +type ListInputDevicesInput struct { + _ struct{} `type:"structure"` + + MaxResults *int64 `location:"querystring" locationName:"maxResults" min:"1" type:"integer"` + + NextToken *string `location:"querystring" locationName:"nextToken" type:"string"` +} + +// String returns the string representation +func (s ListInputDevicesInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ListInputDevicesInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *ListInputDevicesInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ListInputDevicesInput"} + if s.MaxResults != nil && *s.MaxResults < 1 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetMaxResults sets the MaxResults field's value. +func (s *ListInputDevicesInput) SetMaxResults(v int64) *ListInputDevicesInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *ListInputDevicesInput) SetNextToken(v string) *ListInputDevicesInput { + s.NextToken = &v + return s +} + +type ListInputDevicesOutput struct { + _ struct{} `type:"structure"` + + InputDevices []*InputDeviceSummary `locationName:"inputDevices" type:"list"` + + NextToken *string `locationName:"nextToken" type:"string"` +} + +// String returns the string representation +func (s ListInputDevicesOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ListInputDevicesOutput) GoString() string { + return s.String() +} + +// SetInputDevices sets the InputDevices field's value. +func (s *ListInputDevicesOutput) SetInputDevices(v []*InputDeviceSummary) *ListInputDevicesOutput { + s.InputDevices = v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *ListInputDevicesOutput) SetNextToken(v string) *ListInputDevicesOutput { + s.NextToken = &v + return s +} + type ListInputSecurityGroupsInput struct { _ struct{} `type:"structure"` @@ -15505,7 +16437,7 @@ type M2tsSettings struct { SegmentationStyle *string `locationName:"segmentationStyle" type:"string" enum:"M2tsSegmentationStyle"` // The length in seconds of each segment. Required unless markers is set to - // None_. + // _none_. SegmentationTime *float64 `locationName:"segmentationTime" type:"double"` // When set to passthrough, timed metadata will be passed through from input @@ -16218,8 +17150,8 @@ func (s *Mp2Settings) SetSampleRate(v float64) *Mp2Settings { type MsSmoothGroupSettings struct { _ struct{} `type:"structure"` - // The value of the "Acquisition Point Identity" element used in each message - // placed in the sparse track. Only enabled if sparseTrackType is not "none". + // The ID to include in each message in the sparse track. Ignored if sparseTrackType + // is NONE. AcquisitionPointId *string `locationName:"acquisitionPointId" type:"string"` // If set to passthrough for an audio-only MS Smooth output, the fragment absolute @@ -16282,10 +17214,12 @@ type MsSmoothGroupSettings struct { // Number of milliseconds to delay the output from the second pipeline. SendDelayMs *int64 `locationName:"sendDelayMs" type:"integer"` - // If set to scte35, use incoming SCTE-35 messages to generate a sparse track - // in this group of MS-Smooth outputs. scte35WithoutSegmentation is the same - // as scte35, except EML will not start a new segment at a SCTE-35 marker. It - // will still encode an IDR frame at a SCTE-35 marker. + // Identifies the type of data to place in the sparse track:- SCTE35: Insert + // SCTE-35 messages from the source content. With each message, insert an IDR + // frame to start a new segment.- SCTE35_WITHOUT_SEGMENTATION: Insert SCTE-35 + // messages from the source content. With each message, insert an IDR frame + // but don't start a new segment.- NONE: Don't generate a sparse track for any + // outputs in this output group. SparseTrackType *string `locationName:"sparseTrackType" type:"string" enum:"SmoothGroupSparseTrackType"` // When set to send, send stream manifest so publishing point doesn't start @@ -21008,12 +21942,14 @@ func (s *TeletextSourceSettings) SetPageNumber(v string) *TeletextSourceSettings type TemporalFilterSettings struct { _ struct{} `type:"structure"` - // If set to "ENABLED," applies post-filter sharpening to improve visual quality. - // This is most beneficial when using a noisy or compressed input source and - // low output bitrates. + // If you enable this filter, the results are the following:- If the source + // content is noisy (it contains excessive digital artifacts), the filter cleans + // up the source.- If the source content is already clean, the filter tends + // to decrease the bitrate, especially when the rate control mode is QVBR. PostFilterSharpening *string `locationName:"postFilterSharpening" type:"string" enum:"TemporalFilterPostFilterSharpening"` - // Filter strength. A higher value produces stronger filtering. + // Choose a filter strength. We recommend a strength of 1 or 2. A higher strength + // might take out good information, resulting in an image that is overly soft. Strength *string `locationName:"strength" type:"string" enum:"TemporalFilterStrength"` } @@ -21646,11 +22582,174 @@ func (s *UpdateChannelOutput) SetChannel(v *Channel) *UpdateChannelOutput { return s } +type UpdateInputDeviceInput struct { + _ struct{} `type:"structure"` + + // Configurable settings for the input device. + HdDeviceSettings *InputDeviceConfigurableSettings `locationName:"hdDeviceSettings" type:"structure"` + + // InputDeviceId is a required field + InputDeviceId *string `location:"uri" locationName:"inputDeviceId" type:"string" required:"true"` + + Name *string `locationName:"name" type:"string"` +} + +// String returns the string representation +func (s UpdateInputDeviceInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s UpdateInputDeviceInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *UpdateInputDeviceInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "UpdateInputDeviceInput"} + if s.InputDeviceId == nil { + invalidParams.Add(request.NewErrParamRequired("InputDeviceId")) + } + if s.InputDeviceId != nil && len(*s.InputDeviceId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("InputDeviceId", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetHdDeviceSettings sets the HdDeviceSettings field's value. +func (s *UpdateInputDeviceInput) SetHdDeviceSettings(v *InputDeviceConfigurableSettings) *UpdateInputDeviceInput { + s.HdDeviceSettings = v + return s +} + +// SetInputDeviceId sets the InputDeviceId field's value. +func (s *UpdateInputDeviceInput) SetInputDeviceId(v string) *UpdateInputDeviceInput { + s.InputDeviceId = &v + return s +} + +// SetName sets the Name field's value. +func (s *UpdateInputDeviceInput) SetName(v string) *UpdateInputDeviceInput { + s.Name = &v + return s +} + +type UpdateInputDeviceOutput struct { + _ struct{} `type:"structure"` + + Arn *string `locationName:"arn" type:"string"` + + // The state of the connection between the input device and AWS. + ConnectionState *string `locationName:"connectionState" type:"string" enum:"InputDeviceConnectionState"` + + // The status of the action to synchronize the device configuration. If you + // change the configuration of the input device (for example, the maximum bitrate), + // MediaLive sends the new data to the device. The device might not update itself + // immediately. SYNCED means the device has updated its configuration. SYNCING + // means that it has not updated its configuration. + DeviceSettingsSyncState *string `locationName:"deviceSettingsSyncState" type:"string" enum:"DeviceSettingsSyncState"` + + // Settings that describe the active source from the input device, and the video + // characteristics of that source. + HdDeviceSettings *InputDeviceHdSettings `locationName:"hdDeviceSettings" type:"structure"` + + Id *string `locationName:"id" type:"string"` + + MacAddress *string `locationName:"macAddress" type:"string"` + + Name *string `locationName:"name" type:"string"` + + // The network settings for the input device. + NetworkSettings *InputDeviceNetworkSettings `locationName:"networkSettings" type:"structure"` + + SerialNumber *string `locationName:"serialNumber" type:"string"` + + // The type of the input device. For an AWS Elemental Link device that outputs + // resolutions up to 1080, choose "HD". + Type *string `locationName:"type" type:"string" enum:"InputDeviceType"` +} + +// String returns the string representation +func (s UpdateInputDeviceOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s UpdateInputDeviceOutput) GoString() string { + return s.String() +} + +// SetArn sets the Arn field's value. +func (s *UpdateInputDeviceOutput) SetArn(v string) *UpdateInputDeviceOutput { + s.Arn = &v + return s +} + +// SetConnectionState sets the ConnectionState field's value. +func (s *UpdateInputDeviceOutput) SetConnectionState(v string) *UpdateInputDeviceOutput { + s.ConnectionState = &v + return s +} + +// SetDeviceSettingsSyncState sets the DeviceSettingsSyncState field's value. +func (s *UpdateInputDeviceOutput) SetDeviceSettingsSyncState(v string) *UpdateInputDeviceOutput { + s.DeviceSettingsSyncState = &v + return s +} + +// SetHdDeviceSettings sets the HdDeviceSettings field's value. +func (s *UpdateInputDeviceOutput) SetHdDeviceSettings(v *InputDeviceHdSettings) *UpdateInputDeviceOutput { + s.HdDeviceSettings = v + return s +} + +// SetId sets the Id field's value. +func (s *UpdateInputDeviceOutput) SetId(v string) *UpdateInputDeviceOutput { + s.Id = &v + return s +} + +// SetMacAddress sets the MacAddress field's value. +func (s *UpdateInputDeviceOutput) SetMacAddress(v string) *UpdateInputDeviceOutput { + s.MacAddress = &v + return s +} + +// SetName sets the Name field's value. +func (s *UpdateInputDeviceOutput) SetName(v string) *UpdateInputDeviceOutput { + s.Name = &v + return s +} + +// SetNetworkSettings sets the NetworkSettings field's value. +func (s *UpdateInputDeviceOutput) SetNetworkSettings(v *InputDeviceNetworkSettings) *UpdateInputDeviceOutput { + s.NetworkSettings = v + return s +} + +// SetSerialNumber sets the SerialNumber field's value. +func (s *UpdateInputDeviceOutput) SetSerialNumber(v string) *UpdateInputDeviceOutput { + s.SerialNumber = &v + return s +} + +// SetType sets the Type field's value. +func (s *UpdateInputDeviceOutput) SetType(v string) *UpdateInputDeviceOutput { + s.Type = &v + return s +} + type UpdateInputInput struct { _ struct{} `type:"structure"` Destinations []*InputDestinationRequest `locationName:"destinations" type:"list"` + InputDevices []*InputDeviceRequest `locationName:"inputDevices" type:"list"` + // InputId is a required field InputId *string `location:"uri" locationName:"inputId" type:"string" required:"true"` @@ -21697,6 +22796,12 @@ func (s *UpdateInputInput) SetDestinations(v []*InputDestinationRequest) *Update return s } +// SetInputDevices sets the InputDevices field's value. +func (s *UpdateInputInput) SetInputDevices(v []*InputDeviceRequest) *UpdateInputInput { + s.InputDevices = v + return s +} + // SetInputId sets the InputId field's value. func (s *UpdateInputInput) SetInputId(v string) *UpdateInputInput { s.InputId = &v @@ -22081,8 +23186,10 @@ func (s *UpdateReservationOutput) SetReservation(v *Reservation) *UpdateReservat type ValidationError struct { _ struct{} `type:"structure"` + // Path to the source of the error. ElementPath *string `locationName:"elementPath" type:"string"` + // The error message. ErrorMessage *string `locationName:"errorMessage" type:"string"` } @@ -22197,15 +23304,15 @@ type VideoDescription struct { // Indicates how to respond to the AFD values in the input stream. RESPOND causes // input video to be clipped, depending on the AFD value, input display aspect - // ratio, and output display aspect ratio, and (except for FRAMECAPTURE codec) - // includes the values in the output. PASSTHROUGH (does not apply to FRAMECAPTURE + // ratio, and output display aspect ratio, and (except for FRAME_CAPTURE codec) + // includes the values in the output. PASSTHROUGH (does not apply to FRAME_CAPTURE // codec) ignores the AFD values and includes the values in the output, so input // video is not clipped. NONE ignores the AFD values and does not include the // values through to the output, so input video is not clipped. RespondToAfd *string `locationName:"respondToAfd" type:"string" enum:"VideoDescriptionRespondToAfd"` - // STRETCHTOOUTPUT configures the output position to stretch the video to the - // specified output resolution (height and width). This option will override + // STRETCH_TO_OUTPUT configures the output position to stretch the video to + // the specified output resolution (height and width). This option will override // any position value. DEFAULT may insert black boxes (pillar boxes or letter // boxes) around the video to provide the specified output resolution. ScalingBehavior *string `locationName:"scalingBehavior" type:"string" enum:"VideoDescriptionScalingBehavior"` @@ -22853,6 +23960,19 @@ const ( ChannelStateUpdateFailed = "UPDATE_FAILED" ) +// The status of the action to synchronize the device configuration. If you +// change the configuration of the input device (for example, the maximum bitrate), +// MediaLive sends the new data to the device. The device might not update itself +// immediately. SYNCED means the device has updated its configuration. SYNCING +// means that it has not updated its configuration. +const ( + // DeviceSettingsSyncStateSynced is a DeviceSettingsSyncState enum value + DeviceSettingsSyncStateSynced = "SYNCED" + + // DeviceSettingsSyncStateSyncing is a DeviceSettingsSyncState enum value + DeviceSettingsSyncStateSyncing = "SYNCING" +) + // Dvb Sdt Output Sdt const ( // DvbSdtOutputSdtSdtFollow is a DvbSdtOutputSdt enum value @@ -23962,6 +25082,71 @@ const ( InputDenoiseFilterEnabled = "ENABLED" ) +// The source at the input device that is currently active. +const ( + // InputDeviceActiveInputHdmi is a InputDeviceActiveInput enum value + InputDeviceActiveInputHdmi = "HDMI" + + // InputDeviceActiveInputSdi is a InputDeviceActiveInput enum value + InputDeviceActiveInputSdi = "SDI" +) + +// The source to activate (use) from the input device. +const ( + // InputDeviceConfiguredInputAuto is a InputDeviceConfiguredInput enum value + InputDeviceConfiguredInputAuto = "AUTO" + + // InputDeviceConfiguredInputHdmi is a InputDeviceConfiguredInput enum value + InputDeviceConfiguredInputHdmi = "HDMI" + + // InputDeviceConfiguredInputSdi is a InputDeviceConfiguredInput enum value + InputDeviceConfiguredInputSdi = "SDI" +) + +// The state of the connection between the input device and AWS. +const ( + // InputDeviceConnectionStateDisconnected is a InputDeviceConnectionState enum value + InputDeviceConnectionStateDisconnected = "DISCONNECTED" + + // InputDeviceConnectionStateConnected is a InputDeviceConnectionState enum value + InputDeviceConnectionStateConnected = "CONNECTED" +) + +// Specifies whether the input device has been configured (outside of MediaLive) +// to use a dynamic IP address assignment (DHCP) or a static IP address. +const ( + // InputDeviceIpSchemeStatic is a InputDeviceIpScheme enum value + InputDeviceIpSchemeStatic = "STATIC" + + // InputDeviceIpSchemeDhcp is a InputDeviceIpScheme enum value + InputDeviceIpSchemeDhcp = "DHCP" +) + +// The scan type of the video source. +const ( + // InputDeviceScanTypeInterlaced is a InputDeviceScanType enum value + InputDeviceScanTypeInterlaced = "INTERLACED" + + // InputDeviceScanTypeProgressive is a InputDeviceScanType enum value + InputDeviceScanTypeProgressive = "PROGRESSIVE" +) + +// The state of the input device. +const ( + // InputDeviceStateIdle is a InputDeviceState enum value + InputDeviceStateIdle = "IDLE" + + // InputDeviceStateStreaming is a InputDeviceState enum value + InputDeviceStateStreaming = "STREAMING" +) + +// The type of the input device. For an AWS Elemental Link device that outputs +// resolutions up to 1080, choose "HD". +const ( + // InputDeviceTypeHd is a InputDeviceType enum value + InputDeviceTypeHd = "HD" +) + // Input Filter const ( // InputFilterAuto is a InputFilter enum value @@ -24148,6 +25333,9 @@ const ( // InputTypeMediaconnect is a InputType enum value InputTypeMediaconnect = "MEDIACONNECT" + + // InputTypeInputDevice is a InputType enum value + InputTypeInputDevice = "INPUT_DEVICE" ) // If you specify a StopTimecode in an input (in order to clip the file), you @@ -24821,6 +26009,15 @@ const ( SmoothGroupTimestampOffsetModeUseEventStartDate = "USE_EVENT_START_DATE" ) +// Smpte2038 Data Preference +const ( + // Smpte2038DataPreferenceIgnore is a Smpte2038DataPreference enum value + Smpte2038DataPreferenceIgnore = "IGNORE" + + // Smpte2038DataPreferencePrefer is a Smpte2038DataPreference enum value + Smpte2038DataPreferencePrefer = "PREFER" +) + // Temporal Filter Post Filter Sharpening const ( // TemporalFilterPostFilterSharpeningAuto is a TemporalFilterPostFilterSharpening enum value @@ -24841,27 +26038,6 @@ const ( // TemporalFilterStrengthStrength1 is a TemporalFilterStrength enum value TemporalFilterStrengthStrength1 = "STRENGTH_1" - // TemporalFilterStrengthStrength10 is a TemporalFilterStrength enum value - TemporalFilterStrengthStrength10 = "STRENGTH_10" - - // TemporalFilterStrengthStrength11 is a TemporalFilterStrength enum value - TemporalFilterStrengthStrength11 = "STRENGTH_11" - - // TemporalFilterStrengthStrength12 is a TemporalFilterStrength enum value - TemporalFilterStrengthStrength12 = "STRENGTH_12" - - // TemporalFilterStrengthStrength13 is a TemporalFilterStrength enum value - TemporalFilterStrengthStrength13 = "STRENGTH_13" - - // TemporalFilterStrengthStrength14 is a TemporalFilterStrength enum value - TemporalFilterStrengthStrength14 = "STRENGTH_14" - - // TemporalFilterStrengthStrength15 is a TemporalFilterStrength enum value - TemporalFilterStrengthStrength15 = "STRENGTH_15" - - // TemporalFilterStrengthStrength16 is a TemporalFilterStrength enum value - TemporalFilterStrengthStrength16 = "STRENGTH_16" - // TemporalFilterStrengthStrength2 is a TemporalFilterStrength enum value TemporalFilterStrengthStrength2 = "STRENGTH_2" @@ -24885,6 +26061,27 @@ const ( // TemporalFilterStrengthStrength9 is a TemporalFilterStrength enum value TemporalFilterStrengthStrength9 = "STRENGTH_9" + + // TemporalFilterStrengthStrength10 is a TemporalFilterStrength enum value + TemporalFilterStrengthStrength10 = "STRENGTH_10" + + // TemporalFilterStrengthStrength11 is a TemporalFilterStrength enum value + TemporalFilterStrengthStrength11 = "STRENGTH_11" + + // TemporalFilterStrengthStrength12 is a TemporalFilterStrength enum value + TemporalFilterStrengthStrength12 = "STRENGTH_12" + + // TemporalFilterStrengthStrength13 is a TemporalFilterStrength enum value + TemporalFilterStrengthStrength13 = "STRENGTH_13" + + // TemporalFilterStrengthStrength14 is a TemporalFilterStrength enum value + TemporalFilterStrengthStrength14 = "STRENGTH_14" + + // TemporalFilterStrengthStrength15 is a TemporalFilterStrength enum value + TemporalFilterStrengthStrength15 = "STRENGTH_15" + + // TemporalFilterStrengthStrength16 is a TemporalFilterStrength enum value + TemporalFilterStrengthStrength16 = "STRENGTH_16" ) // Timecode Config Source diff --git a/vendor/github.com/aws/aws-sdk-go/service/medialive/waiters.go b/vendor/github.com/aws/aws-sdk-go/service/medialive/waiters.go index 0ad1f21b249..88b51e2ab9e 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/medialive/waiters.go +++ b/vendor/github.com/aws/aws-sdk-go/service/medialive/waiters.go @@ -238,6 +238,179 @@ func (c *MediaLive) WaitUntilChannelStoppedWithContext(ctx aws.Context, input *D return w.WaitWithContext(ctx) } +// WaitUntilInputAttached uses the MediaLive API operation +// DescribeInput to wait for a condition to be met before returning. +// If the condition is not met within the max attempt window, an error will +// be returned. +func (c *MediaLive) WaitUntilInputAttached(input *DescribeInputInput) error { + return c.WaitUntilInputAttachedWithContext(aws.BackgroundContext(), input) +} + +// WaitUntilInputAttachedWithContext is an extended version of WaitUntilInputAttached. +// With the support for passing in a context and options to configure the +// Waiter and the underlying request options. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *MediaLive) WaitUntilInputAttachedWithContext(ctx aws.Context, input *DescribeInputInput, opts ...request.WaiterOption) error { + w := request.Waiter{ + Name: "WaitUntilInputAttached", + MaxAttempts: 20, + Delay: request.ConstantWaiterDelay(5 * time.Second), + Acceptors: []request.WaiterAcceptor{ + { + State: request.SuccessWaiterState, + Matcher: request.PathWaiterMatch, Argument: "State", + Expected: "ATTACHED", + }, + { + State: request.RetryWaiterState, + Matcher: request.PathWaiterMatch, Argument: "State", + Expected: "DETACHED", + }, + { + State: request.RetryWaiterState, + Matcher: request.StatusWaiterMatch, + Expected: 500, + }, + }, + Logger: c.Config.Logger, + NewRequest: func(opts []request.Option) (*request.Request, error) { + var inCpy *DescribeInputInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeInputRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + w.ApplyOptions(opts...) + + return w.WaitWithContext(ctx) +} + +// WaitUntilInputDeleted uses the MediaLive API operation +// DescribeInput to wait for a condition to be met before returning. +// If the condition is not met within the max attempt window, an error will +// be returned. +func (c *MediaLive) WaitUntilInputDeleted(input *DescribeInputInput) error { + return c.WaitUntilInputDeletedWithContext(aws.BackgroundContext(), input) +} + +// WaitUntilInputDeletedWithContext is an extended version of WaitUntilInputDeleted. +// With the support for passing in a context and options to configure the +// Waiter and the underlying request options. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *MediaLive) WaitUntilInputDeletedWithContext(ctx aws.Context, input *DescribeInputInput, opts ...request.WaiterOption) error { + w := request.Waiter{ + Name: "WaitUntilInputDeleted", + MaxAttempts: 20, + Delay: request.ConstantWaiterDelay(5 * time.Second), + Acceptors: []request.WaiterAcceptor{ + { + State: request.SuccessWaiterState, + Matcher: request.PathWaiterMatch, Argument: "State", + Expected: "DELETED", + }, + { + State: request.RetryWaiterState, + Matcher: request.PathWaiterMatch, Argument: "State", + Expected: "DELETING", + }, + { + State: request.RetryWaiterState, + Matcher: request.StatusWaiterMatch, + Expected: 500, + }, + }, + Logger: c.Config.Logger, + NewRequest: func(opts []request.Option) (*request.Request, error) { + var inCpy *DescribeInputInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeInputRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + w.ApplyOptions(opts...) + + return w.WaitWithContext(ctx) +} + +// WaitUntilInputDetached uses the MediaLive API operation +// DescribeInput to wait for a condition to be met before returning. +// If the condition is not met within the max attempt window, an error will +// be returned. +func (c *MediaLive) WaitUntilInputDetached(input *DescribeInputInput) error { + return c.WaitUntilInputDetachedWithContext(aws.BackgroundContext(), input) +} + +// WaitUntilInputDetachedWithContext is an extended version of WaitUntilInputDetached. +// With the support for passing in a context and options to configure the +// Waiter and the underlying request options. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *MediaLive) WaitUntilInputDetachedWithContext(ctx aws.Context, input *DescribeInputInput, opts ...request.WaiterOption) error { + w := request.Waiter{ + Name: "WaitUntilInputDetached", + MaxAttempts: 84, + Delay: request.ConstantWaiterDelay(5 * time.Second), + Acceptors: []request.WaiterAcceptor{ + { + State: request.SuccessWaiterState, + Matcher: request.PathWaiterMatch, Argument: "State", + Expected: "DETACHED", + }, + { + State: request.RetryWaiterState, + Matcher: request.PathWaiterMatch, Argument: "State", + Expected: "CREATING", + }, + { + State: request.RetryWaiterState, + Matcher: request.PathWaiterMatch, Argument: "State", + Expected: "ATTACHED", + }, + { + State: request.RetryWaiterState, + Matcher: request.StatusWaiterMatch, + Expected: 500, + }, + }, + Logger: c.Config.Logger, + NewRequest: func(opts []request.Option) (*request.Request, error) { + var inCpy *DescribeInputInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeInputRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + w.ApplyOptions(opts...) + + return w.WaitWithContext(ctx) +} + // WaitUntilMultiplexCreated uses the MediaLive API operation // DescribeMultiplex to wait for a condition to be met before returning. // If the condition is not met within the max attempt window, an error will diff --git a/vendor/github.com/aws/aws-sdk-go/service/securityhub/api.go b/vendor/github.com/aws/aws-sdk-go/service/securityhub/api.go index 5bd00bd6b12..b5119d0d2d8 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/securityhub/api.go +++ b/vendor/github.com/aws/aws-sdk-go/service/securityhub/api.go @@ -781,10 +781,10 @@ func (c *SecurityHub) CreateMembersRequest(input *CreateMembersInput) (req *requ // Security Hub and become member accounts in Security Hub. // // If the account owner accepts the invitation, the account becomes a member -// account in Security Hub, and a permission policy is added that permits the -// master account to view the findings generated in the member account. When -// Security Hub is enabled in the invited account, findings start to be sent -// to both the member and master accounts. +// account in Security Hub. A permissions policy is added that permits the master +// account to view the findings generated in the member account. When Security +// Hub is enabled in the invited account, findings start to be sent to both +// the member and master accounts. // // To remove the association between the master and member accounts, use the // DisassociateFromMasterAccount or DisassociateMembers operation. @@ -2418,7 +2418,7 @@ func (c *SecurityHub) EnableImportFindingsForProductRequest(input *EnableImportF // Enables the integration of a partner product with Security Hub. Integrated // products send findings to Security Hub. // -// When you enable a product integration, a permission policy that grants permission +// When you enable a product integration, a permissions policy that grants permission // for the product to send findings to Security Hub is applied. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -2521,9 +2521,17 @@ func (c *SecurityHub) EnableSecurityHubRequest(input *EnableSecurityHubInput) (r // Hub. // // When you use the EnableSecurityHub operation to enable Security Hub, you -// also automatically enable the CIS AWS Foundations standard. You do not enable -// the Payment Card Industry Data Security Standard (PCI DSS) standard. To not -// enable the CIS AWS Foundations standard, set EnableDefaultStandards to false. +// also automatically enable the following standards. +// +// * CIS AWS Foundations +// +// * AWS Foundational Security Best Practices +// +// You do not enable the Payment Card Industry Data Security Standard (PCI DSS) +// standard. +// +// To not enable the automatically enabled standards, set EnableDefaultStandards +// to false. // // After you enable Security Hub, to enable a standard, use the BatchEnableStandards // operation. To disable a standard, use the BatchDisableStandards operation. @@ -4946,8 +4954,8 @@ func (s *AwsCloudFrontDistributionLogging) SetPrefix(v string) *AwsCloudFrontDis } // A complex type that describes the Amazon S3 bucket, HTTP server (for example, -// a web server), Amazon MediaStore, or other server from which CloudFront gets -// your files. +// a web server), Amazon Elemental MediaStore, or other server from which CloudFront +// gets your files. type AwsCloudFrontDistributionOriginItem struct { _ struct{} `type:"structure"` @@ -5118,20 +5126,20 @@ type AwsCodeBuildProjectEnvironment struct { // The type of build environment to use for related builds. // - // The environment type ARM_CONTAINER is available only in regions US East (N. + // The environment type ARM_CONTAINER is available only in Regions US East (N. // Virginia), US East (Ohio), US West (Oregon), Europe (Ireland), Asia Pacific // (Mumbai), Asia Pacific (Tokyo), Asia Pacific (Sydney), and Europe (Frankfurt). // // The environment type LINUX_CONTAINER with compute type build.general1.2xlarge - // is available only in regions US East (N. Virginia), US East (N. Virginia), + // is available only in Regions US East (N. Virginia), US East (N. Virginia), // US West (Oregon), Canada (Central), Europe (Ireland), Europe (London), Europe // (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Seoul), Asia Pacific (Singapore), // Asia Pacific (Sydney), China (Beijing), and China (Ningxia). // - // The environment type LINUX_GPU_CONTAINER is available only in regions US + // The environment type LINUX_GPU_CONTAINER is available only in Regions US // East (N. Virginia), US East (N. Virginia), US West (Oregon), Canada (Central), // Europe (Ireland), Europe (London), Europe (Frankfurt), Asia Pacific (Tokyo), - // Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney) , China + // Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney), China // (Beijing), and China (Ningxia). // // Valid values: WINDOWS_CONTAINER | LINUX_CONTAINER | LINUX_GPU_CONTAINER | @@ -5232,7 +5240,7 @@ type AwsCodeBuildProjectSource struct { // uses the settings in a pipeline's source action instead of this value. // // * For source code in an AWS CodeCommit repository, the HTTPS clone URL - // to the repository that contains the source code and the buildspec file + // to the repository that contains the source code and the build spec file // (for example, https://git-codecommit.region-ID.amazonaws.com/v1/repos/repo-name // ). // @@ -5241,10 +5249,10 @@ type AwsCodeBuildProjectSource struct { // The path to the folder that contains the source code (for example, bucket-name/path/to/source-code/folder/). // // * For source code in a GitHub repository, the HTTPS clone URL to the repository - // that contains the source and the buildspec file. + // that contains the source and the build spec file. // // * For source code in a Bitbucket repository, the HTTPS clone URL to the - // repository that contains the source and the buildspec file. + // repository that contains the source and the build spec file. Location *string `type:"string"` // The type of repository that contains the source code to be built. Valid values @@ -5775,9 +5783,9 @@ func (s *AwsEc2SecurityGroupIpPermission) SetUserIdGroupPairs(v []*AwsEc2Securit type AwsEc2SecurityGroupIpRange struct { _ struct{} `type:"structure"` - // The IPv4 CIDR range. You can either specify either a CIDR range or a source - // security group, but not both. To specify a single IPv4 address, use the /32 - // prefix length. + // The IPv4 CIDR range. You can specify either a CIDR range or a source security + // group, but not both. To specify a single IPv4 address, use the /32 prefix + // length. CidrIp *string `type:"string"` } @@ -5801,9 +5809,9 @@ func (s *AwsEc2SecurityGroupIpRange) SetCidrIp(v string) *AwsEc2SecurityGroupIpR type AwsEc2SecurityGroupIpv6Range struct { _ struct{} `type:"structure"` - // The IPv6 CIDR range. You can either specify either a CIDR range or a source - // security group, but not both. To specify a single IPv6 address, use the /128 - // prefix length. + // The IPv6 CIDR range. You can specify either a CIDR range or a source security + // group, but not both. To specify a single IPv6 address, use the /128 prefix + // length. CidrIpv6 *string `type:"string"` } @@ -6959,7 +6967,7 @@ func (s *AwsLambdaFunctionVpcConfig) SetVpcId(v string) *AwsLambdaFunctionVpcCon type AwsLambdaLayerVersionDetails struct { _ struct{} `type:"structure"` - // The layer's compatible runtimes. Maximum number of 5 items. + // The layer's compatible runtimes. Maximum number of five items. // // Valid values: nodejs10.x | nodejs12.x | java8 | java11 | python2.7 | python3.6 // | python3.7 | python3.8 | dotnetcore1.0 | dotnetcore2.1 | go1.x | ruby2.5 @@ -7015,12 +7023,12 @@ type AwsRdsDbInstanceAssociatedRole struct { // Describes the state of the association between the IAM role and the DB instance. // The Status property returns one of the following values: // - // * ACTIVE - the IAM role ARN is associated with the DB instance and can + // * ACTIVE - The IAM role ARN is associated with the DB instance and can // be used to access other AWS services on your behalf. // - // * PENDING - the IAM role ARN is being associated with the DB instance. + // * PENDING - The IAM role ARN is being associated with the DB instance. // - // * INVALID - the IAM role ARN is associated with the DB instance, but the + // * INVALID - The IAM role ARN is associated with the DB instance. But the // DB instance is unable to assume the IAM role in order to access other // AWS services on your behalf. Status *string `type:"string"` @@ -7466,7 +7474,7 @@ type AwsS3BucketServerSideEncryptionRule struct { _ struct{} `type:"structure"` // Specifies the default server-side encryption to apply to new objects in the - // bucket. If a PUT Object request doesn't specify any server-side encryption, + // bucket. If a PUT object request doesn't specify any server-side encryption, // this default encryption is applied. ApplyServerSideEncryptionByDefault *AwsS3BucketServerSideEncryptionByDefault `type:"structure"` } @@ -7487,7 +7495,7 @@ func (s *AwsS3BucketServerSideEncryptionRule) SetApplyServerSideEncryptionByDefa return s } -// Details about an AWS S3 object. +// Details about an Amazon S3 object. type AwsS3ObjectDetails struct { _ struct{} `type:"structure"` @@ -7611,7 +7619,7 @@ type AwsSecurityFinding struct { // The identifier for the solution-specific component (a discrete unit of logic) // that generated a finding. In various security-findings providers' solutions, - // this generator can be called a rule, a check, a detector, a plug-in, etc. + // this generator can be called a rule, a check, a detector, a plugin, etc. // // GeneratorId is a required field GeneratorId *string `type:"string" required:"true"` @@ -7766,6 +7774,11 @@ func (s *AwsSecurityFinding) Validate() error { if s.UpdatedAt == nil { invalidParams.Add(request.NewErrParamRequired("UpdatedAt")) } + if s.Compliance != nil { + if err := s.Compliance.Validate(); err != nil { + invalidParams.AddNested("Compliance", err.(request.ErrInvalidParams)) + } + } if s.Malware != nil { for i, v := range s.Malware { if v == nil { @@ -8038,7 +8051,7 @@ type AwsSecurityFindingFilters struct { // The identifier for the solution-specific component (a discrete unit of logic) // that generated a finding. In various security-findings providers' solutions, - // this generator can be called a rule, a check, a detector, a plug-in, etc. + // this generator can be called a rule, a check, a detector, a plugin, etc. GeneratorId []*StringFilter `type:"list"` // The security findings provider-specific identifier for a finding. @@ -8865,7 +8878,7 @@ func (s *AwsSecurityFindingIdentifier) SetProductArn(v string) *AwsSecurityFindi type AwsSnsTopicDetails struct { _ struct{} `type:"structure"` - // The ID of an AWS-managed customer master key (CMK) for Amazon SNS or a custom + // The ID of an AWS managed customer master key (CMK) for Amazon SNS or a custom // CMK. KmsMasterKeyId *string `type:"string"` @@ -8959,7 +8972,7 @@ type AwsSqsQueueDetails struct { // to encrypt or decrypt messages before calling AWS KMS again. KmsDataKeyReusePeriodSeconds *int64 `type:"integer"` - // The ID of an AWS-managed customer master key (CMK) for Amazon SQS or a custom + // The ID of an AWS managed customer master key (CMK) for Amazon SQS or a custom // CMK. KmsMasterKeyId *string `type:"string"` @@ -9005,7 +9018,7 @@ func (s *AwsSqsQueueDetails) SetQueueName(v string) *AwsSqsQueueDetails { type AwsWafWebAclDetails struct { _ struct{} `type:"structure"` - // The action to perform if none of the Rules contained in the WebACL match. + // The action to perform if none of the rules contained in the WebACL match. DefaultAction *string `type:"string"` // A friendly name or description of the WebACL. You can't change the name of @@ -9059,7 +9072,7 @@ type AwsWafWebAclRule struct { _ struct{} `type:"structure"` // Specifies the action that CloudFront or AWS WAF takes when a web request - // matches the conditions in the Rule. + // matches the conditions in the rule. Action *WafAction `type:"structure"` // Rules to exclude from a rule group. @@ -9081,13 +9094,13 @@ type AwsWafWebAclRule struct { // update requests, ActivatedRule|Action is used instead of ActivatedRule|OverrideAction. OverrideAction *WafOverrideAction `type:"structure"` - // Specifies the order in which the Rules in a WebACL are evaluated. Rules with - // a lower value for Priority are evaluated before Rules with a higher value. - // The value must be a unique integer. If you add multiple Rules to a WebACL, + // Specifies the order in which the rules in a WebACL are evaluated. Rules with + // a lower value for Priority are evaluated before rules with a higher value. + // The value must be a unique integer. If you add multiple rules to a WebACL, // the values do not need to be consecutive. Priority *int64 `type:"integer"` - // The identifier for a Rule. + // The identifier for a rule. RuleId *string `type:"string"` // The rule type. @@ -9648,28 +9661,34 @@ func (s *BatchUpdateFindingsUnprocessedFinding) SetFindingIdentifier(v *AwsSecur return s } -// Exclusive to findings that are generated as the result of a check run against -// a specific rule in a supported security standard, such as CIS AWS Foundations. -// Contains security standard-related finding details. -// -// Values include the following: -// -// * Allowed values are the following: PASSED - Standards check passed for -// all evaluated resources. WARNING - Some information is missing or this -// check is not supported given your configuration. FAILED - Standards check -// failed for at least one evaluated resource. NOT_AVAILABLE - Check could -// not be performed due to a service outage, API error, or because the result -// of the AWS Config evaluation was NOT_APPLICABLE. If the AWS Config evaluation -// result was NOT_APPLICABLE, then after 3 days, Security Hub automatically -// archives the finding. +// Contains finding details that are specific to control-based findings. Only +// returned for findings generated from controls. type Compliance struct { _ struct{} `type:"structure"` - // List of requirements that are related to a standards control. + // For a control, the industry or regulatory framework requirements that are + // related to the control. The check for that control is aligned with these + // requirements. RelatedRequirements []*string `type:"list"` // The result of a standards check. + // + // The valid values for Status are as follows. + // + // * PASSED - Standards check passed for all evaluated resources. WARNING + // - Some information is missing or this check is not supported for your + // configuration. FAILED - Standards check failed for at least one evaluated + // resource. NOT_AVAILABLE - Check could not be performed due to a service + // outage, API error, or because the result of the AWS Config evaluation + // was NOT_APPLICABLE. If the AWS Config evaluation result was NOT_APPLICABLE, + // then after 3 days, Security Hub automatically archives the finding. Status *string `type:"string" enum:"ComplianceStatus"` + + // For findings generated from controls, a list of reasons behind the value + // of Status. For the list of status reason codes and their meanings, see Standards-related + // information in the ASFF (https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-standards-results.html#securityhub-standards-results-asff) + // in the AWS Security Hub User Guide. + StatusReasons []*StatusReason `type:"list"` } // String returns the string representation @@ -9682,6 +9701,26 @@ func (s Compliance) GoString() string { return s.String() } +// Validate inspects the fields of the type to determine if they are valid. +func (s *Compliance) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "Compliance"} + if s.StatusReasons != nil { + for i, v := range s.StatusReasons { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "StatusReasons", i), err.(request.ErrInvalidParams)) + } + } + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + // SetRelatedRequirements sets the RelatedRequirements field's value. func (s *Compliance) SetRelatedRequirements(v []*string) *Compliance { s.RelatedRequirements = v @@ -9694,6 +9733,12 @@ func (s *Compliance) SetStatus(v string) *Compliance { return s } +// SetStatusReasons sets the StatusReasons field's value. +func (s *Compliance) SetStatusReasons(v []*StatusReason) *Compliance { + s.StatusReasons = v + return s +} + // Container details related to a finding. type ContainerDetails struct { _ struct{} `type:"structure"` @@ -10987,7 +11032,7 @@ type EnableSecurityHubInput struct { // EnableDefaultStandards to false. EnableDefaultStandards *bool `type:"boolean"` - // The tags to add to the Hub resource when you enable Security Hub. + // The tags to add to the hub resource when you enable Security Hub. Tags map[string]*string `min:"1" type:"map"` } @@ -13417,7 +13462,7 @@ type ResourceDetails struct { // Details about an Amazon EC2 instance related to a finding. AwsEc2Instance *AwsEc2InstanceDetails `type:"structure"` - // Details for an AWS EC2 network interface. + // Details for an Amazon EC2 network interface. AwsEc2NetworkInterface *AwsEc2NetworkInterfaceDetails `type:"structure"` // Details for an EC2 security group. @@ -13444,10 +13489,10 @@ type ResourceDetails struct { // Details for a Lambda layer version. AwsLambdaLayerVersion *AwsLambdaLayerVersionDetails `type:"structure"` - // Details for an RDS database instance. + // Details for an Amazon RDS database instance. AwsRdsDbInstance *AwsRdsDbInstanceDetails `type:"structure"` - // Details about an Amazon S3 Bucket related to a finding. + // Details about an Amazon S3 bucket related to a finding. AwsS3Bucket *AwsS3BucketDetails `type:"structure"` // Details about an Amazon S3 object related to a finding. @@ -13748,6 +13793,12 @@ type Severity struct { // * 90–100 - CRITICAL Normalized *int64 `type:"integer"` + // The native severity from the finding product that generated the finding. + Original *string `type:"string"` + + // Deprecated. This attribute is being deprecated. Instead of providing Product, + // provide Original. + // // The native severity as defined by the AWS service or integrated partner product // that generated the finding. Product *float64 `type:"double"` @@ -13775,6 +13826,12 @@ func (s *Severity) SetNormalized(v int64) *Severity { return s } +// SetOriginal sets the Original field's value. +func (s *Severity) SetOriginal(v string) *Severity { + s.Original = &v + return s +} + // SetProduct sets the Product field's value. func (s *Severity) SetProduct(v float64) *Severity { s.Product = &v @@ -14158,6 +14215,57 @@ func (s *StandardsSubscriptionRequest) SetStandardsInput(v map[string]*string) * return s } +// Provides additional context for the value of Compliance.Status. +type StatusReason struct { + _ struct{} `type:"structure"` + + // The corresponding description for the status reason code. + Description *string `type:"string"` + + // A code that represents a reason for the control status. For the list of status + // reason codes and their meanings, see Standards-related information in the + // ASFF (https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-standards-results.html#securityhub-standards-results-asff) + // in the AWS Security Hub User Guide. + // + // ReasonCode is a required field + ReasonCode *string `type:"string" required:"true"` +} + +// String returns the string representation +func (s StatusReason) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s StatusReason) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *StatusReason) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "StatusReason"} + if s.ReasonCode == nil { + invalidParams.Add(request.NewErrParamRequired("ReasonCode")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDescription sets the Description field's value. +func (s *StatusReason) SetDescription(v string) *StatusReason { + s.Description = &v + return s +} + +// SetReasonCode sets the ReasonCode field's value. +func (s *StatusReason) SetReasonCode(v string) *StatusReason { + s.ReasonCode = &v + return s +} + // A string filter for querying findings. type StringFilter struct { _ struct{} `type:"structure"` @@ -14710,12 +14818,12 @@ func (s UpdateStandardsControlOutput) GoString() string { } // Details about the action that CloudFront or AWS WAF takes when a web request -// matches the conditions in the Rule. +// matches the conditions in the rule. type WafAction struct { _ struct{} `type:"structure"` // Specifies how you want AWS WAF to respond to requests that match the settings - // in a Rule. + // in a rule. // // Valid settings include the following: // diff --git a/vendor/modules.txt b/vendor/modules.txt index c263e525970..aa8b0aa25c4 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -25,7 +25,7 @@ github.com/apparentlymart/go-cidr/cidr github.com/apparentlymart/go-textseg/textseg # github.com/armon/go-radix v1.0.0 github.com/armon/go-radix -# github.com/aws/aws-sdk-go v1.31.0 +# github.com/aws/aws-sdk-go v1.31.2 github.com/aws/aws-sdk-go/aws github.com/aws/aws-sdk-go/aws/arn github.com/aws/aws-sdk-go/aws/awserr From 10b9a900c2a300126129fd9d3385585978d1926e Mon Sep 17 00:00:00 2001 From: Kit Ewbank Date: Wed, 20 May 2020 21:06:32 -0400 Subject: [PATCH 286/475] Current aws_macie resources interact with Macie Classic. (#13441) --- website/allowed-subcategories.txt | 2 +- website/aws.erb | 2 +- website/docs/r/macie_member_account_association.html.markdown | 4 +++- website/docs/r/macie_s3_bucket_association.html.markdown | 4 +++- 4 files changed, 8 insertions(+), 4 deletions(-) diff --git a/website/allowed-subcategories.txt b/website/allowed-subcategories.txt index 1bd07c3f697..ded3bc6bac6 100644 --- a/website/allowed-subcategories.txt +++ b/website/allowed-subcategories.txt @@ -67,7 +67,7 @@ Lambda License Manager Lightsail MQ -Macie +Macie Classic Managed Streaming for Kafka (MSK) MediaConvert MediaPackage diff --git a/website/aws.erb b/website/aws.erb index edaf5cf6958..5edc66126a0 100644 --- a/website/aws.erb +++ b/website/aws.erb @@ -2184,7 +2184,7 @@
      • - Macie + Macie Classic
        • Resources diff --git a/website/docs/r/macie_member_account_association.html.markdown b/website/docs/r/macie_member_account_association.html.markdown index 44e81edd8da..237c727fbe5 100644 --- a/website/docs/r/macie_member_account_association.html.markdown +++ b/website/docs/r/macie_member_account_association.html.markdown @@ -1,5 +1,5 @@ --- -subcategory: "Macie" +subcategory: "Macie Classic" layout: "aws" page_title: "AWS: aws_macie_member_account_association" description: |- @@ -8,6 +8,8 @@ description: |- # Resource: aws_macie_member_account_association +~> **NOTE:** This resource interacts with [Amazon Macie Classic](https://docs.aws.amazon.com/macie/latest/userguide/what-is-macie.html). Macie Classic cannot be activated in new accounts. See the [FAQ](https://aws.amazon.com/macie/classic-faqs/) for more details. + Associates an AWS account with Amazon Macie as a member account. ~> **NOTE:** Before using Amazon Macie for the first time it must be enabled manually. Instructions are [here](https://docs.aws.amazon.com/macie/latest/userguide/macie-setting-up.html#macie-setting-up-enable). diff --git a/website/docs/r/macie_s3_bucket_association.html.markdown b/website/docs/r/macie_s3_bucket_association.html.markdown index 6fe7d84522b..ed0bb6f2e44 100644 --- a/website/docs/r/macie_s3_bucket_association.html.markdown +++ b/website/docs/r/macie_s3_bucket_association.html.markdown @@ -1,5 +1,5 @@ --- -subcategory: "Macie" +subcategory: "Macie Classic" layout: "aws" page_title: "AWS: aws_macie_s3_bucket_association" description: |- @@ -8,6 +8,8 @@ description: |- # Resource: aws_macie_s3_bucket_association +~> **NOTE:** This resource interacts with [Amazon Macie Classic](https://docs.aws.amazon.com/macie/latest/userguide/what-is-macie.html). Macie Classic cannot be activated in new accounts. See the [FAQ](https://aws.amazon.com/macie/classic-faqs/) for more details. + Associates an S3 resource with Amazon Macie for monitoring and data classification. ~> **NOTE:** Before using Amazon Macie for the first time it must be enabled manually. Instructions are [here](https://docs.aws.amazon.com/macie/latest/userguide/macie-setting-up.html#macie-setting-up-enable). From 64f3c8e270c3e2b3b1d714730b1067169efbdea7 Mon Sep 17 00:00:00 2001 From: appilon Date: Wed, 20 May 2020 21:31:38 -0400 Subject: [PATCH 287/475] service/emr: Fix schema error (#13413) * Fix schema error Export `instance_role` attribute * Remove d.Set("instance_role") --- aws/resource_aws_emr_instance_group.go | 1 - 1 file changed, 1 deletion(-) diff --git a/aws/resource_aws_emr_instance_group.go b/aws/resource_aws_emr_instance_group.go index 2e9a4c57dbd..84a13cc84c8 100644 --- a/aws/resource_aws_emr_instance_group.go +++ b/aws/resource_aws_emr_instance_group.go @@ -270,7 +270,6 @@ func resourceAwsEMRInstanceGroupRead(d *schema.ResourceData, meta interface{}) e } d.Set("ebs_optimized", ig.EbsOptimized) d.Set("instance_count", ig.RequestedInstanceCount) - d.Set("instance_role", ig.InstanceGroupType) d.Set("instance_type", ig.InstanceType) d.Set("name", ig.Name) d.Set("running_instance_count", ig.RunningInstanceCount) From fc7ae80bfd57c07f61cef925a44c1bcb75e4a3c1 Mon Sep 17 00:00:00 2001 From: appilon Date: Wed, 20 May 2020 21:32:57 -0400 Subject: [PATCH 288/475] service/ram: Fix schema error (#13402) * Fix schema error Export `owning_account_id`, check value is set in tests, add attr to docs. * missing comma --- aws/data_source_aws_ram_resource_share.go | 6 +++--- aws/data_source_aws_ram_resource_share_test.go | 1 + website/docs/d/ram_resource_share.html.markdown | 1 + 3 files changed, 5 insertions(+), 3 deletions(-) diff --git a/aws/data_source_aws_ram_resource_share.go b/aws/data_source_aws_ram_resource_share.go index 0f9f4d0373b..63405231499 100644 --- a/aws/data_source_aws_ram_resource_share.go +++ b/aws/data_source_aws_ram_resource_share.go @@ -52,13 +52,13 @@ func dataSourceAwsRamResourceShare() *schema.Resource { Computed: true, }, - "tags": tagsSchemaComputed(), - - "id": { + "owning_account_id": { Type: schema.TypeString, Computed: true, }, + "tags": tagsSchemaComputed(), + "status": { Type: schema.TypeString, Computed: true, diff --git a/aws/data_source_aws_ram_resource_share_test.go b/aws/data_source_aws_ram_resource_share_test.go index 99233c61e6c..434b50baada 100644 --- a/aws/data_source_aws_ram_resource_share_test.go +++ b/aws/data_source_aws_ram_resource_share_test.go @@ -27,6 +27,7 @@ func TestAccDataSourceAwsRamResourceShare_Basic(t *testing.T) { Check: resource.ComposeTestCheckFunc( resource.TestCheckResourceAttrPair(datasourceName, "name", resourceName, "name"), resource.TestCheckResourceAttrPair(datasourceName, "id", resourceName, "id"), + resource.TestCheckResourceAttrSet(datasourceName, "owning_account_id"), ), }, }, diff --git a/website/docs/d/ram_resource_share.html.markdown b/website/docs/d/ram_resource_share.html.markdown index 7cac9447dbb..74de40e68b3 100644 --- a/website/docs/d/ram_resource_share.html.markdown +++ b/website/docs/d/ram_resource_share.html.markdown @@ -51,4 +51,5 @@ In addition to all arguments above, the following attributes are exported: * `arn` - The Amazon Resource Name (ARN) of the resource share. * `id` - The Amazon Resource Name (ARN) of the resource share. * `status` - The Status of the RAM share. +* `owning_account_id` - The ID of the AWS account that owns the resource share. * `tags` - The Tags attached to the RAM share From defe7896528eade906e3a0e7db483b32b7d650f5 Mon Sep 17 00:00:00 2001 From: appilon Date: Wed, 20 May 2020 21:33:47 -0400 Subject: [PATCH 289/475] Update CHANGELOG.md --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index bfe62c2299c..9a3ed6eee58 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -11,6 +11,7 @@ FEATURES: ENHANCEMENTS: +* data-source/aws_ram_resource_share: Add `owning_account_id` attribute [GH-13402] * data-source/aws_lb: Add `ip_address_type` attribute [GH-13400] * data-source/aws_lb_target_group: Add `load_balancing_algorithm_type` attribute [GH-13400] * data-source/aws_rds_cluster: `backtrack_window` attribute now available [GH-13362] From ba34190aca97a73ab717c71b6d2148982dc0230e Mon Sep 17 00:00:00 2001 From: appilon Date: Wed, 20 May 2020 21:39:26 -0400 Subject: [PATCH 290/475] Switch to import state passthrough (#13431) --- aws/resource_aws_redshift_security_group.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/aws/resource_aws_redshift_security_group.go b/aws/resource_aws_redshift_security_group.go index a306848e240..871c37b2454 100644 --- a/aws/resource_aws_redshift_security_group.go +++ b/aws/resource_aws_redshift_security_group.go @@ -24,7 +24,7 @@ func resourceAwsRedshiftSecurityGroup() *schema.Resource { Update: resourceAwsRedshiftSecurityGroupUpdate, Delete: resourceAwsRedshiftSecurityGroupDelete, Importer: &schema.ResourceImporter{ - State: resourceAwsRedshiftClusterImport, + State: schema.ImportStatePassthrough, }, Schema: map[string]*schema.Schema{ From d363861f31e0b8c6e09341947c77fd4a76bd9f8f Mon Sep 17 00:00:00 2001 From: appilon Date: Wed, 20 May 2020 21:40:38 -0400 Subject: [PATCH 291/475] Update CHANGELOG.md --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 9a3ed6eee58..0846aeaa8b7 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -21,6 +21,7 @@ ENHANCEMENTS: BUG FIXES: +* resource/aws_redshift_security_group: The resource is now importable [GH-13431] * resource/cloudwatch_log_metric_filter: `metric_transformation` `default_value` now properly set [GH-13411] * data-source/aws_db_instance: `auto_minor_version_upgrade` attribute now properly set [GH-13362] * resource/aws_autoscaling_group: `tags` `propagate_at_launch` attribute now properly set [GH-13360] From 0a5a1edafbb363f79d88cc8eb949a2ab4c46e3ff Mon Sep 17 00:00:00 2001 From: angie pinilla Date: Thu, 21 May 2020 00:15:18 -0400 Subject: [PATCH 292/475] Update CHANGELOG for #11960 --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 0846aeaa8b7..6476d009037 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -6,6 +6,7 @@ FEATURES: * **New Data Source:** `aws_wafv2_ip_set` [GH-12788] * **New Data Source:** `aws_wafv2_regex_pattern_set` [GH-12789] * **New Resource:** `aws_efs_access_point` [GH-11965] +* **New Resource:** `aws_efs_file_system_policy` [GH-11960] * **New Resource:** `aws_wafv2_ip_set` [GH-12119] * **New Resource:** `aws_wafv2_regex_pattern_set` [GH-12284] From 334da2f3712608df96a7cb2de01807bffd58cf6d Mon Sep 17 00:00:00 2001 From: angie pinilla Date: Thu, 21 May 2020 00:23:17 -0400 Subject: [PATCH 293/475] Update CHANGELOG for #13404 --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 6476d009037..d9bab34dd8e 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -18,6 +18,7 @@ ENHANCEMENTS: * data-source/aws_rds_cluster: `backtrack_window` attribute now available [GH-13362] * resource/aws_ecs_service: Add `force_new_deployment` argument [GH-13376] * resource/aws_ecs_service: Support in-place updates for `ordered_placement_strategy` and `placement_constraints` [GH-13376] +* resource/aws_glue_connection: Add `arn` argument [GH-13404] * resource/aws_iot_topic_rule: Add `tags` argument [GH-13293] BUG FIXES: From f8a9d4726fe0ed98aab8407f52ee598d4874556e Mon Sep 17 00:00:00 2001 From: Angie Pinilla Date: Thu, 21 May 2020 02:08:43 -0400 Subject: [PATCH 294/475] update flatten/expand methods to handle new list values --- aws/resource_aws_appmesh_virtual_node.go | 38 -------- aws/resource_aws_appmesh_virtual_node_test.go | 42 ++++----- ...esource_aws_appmesh_virtual_router_test.go | 19 ++-- aws/structure.go | 88 ++++++++----------- 4 files changed, 67 insertions(+), 120 deletions(-) diff --git a/aws/resource_aws_appmesh_virtual_node.go b/aws/resource_aws_appmesh_virtual_node.go index 77c3ba6f00a..3e7b0147da3 100644 --- a/aws/resource_aws_appmesh_virtual_node.go +++ b/aws/resource_aws_appmesh_virtual_node.go @@ -450,41 +450,3 @@ func appmeshVirtualNodeBackendHash(vBackend interface{}) int { } return hashcode.String(buf.String()) } - -func appmeshVirtualNodeListenerHash(vListener interface{}) int { - var buf bytes.Buffer - mListener := vListener.(map[string]interface{}) - if vHealthCheck, ok := mListener["health_check"].([]interface{}); ok && len(vHealthCheck) > 0 && vHealthCheck[0] != nil { - mHealthCheck := vHealthCheck[0].(map[string]interface{}) - if v, ok := mHealthCheck["healthy_threshold"].(int); ok { - buf.WriteString(fmt.Sprintf("%d-", v)) - } - if v, ok := mHealthCheck["interval_millis"].(int); ok { - buf.WriteString(fmt.Sprintf("%d-", v)) - } - if v, ok := mHealthCheck["path"].(string); ok { - buf.WriteString(fmt.Sprintf("%s-", v)) - } - // Don't include "port" in the hash as it's Optional/Computed. - // If present it must match the "port_mapping.port" value, so changes will be detected. - if v, ok := mHealthCheck["protocol"].(string); ok { - buf.WriteString(fmt.Sprintf("%s-", v)) - } - if v, ok := mHealthCheck["timeout_millis"].(int); ok { - buf.WriteString(fmt.Sprintf("%d-", v)) - } - if v, ok := mHealthCheck["unhealthy_threshold"].(int); ok { - buf.WriteString(fmt.Sprintf("%d-", v)) - } - } - if vPortMapping, ok := mListener["port_mapping"].([]interface{}); ok && len(vPortMapping) > 0 && vPortMapping[0] != nil { - mPortMapping := vPortMapping[0].(map[string]interface{}) - if v, ok := mPortMapping["port"].(int); ok { - buf.WriteString(fmt.Sprintf("%d-", v)) - } - if v, ok := mPortMapping["protocol"].(string); ok { - buf.WriteString(fmt.Sprintf("%s-", v)) - } - } - return hashcode.String(buf.String()) -} diff --git a/aws/resource_aws_appmesh_virtual_node_test.go b/aws/resource_aws_appmesh_virtual_node_test.go index d05e2a155d0..12e5020a2a7 100644 --- a/aws/resource_aws_appmesh_virtual_node_test.go +++ b/aws/resource_aws_appmesh_virtual_node_test.go @@ -192,17 +192,17 @@ func testAccAwsAppmeshVirtualNode_listenerHealthChecks(t *testing.T) { resource.TestCheckResourceAttr(resourceName, "spec.0.backend.2622272660.virtual_service.#", "1"), resource.TestCheckResourceAttr(resourceName, "spec.0.backend.2622272660.virtual_service.0.virtual_service_name", "servicea.simpleapp.local"), resource.TestCheckResourceAttr(resourceName, "spec.0.listener.#", "1"), - resource.TestCheckResourceAttr(resourceName, "spec.0.listener.433446196.health_check.#", "1"), - resource.TestCheckResourceAttr(resourceName, "spec.0.listener.433446196.health_check.0.healthy_threshold", "3"), - resource.TestCheckResourceAttr(resourceName, "spec.0.listener.433446196.health_check.0.interval_millis", "5000"), - resource.TestCheckResourceAttr(resourceName, "spec.0.listener.433446196.health_check.0.path", "/ping"), - resource.TestCheckResourceAttr(resourceName, "spec.0.listener.433446196.health_check.0.port", "8080"), - resource.TestCheckResourceAttr(resourceName, "spec.0.listener.433446196.health_check.0.protocol", "http"), - resource.TestCheckResourceAttr(resourceName, "spec.0.listener.433446196.health_check.0.timeout_millis", "2000"), - resource.TestCheckResourceAttr(resourceName, "spec.0.listener.433446196.health_check.0.unhealthy_threshold", "5"), - resource.TestCheckResourceAttr(resourceName, "spec.0.listener.433446196.port_mapping.#", "1"), - resource.TestCheckResourceAttr(resourceName, "spec.0.listener.433446196.port_mapping.0.port", "8080"), - resource.TestCheckResourceAttr(resourceName, "spec.0.listener.433446196.port_mapping.0.protocol", "http"), + resource.TestCheckResourceAttr(resourceName, "spec.0.listener.0.health_check.#", "1"), + resource.TestCheckResourceAttr(resourceName, "spec.0.listener.0.health_check.0.healthy_threshold", "3"), + resource.TestCheckResourceAttr(resourceName, "spec.0.listener.0.health_check.0.interval_millis", "5000"), + resource.TestCheckResourceAttr(resourceName, "spec.0.listener.0.health_check.0.path", "/ping"), + resource.TestCheckResourceAttr(resourceName, "spec.0.listener.0.health_check.0.port", "8080"), + resource.TestCheckResourceAttr(resourceName, "spec.0.listener.0.health_check.0.protocol", "http"), + resource.TestCheckResourceAttr(resourceName, "spec.0.listener.0.health_check.0.timeout_millis", "2000"), + resource.TestCheckResourceAttr(resourceName, "spec.0.listener.0.health_check.0.unhealthy_threshold", "5"), + resource.TestCheckResourceAttr(resourceName, "spec.0.listener.0.port_mapping.#", "1"), + resource.TestCheckResourceAttr(resourceName, "spec.0.listener.0.port_mapping.0.port", "8080"), + resource.TestCheckResourceAttr(resourceName, "spec.0.listener.0.port_mapping.0.protocol", "http"), resource.TestCheckResourceAttr(resourceName, "spec.0.logging.#", "0"), resource.TestCheckResourceAttr(resourceName, "spec.0.service_discovery.#", "1"), resource.TestCheckResourceAttr(resourceName, "spec.0.service_discovery.0.dns.#", "1"), @@ -225,16 +225,16 @@ func testAccAwsAppmeshVirtualNode_listenerHealthChecks(t *testing.T) { resource.TestCheckResourceAttr(resourceName, "spec.0.backend.2025248115.virtual_service.#", "1"), resource.TestCheckResourceAttr(resourceName, "spec.0.backend.2025248115.virtual_service.0.virtual_service_name", "serviced.simpleapp.local"), resource.TestCheckResourceAttr(resourceName, "spec.0.listener.#", "1"), - resource.TestCheckResourceAttr(resourceName, "spec.0.listener.3446683576.health_check.#", "1"), - resource.TestCheckResourceAttr(resourceName, "spec.0.listener.3446683576.health_check.0.healthy_threshold", "4"), - resource.TestCheckResourceAttr(resourceName, "spec.0.listener.3446683576.health_check.0.interval_millis", "7000"), - resource.TestCheckResourceAttr(resourceName, "spec.0.listener.3446683576.health_check.0.port", "8081"), - resource.TestCheckResourceAttr(resourceName, "spec.0.listener.3446683576.health_check.0.protocol", "tcp"), - resource.TestCheckResourceAttr(resourceName, "spec.0.listener.3446683576.health_check.0.timeout_millis", "3000"), - resource.TestCheckResourceAttr(resourceName, "spec.0.listener.3446683576.health_check.0.unhealthy_threshold", "9"), - resource.TestCheckResourceAttr(resourceName, "spec.0.listener.3446683576.port_mapping.#", "1"), - resource.TestCheckResourceAttr(resourceName, "spec.0.listener.3446683576.port_mapping.0.port", "8081"), - resource.TestCheckResourceAttr(resourceName, "spec.0.listener.3446683576.port_mapping.0.protocol", "http"), + resource.TestCheckResourceAttr(resourceName, "spec.0.listener.0.health_check.#", "1"), + resource.TestCheckResourceAttr(resourceName, "spec.0.listener.0.health_check.0.healthy_threshold", "4"), + resource.TestCheckResourceAttr(resourceName, "spec.0.listener.0.health_check.0.interval_millis", "7000"), + resource.TestCheckResourceAttr(resourceName, "spec.0.listener.0.health_check.0.port", "8081"), + resource.TestCheckResourceAttr(resourceName, "spec.0.listener.0.health_check.0.protocol", "tcp"), + resource.TestCheckResourceAttr(resourceName, "spec.0.listener.0.health_check.0.timeout_millis", "3000"), + resource.TestCheckResourceAttr(resourceName, "spec.0.listener.0.health_check.0.unhealthy_threshold", "9"), + resource.TestCheckResourceAttr(resourceName, "spec.0.listener.0.port_mapping.#", "1"), + resource.TestCheckResourceAttr(resourceName, "spec.0.listener.0.port_mapping.0.port", "8081"), + resource.TestCheckResourceAttr(resourceName, "spec.0.listener.0.port_mapping.0.protocol", "http"), resource.TestCheckResourceAttr(resourceName, "spec.0.logging.#", "0"), resource.TestCheckResourceAttr(resourceName, "spec.0.service_discovery.#", "1"), resource.TestCheckResourceAttr(resourceName, "spec.0.service_discovery.0.dns.#", "1"), diff --git a/aws/resource_aws_appmesh_virtual_router_test.go b/aws/resource_aws_appmesh_virtual_router_test.go index 849cde5619f..346968426c2 100644 --- a/aws/resource_aws_appmesh_virtual_router_test.go +++ b/aws/resource_aws_appmesh_virtual_router_test.go @@ -88,10 +88,9 @@ func testAccAwsAppmeshVirtualRouter_basic(t *testing.T) { vrName := acctest.RandomWithPrefix("tf-acc-test") resource.Test(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t) }, - Providers: testAccProviders, - CheckDestroy: testAccCheckAppmeshVirtualRouterDestroy, - DisableBinaryDriver: true, + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAppmeshVirtualRouterDestroy, Steps: []resource.TestStep{ { Config: testAccAppmeshVirtualRouterConfig_basic(meshName, vrName), @@ -107,11 +106,11 @@ func testAccAwsAppmeshVirtualRouter_basic(t *testing.T) { resource.TestCheckResourceAttr( resourceName, "spec.0.listener.#", "1"), resource.TestCheckResourceAttr( - resourceName, "spec.0.listener.2279702354.port_mapping.#", "1"), + resourceName, "spec.0.listener.0.port_mapping.#", "1"), resource.TestCheckResourceAttr( - resourceName, "spec.0.listener.2279702354.port_mapping.0.port", "8080"), + resourceName, "spec.0.listener.0.port_mapping.0.port", "8080"), resource.TestCheckResourceAttr( - resourceName, "spec.0.listener.2279702354.port_mapping.0.protocol", "http"), + resourceName, "spec.0.listener.0.port_mapping.0.protocol", "http"), resource.TestCheckResourceAttrSet( resourceName, "created_date"), resource.TestCheckResourceAttrSet( @@ -134,11 +133,11 @@ func testAccAwsAppmeshVirtualRouter_basic(t *testing.T) { resource.TestCheckResourceAttr( resourceName, "spec.0.listener.#", "1"), resource.TestCheckResourceAttr( - resourceName, "spec.0.listener.563508454.port_mapping.#", "1"), + resourceName, "spec.0.listener.0.port_mapping.#", "1"), resource.TestCheckResourceAttr( - resourceName, "spec.0.listener.563508454.port_mapping.0.port", "8081"), + resourceName, "spec.0.listener.0.port_mapping.0.port", "8081"), resource.TestCheckResourceAttr( - resourceName, "spec.0.listener.563508454.port_mapping.0.protocol", "http"), + resourceName, "spec.0.listener.0.port_mapping.0.protocol", "http"), ), }, { diff --git a/aws/structure.go b/aws/structure.go index 167cc95cf4c..67fd8e61e94 100644 --- a/aws/structure.go +++ b/aws/structure.go @@ -4721,10 +4721,10 @@ func expandAppmeshVirtualRouterSpec(vSpec []interface{}) *appmesh.VirtualRouterS } mSpec := vSpec[0].(map[string]interface{}) - if vListeners, ok := mSpec["listener"].(*schema.Set); ok && vListeners.Len() > 0 { + if vListeners, ok := mSpec["listener"].([]interface{}); ok && len(vListeners) > 0 && vListeners[0] != nil { listeners := []*appmesh.VirtualRouterListener{} - for _, vListener := range vListeners.List() { + for _, vListener := range vListeners { listener := &appmesh.VirtualRouterListener{} mListener := vListener.(map[string]interface{}) @@ -4741,10 +4741,8 @@ func expandAppmeshVirtualRouterSpec(vSpec []interface{}) *appmesh.VirtualRouterS listener.PortMapping.Protocol = aws.String(vProtocol) } } - listeners = append(listeners, listener) } - spec.Listeners = listeners } @@ -4755,27 +4753,19 @@ func flattenAppmeshVirtualRouterSpec(spec *appmesh.VirtualRouterSpec) []interfac if spec == nil { return []interface{}{} } - - mSpec := map[string]interface{}{} - - if spec.Listeners != nil { - vListeners := []interface{}{} - - for _, listener := range spec.Listeners { - mListener := map[string]interface{}{} - - if listener.PortMapping != nil { - mPortMapping := map[string]interface{}{ - "port": int(aws.Int64Value(listener.PortMapping.Port)), - "protocol": aws.StringValue(listener.PortMapping.Protocol), - } - mListener["port_mapping"] = []interface{}{mPortMapping} + mSpec := make(map[string]interface{}) + if spec.Listeners != nil && spec.Listeners[0] != nil { + // Per schema definition, set at most 1 Listener + listener := spec.Listeners[0] + mListener := make(map[string]interface{}) + if listener.PortMapping != nil { + mPortMapping := map[string]interface{}{ + "port": int(aws.Int64Value(listener.PortMapping.Port)), + "protocol": aws.StringValue(listener.PortMapping.Protocol), } - - vListeners = append(vListeners, mListener) + mListener["port_mapping"] = []interface{}{mPortMapping} } - - mSpec["listener"] = schema.NewSet(appmeshVirtualNodeListenerHash, vListeners) + mSpec["listener"] = []interface{}{mListener} } return []interface{}{mSpec} @@ -4813,10 +4803,10 @@ func expandAppmeshVirtualNodeSpec(vSpec []interface{}) *appmesh.VirtualNodeSpec spec.Backends = backends } - if vListeners, ok := mSpec["listener"].(*schema.Set); ok && vListeners.Len() > 0 { + if vListeners, ok := mSpec["listener"].([]interface{}); ok && len(vListeners) > 0 && vListeners[0] != nil { listeners := []*appmesh.Listener{} - for _, vListener := range vListeners.List() { + for _, vListener := range vListeners { listener := &appmesh.Listener{} mListener := vListener.(map[string]interface{}) @@ -4960,37 +4950,33 @@ func flattenAppmeshVirtualNodeSpec(spec *appmesh.VirtualNodeSpec) []interface{} mSpec["backend"] = schema.NewSet(appmeshVirtualNodeBackendHash, vBackends) } - if spec.Listeners != nil { - vListeners := []interface{}{} - - for _, listener := range spec.Listeners { - mListener := map[string]interface{}{} - - if listener.HealthCheck != nil { - mHealthCheck := map[string]interface{}{ - "healthy_threshold": int(aws.Int64Value(listener.HealthCheck.HealthyThreshold)), - "interval_millis": int(aws.Int64Value(listener.HealthCheck.IntervalMillis)), - "path": aws.StringValue(listener.HealthCheck.Path), - "port": int(aws.Int64Value(listener.HealthCheck.Port)), - "protocol": aws.StringValue(listener.HealthCheck.Protocol), - "timeout_millis": int(aws.Int64Value(listener.HealthCheck.TimeoutMillis)), - "unhealthy_threshold": int(aws.Int64Value(listener.HealthCheck.UnhealthyThreshold)), - } - mListener["health_check"] = []interface{}{mHealthCheck} + if spec.Listeners != nil && spec.Listeners[0] != nil { + // Per schema definition, set at most 1 Listener + listener := spec.Listeners[0] + mListener := map[string]interface{}{} + + if listener.HealthCheck != nil { + mHealthCheck := map[string]interface{}{ + "healthy_threshold": int(aws.Int64Value(listener.HealthCheck.HealthyThreshold)), + "interval_millis": int(aws.Int64Value(listener.HealthCheck.IntervalMillis)), + "path": aws.StringValue(listener.HealthCheck.Path), + "port": int(aws.Int64Value(listener.HealthCheck.Port)), + "protocol": aws.StringValue(listener.HealthCheck.Protocol), + "timeout_millis": int(aws.Int64Value(listener.HealthCheck.TimeoutMillis)), + "unhealthy_threshold": int(aws.Int64Value(listener.HealthCheck.UnhealthyThreshold)), } + mListener["health_check"] = []interface{}{mHealthCheck} + } - if listener.PortMapping != nil { - mPortMapping := map[string]interface{}{ - "port": int(aws.Int64Value(listener.PortMapping.Port)), - "protocol": aws.StringValue(listener.PortMapping.Protocol), - } - mListener["port_mapping"] = []interface{}{mPortMapping} + if listener.PortMapping != nil { + mPortMapping := map[string]interface{}{ + "port": int(aws.Int64Value(listener.PortMapping.Port)), + "protocol": aws.StringValue(listener.PortMapping.Protocol), } - - vListeners = append(vListeners, mListener) + mListener["port_mapping"] = []interface{}{mPortMapping} } - mSpec["listener"] = schema.NewSet(appmeshVirtualNodeListenerHash, vListeners) + mSpec["listener"] = []interface{}{mListener} } if spec.Logging != nil && spec.Logging.AccessLog != nil && spec.Logging.AccessLog.File != nil { From 835156b82614dff042a4278d6fba45cddff72e4d Mon Sep 17 00:00:00 2001 From: Kit Ewbank Date: Thu, 21 May 2020 07:50:05 -0400 Subject: [PATCH 295/475] tests/resource/aws_batch_job_definition: Add sweeper (#13427) --- aws/resource_aws_batch_job_definition_test.go | 53 +++++++++++++++++++ 1 file changed, 53 insertions(+) diff --git a/aws/resource_aws_batch_job_definition_test.go b/aws/resource_aws_batch_job_definition_test.go index c63f1ee04e5..4b752568398 100644 --- a/aws/resource_aws_batch_job_definition_test.go +++ b/aws/resource_aws_batch_job_definition_test.go @@ -2,16 +2,69 @@ package aws import ( "fmt" + "log" "reflect" "testing" "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/service/batch" + "github.com/hashicorp/go-multierror" "github.com/hashicorp/terraform-plugin-sdk/helper/acctest" "github.com/hashicorp/terraform-plugin-sdk/helper/resource" "github.com/hashicorp/terraform-plugin-sdk/terraform" ) +func init() { + resource.AddTestSweepers("aws_batch_job_definition", &resource.Sweeper{ + Name: "aws_batch_job_definition", + F: testSweepBatchJobDefinitions, + Dependencies: []string{ + "aws_batch_job_queue", + }, + }) +} + +func testSweepBatchJobDefinitions(region string) error { + client, err := sharedClientForRegion(region) + if err != nil { + return fmt.Errorf("error getting client: %w", err) + } + conn := client.(*AWSClient).batchconn + var sweeperErrs *multierror.Error + + err = conn.DescribeJobDefinitionsPages(&batch.DescribeJobDefinitionsInput{}, func(page *batch.DescribeJobDefinitionsOutput, isLast bool) bool { + if page == nil { + return !isLast + } + + for _, jobDefinition := range page.JobDefinitions { + arn := aws.StringValue(jobDefinition.JobDefinitionArn) + + log.Printf("[INFO] Deleting Batch Job Definition: %s", arn) + _, err := conn.DeregisterJobDefinition(&batch.DeregisterJobDefinitionInput{ + JobDefinition: aws.String(arn), + }) + if err != nil { + sweeperErr := fmt.Errorf("error deleting Batch Job Definition (%s): %w", arn, err) + log.Printf("[ERROR] %s", sweeperErr) + sweeperErrs = multierror.Append(sweeperErrs, sweeperErr) + continue + } + } + + return !isLast + }) + if testSweepSkipSweepError(err) { + log.Printf("[WARN] Skipping Batch Job Definitions sweep for %s: %s", region, err) + return sweeperErrs.ErrorOrNil() // In case we have completed some pages, but had errors + } + if err != nil { + sweeperErrs = multierror.Append(sweeperErrs, fmt.Errorf("error retrieving Batch Job Definitions: %w", err)) + } + + return sweeperErrs.ErrorOrNil() +} + func TestAccAWSBatchJobDefinition_basic(t *testing.T) { var jd batch.JobDefinition rName := acctest.RandomWithPrefix("tf-acc-test") From 2d79474c9a53d84eaf030ea3cef161f5d045e5fc Mon Sep 17 00:00:00 2001 From: Brian Flad Date: Thu, 21 May 2020 08:04:35 -0400 Subject: [PATCH 296/475] resource/aws_eks_node_group: Add force_update_version argument (#13414) Reference: https://github.com/terraform-providers/terraform-provider-aws/issues/13296 Reference: https://docs.aws.amazon.com/eks/latest/APIReference/API_UpdateNodegroupVersion.html#AmazonEKS-UpdateNodegroupVersion-request-force Output from acceptance testing: ``` --- PASS: TestAccAWSEksNodeGroup_InstanceTypes (1567.59s) --- PASS: TestAccAWSEksNodeGroup_ReleaseVersion (1568.65s) --- PASS: TestAccAWSEksNodeGroup_RemoteAccess_Ec2SshKey (1578.04s) --- PASS: TestAccAWSEksNodeGroup_ScalingConfig_MaxSize (1613.79s) --- PASS: TestAccAWSEksNodeGroup_disappears (1618.86s) --- PASS: TestAccAWSEksNodeGroup_basic (1620.08s) --- PASS: TestAccAWSEksNodeGroup_Labels (1627.14s) --- PASS: TestAccAWSEksNodeGroup_Tags (1633.79s) --- PASS: TestAccAWSEksNodeGroup_Version (1641.90s) --- PASS: TestAccAWSEksNodeGroup_DiskSize (1648.59s) --- PASS: TestAccAWSEksNodeGroup_ScalingConfig_MinSize (1675.80s) --- PASS: TestAccAWSEksNodeGroup_ScalingConfig_DesiredSize (1683.37s) --- PASS: TestAccAWSEksNodeGroup_AmiType (1730.12s) --- PASS: TestAccAWSEksNodeGroup_RemoteAccess_SourceSecurityGroupIds (1768.14s) --- PASS: TestAccAWSEksNodeGroup_ForceUpdateVersion (4839.40s) ``` --- aws/resource_aws_eks_node_group.go | 6 ++- aws/resource_aws_eks_node_group_test.go | 59 +++++++++++++++++++++ website/docs/r/eks_node_group.html.markdown | 1 + 3 files changed, 65 insertions(+), 1 deletion(-) diff --git a/aws/resource_aws_eks_node_group.go b/aws/resource_aws_eks_node_group.go index 4c9a485a36b..3673139caf0 100644 --- a/aws/resource_aws_eks_node_group.go +++ b/aws/resource_aws_eks_node_group.go @@ -58,6 +58,10 @@ func resourceAwsEksNodeGroup() *schema.Resource { Computed: true, ForceNew: true, }, + "force_update_version": { + Type: schema.TypeBool, + Optional: true, + }, "instance_types": { Type: schema.TypeList, Optional: true, @@ -374,7 +378,7 @@ func resourceAwsEksNodeGroupUpdate(d *schema.ResourceData, meta interface{}) err input := &eks.UpdateNodegroupVersionInput{ ClientRequestToken: aws.String(resource.UniqueId()), ClusterName: aws.String(clusterName), - Force: aws.Bool(false), + Force: aws.Bool(d.Get("force_update_version").(bool)), NodegroupName: aws.String(nodeGroupName), } diff --git a/aws/resource_aws_eks_node_group_test.go b/aws/resource_aws_eks_node_group_test.go index 90f44843ab0..265c88c09f1 100644 --- a/aws/resource_aws_eks_node_group_test.go +++ b/aws/resource_aws_eks_node_group_test.go @@ -198,6 +198,40 @@ func TestAccAWSEksNodeGroup_DiskSize(t *testing.T) { }) } +func TestAccAWSEksNodeGroup_ForceUpdateVersion(t *testing.T) { + var nodeGroup1 eks.Nodegroup + rName := acctest.RandomWithPrefix("tf-acc-test") + resourceName := "aws_eks_node_group.test" + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSEks(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSEksNodeGroupDestroy, + Steps: []resource.TestStep{ + { + Config: testAccAWSEksNodeGroupConfigForceUpdateVersion(rName, "1.15"), + Check: resource.ComposeTestCheckFunc( + testAccCheckAWSEksNodeGroupExists(resourceName, &nodeGroup1), + resource.TestCheckResourceAttr(resourceName, "version", "1.15"), + ), + }, + { + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{"force_update_version"}, + }, + { + Config: testAccAWSEksNodeGroupConfigForceUpdateVersion(rName, "1.16"), + Check: resource.ComposeTestCheckFunc( + testAccCheckAWSEksNodeGroupExists(resourceName, &nodeGroup1), + resource.TestCheckResourceAttr(resourceName, "version", "1.16"), + ), + }, + }, + }) +} + func TestAccAWSEksNodeGroup_InstanceTypes(t *testing.T) { var nodeGroup1 eks.Nodegroup rName := acctest.RandomWithPrefix("tf-acc-test") @@ -901,6 +935,31 @@ resource "aws_eks_node_group" "test" { `, rName, diskSize) } +func testAccAWSEksNodeGroupConfigForceUpdateVersion(rName, version string) string { + return testAccAWSEksNodeGroupConfigBaseVersion(rName, version) + fmt.Sprintf(` +resource "aws_eks_node_group" "test" { + cluster_name = aws_eks_cluster.test.name + force_update_version = true + node_group_name = %[1]q + node_role_arn = aws_iam_role.node.arn + subnet_ids = aws_subnet.test[*].id + version = aws_eks_cluster.test.version + + scaling_config { + desired_size = 1 + max_size = 1 + min_size = 1 + } + + depends_on = [ + "aws_iam_role_policy_attachment.node-AmazonEKSWorkerNodePolicy", + "aws_iam_role_policy_attachment.node-AmazonEKS_CNI_Policy", + "aws_iam_role_policy_attachment.node-AmazonEC2ContainerRegistryReadOnly", + ] +} +`, rName) +} + func testAccAWSEksNodeGroupConfigInstanceTypes1(rName, instanceType1 string) string { return testAccAWSEksNodeGroupConfigBase(rName) + fmt.Sprintf(` resource "aws_eks_node_group" "test" { diff --git a/website/docs/r/eks_node_group.html.markdown b/website/docs/r/eks_node_group.html.markdown index f6ec96ba7c7..5a55cab7b52 100644 --- a/website/docs/r/eks_node_group.html.markdown +++ b/website/docs/r/eks_node_group.html.markdown @@ -125,6 +125,7 @@ The following arguments are optional: * `ami_type` - (Optional) Type of Amazon Machine Image (AMI) associated with the EKS Node Group. Defaults to `AL2_x86_64`. Valid values: `AL2_x86_64`, `AL2_x86_64_GPU`. Terraform will only perform drift detection if a configuration value is provided. * `disk_size` - (Optional) Disk size in GiB for worker nodes. Defaults to `20`. Terraform will only perform drift detection if a configuration value is provided. +* `force_update_version` - (Optional) Force version update if existing pods are unable to be drained due to a pod disruption budget issue. * `instance_types` - (Optional) Set of instance types associated with the EKS Node Group. Defaults to `["t3.medium"]`. Terraform will only perform drift detection if a configuration value is provided. Currently, the EKS API only accepts a single value in the set. * `labels` - (Optional) Key-value map of Kubernetes labels. Only labels that are applied with the EKS API are managed by this argument. Other Kubernetes labels applied to the EKS Node Group will not be managed. * `release_version` – (Optional) AMI version of the EKS Node Group. Defaults to latest version for Kubernetes version. From fcf570b2621a4b3a29d3b6637af5622c973b3e19 Mon Sep 17 00:00:00 2001 From: Brian Flad Date: Thu, 21 May 2020 08:05:32 -0400 Subject: [PATCH 297/475] Update CHANGELOG for #13414 --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index d9bab34dd8e..cba2c92c4a4 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -18,6 +18,7 @@ ENHANCEMENTS: * data-source/aws_rds_cluster: `backtrack_window` attribute now available [GH-13362] * resource/aws_ecs_service: Add `force_new_deployment` argument [GH-13376] * resource/aws_ecs_service: Support in-place updates for `ordered_placement_strategy` and `placement_constraints` [GH-13376] +* resource/aws_eks_node_group: Add `force_update_version` argument [GH-13414] * resource/aws_glue_connection: Add `arn` argument [GH-13404] * resource/aws_iot_topic_rule: Add `tags` argument [GH-13293] From dc7929984d0f519f027456f342815902da7532bb Mon Sep 17 00:00:00 2001 From: mtdjr Date: Thu, 21 May 2020 08:12:42 -0400 Subject: [PATCH 298/475] resource/aws_codebuild_webhook: Support `COMMIT_MESSAGE` value in filter types (#13436) `WebhookFilterTypeCommitMessage` is missing from the allowed filter types preventing the use of `COMMIT_MESSAGE` in aws_codebuild_webhook filters. The type is already present in [aws-sdk-go:/service/codebuild/api](https://github.com/aws/aws-sdk-go/blob/6b25fdfe03b0477dd3c77f317703724eab772653/service/codebuild/api.go#L11058). --- aws/resource_aws_codebuild_webhook.go | 1 + 1 file changed, 1 insertion(+) diff --git a/aws/resource_aws_codebuild_webhook.go b/aws/resource_aws_codebuild_webhook.go index eba37fac8aa..17606c67127 100644 --- a/aws/resource_aws_codebuild_webhook.go +++ b/aws/resource_aws_codebuild_webhook.go @@ -53,6 +53,7 @@ func resourceAwsCodeBuildWebhook() *schema.Resource { codebuild.WebhookFilterTypeBaseRef, codebuild.WebhookFilterTypeFilePath, codebuild.WebhookFilterTypeHeadRef, + codebuild.WebhookFilterTypeCommitMessage, }, false), }, "exclude_matched_pattern": { From b35e5e6e06888afc95116c3e061d90867f52634c Mon Sep 17 00:00:00 2001 From: Brian Flad Date: Thu, 21 May 2020 08:13:10 -0400 Subject: [PATCH 299/475] Update CHANGELOG for #13436 --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index cba2c92c4a4..b1da5d94ba4 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -16,6 +16,7 @@ ENHANCEMENTS: * data-source/aws_lb: Add `ip_address_type` attribute [GH-13400] * data-source/aws_lb_target_group: Add `load_balancing_algorithm_type` attribute [GH-13400] * data-source/aws_rds_cluster: `backtrack_window` attribute now available [GH-13362] +* resource/aws_codebuild_webhook: Support `COMMIT_MESSAGE` value in filter types [GH-13436] * resource/aws_ecs_service: Add `force_new_deployment` argument [GH-13376] * resource/aws_ecs_service: Support in-place updates for `ordered_placement_strategy` and `placement_constraints` [GH-13376] * resource/aws_eks_node_group: Add `force_update_version` argument [GH-13414] From 39dc65a69de1a70b6b43ff7b8190e449cb810a5e Mon Sep 17 00:00:00 2001 From: Eugen Cocalea Date: Thu, 21 May 2020 15:21:24 +0300 Subject: [PATCH 300/475] docs/resource/aws_elasticsearch_domain: Fix incorrect reference in example (#13451) Referring to the correct security group --- website/docs/r/elasticsearch_domain.html.markdown | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/website/docs/r/elasticsearch_domain.html.markdown b/website/docs/r/elasticsearch_domain.html.markdown index b205e0b7f88..0e5dbbe1c8e 100644 --- a/website/docs/r/elasticsearch_domain.html.markdown +++ b/website/docs/r/elasticsearch_domain.html.markdown @@ -172,7 +172,7 @@ resource "aws_elasticsearch_domain" "es" { "${data.aws_subnet_ids.selected.ids[1]}", ] - security_group_ids = ["${aws_security_group.elasticsearch.id}"] + security_group_ids = ["${aws_security_group.es.id}"] } advanced_options = { From 171a77ec920782ca78f6ffe61683b43a135c37b1 Mon Sep 17 00:00:00 2001 From: Masataka Pocke Kuwabara Date: Thu, 21 May 2020 21:45:00 +0900 Subject: [PATCH 301/475] docs/service/rds: Replace "a RDS" with "an RDS" (#12605) --- website/docs/d/rds_cluster.html.markdown | 4 ++-- website/docs/r/db_cluster_snapshot.html.markdown | 4 ++-- website/docs/r/db_event_subscription.html.markdown | 6 +++--- website/docs/r/db_instance_role_association.html.markdown | 4 ++-- website/docs/r/db_snapshot.html.markdown | 4 ++-- website/docs/r/rds_cluster.html.markdown | 4 ++-- website/docs/r/rds_cluster_endpoint.html.markdown | 4 ++-- website/docs/r/rds_global_cluster.html.markdown | 4 ++-- 8 files changed, 17 insertions(+), 17 deletions(-) diff --git a/website/docs/d/rds_cluster.html.markdown b/website/docs/d/rds_cluster.html.markdown index ff5fe5a9f78..82fcd66693e 100644 --- a/website/docs/d/rds_cluster.html.markdown +++ b/website/docs/d/rds_cluster.html.markdown @@ -3,12 +3,12 @@ subcategory: "RDS" layout: "aws" page_title: "AWS: aws_rds_cluster" description: |- - Provides a RDS cluster data source. + Provides an RDS cluster data source. --- # Data Source: aws_rds_cluster -Provides information about a RDS cluster. +Provides information about an RDS cluster. ## Example Usage diff --git a/website/docs/r/db_cluster_snapshot.html.markdown b/website/docs/r/db_cluster_snapshot.html.markdown index b066c329fea..b88afa31101 100644 --- a/website/docs/r/db_cluster_snapshot.html.markdown +++ b/website/docs/r/db_cluster_snapshot.html.markdown @@ -3,12 +3,12 @@ subcategory: "RDS" layout: "aws" page_title: "AWS: aws_db_cluster_snapshot" description: |- - Manages a RDS database cluster snapshot. + Manages an RDS database cluster snapshot. --- # Resource: aws_db_cluster_snapshot -Manages a RDS database cluster snapshot for Aurora clusters. For managing RDS database instance snapshots, see the [`aws_db_snapshot` resource](/docs/providers/aws/r/db_snapshot.html). +Manages an RDS database cluster snapshot for Aurora clusters. For managing RDS database instance snapshots, see the [`aws_db_snapshot` resource](/docs/providers/aws/r/db_snapshot.html). ## Example Usage diff --git a/website/docs/r/db_event_subscription.html.markdown b/website/docs/r/db_event_subscription.html.markdown index 171724dcc4b..0f48bc96843 100644 --- a/website/docs/r/db_event_subscription.html.markdown +++ b/website/docs/r/db_event_subscription.html.markdown @@ -77,9 +77,9 @@ The following additional atttributes are provided: `aws_db_event_subscription` provides the following [Timeouts](/docs/configuration/resources.html#timeouts) configuration options: -- `create` - (Default `40m`) How long to wait for a RDS event notification subscription to be ready. -- `delete` - (Default `40m`) How long to wait for a RDS event notification subscription to be deleted. -- `update` - (Default `40m`) How long to wait for a RDS event notification subscription to be updated. +- `create` - (Default `40m`) How long to wait for an RDS event notification subscription to be ready. +- `delete` - (Default `40m`) How long to wait for an RDS event notification subscription to be deleted. +- `update` - (Default `40m`) How long to wait for an RDS event notification subscription to be updated. ## Import diff --git a/website/docs/r/db_instance_role_association.html.markdown b/website/docs/r/db_instance_role_association.html.markdown index c429625ebfc..25565566650 100644 --- a/website/docs/r/db_instance_role_association.html.markdown +++ b/website/docs/r/db_instance_role_association.html.markdown @@ -3,12 +3,12 @@ subcategory: "RDS" layout: "aws" page_title: "AWS: aws_db_instance_role_association" description: |- - Manages a RDS DB Instance association with an IAM Role. + Manages an RDS DB Instance association with an IAM Role. --- # Resource: aws_db_instance_role_association -Manages a RDS DB Instance association with an IAM Role. Example use cases: +Manages an RDS DB Instance association with an IAM Role. Example use cases: * [Amazon RDS Oracle integration with Amazon S3](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/oracle-s3-integration.html) * [Importing Amazon S3 Data into an RDS PostgreSQL DB Instance](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PostgreSQL.S3Import.html) diff --git a/website/docs/r/db_snapshot.html.markdown b/website/docs/r/db_snapshot.html.markdown index 8e725805a68..99717c95bd1 100644 --- a/website/docs/r/db_snapshot.html.markdown +++ b/website/docs/r/db_snapshot.html.markdown @@ -3,12 +3,12 @@ subcategory: "RDS" layout: "aws" page_title: "AWS: aws_db_snapshot" description: |- - Manages a RDS database instance snapshot. + Manages an RDS database instance snapshot. --- # Resource: aws_db_snapshot -Manages a RDS database instance snapshot. For managing RDS database cluster snapshots, see the [`aws_db_cluster_snapshot` resource](/docs/providers/aws/r/db_cluster_snapshot.html). +Manages an RDS database instance snapshot. For managing RDS database cluster snapshots, see the [`aws_db_cluster_snapshot` resource](/docs/providers/aws/r/db_cluster_snapshot.html). ## Example Usage diff --git a/website/docs/r/rds_cluster.html.markdown b/website/docs/r/rds_cluster.html.markdown index 9990aa213a2..1fb5da498f4 100644 --- a/website/docs/r/rds_cluster.html.markdown +++ b/website/docs/r/rds_cluster.html.markdown @@ -3,7 +3,7 @@ subcategory: "RDS" layout: "aws" page_title: "AWS: aws_rds_cluster" description: |- - Manages a RDS Aurora Cluster + Manages an RDS Aurora Cluster --- # Resource: aws_rds_cluster @@ -14,7 +14,7 @@ For information on the difference between the available Aurora MySQL engines see [Comparison between Aurora MySQL 1 and Aurora MySQL 2](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/AuroraMySQL.Updates.20180206.html) in the Amazon RDS User Guide. -Changes to a RDS Cluster can occur when you manually change a +Changes to an RDS Cluster can occur when you manually change a parameter, such as `port`, and are reflected in the next maintenance window. Because of this, Terraform may report a difference in its planning phase because a modification has not yet taken place. You can use the diff --git a/website/docs/r/rds_cluster_endpoint.html.markdown b/website/docs/r/rds_cluster_endpoint.html.markdown index 9b3bb9fd279..93341770551 100644 --- a/website/docs/r/rds_cluster_endpoint.html.markdown +++ b/website/docs/r/rds_cluster_endpoint.html.markdown @@ -3,12 +3,12 @@ subcategory: "RDS" layout: "aws" page_title: "AWS: aws_rds_cluster_endpoint" description: |- - Manages a RDS Aurora Cluster Endpoint + Manages an RDS Aurora Cluster Endpoint --- # Resource: aws_rds_cluster_endpoint -Manages a RDS Aurora Cluster Endpoint. +Manages an RDS Aurora Cluster Endpoint. You can refer to the [User Guide][1]. diff --git a/website/docs/r/rds_global_cluster.html.markdown b/website/docs/r/rds_global_cluster.html.markdown index d0e34a240b0..30cfefb596e 100644 --- a/website/docs/r/rds_global_cluster.html.markdown +++ b/website/docs/r/rds_global_cluster.html.markdown @@ -3,12 +3,12 @@ subcategory: "RDS" layout: "aws" page_title: "AWS: aws_rds_global_cluster" description: |- - Manages a RDS Global Cluster + Manages an RDS Global Cluster --- # Resource: aws_rds_global_cluster -Manages a RDS Global Cluster, which is an Aurora global database spread across multiple regions. The global database contains a single primary cluster with read-write capability, and a read-only secondary cluster that receives data from the primary cluster through high-speed replication performed by the Aurora storage subsystem. +Manages an RDS Global Cluster, which is an Aurora global database spread across multiple regions. The global database contains a single primary cluster with read-write capability, and a read-only secondary cluster that receives data from the primary cluster through high-speed replication performed by the Aurora storage subsystem. More information about Aurora global databases can be found in the [Aurora User Guide](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-global-database.html#aurora-global-database-creating). From 13639713f7ff57d289ad14f509317d039e016adf Mon Sep 17 00:00:00 2001 From: jwavoet Date: Thu, 21 May 2020 14:54:59 +0200 Subject: [PATCH 302/475] docs/resource/aws_db_instance: Updated character_set_name for compatibility MSSQL (#12006) Character_set_name (collation) is also compatible with MSSQL as I discovered within the AWS documentation and apparently Terraform is capable of setting this parameter. --- website/docs/r/db_instance.html.markdown | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/website/docs/r/db_instance.html.markdown b/website/docs/r/db_instance.html.markdown index 0e3c90421d3..e47ee2a46cc 100644 --- a/website/docs/r/db_instance.html.markdown +++ b/website/docs/r/db_instance.html.markdown @@ -91,10 +91,9 @@ automated backups are created if they are enabled. Example: "09:46-10:16". Must not overlap with `maintenance_window`. * `ca_cert_identifier` - (Optional) The identifier of the CA certificate for the DB instance. * `character_set_name` - (Optional) The character set name to use for DB -encoding in Oracle instances. This can't be changed. See [Oracle Character Sets -Supported in Amazon -RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Appendix.OracleCharacterSets.html) -for more information. +encoding in Oracle and Microsoft SQL instances (collation). This can't be changed. See [Oracle Character Sets +Supported in Amazon RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Appendix.OracleCharacterSets.html) +or [Server-Level Collation for Microsoft SQL Server](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Appendix.SQLServer.CommonDBATasks.Collation.html) for more information. * `copy_tags_to_snapshot` – (Optional, boolean) Copy all Instance `tags` to snapshots. Default is `false`. * `db_subnet_group_name` - (Optional) Name of [DB subnet group](/docs/providers/aws/r/db_subnet_group.html). DB instance will be created in the VPC associated with the DB subnet group. If unspecified, will @@ -276,9 +275,9 @@ in a Route 53 Alias record). * `storage_encrypted` - Specifies whether the DB instance is encrypted. * `username` - The master username for the database. -On Oracle instances the following is exported additionally: +On Oracle and Microsoft SQL instances the following is exported additionally: -* `character_set_name` - The character set used on Oracle instances. +* `character_set_name` - The character set (collation) used on Oracle and Microsoft SQL instances. ## Import From 1d896f5b6e3ec9cbb8aedeb947b8cec275e3f25f Mon Sep 17 00:00:00 2001 From: John Robison <39737211+jrobison-sb@users.noreply.github.com> Date: Thu, 21 May 2020 08:57:32 -0400 Subject: [PATCH 303/475] docs/resource/aws_db_instance: Clarify replicate_source_db for cross-region (#12518) This change clarifies that you need to specify `replicate_source_db` as a DB Instance Identifier when building a read replica within the same region as the source instance, and you need to specify `replicate_source_db` as an ARN when building a cross-region replica. --- website/docs/r/db_instance.html.markdown | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/website/docs/r/db_instance.html.markdown b/website/docs/r/db_instance.html.markdown index e47ee2a46cc..f4a0eb66e87 100644 --- a/website/docs/r/db_instance.html.markdown +++ b/website/docs/r/db_instance.html.markdown @@ -163,7 +163,9 @@ logs, and it will be stored in the state file. accessible. Default is `false`. * `replicate_source_db` - (Optional) Specifies that this resource is a Replicate database, and to use this value as the source database. This correlates to the -`identifier` of another Amazon RDS Database to replicate. Note that if you are +`identifier` of another Amazon RDS Database to replicate (if replicating within +a single region) or ARN of the Amazon RDS Database to replicate (if replicating +cross-region). Note that if you are creating a cross-region replica of an encrypted database you will also need to specify a `kms_key_id`. See [DB Instance Replication][1] and [Working with PostgreSQL and MySQL Read Replicas](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_ReadRepl.html) From 5d2b2174310afe419e358db2e107960e9e9e755b Mon Sep 17 00:00:00 2001 From: Ilia Lazebnik Date: Thu, 21 May 2020 19:57:41 +0300 Subject: [PATCH 304/475] Update resource_aws_cognito_identity_pool_roles_attachment.go --- aws/resource_aws_cognito_identity_pool_roles_attachment.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/aws/resource_aws_cognito_identity_pool_roles_attachment.go b/aws/resource_aws_cognito_identity_pool_roles_attachment.go index 90b24919835..22754fc26e0 100644 --- a/aws/resource_aws_cognito_identity_pool_roles_attachment.go +++ b/aws/resource_aws_cognito_identity_pool_roles_attachment.go @@ -154,7 +154,7 @@ func resourceAwsCognitoIdentityPoolRolesAttachmentRead(d *schema.ResourceData, m return err } - d.Set("identity_pool_id", d.Id()) + d.Set("identity_pool_id", ip.IdentityPoolId) if err := d.Set("roles", flattenCognitoIdentityPoolRoles(ip.Roles)); err != nil { return fmt.Errorf("Error setting roles error: %#v", err) From 309a0c1e7550cb203d3c80bd7f98098ec5fea67a Mon Sep 17 00:00:00 2001 From: angie pinilla Date: Thu, 21 May 2020 13:16:35 -0400 Subject: [PATCH 305/475] Update CHANGELOG for #13440 --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index b1da5d94ba4..03f6a28c9c3 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -17,6 +17,7 @@ ENHANCEMENTS: * data-source/aws_lb_target_group: Add `load_balancing_algorithm_type` attribute [GH-13400] * data-source/aws_rds_cluster: `backtrack_window` attribute now available [GH-13362] * resource/aws_codebuild_webhook: Support `COMMIT_MESSAGE` value in filter types [GH-13436] +* resource/aws_cognito_identity_pool_roles_attachment: Add import support [GH-13440] * resource/aws_ecs_service: Add `force_new_deployment` argument [GH-13376] * resource/aws_ecs_service: Support in-place updates for `ordered_placement_strategy` and `placement_constraints` [GH-13376] * resource/aws_eks_node_group: Add `force_update_version` argument [GH-13414] From 4190fceaa009befd848ac4f3b4d3d1cfdd80a9ff Mon Sep 17 00:00:00 2001 From: Graham Davison Date: Thu, 21 May 2020 11:54:54 -0700 Subject: [PATCH 306/475] Removes alternate account test functions --- aws/provider_test.go | 34 ------------------- ...ce_aws_ram_resource_share_accepter_test.go | 4 +-- 2 files changed, 2 insertions(+), 36 deletions(-) diff --git a/aws/provider_test.go b/aws/provider_test.go index b4411dbbd7e..cdc19055ca0 100644 --- a/aws/provider_test.go +++ b/aws/provider_test.go @@ -74,21 +74,6 @@ func testAccPreCheck(t *testing.T) { } } -// testAccAlternateAccountProvider returns the schema.Provider for the alternate account -// Must be used within a resource.TestCheckFunc -func testAccAlternateAccountProvider(providers *[]*schema.Provider) (result *schema.Provider) { - primaryAccountID := testAccGetAccountID() - - for _, provider := range *providers { - accountID := testAccAwsProviderAccountID(provider) - if accountID != "" && accountID != primaryAccountID { - result = provider - } - } - - return -} - // testAccAwsProviderAccountID returns the account ID of an AWS provider func testAccAwsProviderAccountID(provider *schema.Provider) string { if provider == nil { @@ -114,15 +99,6 @@ func testAccCheckResourceAttrAccountID(resourceName, attributeName string) resou } } -// testAccCheckResourceAttrAlternateAccountID ensures the Terraform state exactly matches the alternate account ID -func testAccCheckResourceAttrAlternateAccountID(resourceName, attributeName string, providers *[]*schema.Provider) resource.TestCheckFunc { - return func(s *terraform.State) error { - provider := testAccAlternateAccountProvider(providers) - - return resource.TestCheckResourceAttr(resourceName, attributeName, testAccAwsProviderAccountID(provider))(s) - } -} - // testAccCheckResourceAttrRegionalARN ensures the Terraform state exactly matches a formatted ARN with region func testAccCheckResourceAttrRegionalARN(resourceName, attributeName, arnService, arnResource string) resource.TestCheckFunc { return func(s *terraform.State) error { @@ -226,16 +202,6 @@ func testAccMatchResourceAttrRegionalARNAccountID(resourceName, attributeName, a } } -// testAccMatchResourceAttrRegionalARNAlternateAccount ensures the Terraform state regexp matches a formatted ARN with region in the alternate account -// assumes the regions for the primary and alternate accounts are the same -func testAccMatchResourceAttrRegionalARNAlternateAccount(resourceName, attributeName string, providers *[]*schema.Provider, arnService string, arnResourceRegexp *regexp.Regexp) resource.TestCheckFunc { - return func(s *terraform.State) error { - provider := testAccAlternateAccountProvider(providers) - - return testAccMatchResourceAttrRegionalARNAccountID(resourceName, attributeName, testAccAwsProviderAccountID(provider), "ram", arnResourceRegexp)(s) - } -} - // testAccMatchResourceAttrRegionalHostname ensures the Terraform state regexp matches a formatted DNS hostname with region and partition DNS suffix func testAccMatchResourceAttrRegionalHostname(resourceName, attributeName, serviceName string, hostnamePrefixRegexp *regexp.Regexp) resource.TestCheckFunc { return func(s *terraform.State) error { diff --git a/aws/resource_aws_ram_resource_share_accepter_test.go b/aws/resource_aws_ram_resource_share_accepter_test.go index 3340c01b4ca..b14589158d8 100644 --- a/aws/resource_aws_ram_resource_share_accepter_test.go +++ b/aws/resource_aws_ram_resource_share_accepter_test.go @@ -34,11 +34,11 @@ func TestAccAwsRamResourceShareAccepter_basic(t *testing.T) { Check: resource.ComposeTestCheckFunc( testAccCheckAwsRamResourceShareAccepterExists(resourceName), resource.TestCheckResourceAttrPair(resourceName, "share_arn", principalAssociationResourceName, "resource_share_arn"), - testAccMatchResourceAttrRegionalARNAlternateAccount(resourceName, "invitation_arn", &providers, "ram", regexp.MustCompile(fmt.Sprintf("resource-share-invitation/%s$", uuidRegexPattern))), + testAccMatchResourceAttrRegionalARNAccountID(resourceName, "invitation_arn", `\d{12}`, "ram", regexp.MustCompile(fmt.Sprintf("resource-share-invitation/%s$", uuidRegexPattern))), resource.TestMatchResourceAttr(resourceName, "share_id", regexp.MustCompile(fmt.Sprintf(`^rs-%s$`, uuidRegexPattern))), resource.TestCheckResourceAttr(resourceName, "status", ram.ResourceShareStatusActive), testAccCheckResourceAttrAccountID(resourceName, "receiver_account_id"), - testAccCheckResourceAttrAlternateAccountID(resourceName, "sender_account_id", &providers), + resource.TestMatchResourceAttr(resourceName, "sender_account_id", regexp.MustCompile(`\d{12}`)), resource.TestCheckResourceAttr(resourceName, "share_name", shareName), resource.TestCheckResourceAttr(resourceName, "resources.%", "0"), ), From eefe92930d2324b0f56aa4ff06f85f5a1bd08635 Mon Sep 17 00:00:00 2001 From: Graham Davison Date: Thu, 21 May 2020 12:22:44 -0700 Subject: [PATCH 307/475] Removes old test check Co-authored-by: Brian Flad --- aws/resource_aws_organizations_policy_test.go | 1 - 1 file changed, 1 deletion(-) diff --git a/aws/resource_aws_organizations_policy_test.go b/aws/resource_aws_organizations_policy_test.go index 3fde24bbbc4..09c4e470c05 100644 --- a/aws/resource_aws_organizations_policy_test.go +++ b/aws/resource_aws_organizations_policy_test.go @@ -28,7 +28,6 @@ func testAccAwsOrganizationsPolicy_basic(t *testing.T) { Config: testAccAwsOrganizationsPolicyConfig_Required(rName, content1), Check: resource.ComposeTestCheckFunc( testAccCheckAwsOrganizationsPolicyExists(resourceName, &policy), - resource.TestMatchResourceAttr(resourceName, "arn", regexp.MustCompile(`^arn:[^:]+:organizations::[^:]+:policy/o-.+/service_control_policy/p-.+$`)), testAccMatchResourceAttrGlobalARN(resourceName, "arn", "organizations", regexp.MustCompile("policy/o-.+/service_control_policy/p-.+$")), resource.TestCheckResourceAttr(resourceName, "content", content1), resource.TestCheckResourceAttr(resourceName, "description", ""), From bc250e3b822d31be0b29e09ab86d641cf06cee8a Mon Sep 17 00:00:00 2001 From: Graham Davison Date: Thu, 21 May 2020 12:23:43 -0700 Subject: [PATCH 308/475] Removes old test check Co-authored-by: Brian Flad --- aws/resource_aws_kinesis_firehose_delivery_stream_test.go | 1 - 1 file changed, 1 deletion(-) diff --git a/aws/resource_aws_kinesis_firehose_delivery_stream_test.go b/aws/resource_aws_kinesis_firehose_delivery_stream_test.go index 2314de76a7e..d6980bf8c04 100644 --- a/aws/resource_aws_kinesis_firehose_delivery_stream_test.go +++ b/aws/resource_aws_kinesis_firehose_delivery_stream_test.go @@ -761,7 +761,6 @@ func TestAccAWSKinesisFirehoseDeliveryStream_ExtendedS3KmsKeyArn(t *testing.T) { Check: resource.ComposeTestCheckFunc( testAccCheckKinesisFirehoseDeliveryStreamExists(resourceName, &stream), testAccCheckAWSKinesisFirehoseDeliveryStreamAttributes(&stream, nil, nil, nil, nil, nil), - resource.TestMatchResourceAttr(resourceName, "extended_s3_configuration.0.kms_key_arn", regexp.MustCompile(`^arn:[^:]+:kms:[^:]+:[^:]+:key/.+$`)), resource.TestCheckResourceAttrPair(resourceName, "extended_s3_configuration.0.kms_key_arn", "aws_kms_key.test", "arn"), ), }, From e6df01e642ca2cf66fe39b9908bda4574e182ac2 Mon Sep 17 00:00:00 2001 From: Brian Flad Date: Thu, 21 May 2020 16:46:46 -0400 Subject: [PATCH 309/475] tests/provider: Remove fixed aws_s3_analytics_configuration ignores from tfproviderdocs (#13448) Reference: https://github.com/terraform-providers/terraform-provider-aws/pull/12702 --- .github/workflows/terraform_provider.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/workflows/terraform_provider.yml b/.github/workflows/terraform_provider.yml index 4faf55f6590..8454776fd5a 100644 --- a/.github/workflows/terraform_provider.yml +++ b/.github/workflows/terraform_provider.yml @@ -249,9 +249,8 @@ jobs: run: | tfproviderdocs check \ -allowed-resource-subcategories-file website/allowed-subcategories.txt \ - -ignore-file-mismatch-resources aws_s3_bucket_analysis_configuration \ -ignore-file-missing-data-sources aws_alb,aws_alb_listener,aws_alb_target_group \ - -ignore-file-missing-resources aws_alb,aws_alb_listener,aws_alb_listener_certificate,aws_alb_listener_rule,aws_alb_target_group,aws_alb_target_group_attachment,aws_s3_bucket_analytics_configuration \ + -ignore-file-missing-resources aws_alb,aws_alb_listener,aws_alb_listener_certificate,aws_alb_listener_rule,aws_alb_target_group,aws_alb_target_group_attachment \ -ignore-side-navigation-data-sources aws_alb,aws_alb_listener,aws_alb_target_group,aws_kms_secret \ -provider-name aws \ -providers-schema-json terraform-providers-schema/schema.json \ From 021ebbc1bd20936b866b9f784316debb88dd966e Mon Sep 17 00:00:00 2001 From: Brian Flad Date: Thu, 21 May 2020 17:01:31 -0400 Subject: [PATCH 310/475] resource/aws_network_acl: Use schema.ImportStatePassthrough (#13419) Reference: https://github.com/terraform-providers/terraform-provider-aws/issues/13408 While this resource was not actually performing multiple resource import, the commented code was showing up in searches for it (via `.SetType()`). As an added bonus to the dramatically simpler code (since Terraform automatic refresh during import), this removes the legacy `import_` file. Yay! Output from acceptance testing (see #13382 for fixes to _SubnetsChange and _SubnetsDelete tests): ``` --- PASS: TestAccAWSNetworkAcl_espProtocol (34.51s) --- PASS: TestAccAWSNetworkAcl_basic (35.15s) --- PASS: TestAccAWSNetworkAcl_ipv6ICMPRules (36.21s) --- PASS: TestAccAWSNetworkAcl_OnlyEgressRules (37.51s) --- PASS: TestAccAWSNetworkAcl_disappears (37.95s) --- PASS: TestAccAWSNetworkAcl_EgressAndIngressRules (38.20s) --- PASS: TestAccAWSNetworkAcl_ipv6VpcRules (38.68s) --- PASS: TestAccAWSNetworkAcl_ipv6Rules (44.12s) --- PASS: TestAccAWSNetworkAcl_OnlyIngressRules_basic (44.86s) --- PASS: TestAccAWSNetworkAcl_CaseSensitivityNoChanges (45.01s) --- FAIL: TestAccAWSNetworkAcl_SubnetsDelete (55.50s) --- PASS: TestAccAWSNetworkAcl_OnlyIngressRules_update (65.91s) --- PASS: TestAccAWSNetworkAcl_SubnetChange (66.79s) --- PASS: TestAccAWSNetworkAcl_Egress_ConfigMode (74.44s) --- PASS: TestAccAWSNetworkAcl_Subnets (75.89s) --- PASS: TestAccAWSNetworkAcl_Ingress_ConfigMode (76.75s) ``` --- aws/import_aws_network_acl.go | 95 --------------------------------- aws/resource_aws_network_acl.go | 2 +- 2 files changed, 1 insertion(+), 96 deletions(-) delete mode 100644 aws/import_aws_network_acl.go diff --git a/aws/import_aws_network_acl.go b/aws/import_aws_network_acl.go deleted file mode 100644 index be2c6c164bd..00000000000 --- a/aws/import_aws_network_acl.go +++ /dev/null @@ -1,95 +0,0 @@ -package aws - -import ( - "fmt" - - "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/service/ec2" - "github.com/hashicorp/terraform-plugin-sdk/helper/schema" -) - -// Network ACLs import their rules and associations -func resourceAwsNetworkAclImportState( - d *schema.ResourceData, - meta interface{}) ([]*schema.ResourceData, error) { - conn := meta.(*AWSClient).ec2conn - - // First query the resource itself - resp, err := conn.DescribeNetworkAcls(&ec2.DescribeNetworkAclsInput{ - NetworkAclIds: []*string{aws.String(d.Id())}, - }) - if err != nil { - return nil, err - } - if resp == nil || len(resp.NetworkAcls) < 1 || resp.NetworkAcls[0] == nil { - return nil, fmt.Errorf("network ACL %s is not found", d.Id()) - } - acl := resp.NetworkAcls[0] - - // Start building our results - results := make([]*schema.ResourceData, 1, - 2+len(acl.Associations)+len(acl.Entries)) - results[0] = d - - /* - { - // Construct the entries - subResource := resourceAwsNetworkAclRule() - for _, entry := range acl.Entries { - // Minimal data for route - d := subResource.Data(nil) - d.SetType("aws_network_acl_rule") - d.Set("network_acl_id", acl.NetworkAclId) - d.Set("rule_number", entry.RuleNumber) - d.Set("egress", entry.Egress) - d.Set("protocol", entry.Protocol) - d.SetId(networkAclIdRuleNumberEgressHash( - d.Get("network_acl_id").(string), - d.Get("rule_number").(int), - d.Get("egress").(bool), - d.Get("protocol").(string))) - results = append(results, d) - } - } - - { - // Construct the associations - subResource := resourceAwsRouteTableAssociation() - for _, assoc := range table.Associations { - if *assoc.Main { - // Ignore - continue - } - - // Minimal data for route - d := subResource.Data(nil) - d.SetType("aws_route_table_association") - d.Set("route_table_id", assoc.RouteTableId) - d.SetId(*assoc.RouteTableAssociationId) - results = append(results, d) - } - } - - { - // Construct the main associations. We could do this above but - // I keep this as a separate section since it is a separate resource. - subResource := resourceAwsMainRouteTableAssociation() - for _, assoc := range table.Associations { - if !*assoc.Main { - // Ignore - continue - } - - // Minimal data for route - d := subResource.Data(nil) - d.SetType("aws_main_route_table_association") - d.Set("route_table_id", id) - d.Set("vpc_id", table.VpcId) - d.SetId(*assoc.RouteTableAssociationId) - results = append(results, d) - } - } - */ - - return results, nil -} diff --git a/aws/resource_aws_network_acl.go b/aws/resource_aws_network_acl.go index 59c4264e9f2..cf1d4848029 100644 --- a/aws/resource_aws_network_acl.go +++ b/aws/resource_aws_network_acl.go @@ -26,7 +26,7 @@ func resourceAwsNetworkAcl() *schema.Resource { Delete: resourceAwsNetworkAclDelete, Update: resourceAwsNetworkAclUpdate, Importer: &schema.ResourceImporter{ - State: resourceAwsNetworkAclImportState, + State: schema.ImportStatePassthrough, }, Schema: map[string]*schema.Schema{ From 8f36c9811312d15ee568baef1ecd93a51394d806 Mon Sep 17 00:00:00 2001 From: Graham Davison Date: Thu, 21 May 2020 14:03:02 -0700 Subject: [PATCH 311/475] Updates example for Terraform 0.11 compatibility. Now assumes required IAM role is present and includes instructions when not present. --- examples/workspaces/README.md | 4 +-- examples/workspaces/iam.tf | 53 ++++++++++++++++++----------------- examples/workspaces/main.tf | 26 +++++++++-------- 3 files changed, 45 insertions(+), 38 deletions(-) diff --git a/examples/workspaces/README.md b/examples/workspaces/README.md index 021b75b46dd..9b6b75bbeba 100644 --- a/examples/workspaces/README.md +++ b/examples/workspaces/README.md @@ -4,9 +4,9 @@ This example demonstrates how to create a WorkSpace and WorkSpace directory usin ## Note -The AWS WorkSpaces service requires an IAM role named `workspaces_DefaultRole`. This example creates this role and attaches policies to it. This will cause an error if the role already exists in the AWS account. +The AWS WorkSpaces service requires an IAM role named `workspaces_DefaultRole`. By default, this example assumes the role exists and is configured. If the role does not exist or is not configured appropriately, the example will not successfully deploy. -The IAM resources are defined in the Terraform source file [iam.tf](./iam.tf). If the role exists, remove the IAM resource file. The resources `aws_workspaces_directory.example` and `aws_workspaces_workspace.example` have dependencies on the IAM resources. The `depends_on` blocks can be removed from both. +The IAM resources are defined in the Terraform source file [iam.tf](./iam.tf), but are commented out. If the role does not exist in your environment, uncomment the contents of the file. The resources `aws_workspaces_directory.example` and `aws_workspaces_workspace.example` have dependencies on the IAM resources. The `depends_on` meta-arguments should also be uncommented on both. ## Running this example diff --git a/examples/workspaces/iam.tf b/examples/workspaces/iam.tf index e3800f308ab..de04b6a94a7 100644 --- a/examples/workspaces/iam.tf +++ b/examples/workspaces/iam.tf @@ -1,25 +1,28 @@ -resource "aws_iam_role" "workspaces-default" { - name = "workspaces_DefaultRole" - assume_role_policy = "${data.aws_iam_policy_document.workspaces.json}" -} - -data "aws_iam_policy_document" "workspaces" { - statement { - actions = ["sts:AssumeRole"] - - principals { - type = "Service" - identifiers = ["workspaces.amazonaws.com"] - } - } -} - -resource "aws_iam_role_policy_attachment" "workspaces-default-service-access" { - role = "${aws_iam_role.workspaces-default.name}" - policy_arn = "arn:aws:iam::aws:policy/AmazonWorkSpacesServiceAccess" -} - -resource "aws_iam_role_policy_attachment" "workspaces-default-self-service-access" { - role = "${aws_iam_role.workspaces-default.name}" - policy_arn = "arn:aws:iam::aws:policy/AmazonWorkSpacesSelfServiceAccess" -} +# Uncomment the resources in this file to create the IAM resources required by the AWS WorkSpaces service. +# Also uncomment the `depends_on` meta-arguments on `aws_workspaces_directory.example` and `aws_workspaces_workspace.example`. +# +# resource "aws_iam_role" "workspaces-default" { +# name = "workspaces_DefaultRole" +# assume_role_policy = "${data.aws_iam_policy_document.workspaces.json}" +# } +# +# data "aws_iam_policy_document" "workspaces" { +# statement { +# actions = ["sts:AssumeRole"] +# +# principals { +# type = "Service" +# identifiers = ["workspaces.amazonaws.com"] +# } +# } +# } +# +# resource "aws_iam_role_policy_attachment" "workspaces-default-service-access" { +# role = "${aws_iam_role.workspaces-default.name}" +# policy_arn = "arn:aws:iam::aws:policy/AmazonWorkSpacesServiceAccess" +# } +# +# resource "aws_iam_role_policy_attachment" "workspaces-default-self-service-access" { +# role = "${aws_iam_role.workspaces-default.name}" +# policy_arn = "arn:aws:iam::aws:policy/AmazonWorkSpacesSelfServiceAccess" +# } diff --git a/examples/workspaces/main.tf b/examples/workspaces/main.tf index 5479598a2f7..024f24d1afb 100644 --- a/examples/workspaces/main.tf +++ b/examples/workspaces/main.tf @@ -6,9 +6,10 @@ resource "aws_workspaces_directory" "example" { directory_id = "${aws_directory_service_directory.example.id}" subnet_ids = ["${aws_subnet.private-a.id}", "${aws_subnet.private-b.id}"] - depends_on = [ - aws_iam_role.workspaces-default - ] + # Uncomment this meta-argument if you are creating the IAM resources required by the AWS WorkSpaces service. + # depends_on = [ + # "aws_iam_role.workspaces-default" + # ] } data "aws_workspaces_bundle" "value_windows" { @@ -38,11 +39,12 @@ resource "aws_workspaces_workspace" "example" { Department = "IT" } - depends_on = [ - # The role "workspaces_DefaultRole" requires the policy arn:aws:iam::aws:policy/AmazonWorkSpacesServiceAccess - # to create and delete the ENI that the Workspaces service creates for the Workspace - aws_iam_role_policy_attachment.workspaces-default-service-access, - ] + # Uncomment this meta-argument if you are creating the IAM resources required by the AWS WorkSpaces service. + # depends_on = [ + # # The role "workspaces_DefaultRole" requires the policy arn:aws:iam::aws:policy/AmazonWorkSpacesServiceAccess + # # to create and delete the ENI that the Workspaces service creates for the Workspace + # "aws_iam_role_policy_attachment.workspaces-default-service-access", + # ] } resource "aws_workspaces_ip_group" "main" { @@ -72,11 +74,13 @@ data "aws_availability_zones" "available" { locals { # Workspace instances are not supported in all AZs in some regions - region_workspaces_az_ids = { - "us-east-1" = "${formatlist("use1-az%d", [2, 4, 6])}" + # We use joined and split string values here instead of lists for Terraform 0.11 compatibility + region_workspaces_az_id_strings = { + "us-east-1" = "${join(",",formatlist("use1-az%d", list("2", "4", "6")))}" } - workspaces_az_ids = "${lookup(local.region_workspaces_az_ids, data.aws_region.current.name, data.aws_availability_zones.available.zone_ids)}" + workspaces_az_id_strings = "${lookup(local.region_workspaces_az_id_strings, data.aws_region.current.name, join(",",data.aws_availability_zones.available.zone_ids))}" + workspaces_az_ids = "${split(",",local.workspaces_az_id_strings)}" } resource "aws_vpc" "main" { From 7a11863d3c94a9ff82e4ce25e0cec7794463baef Mon Sep 17 00:00:00 2001 From: Brian Flad Date: Thu, 21 May 2020 17:12:03 -0400 Subject: [PATCH 312/475] tests/service/efs: Fix infinite looping of sweepers (#13415) Previously the sweeper could get stuck in an infinite loop when an EFS File System was present, but EFS Mount Targets or EFS Access Points were not: ``` [19:46:35] : [Step 5/5] 2020/05/19 19:46:35 [INFO] No EFS Mount Targets to sweep on File System "fs-a3e9c509" [19:46:35] : [Step 5/5] 2020/05/19 19:46:35 [DEBUG] [aws-sdk-go] DEBUG: Request elasticfilesystem/DescribeMountTargets Details: ... [19:46:35] : [Step 5/5] 2020/05/19 19:46:35 [DEBUG] [aws-sdk-go] DEBUG: Response elasticfilesystem/DescribeMountTargets Details: ... [19:46:35] : [Step 5/5] 2020/05/19 19:46:35 [DEBUG] [aws-sdk-go] {"Marker":null,"MountTargets":[],"NextMarker":null} [19:46:35] : [Step 5/5] 2020/05/19 19:46:35 [INFO] No EFS Mount Targets to sweep on File System "fs-a3e9c509" [19:46:35] : [Step 5/5] 2020/05/19 19:46:35 [DEBUG] [aws-sdk-go] DEBUG: Request elasticfilesystem/DescribeMountTargets Details: ... [19:46:35] : [Step 5/5] 2020/05/19 19:46:35 [DEBUG] [aws-sdk-go] DEBUG: Response elasticfilesystem/DescribeMountTargets Details: ... [19:46:35] : [Step 5/5] 2020/05/19 19:46:35 [DEBUG] [aws-sdk-go] {"Marker":null,"MountTargets":[],"NextMarker":null} [19:46:35] : [Step 5/5] 2020/05/19 19:46:35 [INFO] No EFS Mount Targets to sweep on File System "fs-a3e9c509" [19:46:35] : [Step 5/5] 2020/05/19 19:46:35 [DEBUG] [aws-sdk-go] DEBUG: Request elasticfilesystem/DescribeMountTargets Details: ``` Output from sweeper in AWS Commercial: ``` 2020/05/19 21:54:17 [DEBUG] Running Sweepers for region (us-west-2): 2020/05/19 21:54:17 [DEBUG] Running Sweeper (aws_efs_mount_target) in region (us-west-2) ... 2020/05/19 21:54:20 [INFO] Deleting Mount Targets for EFS File System: fs-a3e9c509 2020/05/19 21:54:21 [INFO] No EFS Mount Targets to sweep on File System "fs-a3e9c509" 2020/05/19 21:54:21 [INFO] Deleting Mount Targets for EFS File System: fs-afe9c505 2020/05/19 21:54:21 [INFO] No EFS Mount Targets to sweep on File System "fs-afe9c505" 2020/05/19 21:54:21 [INFO] Deleting Mount Targets for EFS File System: fs-aee9c504 2020/05/19 21:54:21 [INFO] No EFS Mount Targets to sweep on File System "fs-aee9c504" 2020/05/19 21:54:21 [INFO] Deleting Mount Targets for EFS File System: fs-abe9c501 2020/05/19 21:54:22 [INFO] No EFS Mount Targets to sweep on File System "fs-abe9c501" 2020/05/19 21:54:22 [INFO] Deleting Mount Targets for EFS File System: fs-aae9c500 2020/05/19 21:54:22 [INFO] No EFS Mount Targets to sweep on File System "fs-aae9c500" 2020/05/19 21:54:22 [INFO] Deleting Mount Targets for EFS File System: fs-a9e9c503 2020/05/19 21:54:22 [INFO] No EFS Mount Targets to sweep on File System "fs-a9e9c503" 2020/05/19 21:54:22 [INFO] Deleting Mount Targets for EFS File System: fs-a8e9c502 2020/05/19 21:54:23 [INFO] No EFS Mount Targets to sweep on File System "fs-a8e9c502" 2020/05/19 21:54:23 [INFO] Deleting Mount Targets for EFS File System: fs-57e8c4fd 2020/05/19 21:54:23 [INFO] No EFS Mount Targets to sweep on File System "fs-57e8c4fd" 2020/05/19 21:54:23 [INFO] Deleting Mount Targets for EFS File System: fs-56e8c4fc 2020/05/19 21:54:24 [INFO] No EFS Mount Targets to sweep on File System "fs-56e8c4fc" 2020/05/19 21:54:24 [INFO] Deleting Mount Targets for EFS File System: fs-55e8c4ff 2020/05/19 21:54:24 [INFO] No EFS Mount Targets to sweep on File System "fs-55e8c4ff" 2020/05/19 21:54:24 [INFO] Deleting Mount Targets for EFS File System: fs-54e8c4fe 2020/05/19 21:54:24 [INFO] No EFS Mount Targets to sweep on File System "fs-54e8c4fe" 2020/05/19 21:54:24 [INFO] Deleting Mount Targets for EFS File System: fs-1ad8f5b0 2020/05/19 21:54:25 [INFO] No EFS Mount Targets to sweep on File System "fs-1ad8f5b0" 2020/05/19 21:54:25 [DEBUG] Running Sweeper (aws_efs_access_point) in region (us-west-2) 2020/05/19 21:54:25 [INFO] Deleting access points for EFS File System: fs-a3e9c509 2020/05/19 21:54:26 [INFO] No EFS access points to sweep on File System "fs-a3e9c509" 2020/05/19 21:54:26 [INFO] Deleting access points for EFS File System: fs-afe9c505 2020/05/19 21:54:26 [INFO] No EFS access points to sweep on File System "fs-afe9c505" 2020/05/19 21:54:26 [INFO] Deleting access points for EFS File System: fs-aee9c504 2020/05/19 21:54:26 [INFO] No EFS access points to sweep on File System "fs-aee9c504" 2020/05/19 21:54:26 [INFO] Deleting access points for EFS File System: fs-abe9c501 2020/05/19 21:54:27 [INFO] No EFS access points to sweep on File System "fs-abe9c501" 2020/05/19 21:54:27 [INFO] Deleting access points for EFS File System: fs-aae9c500 2020/05/19 21:54:27 [INFO] No EFS access points to sweep on File System "fs-aae9c500" 2020/05/19 21:54:27 [INFO] Deleting access points for EFS File System: fs-a9e9c503 2020/05/19 21:54:28 [INFO] No EFS access points to sweep on File System "fs-a9e9c503" 2020/05/19 21:54:28 [INFO] Deleting access points for EFS File System: fs-a8e9c502 2020/05/19 21:54:28 [INFO] No EFS access points to sweep on File System "fs-a8e9c502" 2020/05/19 21:54:28 [INFO] Deleting access points for EFS File System: fs-57e8c4fd 2020/05/19 21:54:28 [INFO] No EFS access points to sweep on File System "fs-57e8c4fd" 2020/05/19 21:54:28 [INFO] Deleting access points for EFS File System: fs-56e8c4fc 2020/05/19 21:54:29 [INFO] No EFS access points to sweep on File System "fs-56e8c4fc" 2020/05/19 21:54:29 [INFO] Deleting access points for EFS File System: fs-55e8c4ff 2020/05/19 21:54:29 [INFO] No EFS access points to sweep on File System "fs-55e8c4ff" 2020/05/19 21:54:29 [INFO] Deleting access points for EFS File System: fs-54e8c4fe 2020/05/19 21:54:30 [INFO] No EFS access points to sweep on File System "fs-54e8c4fe" 2020/05/19 21:54:30 [INFO] Deleting access points for EFS File System: fs-1ad8f5b0 2020/05/19 21:54:30 [INFO] No EFS access points to sweep on File System "fs-1ad8f5b0" 2020/05/19 21:54:30 [DEBUG] Running Sweeper (aws_efs_file_system) in region (us-west-2) 2020/05/19 21:54:30 [INFO] Deleting EFS File System: fs-a3e9c509 2020/05/19 21:54:32 [DEBUG] Waiting for state to become: [] 2020/05/19 21:54:34 [INFO] Deleting EFS File System: fs-afe9c505 2020/05/19 21:54:35 [DEBUG] Waiting for state to become: [] 2020/05/19 21:54:37 [INFO] Deleting EFS File System: fs-aee9c504 2020/05/19 21:54:37 [DEBUG] Waiting for state to become: [] 2020/05/19 21:54:40 [INFO] Deleting EFS File System: fs-abe9c501 2020/05/19 21:54:40 [DEBUG] Waiting for state to become: [] 2020/05/19 21:54:42 [INFO] Deleting EFS File System: fs-aae9c500 2020/05/19 21:54:43 [DEBUG] Waiting for state to become: [] 2020/05/19 21:54:45 [INFO] Deleting EFS File System: fs-a9e9c503 2020/05/19 21:54:46 [DEBUG] Waiting for state to become: [] 2020/05/19 21:54:48 [INFO] Deleting EFS File System: fs-a8e9c502 2020/05/19 21:54:49 [DEBUG] Waiting for state to become: [] 2020/05/19 21:54:52 [INFO] Deleting EFS File System: fs-57e8c4fd 2020/05/19 21:54:52 [DEBUG] Waiting for state to become: [] 2020/05/19 21:54:54 [INFO] Deleting EFS File System: fs-56e8c4fc 2020/05/19 21:54:55 [DEBUG] Waiting for state to become: [] 2020/05/19 21:54:57 [INFO] Deleting EFS File System: fs-55e8c4ff 2020/05/19 21:54:58 [DEBUG] Waiting for state to become: [] 2020/05/19 21:55:00 [INFO] Deleting EFS File System: fs-54e8c4fe 2020/05/19 21:55:00 [DEBUG] Waiting for state to become: [] 2020/05/19 21:55:03 [INFO] Deleting EFS File System: fs-1ad8f5b0 2020/05/19 21:55:03 [DEBUG] Waiting for state to become: [] 2020/05/19 21:55:05 Sweeper Tests ran successfully: - aws_efs_mount_target - aws_efs_access_point - aws_efs_file_system 2020/05/19 21:55:05 [DEBUG] Running Sweepers for region (us-east-1): 2020/05/19 21:55:05 [DEBUG] Running Sweeper (aws_efs_mount_target) in region (us-east-1) ... 2020/05/19 21:55:07 [DEBUG] Running Sweeper (aws_efs_access_point) in region (us-east-1) 2020/05/19 21:55:07 [DEBUG] Running Sweeper (aws_efs_file_system) in region (us-east-1) 2020/05/19 21:55:08 Sweeper Tests ran successfully: - aws_efs_mount_target - aws_efs_access_point - aws_efs_file_system ok github.com/terraform-providers/terraform-provider-aws/aws 51.386s ``` Output from sweeper in AWS GovCloud (US): ``` 2020/05/19 21:55:18 [DEBUG] Running Sweepers for region (us-gov-west-1): 2020/05/19 21:55:18 [DEBUG] Running Sweeper (aws_efs_mount_target) in region (us-gov-west-1) ... 2020/05/19 21:55:20 [DEBUG] Running Sweeper (aws_efs_access_point) in region (us-gov-west-1) 2020/05/19 21:55:21 [DEBUG] Running Sweeper (aws_efs_file_system) in region (us-gov-west-1) 2020/05/19 21:55:21 Sweeper Tests ran successfully: - aws_efs_file_system - aws_efs_mount_target - aws_efs_access_point ok github.com/terraform-providers/terraform-provider-aws/aws 4.050s ``` --- aws/resource_aws_efs_access_point_test.go | 4 ++-- aws/resource_aws_efs_mount_target_test.go | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/aws/resource_aws_efs_access_point_test.go b/aws/resource_aws_efs_access_point_test.go index 144171deea2..665fa6eb05b 100644 --- a/aws/resource_aws_efs_access_point_test.go +++ b/aws/resource_aws_efs_access_point_test.go @@ -45,12 +45,12 @@ func testSweepEfsAccessPoints(region string) error { out, err := conn.DescribeAccessPoints(input) if err != nil { errors = multierror.Append(errors, fmt.Errorf("error retrieving EFS access points on File System %q: %w", id, err)) - continue + break } if out == nil || len(out.AccessPoints) == 0 { log.Printf("[INFO] No EFS access points to sweep on File System %q", id) - continue + break } for _, AccessPoint := range out.AccessPoints { diff --git a/aws/resource_aws_efs_mount_target_test.go b/aws/resource_aws_efs_mount_target_test.go index b5a04df4b4c..c41c18d2a34 100644 --- a/aws/resource_aws_efs_mount_target_test.go +++ b/aws/resource_aws_efs_mount_target_test.go @@ -46,12 +46,12 @@ func testSweepEfsMountTargets(region string) error { out, err := conn.DescribeMountTargets(input) if err != nil { errors = multierror.Append(errors, fmt.Errorf("error retrieving EFS Mount Targets on File System %q: %w", id, err)) - continue + break } if out == nil || len(out.MountTargets) == 0 { log.Printf("[INFO] No EFS Mount Targets to sweep on File System %q", id) - continue + break } for _, mounttarget := range out.MountTargets { From ebccac7b24f157b8a8a337e7e79ee268f618030a Mon Sep 17 00:00:00 2001 From: Graham Davison Date: Thu, 21 May 2020 14:28:01 -0700 Subject: [PATCH 313/475] Formatting cleanup --- examples/workspaces/main.tf | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/examples/workspaces/main.tf b/examples/workspaces/main.tf index 024f24d1afb..1be3d0664c3 100644 --- a/examples/workspaces/main.tf +++ b/examples/workspaces/main.tf @@ -76,11 +76,11 @@ locals { # Workspace instances are not supported in all AZs in some regions # We use joined and split string values here instead of lists for Terraform 0.11 compatibility region_workspaces_az_id_strings = { - "us-east-1" = "${join(",",formatlist("use1-az%d", list("2", "4", "6")))}" + "us-east-1" = "${join(",", formatlist("use1-az%d", list("2", "4", "6")))}" } - workspaces_az_id_strings = "${lookup(local.region_workspaces_az_id_strings, data.aws_region.current.name, join(",",data.aws_availability_zones.available.zone_ids))}" - workspaces_az_ids = "${split(",",local.workspaces_az_id_strings)}" + workspaces_az_id_strings = "${lookup(local.region_workspaces_az_id_strings, data.aws_region.current.name, join(",", data.aws_availability_zones.available.zone_ids))}" + workspaces_az_ids = "${split(",", local.workspaces_az_id_strings)}" } resource "aws_vpc" "main" { From c61fe3681710b89288a018ebd2a8d970b4fec07c Mon Sep 17 00:00:00 2001 From: appilon Date: Thu, 21 May 2020 17:33:37 -0400 Subject: [PATCH 314/475] service/ssm: Fix schema errors (#13438) * Fix schema errors Change `expired` attribute to TypeBool Export `document_version` attribute * Add TestCheck and documentation --- aws/resource_aws_ssm_activation.go | 2 +- aws/resource_aws_ssm_document.go | 4 ++++ aws/resource_aws_ssm_document_test.go | 1 + website/docs/r/ssm_document.html.markdown | 1 + 4 files changed, 7 insertions(+), 1 deletion(-) diff --git a/aws/resource_aws_ssm_activation.go b/aws/resource_aws_ssm_activation.go index b6d8a7115d0..f67bfc30e86 100644 --- a/aws/resource_aws_ssm_activation.go +++ b/aws/resource_aws_ssm_activation.go @@ -34,7 +34,7 @@ func resourceAwsSsmActivation() *schema.Resource { ForceNew: true, }, "expired": { - Type: schema.TypeString, + Type: schema.TypeBool, Computed: true, }, "expiration_date": { diff --git a/aws/resource_aws_ssm_document.go b/aws/resource_aws_ssm_document.go index b3a0d30b21c..635588c2272 100644 --- a/aws/resource_aws_ssm_document.go +++ b/aws/resource_aws_ssm_document.go @@ -107,6 +107,10 @@ func resourceAwsSsmDocument() *schema.Resource { Type: schema.TypeString, Computed: true, }, + "document_version": { + Type: schema.TypeString, + Computed: true, + }, "hash": { Type: schema.TypeString, Computed: true, diff --git a/aws/resource_aws_ssm_document_test.go b/aws/resource_aws_ssm_document_test.go index ac2d0ca9a8c..42f1619f24d 100644 --- a/aws/resource_aws_ssm_document_test.go +++ b/aws/resource_aws_ssm_document_test.go @@ -29,6 +29,7 @@ func TestAccAWSSSMDocument_basic(t *testing.T) { testAccCheckResourceAttrRegionalARN(resourceName, "arn", "ssm", fmt.Sprintf("document/%s", name)), testAccCheckResourceAttrRfc3339(resourceName, "created_date"), resource.TestCheckResourceAttr(resourceName, "tags.%", "0"), + resource.TestCheckResourceAttrSet(resourceName, "document_version"), ), }, { diff --git a/website/docs/r/ssm_document.html.markdown b/website/docs/r/ssm_document.html.markdown index 0a595d3510b..a34f65ddf48 100644 --- a/website/docs/r/ssm_document.html.markdown +++ b/website/docs/r/ssm_document.html.markdown @@ -72,6 +72,7 @@ In addition to all arguments above, the following attributes are exported: * `description` - The description of the document. * `schema_version` - The schema version of the document. * `default_version` - The default version of the document. +* `document_version` - The document version. * `hash` - The sha1 or sha256 of the document content * `hash_type` - "Sha1" "Sha256". The hashing algorithm used when hashing the content. * `latest_version` - The latest version of the document. From e4e4123b9bb2b8630c72d7fa809038294f171500 Mon Sep 17 00:00:00 2001 From: appilon Date: Thu, 21 May 2020 17:34:37 -0400 Subject: [PATCH 315/475] Update CHANGELOG.md --- CHANGELOG.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 03f6a28c9c3..924b27eee70 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -12,6 +12,7 @@ FEATURES: ENHANCEMENTS: +* resource/aws_ssm_document: Add `document_version` attribute [GH-13438] * data-source/aws_ram_resource_share: Add `owning_account_id` attribute [GH-13402] * data-source/aws_lb: Add `ip_address_type` attribute [GH-13400] * data-source/aws_lb_target_group: Add `load_balancing_algorithm_type` attribute [GH-13400] @@ -26,6 +27,7 @@ ENHANCEMENTS: BUG FIXES: +* resource/aws_ssm_activation: `expired` now properly set [GH-13438] * resource/aws_redshift_security_group: The resource is now importable [GH-13431] * resource/cloudwatch_log_metric_filter: `metric_transformation` `default_value` now properly set [GH-13411] * data-source/aws_db_instance: `auto_minor_version_upgrade` attribute now properly set [GH-13362] From b865fc67cd20668d0a0b76a9e657129a043cbb72 Mon Sep 17 00:00:00 2001 From: tf-release-bot Date: Fri, 22 May 2020 00:10:33 +0000 Subject: [PATCH 316/475] v2.63.0 --- CHANGELOG.md | 54 ++++++++++++++++++++++++++-------------------------- 1 file changed, 27 insertions(+), 27 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 924b27eee70..36bb8c2752c 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,39 +1,39 @@ -## 2.63.0 (Unreleased) +## 2.63.0 (May 22, 2020) FEATURES: -* **New Data Source:** `aws_efs_access_point` [GH-11965] -* **New Data Source:** `aws_wafv2_ip_set` [GH-12788] -* **New Data Source:** `aws_wafv2_regex_pattern_set` [GH-12789] -* **New Resource:** `aws_efs_access_point` [GH-11965] -* **New Resource:** `aws_efs_file_system_policy` [GH-11960] -* **New Resource:** `aws_wafv2_ip_set` [GH-12119] -* **New Resource:** `aws_wafv2_regex_pattern_set` [GH-12284] +* **New Data Source:** `aws_efs_access_point` ([#11965](https://github.com/terraform-providers/terraform-provider-aws/issues/11965)) +* **New Data Source:** `aws_wafv2_ip_set` ([#12788](https://github.com/terraform-providers/terraform-provider-aws/issues/12788)) +* **New Data Source:** `aws_wafv2_regex_pattern_set` ([#12789](https://github.com/terraform-providers/terraform-provider-aws/issues/12789)) +* **New Resource:** `aws_efs_access_point` ([#11965](https://github.com/terraform-providers/terraform-provider-aws/issues/11965)) +* **New Resource:** `aws_efs_file_system_policy` ([#11960](https://github.com/terraform-providers/terraform-provider-aws/issues/11960)) +* **New Resource:** `aws_wafv2_ip_set` ([#12119](https://github.com/terraform-providers/terraform-provider-aws/issues/12119)) +* **New Resource:** `aws_wafv2_regex_pattern_set` ([#12284](https://github.com/terraform-providers/terraform-provider-aws/issues/12284)) ENHANCEMENTS: -* resource/aws_ssm_document: Add `document_version` attribute [GH-13438] -* data-source/aws_ram_resource_share: Add `owning_account_id` attribute [GH-13402] -* data-source/aws_lb: Add `ip_address_type` attribute [GH-13400] -* data-source/aws_lb_target_group: Add `load_balancing_algorithm_type` attribute [GH-13400] -* data-source/aws_rds_cluster: `backtrack_window` attribute now available [GH-13362] -* resource/aws_codebuild_webhook: Support `COMMIT_MESSAGE` value in filter types [GH-13436] -* resource/aws_cognito_identity_pool_roles_attachment: Add import support [GH-13440] -* resource/aws_ecs_service: Add `force_new_deployment` argument [GH-13376] -* resource/aws_ecs_service: Support in-place updates for `ordered_placement_strategy` and `placement_constraints` [GH-13376] -* resource/aws_eks_node_group: Add `force_update_version` argument [GH-13414] -* resource/aws_glue_connection: Add `arn` argument [GH-13404] -* resource/aws_iot_topic_rule: Add `tags` argument [GH-13293] +* resource/aws_ssm_document: Add `document_version` attribute ([#13438](https://github.com/terraform-providers/terraform-provider-aws/issues/13438)) +* data-source/aws_ram_resource_share: Add `owning_account_id` attribute ([#13402](https://github.com/terraform-providers/terraform-provider-aws/issues/13402)) +* data-source/aws_lb: Add `ip_address_type` attribute ([#13400](https://github.com/terraform-providers/terraform-provider-aws/issues/13400)) +* data-source/aws_lb_target_group: Add `load_balancing_algorithm_type` attribute ([#13400](https://github.com/terraform-providers/terraform-provider-aws/issues/13400)) +* data-source/aws_rds_cluster: `backtrack_window` attribute now available ([#13362](https://github.com/terraform-providers/terraform-provider-aws/issues/13362)) +* resource/aws_codebuild_webhook: Support `COMMIT_MESSAGE` value in filter types ([#13436](https://github.com/terraform-providers/terraform-provider-aws/issues/13436)) +* resource/aws_cognito_identity_pool_roles_attachment: Add import support ([#13440](https://github.com/terraform-providers/terraform-provider-aws/issues/13440)) +* resource/aws_ecs_service: Add `force_new_deployment` argument ([#13376](https://github.com/terraform-providers/terraform-provider-aws/issues/13376)) +* resource/aws_ecs_service: Support in-place updates for `ordered_placement_strategy` and `placement_constraints` ([#13376](https://github.com/terraform-providers/terraform-provider-aws/issues/13376)) +* resource/aws_eks_node_group: Add `force_update_version` argument ([#13414](https://github.com/terraform-providers/terraform-provider-aws/issues/13414)) +* resource/aws_glue_connection: Add `arn` argument ([#13404](https://github.com/terraform-providers/terraform-provider-aws/issues/13404)) +* resource/aws_iot_topic_rule: Add `tags` argument ([#13293](https://github.com/terraform-providers/terraform-provider-aws/issues/13293)) BUG FIXES: -* resource/aws_ssm_activation: `expired` now properly set [GH-13438] -* resource/aws_redshift_security_group: The resource is now importable [GH-13431] -* resource/cloudwatch_log_metric_filter: `metric_transformation` `default_value` now properly set [GH-13411] -* data-source/aws_db_instance: `auto_minor_version_upgrade` attribute now properly set [GH-13362] -* resource/aws_autoscaling_group: `tags` `propagate_at_launch` attribute now properly set [GH-13360] -* resource/aws_eks_node_group: Only pass `release_version` value during `UpdateNodegroupVersion` if changed [GH-13407] -* resource/aws_network_acl: Fix issue with updating subnet associations returning `InvalidAssociationID.NotFound` [GH-13382] +* resource/aws_ssm_activation: `expired` now properly set ([#13438](https://github.com/terraform-providers/terraform-provider-aws/issues/13438)) +* resource/aws_redshift_security_group: The resource is now importable ([#13431](https://github.com/terraform-providers/terraform-provider-aws/issues/13431)) +* resource/cloudwatch_log_metric_filter: `metric_transformation` `default_value` now properly set ([#13411](https://github.com/terraform-providers/terraform-provider-aws/issues/13411)) +* data-source/aws_db_instance: `auto_minor_version_upgrade` attribute now properly set ([#13362](https://github.com/terraform-providers/terraform-provider-aws/issues/13362)) +* resource/aws_autoscaling_group: `tags` `propagate_at_launch` attribute now properly set ([#13360](https://github.com/terraform-providers/terraform-provider-aws/issues/13360)) +* resource/aws_eks_node_group: Only pass `release_version` value during `UpdateNodegroupVersion` if changed ([#13407](https://github.com/terraform-providers/terraform-provider-aws/issues/13407)) +* resource/aws_network_acl: Fix issue with updating subnet associations returning `InvalidAssociationID.NotFound` ([#13382](https://github.com/terraform-providers/terraform-provider-aws/issues/13382)) ## 2.62.0 (May 15, 2020) From 2cc9c47a4f152c250609a88351dd72da3c2368e8 Mon Sep 17 00:00:00 2001 From: tf-release-bot Date: Fri, 22 May 2020 00:29:06 +0000 Subject: [PATCH 317/475] Cleanup after v2.63.0 release --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 36bb8c2752c..0a0947e5b0d 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,4 @@ +## 2.64.0 (Unreleased) ## 2.63.0 (May 22, 2020) FEATURES: From 0d43cbfc9063a70392ed493fcfd950a6798bf321 Mon Sep 17 00:00:00 2001 From: appilon Date: Mon, 25 May 2020 21:32:01 -0400 Subject: [PATCH 318/475] service/lightsail: Fix type mismatch (#13430) * Fix type mismatch * Add test check --- aws/resource_aws_lightsail_instance.go | 5 ++--- aws/resource_aws_lightsail_instance_test.go | 1 + 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/aws/resource_aws_lightsail_instance.go b/aws/resource_aws_lightsail_instance.go index 46c482d4fe1..dafe9a7a252 100644 --- a/aws/resource_aws_lightsail_instance.go +++ b/aws/resource_aws_lightsail_instance.go @@ -4,7 +4,6 @@ import ( "fmt" "log" "regexp" - "strconv" "time" "github.com/aws/aws-sdk-go/aws" @@ -89,7 +88,7 @@ func resourceAwsLightsailInstance() *schema.Resource { Computed: true, }, "ram_size": { - Type: schema.TypeInt, + Type: schema.TypeFloat, Computed: true, }, "ipv6_address": { @@ -209,7 +208,7 @@ func resourceAwsLightsailInstanceRead(d *schema.ResourceData, meta interface{}) d.Set("username", i.Username) d.Set("created_at", i.CreatedAt.Format(time.RFC3339)) d.Set("cpu_count", i.Hardware.CpuCount) - d.Set("ram_size", strconv.FormatFloat(*i.Hardware.RamSizeInGb, 'f', 0, 64)) + d.Set("ram_size", i.Hardware.RamSizeInGb) d.Set("ipv6_address", i.Ipv6Address) d.Set("is_static_ip", i.IsStaticIp) d.Set("private_ip_address", i.PrivateIpAddress) diff --git a/aws/resource_aws_lightsail_instance_test.go b/aws/resource_aws_lightsail_instance_test.go index 50d137dd9c9..90f765ba790 100644 --- a/aws/resource_aws_lightsail_instance_test.go +++ b/aws/resource_aws_lightsail_instance_test.go @@ -91,6 +91,7 @@ func TestAccAWSLightsailInstance_basic(t *testing.T) { resource.TestCheckResourceAttrSet("aws_lightsail_instance.lightsail_instance_test", "bundle_id"), resource.TestCheckResourceAttrSet("aws_lightsail_instance.lightsail_instance_test", "key_pair_name"), resource.TestCheckResourceAttr("aws_lightsail_instance.lightsail_instance_test", "tags.%", "0"), + resource.TestMatchResourceAttr("aws_lightsail_instance.lightsail_instance_test", "ram_size", regexp.MustCompile(`\d+(.\d+)?`)), ), }, }, From f991d94496fbed3a2c9c7d7cb05fd3dc21898220 Mon Sep 17 00:00:00 2001 From: appilon Date: Mon, 25 May 2020 21:32:52 -0400 Subject: [PATCH 319/475] Update CHANGELOG.md --- CHANGELOG.md | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 0a0947e5b0d..8bfe1c20d20 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,4 +1,9 @@ ## 2.64.0 (Unreleased) + +BUG FIXES: + +* resource/aws_lightsail_instance: `ram_size` now properly set [GH-13430] + ## 2.63.0 (May 22, 2020) FEATURES: From cfa41eac2c1e892e9b1f1bc751f6bd11d71d5df2 Mon Sep 17 00:00:00 2001 From: Mike Lloyd Date: Tue, 26 May 2020 08:43:49 -0600 Subject: [PATCH 320/475] docs/resource/aws_rds_cluster: Sort arguments alphabetically (#13443) Most of the resource documentation is alphabetical, because this is a large provider, this should be alphabetical, too. --- website/docs/r/rds_cluster.html.markdown | 59 +++++++++++------------- 1 file changed, 26 insertions(+), 33 deletions(-) diff --git a/website/docs/r/rds_cluster.html.markdown b/website/docs/r/rds_cluster.html.markdown index 1fb5da498f4..d0f224b3628 100644 --- a/website/docs/r/rds_cluster.html.markdown +++ b/website/docs/r/rds_cluster.html.markdown @@ -97,48 +97,41 @@ the [AWS official documentation](https://docs.aws.amazon.com/cli/latest/referenc The following arguments are supported: -* `cluster_identifier` - (Optional, Forces new resources) The cluster identifier. If omitted, Terraform will assign a random, unique identifier. +* `apply_immediately` - (Optional) Specifies whether any cluster modifications are applied immediately, or during the next maintenance window. Default is `false`. See [Amazon RDS Documentation for more information.](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Overview.DBInstance.Modifying.html) +* `availability_zones` - (Optional) A list of EC2 Availability Zones for the DB cluster storage where DB cluster instances can be created. RDS automatically assigns 3 AZs if less than 3 AZs are configured, which will show as a difference requiring resource recreation next Terraform apply. It is recommended to specify 3 AZs or use [the `lifecycle` configuration block `ignore_changes` argument](/docs/configuration/resources.html#ignore_changes) if necessary. +* `backtrack_window` - (Optional) The target backtrack window, in seconds. Only available for `aurora` engine currently. To disable backtracking, set this value to `0`. Defaults to `0`. Must be between `0` and `259200` (72 hours) +* `backup_retention_period` - (Optional) The days to retain backups for. Default `1` * `cluster_identifier_prefix` - (Optional, Forces new resource) Creates a unique cluster identifier beginning with the specified prefix. Conflicts with `cluster_identifier`. +* `cluster_identifier` - (Optional, Forces new resources) The cluster identifier. If omitted, Terraform will assign a random, unique identifier. * `copy_tags_to_snapshot` – (Optional, boolean) Copy all Cluster `tags` to snapshots. Default is `false`. * `database_name` - (Optional) Name for an automatically created database on cluster creation. There are different naming restrictions per database engine: [RDS Naming Constraints][5] +* `db_cluster_parameter_group_name` - (Optional) A cluster parameter group to associate with the cluster. +* `db_subnet_group_name` - (Optional) A DB subnet group to associate with this DB instance. **NOTE:** This must match the `db_subnet_group_name` specified on every [`aws_rds_cluster_instance`](/docs/providers/aws/r/rds_cluster_instance.html) in the cluster. * `deletion_protection` - (Optional) If the DB instance should have deletion protection enabled. The database can't be deleted when this value is set to `true`. The default is `false`. -* `master_password` - (Required unless a `snapshot_identifier` or `global_cluster_identifier` is provided) Password for the master DB user. Note that this may - show up in logs, and it will be stored in the state file. Please refer to the [RDS Naming Constraints][5] +* `enable_http_endpoint` - (Optional) Enable HTTP endpoint (data API). Only valid when `engine_mode` is set to `serverless`. +* `enabled_cloudwatch_logs_exports` - (Optional) List of log types to export to cloudwatch. If omitted, no logs will be exported. The following log types are supported: `audit`, `error`, `general`, `slowquery`, `postgresql` (PostgreSQL). +* `engine_mode` - (Optional) The database engine mode. Valid values: `global`, `multimaster`, `parallelquery`, `provisioned`, `serverless`. Defaults to: `provisioned`. See the [RDS User Guide](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/aurora-serverless.html) for limitations when using `serverless`. +* `engine_version` - (Optional) The database engine version. Updating this argument results in an outage. See the [Aurora MySQL](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/AuroraMySQL.Updates.html) and [Aurora Postgres](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/AuroraPostgreSQL.Updates.html) documentation for your configured engine to determine this value. For example with Aurora MySQL 2, a potential value for this argument is `5.7.mysql_aurora.2.03.2`. +* `engine` - (Optional) The name of the database engine to be used for this DB cluster. Defaults to `aurora`. Valid Values: `aurora`, `aurora-mysql`, `aurora-postgresql` +* `final_snapshot_identifier` - (Optional) The name of your final DB snapshot when this DB cluster is deleted. If omitted, no final snapshot will be made. +* `global_cluster_identifier` - (Optional) The global cluster identifier specified on [`aws_rds_global_cluster`](/docs/providers/aws/r/rds_global_cluster.html). +* `iam_database_authentication_enabled` - (Optional) Specifies whether or mappings of AWS Identity and Access Management (IAM) accounts to database accounts is enabled. Please see [AWS Documentation](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.IAMDBAuth.html) for availability and limitations. +* `iam_roles` - (Optional) A List of ARNs for the IAM roles to associate to the RDS Cluster. +* `kms_key_id` - (Optional) The ARN for the KMS encryption key. When specifying `kms_key_id`, `storage_encrypted` needs to be set to true. +* `master_password` - (Required unless a `snapshot_identifier` or `global_cluster_identifier` is provided) Password for the master DB user. Note that this may show up in logs, and it will be stored in the state file. Please refer to the [RDS Naming Constraints][5] * `master_username` - (Required unless a `snapshot_identifier` or `global_cluster_identifier` is provided) Username for the master DB user. Please refer to the [RDS Naming Constraints][5]. This argument does not support in-place updates and cannot be changed during a restore from snapshot. -* `final_snapshot_identifier` - (Optional) The name of your final DB snapshot - when this DB cluster is deleted. If omitted, no final snapshot will be - made. -* `skip_final_snapshot` - (Optional) Determines whether a final DB snapshot is created before the DB cluster is deleted. If true is specified, no DB snapshot is created. If false is specified, a DB snapshot is created before the DB cluster is deleted, using the value from `final_snapshot_identifier`. Default is `false`. -* `availability_zones` - (Optional) A list of EC2 Availability Zones for the DB cluster storage where DB cluster instances can be created. RDS automatically assigns 3 AZs if less than 3 AZs are configured, which will show as a difference requiring resource recreation next Terraform apply. It is recommended to specify 3 AZs or use [the `lifecycle` configuration block `ignore_changes` argument](/docs/configuration/resources.html#ignore_changes) if necessary. -* `backtrack_window` - (Optional) The target backtrack window, in seconds. Only available for `aurora` engine currently. To disable backtracking, set this value to `0`. Defaults to `0`. Must be between `0` and `259200` (72 hours) -* `backup_retention_period` - (Optional) The days to retain backups for. Default `1` -* `preferred_backup_window` - (Optional) The daily time range during which automated backups are created if automated backups are enabled using the BackupRetentionPeriod parameter.Time in UTC -Default: A 30-minute window selected at random from an 8-hour block of time per region. e.g. 04:00-09:00 -* `preferred_maintenance_window` - (Optional) The weekly time range during which system maintenance can occur, in (UTC) e.g. wed:04:00-wed:04:30 * `port` - (Optional) The port on which the DB accepts connections -* `vpc_security_group_ids` - (Optional) List of VPC security groups to associate - with the Cluster -* `snapshot_identifier` - (Optional) Specifies whether or not to create this cluster from a snapshot. You can use either the name or ARN when specifying a DB cluster snapshot, or the ARN when specifying a DB snapshot. -* `global_cluster_identifier` - (Optional) The global cluster identifier specified on [`aws_rds_global_cluster`](/docs/providers/aws/r/rds_global_cluster.html). -* `storage_encrypted` - (Optional) Specifies whether the DB cluster is encrypted. The default is `false` for `provisioned` `engine_mode` and `true` for `serverless` `engine_mode`. +* `preferred_backup_window` - (Optional) The daily time range during which automated backups are created if automated backups are enabled using the BackupRetentionPeriod parameter.Time in UTC. Default: A 30-minute window selected at random from an 8-hour block of time per region. e.g. 04:00-09:00 +* `preferred_maintenance_window` - (Optional) The weekly time range during which system maintenance can occur, in (UTC) e.g. wed:04:00-wed:04:30 * `replication_source_identifier` - (Optional) ARN of a source DB cluster or DB instance if this DB cluster is to be created as a Read Replica. -* `apply_immediately` - (Optional) Specifies whether any cluster modifications - are applied immediately, or during the next maintenance window. Default is - `false`. See [Amazon RDS Documentation for more information.](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Overview.DBInstance.Modifying.html) -* `db_subnet_group_name` - (Optional) A DB subnet group to associate with this DB instance. **NOTE:** This must match the `db_subnet_group_name` specified on every [`aws_rds_cluster_instance`](/docs/providers/aws/r/rds_cluster_instance.html) in the cluster. -* `db_cluster_parameter_group_name` - (Optional) A cluster parameter group to associate with the cluster. -* `kms_key_id` - (Optional) The ARN for the KMS encryption key. When specifying `kms_key_id`, `storage_encrypted` needs to be set to true. -* `iam_roles` - (Optional) A List of ARNs for the IAM roles to associate to the RDS Cluster. -* `iam_database_authentication_enabled` - (Optional) Specifies whether or mappings of AWS Identity and Access Management (IAM) accounts to database accounts is enabled. Please see [AWS Documentation](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.IAMDBAuth.html) for availability and limitations. -* `engine` - (Optional) The name of the database engine to be used for this DB cluster. Defaults to `aurora`. Valid Values: `aurora`, `aurora-mysql`, `aurora-postgresql` -* `engine_mode` - (Optional) The database engine mode. Valid values: `global`, `multimaster`, `parallelquery`, `provisioned`, `serverless`. Defaults to: `provisioned`. See the [RDS User Guide](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/aurora-serverless.html) for limitations when using `serverless`. -* `engine_version` - (Optional) The database engine version. Updating this argument results in an outage. See the [Aurora MySQL](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/AuroraMySQL.Updates.html) and [Aurora Postgres](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/AuroraPostgreSQL.Updates.html) documentation for your configured engine to determine this value. For example with Aurora MySQL 2, a potential value for this argument is `5.7.mysql_aurora.2.03.2`. -* `source_region` - (Optional) The source region for an encrypted replica DB cluster. -* `enabled_cloudwatch_logs_exports` - (Optional) List of log types to export to cloudwatch. If omitted, no logs will be exported. - The following log types are supported: `audit`, `error`, `general`, `slowquery`, `postgresql` (PostgreSQL). * `scaling_configuration` - (Optional) Nested attribute with scaling properties. Only valid when `engine_mode` is set to `serverless`. More details below. -* `enable_http_endpoint` - (Optional) Enable HTTP endpoint (data API). Only valid when `engine_mode` is set to `serverless`. +* `skip_final_snapshot` - (Optional) Determines whether a final DB snapshot is created before the DB cluster is deleted. If true is specified, no DB snapshot is created. If false is specified, a DB snapshot is created before the DB cluster is deleted, using the value from `final_snapshot_identifier`. Default is `false`. +* `snapshot_identifier` - (Optional) Specifies whether or not to create this cluster from a snapshot. You can use either the name or ARN when specifying a DB cluster snapshot, or the ARN when specifying a DB snapshot. +* `source_region` - (Optional) The source region for an encrypted replica DB cluster. +* `storage_encrypted` - (Optional) Specifies whether the DB cluster is encrypted. The default is `false` for `provisioned` `engine_mode` and `true` for `serverless` `engine_mode`. * `tags` - (Optional) A map of tags to assign to the DB cluster. +* `vpc_security_group_ids` - (Optional) List of VPC security groups to associate with the Cluster + ### S3 Import Options From 88a74fca434d1eda101f0e19e35e11f8dfe8cdd9 Mon Sep 17 00:00:00 2001 From: Brian Flad Date: Tue, 26 May 2020 10:45:04 -0400 Subject: [PATCH 321/475] data-source/aws_lambda_invocation: Deprecate result_map attribute (#13492) Reference: https://github.com/terraform-providers/terraform-provider-aws/issues/9184 Reference: https://github.com/terraform-providers/terraform-provider-aws/pull/9190 Reference: https://github.com/terraform-providers/terraform-provider-aws/issues/9189 Reference: https://github.com/terraform-providers/terraform-provider-aws/pull/13439 Reference: https://github.com/hashicorp/terraform-plugin-sdk/pull/344 Reference: https://github.com/hashicorp/terraform-plugin-sdk/issues/451 The `result_map` attribute was created as a workaround for Terraform 0.11 and earlier not having native JSON decoding abilities. This attribute came with the caveat that it only worked when the JSON was only a flat map of strings, where we otherwise ignore the `(helper/schema.ResourceData).Set()` error and instead return a warning log. In Terraform Plugin SDK v2, this error will now panic in the acceptance testing as these errors are generally indicative of resource bugs, which is unavoidable in this case. Practitioners should instead opt for the Terraform 0.12 and later `jsondecode()` function against the `result` attribute, which can handle much more arbitrary JSON structures. This has been documented in the `aws_lambda_invocation` data source for awhile now. For JSON structures not compliant with Terraform's JSON decoding, the `result` attribute's string value can still be passed to other processing logic, such as calling the `jq` tool. --- aws/data_source_aws_lambda_invocation.go | 5 ++-- .../docs/d/lambda_invocation.html.markdown | 2 +- website/docs/guides/version-3-upgrade.html.md | 27 +++++++++++++++++++ 3 files changed, 31 insertions(+), 3 deletions(-) diff --git a/aws/data_source_aws_lambda_invocation.go b/aws/data_source_aws_lambda_invocation.go index a916932a635..442f5a25918 100644 --- a/aws/data_source_aws_lambda_invocation.go +++ b/aws/data_source_aws_lambda_invocation.go @@ -40,8 +40,9 @@ func dataSourceAwsLambdaInvocation() *schema.Resource { }, "result_map": { - Type: schema.TypeMap, - Computed: true, + Type: schema.TypeMap, + Computed: true, + Deprecated: "use `result` attribute with jsondecode() function", Elem: &schema.Schema{ Type: schema.TypeString, }, diff --git a/website/docs/d/lambda_invocation.html.markdown b/website/docs/d/lambda_invocation.html.markdown index 7e6eccdd656..9396b73f417 100644 --- a/website/docs/d/lambda_invocation.html.markdown +++ b/website/docs/d/lambda_invocation.html.markdown @@ -54,4 +54,4 @@ output "result_entry_tf012" { ## Attributes Reference * `result` - String result of the lambda function invocation. - * `result_map` - This field is set only if result is a map of primitive types, where the map is string keys and string values. In Terraform 0.12 and later, use the [`jsondecode()` function](/docs/configuration/functions/jsondecode.html) with the `result` attribute instead to convert the result to all supported native Terraform types. + * `result_map` - (**DEPRECATED**) This field is set only if result is a map of primitive types, where the map is string keys and string values. In Terraform 0.12 and later, use the [`jsondecode()` function](/docs/configuration/functions/jsondecode.html) with the `result` attribute instead to convert the result to all supported native Terraform types. diff --git a/website/docs/guides/version-3-upgrade.html.md b/website/docs/guides/version-3-upgrade.html.md index bb91f659028..1b1bbc0df7e 100644 --- a/website/docs/guides/version-3-upgrade.html.md +++ b/website/docs/guides/version-3-upgrade.html.md @@ -19,6 +19,7 @@ Upgrade topics: - [Provider Version Configuration](#provider-version-configuration) +- [Data Source: aws_lambda_invocation](#data-source-aws_lambda_invocation) - [Resource: aws_emr_cluster](#resource-aws_emr_cluster) @@ -51,6 +52,32 @@ provider "aws" { } ``` +## Data Source: aws_lambda_invocation + +### result_map Attribute Removal + +Switch your Terraform configuration to the `result` attribute with the [`jsondecode()` function](https://www.terraform.io/docs/configuration/functions/jsondecode.html) instead. + +For example, given this previous configuration: + +```hcl +# In Terraform 0.11 and earlier, the result_map attribute can be used +# to convert a result JSON string to a map of string keys to string values. +output "lambda_result" { + value = "${data.aws_lambda_invocation.example.result_map["key1"]}" +} +``` + +An updated configuration: + +```hcl +# In Terraform 0.12 and later, the jsondecode() function can be used +# to convert a result JSON string to native Terraform types. +output "lambda_result" { + value = jsondecode(data.aws_lambda_invocation.example.result)["key1"] +} +``` + ## Resource: aws_emr_cluster ### core_instance_count Argument Removal From 3115c5dd720669de5157baf1bd68fe4651f80425 Mon Sep 17 00:00:00 2001 From: Masayuki Morita Date: Tue, 26 May 2020 23:47:13 +0900 Subject: [PATCH 322/475] docs/resource/aws_codestarnotifications_notification_rule: Fix invalid import command (#13486) --- website/docs/r/codestarnotifications_notification_rule.markdown | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/website/docs/r/codestarnotifications_notification_rule.markdown b/website/docs/r/codestarnotifications_notification_rule.markdown index d77868717b7..1a61f9bc909 100644 --- a/website/docs/r/codestarnotifications_notification_rule.markdown +++ b/website/docs/r/codestarnotifications_notification_rule.markdown @@ -82,5 +82,5 @@ In addition to all arguments above, the following attributes are exported: CodeStar notification rule can be imported using the ARN, e.g. ``` -$ terraform import aws_codestarnotification_rule.foo arn:aws:codestar-notifications:us-west-1:0123456789:notificationrule/2cdc68a3-8f7c-4893-b6a5-45b362bd4f2b +$ terraform import aws_codestarnotifications_notification_rule.foo arn:aws:codestar-notifications:us-west-1:0123456789:notificationrule/2cdc68a3-8f7c-4893-b6a5-45b362bd4f2b ``` From 6b4499254f9f75ec9c716506d73ca9607f8c88c2 Mon Sep 17 00:00:00 2001 From: Kit Ewbank Date: Tue, 26 May 2020 12:32:33 -0400 Subject: [PATCH 323/475] resource/aws_ses_event_destination: Refresh resource state in the Read method (#13466) * r/aws_ses_event_destination: Refresh resource state in the Read method. * r/aws_ses_event_destination: Correct and test resource import. Output from acceptance testing: ``` --- PASS: TestAccAWSSESEventDestination_disappears (79.94s) --- PASS: TestAccAWSSESEventDestination_basic (90.04s) ``` --- aws/resource_aws_ses_event_destination.go | 110 +++++++++++- ...resource_aws_ses_event_destination_test.go | 157 +++++++++++------- website/docs/r/ses_event_destination.markdown | 9 + 3 files changed, 218 insertions(+), 58 deletions(-) diff --git a/aws/resource_aws_ses_event_destination.go b/aws/resource_aws_ses_event_destination.go index d9685bb09ca..4591175e3a9 100644 --- a/aws/resource_aws_ses_event_destination.go +++ b/aws/resource_aws_ses_event_destination.go @@ -3,6 +3,7 @@ package aws import ( "fmt" "log" + "strings" "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/service/ses" @@ -16,7 +17,7 @@ func resourceAwsSesEventDestination() *schema.Resource { Read: resourceAwsSesEventDestinationRead, Delete: resourceAwsSesEventDestinationDelete, Importer: &schema.ResourceImporter{ - State: schema.ImportStatePassthrough, + State: resourceAwsSesEventDestinationImport, }, Schema: map[string]*schema.Schema{ @@ -186,6 +187,52 @@ func resourceAwsSesEventDestinationCreate(d *schema.ResourceData, meta interface } func resourceAwsSesEventDestinationRead(d *schema.ResourceData, meta interface{}) error { + conn := meta.(*AWSClient).sesconn + + configurationSetName := d.Get("configuration_set_name").(string) + input := &ses.DescribeConfigurationSetInput{ + ConfigurationSetAttributeNames: aws.StringSlice([]string{ses.ConfigurationSetAttributeEventDestinations}), + ConfigurationSetName: aws.String(configurationSetName), + } + + output, err := conn.DescribeConfigurationSet(input) + if isAWSErr(err, ses.ErrCodeConfigurationSetDoesNotExistException, "") { + log.Printf("[WARN] SES Configuration Set (%s) not found, removing from state", configurationSetName) + d.SetId("") + return nil + } + if err != nil { + return fmt.Errorf("error reading SES Configuration Set Event Destination (%s): %w", d.Id(), err) + } + + var thisEventDestination *ses.EventDestination + for _, eventDestination := range output.EventDestinations { + if aws.StringValue(eventDestination.Name) == d.Id() { + thisEventDestination = eventDestination + break + } + } + if thisEventDestination == nil { + log.Printf("[WARN] SES Configuration Set Event Destination (%s) not found, removing from state", d.Id()) + d.SetId("") + return nil + } + + d.Set("configuration_set_name", output.ConfigurationSet.Name) + d.Set("enabled", thisEventDestination.Enabled) + d.Set("name", thisEventDestination.Name) + if err := d.Set("cloudwatch_destination", flattenSesCloudWatchDestination(thisEventDestination.CloudWatchDestination)); err != nil { + return fmt.Errorf("error setting cloudwatch_destination: %w", err) + } + if err := d.Set("kinesis_destination", flattenSesKinesisFirehoseDestination(thisEventDestination.KinesisFirehoseDestination)); err != nil { + return fmt.Errorf("error setting kinesis_destination: %w", err) + } + if err := d.Set("matching_types", flattenStringSet(thisEventDestination.MatchingEventTypes)); err != nil { + return fmt.Errorf("error setting matching_types: %w", err) + } + if err := d.Set("sns_destination", flattenSesSnsDestination(thisEventDestination.SNSDestination)); err != nil { + return fmt.Errorf("error setting sns_destination: %w", err) + } return nil } @@ -202,6 +249,22 @@ func resourceAwsSesEventDestinationDelete(d *schema.ResourceData, meta interface return err } +func resourceAwsSesEventDestinationImport(d *schema.ResourceData, meta interface{}) ([]*schema.ResourceData, error) { + parts := strings.Split(d.Id(), "/") + if len(parts) != 2 { + return []*schema.ResourceData{}, fmt.Errorf("Wrong format of resource: %s. Please follow 'configuration-set-name/event-destination-name'", d.Id()) + } + + configurationSetName := parts[0] + eventDestinationName := parts[1] + log.Printf("[DEBUG] Importing SES event destination %s from configuration set %s", eventDestinationName, configurationSetName) + + d.SetId(eventDestinationName) + d.Set("configuration_set_name", configurationSetName) + + return []*schema.ResourceData{d}, nil +} + func generateCloudWatchDestination(v []interface{}) []*ses.CloudWatchDimensionConfiguration { b := make([]*ses.CloudWatchDimensionConfiguration, len(v)) @@ -217,3 +280,48 @@ func generateCloudWatchDestination(v []interface{}) []*ses.CloudWatchDimensionCo return b } + +func flattenSesCloudWatchDestination(destination *ses.CloudWatchDestination) []interface{} { + if destination == nil { + return []interface{}{} + } + + vDimensionConfigurations := []interface{}{} + + for _, dimensionConfiguration := range destination.DimensionConfigurations { + mDimensionConfiguration := map[string]interface{}{ + "default_value": aws.StringValue(dimensionConfiguration.DefaultDimensionValue), + "dimension_name": aws.StringValue(dimensionConfiguration.DimensionName), + "value_source": aws.StringValue(dimensionConfiguration.DimensionValueSource), + } + + vDimensionConfigurations = append(vDimensionConfigurations, mDimensionConfiguration) + } + + return vDimensionConfigurations +} + +func flattenSesKinesisFirehoseDestination(destination *ses.KinesisFirehoseDestination) []interface{} { + if destination == nil { + return []interface{}{} + } + + mDestination := map[string]interface{}{ + "role_arn": aws.StringValue(destination.IAMRoleARN), + "stream_arn": aws.StringValue(destination.DeliveryStreamARN), + } + + return []interface{}{mDestination} +} + +func flattenSesSnsDestination(destination *ses.SNSDestination) []interface{} { + if destination == nil { + return []interface{}{} + } + + mDestination := map[string]interface{}{ + "topic_arn": aws.StringValue(destination.TopicARN), + } + + return []interface{}{mDestination} +} diff --git a/aws/resource_aws_ses_event_destination_test.go b/aws/resource_aws_ses_event_destination_test.go index 877be95b087..8858d8de8a1 100644 --- a/aws/resource_aws_ses_event_destination_test.go +++ b/aws/resource_aws_ses_event_destination_test.go @@ -4,6 +4,7 @@ import ( "fmt" "testing" + "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/service/ses" "github.com/hashicorp/terraform-plugin-sdk/helper/acctest" "github.com/hashicorp/terraform-plugin-sdk/helper/resource" @@ -11,17 +12,13 @@ import ( ) func TestAccAWSSESEventDestination_basic(t *testing.T) { - rString := acctest.RandString(8) - - bucketName := fmt.Sprintf("tf-acc-bucket-ses-event-dst-%s", rString) - roleName := fmt.Sprintf("tf_acc_role_ses_event_dst_%s", rString) - streamName := fmt.Sprintf("tf_acc_stream_ses_event_dst_%s", rString) - policyName := fmt.Sprintf("tf_acc_policy_ses_event_dst_%s", rString) - topicName := fmt.Sprintf("tf_acc_topic_ses_event_dst_%s", rString) - sesCfgSetName := fmt.Sprintf("tf_acc_cfg_ses_event_dst_%s", rString) - sesEventDstNameKinesis := fmt.Sprintf("tf_acc_event_dst_kinesis_%s", rString) - sesEventDstNameCw := fmt.Sprintf("tf_acc_event_dst_cloudwatch_%s", rString) - sesEventDstNameSns := fmt.Sprintf("tf_acc_event_dst_sns_%s", rString) + rName1 := acctest.RandomWithPrefix("tf-acc-test") + rName2 := acctest.RandomWithPrefix("tf-acc-test") + rName3 := acctest.RandomWithPrefix("tf-acc-test") + cloudwatchDestinationResourceName := "aws_ses_event_destination.cloudwatch" + kinesisDestinationResourceName := "aws_ses_event_destination.kinesis" + snsDestinationResourceName := "aws_ses_event_destination.sns" + var v1, v2, v3 ses.EventDestination resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { @@ -32,18 +29,67 @@ func TestAccAWSSESEventDestination_basic(t *testing.T) { CheckDestroy: testAccCheckSESEventDestinationDestroy, Steps: []resource.TestStep{ { - Config: testAccAWSSESEventDestinationConfig(bucketName, roleName, streamName, policyName, topicName, - sesCfgSetName, sesEventDstNameKinesis, sesEventDstNameCw, sesEventDstNameSns), + Config: testAccAWSSESEventDestinationConfig(rName1, rName2, rName3), Check: resource.ComposeTestCheckFunc( - testAccCheckAwsSESEventDestinationExists("aws_ses_configuration_set.test"), - resource.TestCheckResourceAttr( - "aws_ses_event_destination.kinesis", "name", sesEventDstNameKinesis), - resource.TestCheckResourceAttr( - "aws_ses_event_destination.cloudwatch", "name", sesEventDstNameCw), - resource.TestCheckResourceAttr( - "aws_ses_event_destination.sns", "name", sesEventDstNameSns), + testAccCheckAwsSESEventDestinationExists(cloudwatchDestinationResourceName, &v1), + testAccCheckAwsSESEventDestinationExists(kinesisDestinationResourceName, &v2), + testAccCheckAwsSESEventDestinationExists(snsDestinationResourceName, &v3), + resource.TestCheckResourceAttr(cloudwatchDestinationResourceName, "name", rName1), + resource.TestCheckResourceAttr(kinesisDestinationResourceName, "name", rName2), + resource.TestCheckResourceAttr(snsDestinationResourceName, "name", rName3), ), }, + { + ResourceName: cloudwatchDestinationResourceName, + ImportStateId: fmt.Sprintf("%s/%s", rName1, rName1), + ImportState: true, + ImportStateVerify: true, + }, + { + ResourceName: kinesisDestinationResourceName, + ImportStateId: fmt.Sprintf("%s/%s", rName1, rName2), + ImportState: true, + ImportStateVerify: true, + }, + { + ResourceName: snsDestinationResourceName, + ImportStateId: fmt.Sprintf("%s/%s", rName1, rName3), + ImportState: true, + ImportStateVerify: true, + }, + }, + }) +} + +func TestAccAWSSESEventDestination_disappears(t *testing.T) { + rName1 := acctest.RandomWithPrefix("tf-acc-test") + rName2 := acctest.RandomWithPrefix("tf-acc-test") + rName3 := acctest.RandomWithPrefix("tf-acc-test") + cloudwatchDestinationResourceName := "aws_ses_event_destination.cloudwatch" + kinesisDestinationResourceName := "aws_ses_event_destination.kinesis" + snsDestinationResourceName := "aws_ses_event_destination.sns" + var v1, v2, v3 ses.EventDestination + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { + testAccPreCheck(t) + testAccPreCheckAWSSES(t) + }, + Providers: testAccProviders, + CheckDestroy: testAccCheckSESEventDestinationDestroy, + Steps: []resource.TestStep{ + { + Config: testAccAWSSESEventDestinationConfig(rName1, rName2, rName3), + Check: resource.ComposeTestCheckFunc( + testAccCheckAwsSESEventDestinationExists(cloudwatchDestinationResourceName, &v1), + testAccCheckAwsSESEventDestinationExists(kinesisDestinationResourceName, &v2), + testAccCheckAwsSESEventDestinationExists(snsDestinationResourceName, &v3), + testAccCheckResourceDisappears(testAccProvider, resourceAwsSesEventDestination(), cloudwatchDestinationResourceName), + testAccCheckResourceDisappears(testAccProvider, resourceAwsSesEventDestination(), kinesisDestinationResourceName), + testAccCheckResourceDisappears(testAccProvider, resourceAwsSesEventDestination(), snsDestinationResourceName), + ), + ExpectNonEmptyPlan: true, + }, }, }) } @@ -78,7 +124,7 @@ func testAccCheckSESEventDestinationDestroy(s *terraform.State) error { } -func testAccCheckAwsSESEventDestinationExists(n string) resource.TestCheckFunc { +func testAccCheckAwsSESEventDestinationExists(n string, v *ses.EventDestination) resource.TestCheckFunc { return func(s *terraform.State) error { rs, ok := s.RootModule().Resources[n] if !ok { @@ -91,36 +137,34 @@ func testAccCheckAwsSESEventDestinationExists(n string) resource.TestCheckFunc { conn := testAccProvider.Meta().(*AWSClient).sesconn - response, err := conn.ListConfigurationSets(&ses.ListConfigurationSetsInput{}) + response, err := conn.DescribeConfigurationSet(&ses.DescribeConfigurationSetInput{ + ConfigurationSetAttributeNames: aws.StringSlice([]string{ses.ConfigurationSetAttributeEventDestinations}), + ConfigurationSetName: aws.String(rs.Primary.Attributes["configuration_set_name"]), + }) if err != nil { return err } - found := false - for _, element := range response.ConfigurationSets { - if *element.Name == rs.Primary.ID { - found = true + for _, eventDestination := range response.EventDestinations { + if aws.StringValue(eventDestination.Name) == rs.Primary.ID { + *v = *eventDestination + return nil } } - if !found { - return fmt.Errorf("The configuration set was not created") - } - - return nil + return fmt.Errorf("The SES Configuration Set Event Destination was not found") } } -func testAccAWSSESEventDestinationConfig(bucketName, roleName, streamName, policyName, topicName, - sesCfgSetName, sesEventDstNameKinesis, sesEventDstNameCw, sesEventDstNameSns string) string { +func testAccAWSSESEventDestinationConfig(rName1, rName2, rName3 string) string { return fmt.Sprintf(` -resource "aws_s3_bucket" "bucket" { - bucket = "%s" +resource "aws_s3_bucket" "test" { + bucket = %[2]q acl = "private" } -resource "aws_iam_role" "firehose_role" { - name = "%s" +resource "aws_iam_role" "test" { + name = %[2]q assume_role_policy = < Date: Tue, 26 May 2020 12:35:21 -0400 Subject: [PATCH 324/475] Update CHANGELOG for #13464 --- CHANGELOG.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 8bfe1c20d20..84d8d091a5f 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,8 +1,11 @@ ## 2.64.0 (Unreleased) +* resource/aws_ses_event_destination: Support resource import [GH-13464] + BUG FIXES: * resource/aws_lightsail_instance: `ram_size` now properly set [GH-13430] +* resource/aws_ses_event_destination: Correctly refresh entire resource state (prevent unexpected differences from version 2.63.0 and properly perform drift detection) [GH-13464] ## 2.63.0 (May 22, 2020) From 86a9cf95e267ee5fca845453fda8943098346c66 Mon Sep 17 00:00:00 2001 From: Brian Flad Date: Tue, 26 May 2020 12:35:43 -0400 Subject: [PATCH 325/475] Add missing ENHANCEMENTS header --- CHANGELOG.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 84d8d091a5f..734a27183c5 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,7 @@ ## 2.64.0 (Unreleased) +ENHANCMENTS: + * resource/aws_ses_event_destination: Support resource import [GH-13464] BUG FIXES: From 99c3416915a526d88e81754b20354d94bf585e00 Mon Sep 17 00:00:00 2001 From: Brian Flad Date: Tue, 26 May 2020 12:44:39 -0400 Subject: [PATCH 326/475] tests/resource/aws_batch_job_definition: Filter sweeper input on ACTIVE status (#13496) Reference: https://docs.aws.amazon.com/batch/latest/APIReference/API_DeregisterJobDefinition.html Job definitions can remain for up to 180 days after deregistering, leaving the previous logic to repeatedly call `DeregisterJobDefinition` across thousands of job definitions extraneously each run. Once in the INACTIVE status, we can ignore them for sweeping. Output from sweeper in AWS Commercial: ``` 2020/05/26 09:54:25 [DEBUG] Running Sweepers for region (us-west-2): 2020/05/26 09:54:25 [DEBUG] Running Sweeper (aws_batch_job_queue) in region (us-west-2) ... 2020/05/26 09:54:28 [DEBUG] Running Sweeper (aws_batch_job_definition) in region (us-west-2) 2020/05/26 09:54:30 Sweeper Tests ran successfully: - aws_batch_job_queue - aws_batch_job_definition 2020/05/26 09:54:30 [DEBUG] Running Sweepers for region (us-east-1): 2020/05/26 09:54:30 [DEBUG] Running Sweeper (aws_batch_job_queue) in region (us-east-1) ... 2020/05/26 09:54:32 [DEBUG] Running Sweeper (aws_batch_job_definition) in region (us-east-1) 2020/05/26 09:54:32 Sweeper Tests ran successfully: - aws_batch_job_queue - aws_batch_job_definition ok github.com/terraform-providers/terraform-provider-aws/aws 9.337s ``` Output from sweeper in AWS GovCloud (US): ``` 2020/05/26 09:54:42 [DEBUG] Running Sweepers for region (us-gov-west-1): 2020/05/26 09:54:42 [DEBUG] Running Sweeper (aws_batch_job_queue) in region (us-gov-west-1) ... 2020/05/26 09:54:45 [INFO] Disabling Batch Job Queue: tf-acc-test-2569001613797177836 2020/05/26 09:54:45 [ERROR] Failed to disable Batch Job Queue tf-acc-test-2569001613797177836: : Cannot update, resource is being modified status code: 400, request id: 04e93cd7-c65a-42f8-96e2-8b6835113495 2020/05/26 09:54:45 [INFO] Disabling Batch Job Queue: tf-acc-test-7885136928720777256 2020/05/26 09:54:46 [ERROR] Failed to disable Batch Job Queue tf-acc-test-7885136928720777256: : Cannot update, resource is being modified status code: 400, request id: 298fe949-82aa-4d06-ac4b-bde69afb2f71 2020/05/26 09:54:46 [DEBUG] Running Sweeper (aws_batch_job_definition) in region (us-gov-west-1) 2020/05/26 09:54:46 Sweeper Tests ran successfully: - aws_batch_job_queue - aws_batch_job_definition ok github.com/terraform-providers/terraform-provider-aws/aws 5.092s ``` --- aws/resource_aws_batch_job_definition_test.go | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/aws/resource_aws_batch_job_definition_test.go b/aws/resource_aws_batch_job_definition_test.go index 4b752568398..cf1c29f69d3 100644 --- a/aws/resource_aws_batch_job_definition_test.go +++ b/aws/resource_aws_batch_job_definition_test.go @@ -30,9 +30,12 @@ func testSweepBatchJobDefinitions(region string) error { return fmt.Errorf("error getting client: %w", err) } conn := client.(*AWSClient).batchconn + input := &batch.DescribeJobDefinitionsInput{ + Status: aws.String("ACTIVE"), + } var sweeperErrs *multierror.Error - err = conn.DescribeJobDefinitionsPages(&batch.DescribeJobDefinitionsInput{}, func(page *batch.DescribeJobDefinitionsOutput, isLast bool) bool { + err = conn.DescribeJobDefinitionsPages(input, func(page *batch.DescribeJobDefinitionsOutput, isLast bool) bool { if page == nil { return !isLast } From 2ce120f998d9ae27e2bc655a458526dbf8037212 Mon Sep 17 00:00:00 2001 From: Dean Shelton Date: Tue, 26 May 2020 09:55:30 -0700 Subject: [PATCH 327/475] resource/aws_ecs_service: Assign efs_volume_configuration when present (#12571) Co-authored-by: Dean Shelton Output from acceptance testing: ``` --- PASS: TestAccAWSEcsTaskDefinition_arrays (14.80s) --- PASS: TestAccAWSEcsTaskDefinition_basic (20.00s) --- PASS: TestAccAWSEcsTaskDefinition_changeVolumesForcesNewResource (19.79s) --- PASS: TestAccAWSEcsTaskDefinition_constraint (14.97s) --- PASS: TestAccAWSEcsTaskDefinition_ExecutionRole (20.43s) --- PASS: TestAccAWSEcsTaskDefinition_Fargate (19.62s) --- PASS: TestAccAWSEcsTaskDefinition_Inactive (19.78s) --- PASS: TestAccAWSEcsTaskDefinition_inferenceAccelerator (29.51s) --- PASS: TestAccAWSEcsTaskDefinition_ProxyConfiguration (35.61s) --- PASS: TestAccAWSEcsTaskDefinition_Tags (31.04s) --- PASS: TestAccAWSEcsTaskDefinition_withDockerVolume (14.90s) --- PASS: TestAccAWSEcsTaskDefinition_withDockerVolumeMinimalConfig (14.80s) --- PASS: TestAccAWSEcsTaskDefinition_withEcsService (73.57s) --- PASS: TestAccAWSEcsTaskDefinition_withEFSVolume (21.90s) --- PASS: TestAccAWSEcsTaskDefinition_withEFSVolumeMinimal (21.71s) --- PASS: TestAccAWSEcsTaskDefinition_withIPCMode (37.86s) --- PASS: TestAccAWSEcsTaskDefinition_withNetworkMode (16.56s) --- PASS: TestAccAWSEcsTaskDefinition_withPidMode (28.57s) --- PASS: TestAccAWSEcsTaskDefinition_withScratchVolume (13.22s) --- PASS: TestAccAWSEcsTaskDefinition_withTaskRoleArn (20.50s) --- PASS: TestAccAWSEcsTaskDefinition_withTaskScopedDockerVolume (13.30s) ``` --- aws/structure.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/aws/structure.go b/aws/structure.go index 67fd8e61e94..e6ea51ff241 100644 --- a/aws/structure.go +++ b/aws/structure.go @@ -700,7 +700,7 @@ func flattenEcsVolumes(list []*ecs.Volume) []map[string]interface{} { l["docker_volume_configuration"] = flattenDockerVolumeConfiguration(volume.DockerVolumeConfiguration) } - if volume.DockerVolumeConfiguration != nil { + if volume.EfsVolumeConfiguration != nil { l["efs_volume_configuration"] = flattenEFSVolumeConfiguration(volume.EfsVolumeConfiguration) } From 95feb45eabcf1ac1ed332bb71181a95dbe8bbf42 Mon Sep 17 00:00:00 2001 From: Ilia Lazebnik Date: Tue, 26 May 2020 19:58:07 +0300 Subject: [PATCH 328/475] resource/ecs_task_definition: Ensure `efs_volume_configuration` changes are detected (#12751) Output from acceptance testing: ``` --- PASS: TestAccAWSEcsTaskDefinition_arrays (14.80s) --- PASS: TestAccAWSEcsTaskDefinition_basic (20.00s) --- PASS: TestAccAWSEcsTaskDefinition_changeVolumesForcesNewResource (19.79s) --- PASS: TestAccAWSEcsTaskDefinition_constraint (14.97s) --- PASS: TestAccAWSEcsTaskDefinition_ExecutionRole (20.43s) --- PASS: TestAccAWSEcsTaskDefinition_Fargate (19.62s) --- PASS: TestAccAWSEcsTaskDefinition_Inactive (19.78s) --- PASS: TestAccAWSEcsTaskDefinition_inferenceAccelerator (29.51s) --- PASS: TestAccAWSEcsTaskDefinition_ProxyConfiguration (35.61s) --- PASS: TestAccAWSEcsTaskDefinition_Tags (31.04s) --- PASS: TestAccAWSEcsTaskDefinition_withDockerVolume (14.90s) --- PASS: TestAccAWSEcsTaskDefinition_withDockerVolumeMinimalConfig (14.80s) --- PASS: TestAccAWSEcsTaskDefinition_withEcsService (73.57s) --- PASS: TestAccAWSEcsTaskDefinition_withEFSVolume (21.90s) --- PASS: TestAccAWSEcsTaskDefinition_withEFSVolumeMinimal (21.71s) --- PASS: TestAccAWSEcsTaskDefinition_withIPCMode (37.86s) --- PASS: TestAccAWSEcsTaskDefinition_withNetworkMode (16.56s) --- PASS: TestAccAWSEcsTaskDefinition_withPidMode (28.57s) --- PASS: TestAccAWSEcsTaskDefinition_withScratchVolume (13.22s) --- PASS: TestAccAWSEcsTaskDefinition_withTaskRoleArn (20.50s) --- PASS: TestAccAWSEcsTaskDefinition_withTaskScopedDockerVolume (13.30s) ``` --- aws/resource_aws_ecs_task_definition.go | 14 +++ aws/resource_aws_ecs_task_definition_test.go | 90 ++++++++------------ 2 files changed, 48 insertions(+), 56 deletions(-) diff --git a/aws/resource_aws_ecs_task_definition.go b/aws/resource_aws_ecs_task_definition.go index 8aaa35a14c3..c632cd1ef9c 100644 --- a/aws/resource_aws_ecs_task_definition.go +++ b/aws/resource_aws_ecs_task_definition.go @@ -195,6 +195,7 @@ func resourceAwsEcsTaskDefinition() *schema.Resource { Type: schema.TypeString, ForceNew: true, Optional: true, + Default: "/", }, }, }, @@ -588,6 +589,19 @@ func resourceAwsEcsTaskDefinitionVolumeHash(v interface{}) int { m := v.(map[string]interface{}) buf.WriteString(fmt.Sprintf("%s-", m["name"].(string))) buf.WriteString(fmt.Sprintf("%s-", m["host_path"].(string))) + + if v, ok := m["efs_volume_configuration"]; ok && len(v.([]interface{})) > 0 && v.([]interface{})[0] != nil { + m := v.([]interface{})[0].(map[string]interface{}) + + if v, ok := m["file_system_id"]; ok && v.(string) != "" { + buf.WriteString(fmt.Sprintf("%s-", v.(string))) + } + + if v, ok := m["root_directory"]; ok && v.(string) != "" { + buf.WriteString(fmt.Sprintf("%s-", v.(string))) + } + } + return hashcode.String(buf.String()) } diff --git a/aws/resource_aws_ecs_task_definition_test.go b/aws/resource_aws_ecs_task_definition_test.go index 5e581f91d8b..38a9c18829c 100644 --- a/aws/resource_aws_ecs_task_definition_test.go +++ b/aws/resource_aws_ecs_task_definition_test.go @@ -145,16 +145,6 @@ func TestAccAWSEcsTaskDefinition_withDockerVolume(t *testing.T) { Check: resource.ComposeTestCheckFunc( testAccCheckAWSEcsTaskDefinitionExists(resourceName, &def), resource.TestCheckResourceAttr(resourceName, "volume.#", "1"), - resource.TestCheckResourceAttr(resourceName, "volume.584193650.docker_volume_configuration.#", "1"), - resource.TestCheckResourceAttr(resourceName, "volume.584193650.docker_volume_configuration.0.scope", "shared"), - resource.TestCheckResourceAttr(resourceName, "volume.584193650.docker_volume_configuration.0.autoprovision", "true"), - resource.TestCheckResourceAttr(resourceName, "volume.584193650.docker_volume_configuration.0.driver", "local"), - resource.TestCheckResourceAttr(resourceName, "volume.584193650.docker_volume_configuration.0.driver_opts.%", "2"), - resource.TestCheckResourceAttr(resourceName, "volume.584193650.docker_volume_configuration.0.driver_opts.uid", "1000"), - resource.TestCheckResourceAttr(resourceName, "volume.584193650.docker_volume_configuration.0.driver_opts.device", "tmpfs"), - resource.TestCheckResourceAttr(resourceName, "volume.584193650.docker_volume_configuration.0.labels.%", "2"), - resource.TestCheckResourceAttr(resourceName, "volume.584193650.docker_volume_configuration.0.labels.stack", "april"), - resource.TestCheckResourceAttr(resourceName, "volume.584193650.docker_volume_configuration.0.labels.environment", "test"), ), }, { @@ -184,9 +174,6 @@ func TestAccAWSEcsTaskDefinition_withDockerVolumeMinimalConfig(t *testing.T) { Check: resource.ComposeTestCheckFunc( testAccCheckAWSEcsTaskDefinitionExists(resourceName, &def), resource.TestCheckResourceAttr(resourceName, "volume.#", "1"), - resource.TestCheckResourceAttr(resourceName, "volume.584193650.docker_volume_configuration.#", "1"), - resource.TestCheckResourceAttr(resourceName, "volume.584193650.docker_volume_configuration.0.scope", "task"), - resource.TestCheckResourceAttr(resourceName, "volume.584193650.docker_volume_configuration.0.driver", "local"), ), }, { @@ -204,7 +191,6 @@ func TestAccAWSEcsTaskDefinition_withEFSVolumeMinimal(t *testing.T) { tdName := acctest.RandomWithPrefix("tf-acc-td-with-efs-volume-min") resourceName := "aws_ecs_task_definition.test" - efsResourceName := "aws_efs_file_system.test" resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, @@ -217,8 +203,6 @@ func TestAccAWSEcsTaskDefinition_withEFSVolumeMinimal(t *testing.T) { Check: resource.ComposeTestCheckFunc( testAccCheckAWSEcsTaskDefinitionExists(resourceName, &def), resource.TestCheckResourceAttr(resourceName, "volume.#", "1"), - resource.TestCheckResourceAttr(resourceName, "volume.584193650.efs_volume_configuration.#", "1"), - resource.TestCheckResourceAttrPair(resourceName, "volume.584193650.efs_volume_configuration.0.file_system_id", efsResourceName, "id"), ), }, { @@ -236,7 +220,6 @@ func TestAccAWSEcsTaskDefinition_withEFSVolume(t *testing.T) { tdName := acctest.RandomWithPrefix("tf-acc-td-with-efs-volume") resourceName := "aws_ecs_task_definition.test" - efsResourceName := "aws_efs_file_system.test" resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, @@ -249,9 +232,6 @@ func TestAccAWSEcsTaskDefinition_withEFSVolume(t *testing.T) { Check: resource.ComposeTestCheckFunc( testAccCheckAWSEcsTaskDefinitionExists(resourceName, &def), resource.TestCheckResourceAttr(resourceName, "volume.#", "1"), - resource.TestCheckResourceAttr(resourceName, "volume.584193650.efs_volume_configuration.#", "1"), - resource.TestCheckResourceAttrPair(resourceName, "volume.584193650.efs_volume_configuration.0.file_system_id", efsResourceName, "id"), - resource.TestCheckResourceAttr(resourceName, "volume.584193650.efs_volume_configuration.0.root_directory", "/home/test"), ), }, { @@ -282,8 +262,6 @@ func TestAccAWSEcsTaskDefinition_withTaskScopedDockerVolume(t *testing.T) { testAccCheckAWSEcsTaskDefinitionExists(resourceName, &def), testAccCheckAWSTaskDefinitionDockerVolumeConfigurationAutoprovisionNil(&def), resource.TestCheckResourceAttr(resourceName, "volume.#", "1"), - resource.TestCheckResourceAttr(resourceName, "volume.584193650.docker_volume_configuration.#", "1"), - resource.TestCheckResourceAttr(resourceName, "volume.584193650.docker_volume_configuration.0.scope", "task"), ), }, { @@ -1339,7 +1317,7 @@ TASK_DEFINITION func testAccAWSEcsTaskDefinitionWithScratchVolume(tdName string) string { return fmt.Sprintf(` resource "aws_ecs_task_definition" "test" { - family = "%s" + family = %[1]q container_definitions = < Date: Tue, 26 May 2020 12:59:23 -0400 Subject: [PATCH 329/475] Update CHANGELOG for #12571 and #12751 --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 734a27183c5..38eb6f58575 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -6,6 +6,7 @@ ENHANCMENTS: BUG FIXES: +* resource/aws_ecs_task_definition: Ensure `efs_volume_configuration` changes are properly detected [GH-12571] / [GH-12751] * resource/aws_lightsail_instance: `ram_size` now properly set [GH-13430] * resource/aws_ses_event_destination: Correctly refresh entire resource state (prevent unexpected differences from version 2.63.0 and properly perform drift detection) [GH-13464] From 69a844ea24b0dcde8e8b373d716cbb921085e6c5 Mon Sep 17 00:00:00 2001 From: "thomas.boussekey" Date: Tue, 26 May 2020 20:57:11 +0200 Subject: [PATCH 330/475] EBS, for typo and rephrase error message on IOPS for non-IO1 (#13465) Found storate and changed it to storage Rephrase to prevent double for --- aws/resource_aws_ebs_volume.go | 2 +- aws/resource_aws_instance.go | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/aws/resource_aws_ebs_volume.go b/aws/resource_aws_ebs_volume.go index 74e2b17ce94..62c02c61d15 100644 --- a/aws/resource_aws_ebs_volume.go +++ b/aws/resource_aws_ebs_volume.go @@ -126,7 +126,7 @@ func resourceAwsEbsVolumeCreate(d *schema.ResourceData, meta interface{}) error iops := d.Get("iops").(int) if t != ec2.VolumeTypeIo1 && iops > 0 { - log.Printf("[WARN] IOPs is only valid for storate type io1 for EBS Volumes") + log.Printf("[WARN] IOPs is only valid on IO1 storage type for EBS Volumes") } else if t == ec2.VolumeTypeIo1 { // We add the iops value without validating it's size, to allow AWS to // enforce a size requirement (currently 100) diff --git a/aws/resource_aws_instance.go b/aws/resource_aws_instance.go index 3682993ac4d..c9f46112d96 100644 --- a/aws/resource_aws_instance.go +++ b/aws/resource_aws_instance.go @@ -1787,7 +1787,7 @@ func readBlockDeviceMappingsFromConfig(d *schema.ResourceData, conn *ec2.EC2) ([ ebs.Iops = aws.Int64(int64(v)) } else if v, ok := bd["iops"].(int); ok && v > 0 && *ebs.VolumeType != "io1" { // Message user about incompatibility - log.Print("[WARN] IOPs is only valid for storate type io1 for EBS Volumes") + log.Print("[WARN] IOPs is only valid on IO1 storage type for EBS Volumes") } if dn, err := fetchRootDeviceName(d.Get("ami").(string), conn); err == nil { From 909114dd8e86cd0f77a653a4fbf43cf328d41327 Mon Sep 17 00:00:00 2001 From: Brian Flad Date: Tue, 26 May 2020 15:34:21 -0400 Subject: [PATCH 331/475] provider: Update pull request template link to Contributing Guide (#13500) Reference: https://github.com/terraform-providers/terraform-provider-aws/pull/13465 --- .github/PULL_REQUEST_TEMPLATE.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md index 2ad1f40c11c..2d7f686e259 100644 --- a/.github/PULL_REQUEST_TEMPLATE.md +++ b/.github/PULL_REQUEST_TEMPLATE.md @@ -1,4 +1,4 @@ - + From 649f1a166635b6c3bff368c20c5ec7e984aa2e8a Mon Sep 17 00:00:00 2001 From: Graham Davison Date: Thu, 14 May 2020 12:19:49 -0700 Subject: [PATCH 332/475] Now assumes that the required IAM role will be present for acceptance tests --- aws/resource_aws_workspaces_directory_test.go | 194 ++++++++---------- aws/resource_aws_workspaces_workspace.go | 28 ++- aws/resource_aws_workspaces_workspace_test.go | 175 +++++++--------- 3 files changed, 178 insertions(+), 219 deletions(-) diff --git a/aws/resource_aws_workspaces_directory_test.go b/aws/resource_aws_workspaces_directory_test.go index 1ddc73e588f..03d741a9f56 100644 --- a/aws/resource_aws_workspaces_directory_test.go +++ b/aws/resource_aws_workspaces_directory_test.go @@ -7,6 +7,7 @@ import ( "testing" "github.com/aws/aws-sdk-go/aws" + "github.com/aws/aws-sdk-go/service/iam" "github.com/aws/aws-sdk-go/service/workspaces" multierror "github.com/hashicorp/go-multierror" "github.com/hashicorp/terraform-plugin-sdk/helper/acctest" @@ -52,36 +53,21 @@ func testSweepWorkspacesDirectories(region string) error { return errors } -// These tests need to be serialized, because they all rely on the IAM Role `workspaces_DefaultRole`. -func TestAccAwsWorkspacesDirectory(t *testing.T) { - testCases := map[string]func(t *testing.T){ - "basic": testAccAwsWorkspacesDirectory_basic, - "disappears": testAccAwsWorkspacesDirectory_disappears, - "subnetIds": testAccAwsWorkspacesDirectory_subnetIds, - "tags": testAccAwsWorkspacesDirectory_tags, - } - for name, tc := range testCases { - tc := tc - t.Run(name, func(t *testing.T) { - tc(t) - }) - } -} - -func testAccAwsWorkspacesDirectory_basic(t *testing.T) { +func TestAccAwsWorkspacesDirectory_basic(t *testing.T) { var v workspaces.WorkspaceDirectory - booster := acctest.RandString(8) + rName := acctest.RandString(8) + resourceName := "aws_workspaces_directory.main" directoryResourceName := "aws_directory_service_directory.main" - iamRoleResourceName := "aws_iam_role.workspaces-default" + iamRoleDataSourceName := "data.aws_iam_role.workspaces-default" - resource.Test(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t) }, + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t); testAccPreCheckHasIAMRole(t, "workspaces_DefaultRole") }, Providers: testAccProviders, CheckDestroy: testAccCheckAwsWorkspacesDirectoryDestroy, Steps: []resource.TestStep{ { - Config: testAccWorkspacesDirectoryConfigA(booster), + Config: testAccWorkspacesDirectoryConfigA(rName), Check: resource.ComposeAggregateTestCheckFunc( testAccCheckAwsWorkspacesDirectoryExists(resourceName, &v), resource.TestCheckResourceAttr(resourceName, "subnet_ids.#", "2"), @@ -96,14 +82,14 @@ func testAccAwsWorkspacesDirectory_basic(t *testing.T) { resource.TestCheckResourceAttrPair(resourceName, "directory_name", directoryResourceName, "name"), resource.TestCheckResourceAttrPair(resourceName, "alias", directoryResourceName, "alias"), resource.TestCheckResourceAttrPair(resourceName, "directory_id", directoryResourceName, "id"), - resource.TestCheckResourceAttrPair(resourceName, "iam_role_id", iamRoleResourceName, "arn"), + resource.TestCheckResourceAttrPair(resourceName, "iam_role_id", iamRoleDataSourceName, "arn"), resource.TestCheckResourceAttrSet(resourceName, "workspace_security_group_id"), resource.TestCheckResourceAttrSet(resourceName, "registration_code"), resource.TestCheckResourceAttr(resourceName, "tags.%", "0"), ), }, { - Config: testAccWorkspacesDirectoryConfigB(booster), + Config: testAccWorkspacesDirectoryConfigB(rName), Check: resource.ComposeAggregateTestCheckFunc( testAccCheckAwsWorkspacesDirectoryExists(resourceName, &v), resource.TestCheckResourceAttr(resourceName, "self_service_permissions.#", "1"), @@ -115,7 +101,7 @@ func testAccAwsWorkspacesDirectory_basic(t *testing.T) { ), }, { - Config: testAccWorkspacesDirectoryConfigC(booster), + Config: testAccWorkspacesDirectoryConfigC(rName), Check: resource.ComposeAggregateTestCheckFunc( testAccCheckAwsWorkspacesDirectoryExists(resourceName, &v), resource.TestCheckResourceAttr(resourceName, "self_service_permissions.#", "1"), @@ -135,18 +121,19 @@ func testAccAwsWorkspacesDirectory_basic(t *testing.T) { }) } -func testAccAwsWorkspacesDirectory_disappears(t *testing.T) { +func TestAccAwsWorkspacesDirectory_disappears(t *testing.T) { var v workspaces.WorkspaceDirectory - booster := acctest.RandString(8) + rName := acctest.RandString(8) + resourceName := "aws_workspaces_directory.main" - resource.Test(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t) }, + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t); testAccPreCheckHasIAMRole(t, "workspaces_DefaultRole") }, Providers: testAccProviders, CheckDestroy: testAccCheckAwsWorkspacesDirectoryDestroy, Steps: []resource.TestStep{ { - Config: testAccWorkspacesDirectoryConfigA(booster), + Config: testAccWorkspacesDirectoryConfigA(rName), Check: resource.ComposeAggregateTestCheckFunc( testAccCheckAwsWorkspacesDirectoryExists(resourceName, &v), testAccCheckAwsWorkspacesDirectoryDisappears(&v), @@ -157,18 +144,19 @@ func testAccAwsWorkspacesDirectory_disappears(t *testing.T) { }) } -func testAccAwsWorkspacesDirectory_subnetIds(t *testing.T) { +func TestAccAwsWorkspacesDirectory_subnetIds(t *testing.T) { var v workspaces.WorkspaceDirectory - booster := acctest.RandString(8) + rName := acctest.RandString(8) + resourceName := "aws_workspaces_directory.main" - resource.Test(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t) }, + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t); testAccPreCheckHasIAMRole(t, "workspaces_DefaultRole") }, Providers: testAccProviders, CheckDestroy: testAccCheckAwsWorkspacesDirectoryDestroy, Steps: []resource.TestStep{ { - Config: testAccWorkspacesDirectoryConfig_subnetIds(booster), + Config: testAccWorkspacesDirectoryConfig_subnetIds(rName), Check: resource.ComposeTestCheckFunc( testAccCheckAwsWorkspacesDirectoryExists(resourceName, &v), resource.TestCheckResourceAttr(resourceName, "subnet_ids.#", "2"), @@ -183,13 +171,14 @@ func testAccAwsWorkspacesDirectory_subnetIds(t *testing.T) { }) } -func testAccAwsWorkspacesDirectory_tags(t *testing.T) { +func TestAccAwsWorkspacesDirectory_tags(t *testing.T) { var v workspaces.WorkspaceDirectory rName := acctest.RandString(8) + resourceName := "aws_workspaces_directory.main" - resource.Test(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t) }, + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t); testAccPreCheckHasIAMRole(t, "workspaces_DefaultRole") }, Providers: testAccProviders, CheckDestroy: testAccCheckAwsWorkspacesDirectoryDestroy, Steps: []resource.TestStep{ @@ -227,6 +216,25 @@ func testAccAwsWorkspacesDirectory_tags(t *testing.T) { }) } +func testAccPreCheckHasIAMRole(t *testing.T, roleName string) { + conn := testAccProvider.Meta().(*AWSClient).iamconn + + input := &iam.GetRoleInput{ + RoleName: aws.String(roleName), + } + _, err := conn.GetRole(input) + + if isAWSErr(err, iam.ErrCodeNoSuchEntityException, "") { + t.Skipf("skipping acceptance test: required IAM role \"%s\" is not present", roleName) + } + if testAccPreCheckSkipError(err) { + t.Skipf("skipping acceptance test: %s", err) + } + if err != nil { + t.Fatalf("unexpected PreCheck error: %s", err) + } +} + func testAccCheckAwsWorkspacesDirectoryDestroy(s *terraform.State) error { conn := testAccProvider.Meta().(*AWSClient).workspacesconn @@ -368,7 +376,7 @@ func TestFlattenSelfServicePermissions(t *testing.T) { } // Extract common infra -func testAccAwsWorkspacesDirectoryConfig_Prerequisites(booster string) string { +func testAccAwsWorkspacesDirectoryConfig_Prerequisites(rName string) string { return fmt.Sprintf(` data "aws_region" "current" {} @@ -389,103 +397,81 @@ locals { workspaces_az_ids = lookup(local.region_workspaces_az_ids, data.aws_region.current.name, data.aws_availability_zones.available.zone_ids) } - resource "aws_vpc" "main" { - cidr_block = "10.0.0.0/16" +resource "aws_vpc" "main" { + cidr_block = "10.0.0.0/16" - tags = { - Name = "tf-testacc-workspaces-directory-%[1]s" - } - } + tags = { + Name = "tf-testacc-workspaces-directory-%[1]s" + } +} - resource "aws_subnet" "primary" { - vpc_id = "${aws_vpc.main.id}" - availability_zone_id = "${local.workspaces_az_ids[0]}" - cidr_block = "10.0.1.0/24" +resource "aws_subnet" "primary" { + vpc_id = "${aws_vpc.main.id}" + availability_zone_id = "${local.workspaces_az_ids[0]}" + cidr_block = "10.0.1.0/24" - tags = { - Name = "tf-testacc-workspaces-directory-%[1]s-primary" - } - } + tags = { + Name = "tf-testacc-workspaces-directory-%[1]s-primary" + } +} - resource "aws_subnet" "secondary" { - vpc_id = "${aws_vpc.main.id}" - availability_zone_id = "${local.workspaces_az_ids[1]}" - cidr_block = "10.0.2.0/24" +resource "aws_subnet" "secondary" { + vpc_id = "${aws_vpc.main.id}" + availability_zone_id = "${local.workspaces_az_ids[1]}" + cidr_block = "10.0.2.0/24" - tags = { - Name = "tf-testacc-workspaces-directory-%[1]s-secondary" - } - } + tags = { + Name = "tf-testacc-workspaces-directory-%[1]s-secondary" + } +} resource "aws_directory_service_directory" "main" { - size = "Small" - name = "tf-acctest.neverland.com" + size = "Small" + name = "tf-acctest.neverland.com" password = "#S1ncerely" vpc_settings { - vpc_id = "${aws_vpc.main.id}" - subnet_ids = ["${aws_subnet.primary.id}","${aws_subnet.secondary.id}"] + vpc_id = "${aws_vpc.main.id}" + subnet_ids = ["${aws_subnet.primary.id}", "${aws_subnet.secondary.id}"] } tags = { Name = "tf-testacc-workspaces-directory-%[1]s" } } - -data "aws_iam_policy_document" "workspaces" { - statement { - actions = ["sts:AssumeRole"] - - principals { - type = "Service" - identifiers = ["workspaces.amazonaws.com"] - } - } -} - -resource "aws_iam_role" "workspaces-default" { - name = "workspaces_DefaultRole" - assume_role_policy = data.aws_iam_policy_document.workspaces.json -} - -resource "aws_iam_role_policy_attachment" "workspaces-default-service-access" { - role = aws_iam_role.workspaces-default.name - policy_arn = "arn:aws:iam::aws:policy/AmazonWorkSpacesServiceAccess" -} - -resource "aws_iam_role_policy_attachment" "workspaces-default-self-service-access" { - role = aws_iam_role.workspaces-default.name - policy_arn = "arn:aws:iam::aws:policy/AmazonWorkSpacesSelfServiceAccess" -} -`, booster) +`, rName) } -func testAccWorkspacesDirectoryConfigA(booster string) string { - return testAccAwsWorkspacesDirectoryConfig_Prerequisites(booster) + fmt.Sprintf(` +func testAccWorkspacesDirectoryConfigA(rName string) string { + return testAccAwsWorkspacesDirectoryConfig_Prerequisites(rName) + fmt.Sprintf(` resource "aws_workspaces_directory" "main" { directory_id = "${aws_directory_service_directory.main.id}" } + +data "aws_iam_role" "workspaces-default" { + name = "workspaces_DefaultRole" +} `) } -func testAccWorkspacesDirectoryConfigB(booster string) string { - return testAccAwsWorkspacesDirectoryConfig_Prerequisites(booster) + fmt.Sprintf(` +func testAccWorkspacesDirectoryConfigB(rName string) string { + return testAccAwsWorkspacesDirectoryConfig_Prerequisites(rName) + fmt.Sprintf(` resource "aws_workspaces_directory" "main" { directory_id = "${aws_directory_service_directory.main.id}" self_service_permissions { - change_compute_type = false + change_compute_type = false increase_volume_size = true - rebuild_workspace = true - restart_workspace = false - switch_running_mode = true + rebuild_workspace = true + restart_workspace = false + switch_running_mode = true } } `) } -func testAccWorkspacesDirectoryConfigC(booster string) string { - return testAccAwsWorkspacesDirectoryConfig_Prerequisites(booster) + fmt.Sprintf(` +func testAccWorkspacesDirectoryConfigC(rName string) string { + return testAccAwsWorkspacesDirectoryConfig_Prerequisites(rName) + fmt.Sprintf(` resource "aws_workspaces_directory" "main" { directory_id = "${aws_directory_service_directory.main.id}" @@ -497,8 +483,8 @@ resource "aws_workspaces_directory" "main" { `) } -func testAccWorkspacesDirectoryConfig_subnetIds(booster string) string { - return testAccAwsWorkspacesDirectoryConfig_Prerequisites(booster) + fmt.Sprintf(` +func testAccWorkspacesDirectoryConfig_subnetIds(rName string) string { + return testAccAwsWorkspacesDirectoryConfig_Prerequisites(rName) + fmt.Sprintf(` resource "aws_workspaces_directory" "main" { directory_id = "${aws_directory_service_directory.main.id}" subnet_ids = ["${aws_subnet.primary.id}","${aws_subnet.secondary.id}"] diff --git a/aws/resource_aws_workspaces_workspace.go b/aws/resource_aws_workspaces_workspace.go index 34ab2eb4d09..c43672a62d8 100644 --- a/aws/resource_aws_workspaces_workspace.go +++ b/aws/resource_aws_workspaces_workspace.go @@ -14,6 +14,17 @@ import ( "github.com/terraform-providers/terraform-provider-aws/aws/internal/keyvaluetags" ) +const ( + // Maximum amount of time to wait for a WorkSpace to return Available + WorkspaceAvailableTimeout = 30 * time.Minute + + // Maximum amount of time to wait for a WorkSpace while returning Updating + WorkspaceUpdatingTimeout = 10 * time.Minute + + // Maximum amount of time to wait for a WorkSpace to return Terminated + WorkspaceTerminatedTimeout = 10 * time.Minute +) + func resourceAwsWorkspacesWorkspace() *schema.Resource { return &schema.Resource{ Create: resourceAwsWorkspacesWorkspaceCreate, @@ -179,10 +190,9 @@ func resourceAwsWorkspacesWorkspaceCreate(d *schema.ResourceData, meta interface workspaces.WorkspaceStatePending, workspaces.WorkspaceStateStarting, }, - Target: []string{workspaces.WorkspaceStateAvailable}, - Refresh: workspaceRefreshStateFunc(conn, wsPendingID), - PollInterval: 30 * time.Second, - Timeout: 25 * time.Minute, + Target: []string{workspaces.WorkspaceStateAvailable}, + Refresh: workspaceRefreshStateFunc(conn, wsPendingID), + Timeout: WorkspaceAvailableTimeout, } _, err = stateConf.WaitForState() @@ -332,9 +342,8 @@ func workspaceDelete(id string, conn *workspaces.WorkSpaces) error { Target: []string{ workspaces.WorkspaceStateTerminated, }, - Refresh: workspaceRefreshStateFunc(conn, id), - PollInterval: 15 * time.Second, - Timeout: 10 * time.Minute, + Refresh: workspaceRefreshStateFunc(conn, id), + Timeout: WorkspaceTerminatedTimeout, } _, err = stateConf.WaitForState() @@ -402,9 +411,8 @@ func workspacePropertyUpdate(p string, conn *workspaces.WorkSpaces, d *schema.Re workspaces.WorkspaceStateAvailable, workspaces.WorkspaceStateStopped, }, - Refresh: workspaceRefreshStateFunc(conn, d.Id()), - PollInterval: 30 * time.Second, - Timeout: 10 * time.Minute, + Refresh: workspaceRefreshStateFunc(conn, d.Id()), + Timeout: WorkspaceUpdatingTimeout, } _, err = stateConf.WaitForState() diff --git a/aws/resource_aws_workspaces_workspace_test.go b/aws/resource_aws_workspaces_workspace_test.go index e4adfb38573..ca41d084cb3 100644 --- a/aws/resource_aws_workspaces_workspace_test.go +++ b/aws/resource_aws_workspaces_workspace_test.go @@ -10,6 +10,7 @@ import ( "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/service/workspaces" multierror "github.com/hashicorp/go-multierror" + "github.com/hashicorp/terraform-plugin-sdk/helper/acctest" "github.com/hashicorp/terraform-plugin-sdk/helper/resource" "github.com/hashicorp/terraform-plugin-sdk/terraform" ) @@ -52,20 +53,23 @@ func testSweepWorkspaces(region string) error { } func TestAccAwsWorkspacesWorkspace_basic(t *testing.T) { + var v workspaces.Workspace + rName := acctest.RandString(8) + + resourceName := "aws_workspaces_workspace.test" directoryResourceName := "aws_workspaces_directory.test" bundleDataSourceName := "data.aws_workspaces_bundle.test" - resourceName := "aws_workspaces_workspace.test" - resource.Test(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t) }, + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t); testAccPreCheckHasIAMRole(t, "workspaces_DefaultRole") }, Providers: testAccProviders, CheckDestroy: testAccCheckAwsWorkspacesWorkspaceDestroy, Steps: []resource.TestStep{ { Destroy: false, - Config: testAccWorkspacesWorkspaceConfig(), + Config: testAccWorkspacesWorkspaceConfig(rName), Check: resource.ComposeAggregateTestCheckFunc( - testAccCheckAwsWorkspacesWorkspaceExists(resourceName), + testAccCheckAwsWorkspacesWorkspaceExists(resourceName, &v), resource.TestCheckResourceAttrPair(resourceName, "directory_id", directoryResourceName, "id"), resource.TestCheckResourceAttrPair(resourceName, "bundle_id", bundleDataSourceName, "id"), resource.TestMatchResourceAttr(resourceName, "ip_address", regexp.MustCompile(`\d+\.\d+\.\d+\.\d+`)), @@ -91,18 +95,21 @@ func TestAccAwsWorkspacesWorkspace_basic(t *testing.T) { }) } -func TestAccAwsWorkspacesWorkspace_Tags(t *testing.T) { +func TestAccAwsWorkspacesWorkspace_tags(t *testing.T) { + var v1, v2, v3 workspaces.Workspace + rName := acctest.RandString(8) + resourceName := "aws_workspaces_workspace.test" - resource.Test(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t) }, + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t); testAccPreCheckHasIAMRole(t, "workspaces_DefaultRole") }, Providers: testAccProviders, CheckDestroy: testAccCheckAwsWorkspacesWorkspaceDestroy, Steps: []resource.TestStep{ { - Config: testAccWorkspacesWorkspaceConfig_TagsA(), + Config: testAccWorkspacesWorkspaceConfig_TagsA(rName), Check: resource.ComposeAggregateTestCheckFunc( - testAccCheckAwsWorkspacesWorkspaceExists(resourceName), + testAccCheckAwsWorkspacesWorkspaceExists(resourceName, &v1), resource.TestCheckResourceAttr(resourceName, "tags.%", "2"), resource.TestCheckResourceAttr(resourceName, "tags.TerraformProviderAwsTest", "true"), resource.TestCheckResourceAttr(resourceName, "tags.Alpha", "1"), @@ -114,18 +121,18 @@ func TestAccAwsWorkspacesWorkspace_Tags(t *testing.T) { ImportStateVerify: true, }, { - Config: testAccWorkspacesWorkspaceConfig_TagsB(), + Config: testAccWorkspacesWorkspaceConfig_TagsB(rName), Check: resource.ComposeAggregateTestCheckFunc( - testAccCheckAwsWorkspacesWorkspaceExists(resourceName), + testAccCheckAwsWorkspacesWorkspaceExists(resourceName, &v2), resource.TestCheckResourceAttr(resourceName, "tags.%", "2"), resource.TestCheckResourceAttr(resourceName, "tags.TerraformProviderAwsTest", "true"), resource.TestCheckResourceAttr(resourceName, "tags.Beta", "2"), ), }, { - Config: testAccWorkspacesWorkspaceConfig_TagsC(), + Config: testAccWorkspacesWorkspaceConfig_TagsC(rName), Check: resource.ComposeAggregateTestCheckFunc( - testAccCheckAwsWorkspacesWorkspaceExists(resourceName), + testAccCheckAwsWorkspacesWorkspaceExists(resourceName, &v3), resource.TestCheckResourceAttr(resourceName, "tags.%", "1"), resource.TestCheckResourceAttr(resourceName, "tags.TerraformProviderAwsTest", "true"), ), @@ -134,19 +141,22 @@ func TestAccAwsWorkspacesWorkspace_Tags(t *testing.T) { }) } -func TestAccAwsWorkspacesWorkspace_WorkspaceProperties(t *testing.T) { +func TestAccAwsWorkspacesWorkspace_workspaceProperties(t *testing.T) { + var v1, v2, v3 workspaces.Workspace + rName := acctest.RandString(8) + resourceName := "aws_workspaces_workspace.test" - resource.Test(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t) }, + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t); testAccPreCheckHasIAMRole(t, "workspaces_DefaultRole") }, Providers: testAccProviders, CheckDestroy: testAccCheckAwsWorkspacesWorkspaceDestroy, Steps: []resource.TestStep{ { Destroy: false, - Config: testAccWorkspacesWorkspaceConfig_WorkspacePropertiesA(), + Config: testAccWorkspacesWorkspaceConfig_WorkspacePropertiesA(rName), Check: resource.ComposeAggregateTestCheckFunc( - testAccCheckAwsWorkspacesWorkspaceExists(resourceName), + testAccCheckAwsWorkspacesWorkspaceExists(resourceName, &v1), resource.TestCheckResourceAttr(resourceName, "workspace_properties.#", "1"), resource.TestCheckResourceAttr(resourceName, "workspace_properties.0.compute_type_name", workspaces.ComputeValue), resource.TestCheckResourceAttr(resourceName, "workspace_properties.0.root_volume_size_gib", "80"), @@ -161,9 +171,9 @@ func TestAccAwsWorkspacesWorkspace_WorkspaceProperties(t *testing.T) { ImportStateVerify: true, }, { - Config: testAccWorkspacesWorkspaceConfig_WorkspacePropertiesB(), + Config: testAccWorkspacesWorkspaceConfig_WorkspacePropertiesB(rName), Check: resource.ComposeAggregateTestCheckFunc( - testAccCheckAwsWorkspacesWorkspaceExists(resourceName), + testAccCheckAwsWorkspacesWorkspaceExists(resourceName, &v2), resource.TestCheckResourceAttr(resourceName, "workspace_properties.#", "1"), resource.TestCheckResourceAttr(resourceName, "workspace_properties.0.compute_type_name", workspaces.ComputeValue), resource.TestCheckResourceAttr(resourceName, "workspace_properties.0.root_volume_size_gib", "80"), @@ -173,9 +183,9 @@ func TestAccAwsWorkspacesWorkspace_WorkspaceProperties(t *testing.T) { ), }, { - Config: testAccWorkspacesWorkspaceConfig_WorkspacePropertiesC(), + Config: testAccWorkspacesWorkspaceConfig_WorkspacePropertiesC(rName), Check: resource.ComposeAggregateTestCheckFunc( - testAccCheckAwsWorkspacesWorkspaceExists(resourceName), + testAccCheckAwsWorkspacesWorkspaceExists(resourceName, &v3), resource.TestCheckResourceAttr(resourceName, "workspace_properties.#", "1"), resource.TestCheckResourceAttr(resourceName, "workspace_properties.0.compute_type_name", workspaces.ComputeValue), resource.TestCheckResourceAttr(resourceName, "workspace_properties.0.root_volume_size_gib", "80"), @@ -189,13 +199,15 @@ func TestAccAwsWorkspacesWorkspace_WorkspaceProperties(t *testing.T) { } func TestAccAwsWorkspacesWorkspace_validateRootVolumeSize(t *testing.T) { - resource.Test(t, resource.TestCase{ + rName := acctest.RandString(8) + + resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, Providers: testAccProviders, CheckDestroy: testAccCheckAwsWorkspacesWorkspaceDestroy, Steps: []resource.TestStep{ { - Config: testAccWorkspacesWorkspaceConfig_validateRootVolumeSize(), + Config: testAccWorkspacesWorkspaceConfig_validateRootVolumeSize(rName), ExpectError: regexp.MustCompile(regexp.QuoteMeta("expected workspace_properties.0.root_volume_size_gib to be one of [80], got 90")), }, }, @@ -203,13 +215,15 @@ func TestAccAwsWorkspacesWorkspace_validateRootVolumeSize(t *testing.T) { } func TestAccAwsWorkspacesWorkspace_validateUserVolumeSize(t *testing.T) { - resource.Test(t, resource.TestCase{ + rName := acctest.RandString(8) + + resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, Providers: testAccProviders, CheckDestroy: testAccCheckAwsWorkspacesWorkspaceDestroy, Steps: []resource.TestStep{ { - Config: testAccWorkspacesWorkspaceConfig_validateUserVolumeSize(), + Config: testAccWorkspacesWorkspaceConfig_validateUserVolumeSize(rName), ExpectError: regexp.MustCompile(regexp.QuoteMeta("workspace_properties.0.user_volume_size_gib to be one of [10 50], got 60")), }, }, @@ -244,7 +258,7 @@ func testAccCheckAwsWorkspacesWorkspaceDestroy(s *terraform.State) error { return nil } -func testAccCheckAwsWorkspacesWorkspaceExists(n string) resource.TestCheckFunc { +func testAccCheckAwsWorkspacesWorkspaceExists(n string, v *workspaces.Workspace) resource.TestCheckFunc { return func(s *terraform.State) error { rs, ok := s.RootModule().Resources[n] if !ok { @@ -253,33 +267,38 @@ func testAccCheckAwsWorkspacesWorkspaceExists(n string) resource.TestCheckFunc { conn := testAccProvider.Meta().(*AWSClient).workspacesconn - _, err := conn.DescribeWorkspaces(&workspaces.DescribeWorkspacesInput{ + output, err := conn.DescribeWorkspaces(&workspaces.DescribeWorkspacesInput{ WorkspaceIds: []*string{aws.String(rs.Primary.ID)}, }) if err != nil { return err } - return nil + if *output.Workspaces[0].WorkspaceId == rs.Primary.ID { + *v = *output.Workspaces[0] + return nil + } + + return fmt.Errorf("workspace %q not found", rs.Primary.ID) } } -func testAccAwsWorkspacesWorkspaceConfig_Prerequisites() string { +func testAccAwsWorkspacesWorkspaceConfig_Prerequisites(rName string) string { return composeConfig( - testAccAwsWorkspacesDirectoryConfig_Prerequisites(""), + testAccAwsWorkspacesDirectoryConfig_Prerequisites(rName), fmt.Sprintf(` data "aws_workspaces_bundle" "test" { bundle_id = "wsb-bh8rsxt14" # Value with Windows 10 (English) } resource "aws_workspaces_directory" "test" { - directory_id = "${aws_directory_service_directory.main.id}" + directory_id = "${aws_directory_service_directory.main.id}" } `)) } -func testAccWorkspacesWorkspaceConfig() string { - return testAccAwsWorkspacesWorkspaceConfig_Prerequisites() + fmt.Sprintf(` +func testAccWorkspacesWorkspaceConfig(rName string) string { + return testAccAwsWorkspacesWorkspaceConfig_Prerequisites(rName) + fmt.Sprintf(` resource "aws_workspaces_workspace" "test" { bundle_id = "${data.aws_workspaces_bundle.test.id}" directory_id = "${aws_workspaces_directory.test.id}" @@ -287,18 +306,12 @@ resource "aws_workspaces_workspace" "test" { # NOTE: WorkSpaces API doesn't allow creating users in the directory. # However, "Administrator"" user is always present in a bare directory. user_name = "Administrator" - - depends_on = [ - # The role "workspaces_DefaultRole" requires the policy arn:aws:iam::aws:policy/AmazonWorkSpacesServiceAccess - # to create and delete the ENI that the Workspaces service creates for the Workspace - aws_iam_role_policy_attachment.workspaces-default-service-access, - ] } `) } -func testAccWorkspacesWorkspaceConfig_TagsA() string { - return testAccAwsWorkspacesWorkspaceConfig_Prerequisites() + fmt.Sprintf(` +func testAccWorkspacesWorkspaceConfig_TagsA(rName string) string { + return testAccAwsWorkspacesWorkspaceConfig_Prerequisites(rName) + fmt.Sprintf(` resource "aws_workspaces_workspace" "test" { bundle_id = "${data.aws_workspaces_bundle.test.id}" directory_id = "${aws_workspaces_directory.test.id}" @@ -311,18 +324,12 @@ resource "aws_workspaces_workspace" "test" { TerraformProviderAwsTest = true Alpha = 1 } - - depends_on = [ - # The role "workspaces_DefaultRole" requires the policy arn:aws:iam::aws:policy/AmazonWorkSpacesServiceAccess - # to create and delete the ENI that the Workspaces service creates for the Workspace - aws_iam_role_policy_attachment.workspaces-default-service-access, - ] } `) } -func testAccWorkspacesWorkspaceConfig_TagsB() string { - return testAccAwsWorkspacesWorkspaceConfig_Prerequisites() + fmt.Sprintf(` +func testAccWorkspacesWorkspaceConfig_TagsB(rName string) string { + return testAccAwsWorkspacesWorkspaceConfig_Prerequisites(rName) + fmt.Sprintf(` resource "aws_workspaces_workspace" "test" { bundle_id = "${data.aws_workspaces_bundle.test.id}" directory_id = "${aws_workspaces_directory.test.id}" @@ -335,18 +342,12 @@ resource "aws_workspaces_workspace" "test" { TerraformProviderAwsTest = true Beta = 2 } - - depends_on = [ - # The role "workspaces_DefaultRole" requires the policy arn:aws:iam::aws:policy/AmazonWorkSpacesServiceAccess - # to create and delete the ENI that the Workspaces service creates for the Workspace - aws_iam_role_policy_attachment.workspaces-default-service-access, - ] } `) } -func testAccWorkspacesWorkspaceConfig_TagsC() string { - return testAccAwsWorkspacesWorkspaceConfig_Prerequisites() + fmt.Sprintf(` +func testAccWorkspacesWorkspaceConfig_TagsC(rName string) string { + return testAccAwsWorkspacesWorkspaceConfig_Prerequisites(rName) + fmt.Sprintf(` resource "aws_workspaces_workspace" "test" { bundle_id = "${data.aws_workspaces_bundle.test.id}" directory_id = "${aws_workspaces_directory.test.id}" @@ -358,18 +359,12 @@ resource "aws_workspaces_workspace" "test" { tags = { TerraformProviderAwsTest = true } - - depends_on = [ - # The role "workspaces_DefaultRole" requires the policy arn:aws:iam::aws:policy/AmazonWorkSpacesServiceAccess - # to create and delete the ENI that the Workspaces service creates for the Workspace - aws_iam_role_policy_attachment.workspaces-default-service-access, - ] } `) } -func testAccWorkspacesWorkspaceConfig_WorkspacePropertiesA() string { - return testAccAwsWorkspacesWorkspaceConfig_Prerequisites() + fmt.Sprintf(` +func testAccWorkspacesWorkspaceConfig_WorkspacePropertiesA(rName string) string { + return testAccAwsWorkspacesWorkspaceConfig_Prerequisites(rName) + fmt.Sprintf(` resource "aws_workspaces_workspace" "test" { bundle_id = "${data.aws_workspaces_bundle.test.id}" directory_id = "${aws_workspaces_directory.test.id}" @@ -387,18 +382,12 @@ resource "aws_workspaces_workspace" "test" { tags = { TerraformProviderAwsTest = true } - - depends_on = [ - # The role "workspaces_DefaultRole" requires the policy arn:aws:iam::aws:policy/AmazonWorkSpacesServiceAccess - # to create and delete the ENI that the Workspaces service creates for the Workspace - aws_iam_role_policy_attachment.workspaces-default-service-access, - ] } `) } -func testAccWorkspacesWorkspaceConfig_WorkspacePropertiesB() string { - return testAccAwsWorkspacesWorkspaceConfig_Prerequisites() + fmt.Sprintf(` +func testAccWorkspacesWorkspaceConfig_WorkspacePropertiesB(rName string) string { + return testAccAwsWorkspacesWorkspaceConfig_Prerequisites(rName) + fmt.Sprintf(` resource "aws_workspaces_workspace" "test" { bundle_id = "${data.aws_workspaces_bundle.test.id}" directory_id = "${aws_workspaces_directory.test.id}" @@ -415,18 +404,12 @@ resource "aws_workspaces_workspace" "test" { tags = { TerraformProviderAwsTest = true } - - depends_on = [ - # The role "workspaces_DefaultRole" requires the policy arn:aws:iam::aws:policy/AmazonWorkSpacesServiceAccess - # to create and delete the ENI that the Workspaces service creates for the Workspace - aws_iam_role_policy_attachment.workspaces-default-service-access, - ] } `) } -func testAccWorkspacesWorkspaceConfig_WorkspacePropertiesC() string { - return testAccAwsWorkspacesWorkspaceConfig_Prerequisites() + fmt.Sprintf(` +func testAccWorkspacesWorkspaceConfig_WorkspacePropertiesC(rName string) string { + return testAccAwsWorkspacesWorkspaceConfig_Prerequisites(rName) + fmt.Sprintf(` resource "aws_workspaces_workspace" "test" { bundle_id = "${data.aws_workspaces_bundle.test.id}" directory_id = "${aws_workspaces_directory.test.id}" @@ -437,18 +420,12 @@ resource "aws_workspaces_workspace" "test" { workspace_properties { } - - depends_on = [ - # The role "workspaces_DefaultRole" requires the policy arn:aws:iam::aws:policy/AmazonWorkSpacesServiceAccess - # to create and delete the ENI that the Workspaces service creates for the Workspace - aws_iam_role_policy_attachment.workspaces-default-service-access, - ] } `) } -func testAccWorkspacesWorkspaceConfig_validateRootVolumeSize() string { - return testAccAwsWorkspacesWorkspaceConfig_Prerequisites() + fmt.Sprintf(` +func testAccWorkspacesWorkspaceConfig_validateRootVolumeSize(rName string) string { + return testAccAwsWorkspacesWorkspaceConfig_Prerequisites(rName) + fmt.Sprintf(` resource "aws_workspaces_workspace" "test" { bundle_id = "${data.aws_workspaces_bundle.test.id}" directory_id = "${aws_workspaces_directory.test.id}" @@ -465,18 +442,12 @@ resource "aws_workspaces_workspace" "test" { tags = { TerraformProviderAwsTest = true } - - depends_on = [ - # The role "workspaces_DefaultRole" requires the policy arn:aws:iam::aws:policy/AmazonWorkSpacesServiceAccess - # to create and delete the ENI that the Workspaces service creates for the Workspace - aws_iam_role_policy_attachment.workspaces-default-service-access, - ] } `) } -func testAccWorkspacesWorkspaceConfig_validateUserVolumeSize() string { - return testAccAwsWorkspacesWorkspaceConfig_Prerequisites() + fmt.Sprintf(` +func testAccWorkspacesWorkspaceConfig_validateUserVolumeSize(rName string) string { + return testAccAwsWorkspacesWorkspaceConfig_Prerequisites(rName) + fmt.Sprintf(` resource "aws_workspaces_workspace" "test" { bundle_id = "${data.aws_workspaces_bundle.test.id}" directory_id = "${aws_workspaces_directory.test.id}" @@ -493,12 +464,6 @@ resource "aws_workspaces_workspace" "test" { tags = { TerraformProviderAwsTest = true } - - depends_on = [ - # The role "workspaces_DefaultRole" requires the policy arn:aws:iam::aws:policy/AmazonWorkSpacesServiceAccess - # to create and delete the ENI that the Workspaces service creates for the Workspace - aws_iam_role_policy_attachment.workspaces-default-service-access, - ] } `) } From 95e60cb414c7343b92cb45ae4c882d3c361cfb2b Mon Sep 17 00:00:00 2001 From: Graham Davison Date: Thu, 14 May 2020 14:34:58 -0700 Subject: [PATCH 333/475] Moves WorkSpaces waiters to internal package --- .../service/workspaces/waiter/status.go | 43 +++++ .../service/workspaces/waiter/waiter.go | 151 ++++++++++++++++++ aws/resource_aws_workspaces_directory.go | 102 ++++-------- aws/resource_aws_workspaces_workspace.go | 129 +++------------ 4 files changed, 248 insertions(+), 177 deletions(-) create mode 100644 aws/internal/service/workspaces/waiter/status.go create mode 100644 aws/internal/service/workspaces/waiter/waiter.go diff --git a/aws/internal/service/workspaces/waiter/status.go b/aws/internal/service/workspaces/waiter/status.go new file mode 100644 index 00000000000..6ea8cbc65f3 --- /dev/null +++ b/aws/internal/service/workspaces/waiter/status.go @@ -0,0 +1,43 @@ +package waiter + +import ( + "github.com/aws/aws-sdk-go/aws" + "github.com/aws/aws-sdk-go/service/workspaces" + "github.com/hashicorp/terraform-plugin-sdk/helper/resource" +) + +func DirectoryRefreshStateFunc(conn *workspaces.WorkSpaces, directoryID string) resource.StateRefreshFunc { + return func() (interface{}, string, error) { + output, err := conn.DescribeWorkspaceDirectories(&workspaces.DescribeWorkspaceDirectoriesInput{ + DirectoryIds: aws.StringSlice([]string{directoryID}), + }) + if err != nil { + return nil, workspaces.WorkspaceDirectoryStateError, err + } + + if len(output.Directories) == 0 { + return output, workspaces.WorkspaceDirectoryStateDeregistered, nil + } + + directory := output.Directories[0] + return directory, aws.StringValue(directory.State), nil + } +} + +func WorkspaceRefreshStateFunc(conn *workspaces.WorkSpaces, workspaceID string) resource.StateRefreshFunc { + return func() (interface{}, string, error) { + output, err := conn.DescribeWorkspaces(&workspaces.DescribeWorkspacesInput{ + WorkspaceIds: aws.StringSlice([]string{workspaceID}), + }) + if err != nil { + return nil, workspaces.WorkspaceStateError, err + } + + if len(output.Workspaces) == 0 { + return nil, workspaces.WorkspaceStateTerminated, nil + } + + workspace := output.Workspaces[0] + return workspace, aws.StringValue(workspace.State), nil + } +} diff --git a/aws/internal/service/workspaces/waiter/waiter.go b/aws/internal/service/workspaces/waiter/waiter.go new file mode 100644 index 00000000000..2f4fae4bcf2 --- /dev/null +++ b/aws/internal/service/workspaces/waiter/waiter.go @@ -0,0 +1,151 @@ +package waiter + +import ( + "time" + + "github.com/aws/aws-sdk-go/service/workspaces" + "github.com/hashicorp/terraform-plugin-sdk/helper/resource" +) + +const ( + // Maximum amount of time to wait for a Directory to return Registered + DirectoryRegisteredTimeout = 10 * time.Minute + + // Maximum amount of time to wait for a Directory to return Deregistered + DirectoryDeregisteredTimeout = 10 * time.Minute + + // Maximum amount of time to wait for a WorkSpace to return Available + WorkspaceAvailableTimeout = 30 * time.Minute + + // Maximum amount of time to wait for a WorkSpace while returning Updating + WorkspaceUpdatingTimeout = 10 * time.Minute + + // Amount of time to delay before checking WorkSpace when updating + WorkspaceUpdatingDelay = 1 * time.Minute + + // Maximum amount of time to wait for a WorkSpace to return Terminated + WorkspaceTerminatedTimeout = 10 * time.Minute +) + +func DirectoryRegistered(conn *workspaces.WorkSpaces, directoryID string) (*workspaces.WorkspaceDirectory, error) { + stateConf := &resource.StateChangeConf{ + Pending: []string{ + workspaces.WorkspaceDirectoryStateRegistering, + }, + Target: []string{workspaces.WorkspaceDirectoryStateRegistered}, + Refresh: DirectoryRefreshStateFunc(conn, directoryID), + Timeout: DirectoryRegisteredTimeout, + } + + outputRaw, err := stateConf.WaitForState() + + if v, ok := outputRaw.(*workspaces.WorkspaceDirectory); ok { + return v, err + } + + return nil, err +} + +func DirectoryDeregistered(conn *workspaces.WorkSpaces, directoryID string) (*workspaces.WorkspaceDirectory, error) { + stateConf := &resource.StateChangeConf{ + Pending: []string{ + workspaces.WorkspaceDirectoryStateRegistering, + workspaces.WorkspaceDirectoryStateRegistered, + workspaces.WorkspaceDirectoryStateDeregistering, + }, + Target: []string{ + workspaces.WorkspaceDirectoryStateDeregistered, + }, + Refresh: DirectoryRefreshStateFunc(conn, directoryID), + Timeout: DirectoryDeregisteredTimeout, + } + + outputRaw, err := stateConf.WaitForState() + + if v, ok := outputRaw.(*workspaces.WorkspaceDirectory); ok { + return v, err + } + + return nil, err +} + +func WorkspaceAvailable(conn *workspaces.WorkSpaces, workspaceID string) (*workspaces.Workspace, error) { + stateConf := &resource.StateChangeConf{ + Pending: []string{ + workspaces.WorkspaceStatePending, + workspaces.WorkspaceStateStarting, + }, + Target: []string{workspaces.WorkspaceStateAvailable}, + Refresh: WorkspaceRefreshStateFunc(conn, workspaceID), + Timeout: WorkspaceAvailableTimeout, + } + + outputRaw, err := stateConf.WaitForState() + + if v, ok := outputRaw.(*workspaces.Workspace); ok { + return v, err + } + + return nil, err +} + +func WorkspaceTerminated(conn *workspaces.WorkSpaces, workspaceID string) (*workspaces.Workspace, error) { + stateConf := &resource.StateChangeConf{ + Pending: []string{ + workspaces.WorkspaceStatePending, + workspaces.WorkspaceStateAvailable, + workspaces.WorkspaceStateImpaired, + workspaces.WorkspaceStateUnhealthy, + workspaces.WorkspaceStateRebooting, + workspaces.WorkspaceStateStarting, + workspaces.WorkspaceStateRebuilding, + workspaces.WorkspaceStateRestoring, + workspaces.WorkspaceStateMaintenance, + workspaces.WorkspaceStateAdminMaintenance, + workspaces.WorkspaceStateSuspended, + workspaces.WorkspaceStateUpdating, + workspaces.WorkspaceStateStopping, + workspaces.WorkspaceStateStopped, + workspaces.WorkspaceStateTerminating, + workspaces.WorkspaceStateError, + }, + Target: []string{ + workspaces.WorkspaceStateTerminated, + }, + Refresh: WorkspaceRefreshStateFunc(conn, workspaceID), + Timeout: WorkspaceTerminatedTimeout, + } + + outputRaw, err := stateConf.WaitForState() + + if v, ok := outputRaw.(*workspaces.Workspace); ok { + return v, err + } + + return nil, err +} + +func WorkspaceUpdated(conn *workspaces.WorkSpaces, workspaceID string) (*workspaces.Workspace, error) { + // OperationInProgressException: The properties of this WorkSpace are currently under modification. Please try again in a moment. + // AWS Workspaces service doesn't change instance status to "Updating" during property modification. Respective AWS Support feature request has been created. Meanwhile, artificial delay is placed here as a workaround. + stateConf := &resource.StateChangeConf{ + Pending: []string{ + workspaces.WorkspaceStateUpdating, + }, + Target: []string{ + workspaces.WorkspaceStateAvailable, + workspaces.WorkspaceStateStopped, + }, + Refresh: WorkspaceRefreshStateFunc(conn, workspaceID), + Delay: WorkspaceUpdatingDelay, + Timeout: WorkspaceUpdatingTimeout, + } + + outputRaw, err := stateConf.WaitForState() + + if v, ok := outputRaw.(*workspaces.Workspace); ok { + return v, err + } + + return nil, err +} diff --git a/aws/resource_aws_workspaces_directory.go b/aws/resource_aws_workspaces_directory.go index b98a3f0404f..61944db8910 100644 --- a/aws/resource_aws_workspaces_directory.go +++ b/aws/resource_aws_workspaces_directory.go @@ -3,14 +3,13 @@ package aws import ( "fmt" "log" - "time" "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/service/workspaces" - "github.com/hashicorp/terraform-plugin-sdk/helper/resource" "github.com/hashicorp/terraform-plugin-sdk/helper/schema" "github.com/terraform-providers/terraform-provider-aws/aws/internal/keyvaluetags" + "github.com/terraform-providers/terraform-provider-aws/aws/internal/service/workspaces/waiter" ) func resourceAwsWorkspacesDirectory() *schema.Resource { @@ -131,31 +130,21 @@ func resourceAwsWorkspacesDirectoryCreate(d *schema.ResourceData, meta interface input.SubnetIds = expandStringSet(v.(*schema.Set)) } - log.Printf("[DEBUG] Regestering workspaces directory...\n%#v\n", *input) + log.Printf("[DEBUG] Regestering WorkSpaces Directory...\n%#v\n", *input) _, err := conn.RegisterWorkspaceDirectory(input) if err != nil { return err } d.SetId(directoryId) - log.Printf("[DEBUG] Waiting for workspaces directory %q to become registered...", d.Id()) - stateConf := &resource.StateChangeConf{ - Pending: []string{ - workspaces.WorkspaceDirectoryStateRegistering, - }, - Target: []string{workspaces.WorkspaceDirectoryStateRegistered}, - Refresh: workspacesDirectoryRefreshStateFunc(conn, directoryId), - PollInterval: 30 * time.Second, - Timeout: 10 * time.Minute, - } - - _, err = stateConf.WaitForState() + log.Printf("[DEBUG] Waiting for WorkSpaces Directory %q to become registered...", directoryId) + _, err = waiter.DirectoryRegistered(conn, directoryId) if err != nil { return fmt.Errorf("error registering directory: %s", err) } - log.Printf("[DEBUG] Workspaces directory %q is registered", d.Id()) + log.Printf("[DEBUG] WorkSpaces Directory %q is registered", directoryId) - log.Printf("[DEBUG] Modifying workspaces directory %q self-service permissions...", d.Id()) + log.Printf("[DEBUG] Modifying WorkSpaces Directory %q self-service permissions...", directoryId) if v, ok := d.GetOk("self_service_permissions"); ok { _, err := conn.ModifySelfservicePermissions(&workspaces.ModifySelfservicePermissionsInput{ ResourceId: aws.String(directoryId), @@ -165,7 +154,7 @@ func resourceAwsWorkspacesDirectoryCreate(d *schema.ResourceData, meta interface return fmt.Errorf("error setting self service permissions: %s", err) } } - log.Printf("[DEBUG] Workspaces directory %q self-service permissions are set", d.Id()) + log.Printf("[DEBUG] WorkSpaces Directory %q self-service permissions are set", directoryId) return resourceAwsWorkspacesDirectoryRead(d, meta) } @@ -174,36 +163,36 @@ func resourceAwsWorkspacesDirectoryRead(d *schema.ResourceData, meta interface{} conn := meta.(*AWSClient).workspacesconn ignoreTagsConfig := meta.(*AWSClient).IgnoreTagsConfig - raw, state, err := workspacesDirectoryRefreshStateFunc(conn, d.Id())() + rawOutput, state, err := waiter.DirectoryRefreshStateFunc(conn, d.Id())() if err != nil { - return fmt.Errorf("error getting workspaces directory (%s): %s", d.Id(), err) + return fmt.Errorf("error getting WorkSpaces Directory (%s): %s", d.Id(), err) } if state == workspaces.WorkspaceDirectoryStateDeregistered { - log.Printf("[WARN] workspaces directory (%s) not found, removing from state", d.Id()) + log.Printf("[WARN] WorkSpaces Directory (%s) not found, removing from state", d.Id()) d.SetId("") return nil } - dir := raw.(*workspaces.WorkspaceDirectory) - d.Set("directory_id", dir.DirectoryId) - if err := d.Set("subnet_ids", flattenStringSet(dir.SubnetIds)); err != nil { + directory := rawOutput.(*workspaces.WorkspaceDirectory) + d.Set("directory_id", directory.DirectoryId) + if err := d.Set("subnet_ids", flattenStringSet(directory.SubnetIds)); err != nil { return fmt.Errorf("error setting subnet_ids: %s", err) } - d.Set("workspace_security_group_id", dir.WorkspaceSecurityGroupId) - d.Set("iam_role_id", dir.IamRoleId) - d.Set("registration_code", dir.RegistrationCode) - d.Set("directory_name", dir.DirectoryName) - d.Set("directory_type", dir.DirectoryType) - d.Set("alias", dir.Alias) - if err := d.Set("self_service_permissions", flattenSelfServicePermissions(dir.SelfservicePermissions)); err != nil { + d.Set("workspace_security_group_id", directory.WorkspaceSecurityGroupId) + d.Set("iam_role_id", directory.IamRoleId) + d.Set("registration_code", directory.RegistrationCode) + d.Set("directory_name", directory.DirectoryName) + d.Set("directory_type", directory.DirectoryType) + d.Set("alias", directory.Alias) + if err := d.Set("self_service_permissions", flattenSelfServicePermissions(directory.SelfservicePermissions)); err != nil { return fmt.Errorf("error setting self_service_permissions: %s", err) } - if err := d.Set("ip_group_ids", flattenStringSet(dir.IpGroupIds)); err != nil { + if err := d.Set("ip_group_ids", flattenStringSet(directory.IpGroupIds)); err != nil { return fmt.Errorf("error setting ip_group_ids: %s", err) } - if err := d.Set("dns_ip_addresses", flattenStringSet(dir.DnsIpAddresses)); err != nil { + if err := d.Set("dns_ip_addresses", flattenStringSet(directory.DnsIpAddresses)); err != nil { return fmt.Errorf("error setting dns_ip_addresses: %s", err) } @@ -223,7 +212,7 @@ func resourceAwsWorkspacesDirectoryUpdate(d *schema.ResourceData, meta interface conn := meta.(*AWSClient).workspacesconn if d.HasChange("self_service_permissions") { - log.Printf("[DEBUG] Modifying workspaces directory %q self-service permissions...", d.Id()) + log.Printf("[DEBUG] Modifying WorkSpaces Directory %q self-service permissions...", d.Id()) permissions := d.Get("self_service_permissions").([]interface{}) _, err := conn.ModifySelfservicePermissions(&workspaces.ModifySelfservicePermissionsInput{ @@ -233,7 +222,7 @@ func resourceAwsWorkspacesDirectoryUpdate(d *schema.ResourceData, meta interface if err != nil { return fmt.Errorf("error updating self service permissions: %s", err) } - log.Printf("[DEBUG] Workspaces directory %q self-service permissions are set", d.Id()) + log.Printf("[DEBUG] WorkSpaces Directory %q self-service permissions are set", d.Id()) } if d.HasChange("tags") { @@ -251,60 +240,31 @@ func resourceAwsWorkspacesDirectoryDelete(d *schema.ResourceData, meta interface err := workspacesDirectoryDelete(d.Id(), conn) if err != nil { - return fmt.Errorf("error deleting workspaces directory (%s): %s", d.Id(), err) + return fmt.Errorf("error deleting WorkSpaces Directory (%s): %s", d.Id(), err) } return nil } func workspacesDirectoryDelete(id string, conn *workspaces.WorkSpaces) error { - log.Printf("[DEBUG] Deregistering Workspace Directory %q", id) + log.Printf("[DEBUG] Deregistering WorkSpaces Directory %q", id) _, err := conn.DeregisterWorkspaceDirectory(&workspaces.DeregisterWorkspaceDirectoryInput{ DirectoryId: aws.String(id), }) if err != nil { - return fmt.Errorf("error deregistering Workspace Directory %q: %w", id, err) + return fmt.Errorf("error deregistering WorkSpaces Directory %q: %w", id, err) } - log.Printf("[DEBUG] Waiting for Workspace Directory %q to be deregistered", id) - stateConf := &resource.StateChangeConf{ - Pending: []string{ - workspaces.WorkspaceDirectoryStateRegistering, - workspaces.WorkspaceDirectoryStateRegistered, - workspaces.WorkspaceDirectoryStateDeregistering, - }, - Target: []string{ - workspaces.WorkspaceDirectoryStateDeregistered, - }, - Refresh: workspacesDirectoryRefreshStateFunc(conn, id), - PollInterval: 30 * time.Second, - Timeout: 10 * time.Minute, - } - _, err = stateConf.WaitForState() + log.Printf("[DEBUG] Waiting for WorkSpaces Directory %q to be deregistered", id) + _, err = waiter.DirectoryDeregistered(conn, id) if err != nil { - return fmt.Errorf("error waiting for Workspace Directory %q to be deregistered: %w", id, err) + return fmt.Errorf("error waiting for WorkSpaces Directory %q to be deregistered: %w", id, err) } - log.Printf("[DEBUG] Workspaces Directory %q is deregistered", id) + log.Printf("[DEBUG] WorkSpaces Directory %q is deregistered", id) return nil } -func workspacesDirectoryRefreshStateFunc(conn *workspaces.WorkSpaces, directoryID string) resource.StateRefreshFunc { - return func() (interface{}, string, error) { - resp, err := conn.DescribeWorkspaceDirectories(&workspaces.DescribeWorkspaceDirectoriesInput{ - DirectoryIds: []*string{aws.String(directoryID)}, - }) - if err != nil { - return nil, workspaces.WorkspaceDirectoryStateError, err - } - if len(resp.Directories) == 0 { - return resp, workspaces.WorkspaceDirectoryStateDeregistered, nil - } - directory := resp.Directories[0] - return directory, aws.StringValue(directory.State), nil - } -} - func expandSelfServicePermissions(permissions []interface{}) *workspaces.SelfservicePermissions { if len(permissions) == 0 || permissions[0] == nil { return nil diff --git a/aws/resource_aws_workspaces_workspace.go b/aws/resource_aws_workspaces_workspace.go index c43672a62d8..275d2ef42af 100644 --- a/aws/resource_aws_workspaces_workspace.go +++ b/aws/resource_aws_workspaces_workspace.go @@ -3,26 +3,14 @@ package aws import ( "fmt" "log" - "time" "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/service/workspaces" - "github.com/hashicorp/terraform-plugin-sdk/helper/resource" "github.com/hashicorp/terraform-plugin-sdk/helper/schema" "github.com/hashicorp/terraform-plugin-sdk/helper/validation" "github.com/terraform-providers/terraform-provider-aws/aws/internal/keyvaluetags" -) - -const ( - // Maximum amount of time to wait for a WorkSpace to return Available - WorkspaceAvailableTimeout = 30 * time.Minute - - // Maximum amount of time to wait for a WorkSpace while returning Updating - WorkspaceUpdatingTimeout = 10 * time.Minute - - // Maximum amount of time to wait for a WorkSpace to return Terminated - WorkspaceTerminatedTimeout = 10 * time.Minute + "github.com/terraform-providers/terraform-provider-aws/aws/internal/service/workspaces/waiter" ) func resourceAwsWorkspacesWorkspace() *schema.Resource { @@ -177,33 +165,20 @@ func resourceAwsWorkspacesWorkspaceCreate(d *schema.ResourceData, meta interface } wsFail := resp.FailedRequests - if len(wsFail) > 0 { return fmt.Errorf("workspace creation failed: %s", *wsFail[0].ErrorMessage) } - wsPendingID := aws.StringValue(resp.PendingRequests[0].WorkspaceId) - - log.Printf("[DEBUG] Waiting for workspace to be available...") - stateConf := &resource.StateChangeConf{ - Pending: []string{ - workspaces.WorkspaceStatePending, - workspaces.WorkspaceStateStarting, - }, - Target: []string{workspaces.WorkspaceStateAvailable}, - Refresh: workspaceRefreshStateFunc(conn, wsPendingID), - Timeout: WorkspaceAvailableTimeout, - } + workspaceID := aws.StringValue(resp.PendingRequests[0].WorkspaceId) - _, err = stateConf.WaitForState() + log.Printf("[DEBUG] Waiting for workspace %q to be available...", workspaceID) + _, err = waiter.WorkspaceAvailable(conn, workspaceID) if err != nil { - return fmt.Errorf("workspace %q is not available: %s", wsPendingID, err) + return fmt.Errorf("workspace %q is not available: %s", workspaceID, err) } - wsAvailableID := wsPendingID - - d.SetId(wsAvailableID) - log.Printf("[DEBUG] Workspace %q is available", d.Id()) + d.SetId(workspaceID) + log.Printf("[DEBUG] Workspace %q is available", workspaceID) return resourceAwsWorkspacesWorkspaceRead(d, meta) } @@ -212,7 +187,7 @@ func resourceAwsWorkspacesWorkspaceRead(d *schema.ResourceData, meta interface{} conn := meta.(*AWSClient).workspacesconn ignoreTagsConfig := meta.(*AWSClient).IgnoreTagsConfig - workspace, state, err := workspaceRefreshStateFunc(conn, d.Id())() + rawOutput, state, err := waiter.WorkspaceRefreshStateFunc(conn, d.Id())() if err != nil { return fmt.Errorf("error reading workspace (%s): %s", d.Id(), err) } @@ -222,17 +197,17 @@ func resourceAwsWorkspacesWorkspaceRead(d *schema.ResourceData, meta interface{} return nil } - ws := workspace.(*workspaces.Workspace) - d.Set("bundle_id", ws.BundleId) - d.Set("directory_id", ws.DirectoryId) - d.Set("ip_address", ws.IpAddress) - d.Set("computer_name", ws.ComputerName) - d.Set("state", ws.State) - d.Set("root_volume_encryption_enabled", ws.RootVolumeEncryptionEnabled) - d.Set("user_name", ws.UserName) - d.Set("user_volume_encryption_enabled", ws.UserVolumeEncryptionEnabled) - d.Set("volume_encryption_key", ws.VolumeEncryptionKey) - if err := d.Set("workspace_properties", flattenWorkspaceProperties(ws.WorkspaceProperties)); err != nil { + workspace := rawOutput.(*workspaces.Workspace) + d.Set("bundle_id", workspace.BundleId) + d.Set("directory_id", workspace.DirectoryId) + d.Set("ip_address", workspace.IpAddress) + d.Set("computer_name", workspace.ComputerName) + d.Set("state", workspace.State) + d.Set("root_volume_encryption_enabled", workspace.RootVolumeEncryptionEnabled) + d.Set("user_name", workspace.UserName) + d.Set("user_volume_encryption_enabled", workspace.UserVolumeEncryptionEnabled) + d.Set("volume_encryption_key", workspace.VolumeEncryptionKey) + if err := d.Set("workspace_properties", flattenWorkspaceProperties(workspace.WorkspaceProperties)); err != nil { return fmt.Errorf("error setting workspace properties: %s", err) } @@ -320,33 +295,7 @@ func workspaceDelete(id string, conn *workspaces.WorkSpaces) error { } log.Printf("[DEBUG] Waiting for workspace %q to be terminated", id) - stateConf := &resource.StateChangeConf{ - Pending: []string{ - workspaces.WorkspaceStatePending, - workspaces.WorkspaceStateAvailable, - workspaces.WorkspaceStateImpaired, - workspaces.WorkspaceStateUnhealthy, - workspaces.WorkspaceStateRebooting, - workspaces.WorkspaceStateStarting, - workspaces.WorkspaceStateRebuilding, - workspaces.WorkspaceStateRestoring, - workspaces.WorkspaceStateMaintenance, - workspaces.WorkspaceStateAdminMaintenance, - workspaces.WorkspaceStateSuspended, - workspaces.WorkspaceStateUpdating, - workspaces.WorkspaceStateStopping, - workspaces.WorkspaceStateStopped, - workspaces.WorkspaceStateTerminating, - workspaces.WorkspaceStateError, - }, - Target: []string{ - workspaces.WorkspaceStateTerminated, - }, - Refresh: workspaceRefreshStateFunc(conn, id), - Timeout: WorkspaceTerminatedTimeout, - } - - _, err = stateConf.WaitForState() + _, err = waiter.WorkspaceTerminated(conn, id) if err != nil { return fmt.Errorf("workspace %q was not terminated: %s", id, err) } @@ -395,51 +344,19 @@ func workspacePropertyUpdate(p string, conn *workspaces.WorkSpaces, d *schema.Re WorkspaceProperties: wsp, }) if err != nil { - return fmt.Errorf("workspace %q %s property was not modified: %s", d.Id(), p, err) + return fmt.Errorf("workspace %q %s property was not modified: %w", d.Id(), p, err) } log.Printf("[DEBUG] Waiting for workspace %q %s property to be modified...", d.Id(), p) - // OperationInProgressException: The properties of this WorkSpace are currently under modification. Please try again in a moment. - // AWS Workspaces service doesn't change instance status to "Updating" during property modification. Respective AWS Support feature request has been created. Meanwhile, artificial delay is placed here as a workaround. - time.Sleep(1 * time.Minute) - - stateConf := &resource.StateChangeConf{ - Pending: []string{ - workspaces.WorkspaceStateUpdating, - }, - Target: []string{ - workspaces.WorkspaceStateAvailable, - workspaces.WorkspaceStateStopped, - }, - Refresh: workspaceRefreshStateFunc(conn, d.Id()), - Timeout: WorkspaceUpdatingTimeout, - } - - _, err = stateConf.WaitForState() + _, err = waiter.WorkspaceUpdated(conn, d.Id()) if err != nil { - return fmt.Errorf("workspace %q %s property was not modified: %s", d.Id(), p, err) + return fmt.Errorf("error modifying workspace %q property %q was not modified: %w", d.Id(), p, err) } log.Printf("[DEBUG] Workspace %q %s property is modified", d.Id(), p) return nil } -func workspaceRefreshStateFunc(conn *workspaces.WorkSpaces, workspaceID string) resource.StateRefreshFunc { - return func() (interface{}, string, error) { - resp, err := conn.DescribeWorkspaces(&workspaces.DescribeWorkspacesInput{ - WorkspaceIds: []*string{aws.String(workspaceID)}, - }) - if err != nil { - return nil, workspaces.WorkspaceStateError, err - } - if len(resp.Workspaces) == 0 { - return nil, workspaces.WorkspaceStateTerminated, nil - } - workspace := resp.Workspaces[0] - return workspace, aws.StringValue(workspace.State), nil - } -} - func expandWorkspaceProperties(properties []interface{}) *workspaces.WorkspaceProperties { log.Printf("[DEBUG] Expand Workspace properties: %+v ", properties) From 224a3a77dd45e3e84e3636e153cd1f6ef28d1a2f Mon Sep 17 00:00:00 2001 From: Graham Davison Date: Tue, 26 May 2020 14:41:13 -0700 Subject: [PATCH 334/475] Renames Workspaces state functions --- aws/internal/service/workspaces/waiter/status.go | 4 ++-- aws/internal/service/workspaces/waiter/waiter.go | 10 +++++----- aws/resource_aws_workspaces_directory.go | 2 +- aws/resource_aws_workspaces_workspace.go | 2 +- 4 files changed, 9 insertions(+), 9 deletions(-) diff --git a/aws/internal/service/workspaces/waiter/status.go b/aws/internal/service/workspaces/waiter/status.go index 6ea8cbc65f3..06a3fd1bc6d 100644 --- a/aws/internal/service/workspaces/waiter/status.go +++ b/aws/internal/service/workspaces/waiter/status.go @@ -6,7 +6,7 @@ import ( "github.com/hashicorp/terraform-plugin-sdk/helper/resource" ) -func DirectoryRefreshStateFunc(conn *workspaces.WorkSpaces, directoryID string) resource.StateRefreshFunc { +func DirectoryState(conn *workspaces.WorkSpaces, directoryID string) resource.StateRefreshFunc { return func() (interface{}, string, error) { output, err := conn.DescribeWorkspaceDirectories(&workspaces.DescribeWorkspaceDirectoriesInput{ DirectoryIds: aws.StringSlice([]string{directoryID}), @@ -24,7 +24,7 @@ func DirectoryRefreshStateFunc(conn *workspaces.WorkSpaces, directoryID string) } } -func WorkspaceRefreshStateFunc(conn *workspaces.WorkSpaces, workspaceID string) resource.StateRefreshFunc { +func WorkspaceState(conn *workspaces.WorkSpaces, workspaceID string) resource.StateRefreshFunc { return func() (interface{}, string, error) { output, err := conn.DescribeWorkspaces(&workspaces.DescribeWorkspacesInput{ WorkspaceIds: aws.StringSlice([]string{workspaceID}), diff --git a/aws/internal/service/workspaces/waiter/waiter.go b/aws/internal/service/workspaces/waiter/waiter.go index 2f4fae4bcf2..28fd0fd2d73 100644 --- a/aws/internal/service/workspaces/waiter/waiter.go +++ b/aws/internal/service/workspaces/waiter/waiter.go @@ -33,7 +33,7 @@ func DirectoryRegistered(conn *workspaces.WorkSpaces, directoryID string) (*work workspaces.WorkspaceDirectoryStateRegistering, }, Target: []string{workspaces.WorkspaceDirectoryStateRegistered}, - Refresh: DirectoryRefreshStateFunc(conn, directoryID), + Refresh: DirectoryState(conn, directoryID), Timeout: DirectoryRegisteredTimeout, } @@ -56,7 +56,7 @@ func DirectoryDeregistered(conn *workspaces.WorkSpaces, directoryID string) (*wo Target: []string{ workspaces.WorkspaceDirectoryStateDeregistered, }, - Refresh: DirectoryRefreshStateFunc(conn, directoryID), + Refresh: DirectoryState(conn, directoryID), Timeout: DirectoryDeregisteredTimeout, } @@ -76,7 +76,7 @@ func WorkspaceAvailable(conn *workspaces.WorkSpaces, workspaceID string) (*works workspaces.WorkspaceStateStarting, }, Target: []string{workspaces.WorkspaceStateAvailable}, - Refresh: WorkspaceRefreshStateFunc(conn, workspaceID), + Refresh: WorkspaceState(conn, workspaceID), Timeout: WorkspaceAvailableTimeout, } @@ -112,7 +112,7 @@ func WorkspaceTerminated(conn *workspaces.WorkSpaces, workspaceID string) (*work Target: []string{ workspaces.WorkspaceStateTerminated, }, - Refresh: WorkspaceRefreshStateFunc(conn, workspaceID), + Refresh: WorkspaceState(conn, workspaceID), Timeout: WorkspaceTerminatedTimeout, } @@ -136,7 +136,7 @@ func WorkspaceUpdated(conn *workspaces.WorkSpaces, workspaceID string) (*workspa workspaces.WorkspaceStateAvailable, workspaces.WorkspaceStateStopped, }, - Refresh: WorkspaceRefreshStateFunc(conn, workspaceID), + Refresh: WorkspaceState(conn, workspaceID), Delay: WorkspaceUpdatingDelay, Timeout: WorkspaceUpdatingTimeout, } diff --git a/aws/resource_aws_workspaces_directory.go b/aws/resource_aws_workspaces_directory.go index 61944db8910..9b5976ae1c4 100644 --- a/aws/resource_aws_workspaces_directory.go +++ b/aws/resource_aws_workspaces_directory.go @@ -163,7 +163,7 @@ func resourceAwsWorkspacesDirectoryRead(d *schema.ResourceData, meta interface{} conn := meta.(*AWSClient).workspacesconn ignoreTagsConfig := meta.(*AWSClient).IgnoreTagsConfig - rawOutput, state, err := waiter.DirectoryRefreshStateFunc(conn, d.Id())() + rawOutput, state, err := waiter.DirectoryState(conn, d.Id())() if err != nil { return fmt.Errorf("error getting WorkSpaces Directory (%s): %s", d.Id(), err) } diff --git a/aws/resource_aws_workspaces_workspace.go b/aws/resource_aws_workspaces_workspace.go index 275d2ef42af..8ff5e7903a4 100644 --- a/aws/resource_aws_workspaces_workspace.go +++ b/aws/resource_aws_workspaces_workspace.go @@ -187,7 +187,7 @@ func resourceAwsWorkspacesWorkspaceRead(d *schema.ResourceData, meta interface{} conn := meta.(*AWSClient).workspacesconn ignoreTagsConfig := meta.(*AWSClient).IgnoreTagsConfig - rawOutput, state, err := waiter.WorkspaceRefreshStateFunc(conn, d.Id())() + rawOutput, state, err := waiter.WorkspaceState(conn, d.Id())() if err != nil { return fmt.Errorf("error reading workspace (%s): %s", d.Id(), err) } From 91ff2805987c12d9859063418d95a9e079868999 Mon Sep 17 00:00:00 2001 From: Graham Davison Date: Tue, 26 May 2020 15:53:01 -0700 Subject: [PATCH 335/475] Reorders parameters for ARN checks with specific account IDs --- aws/provider_test.go | 4 ++-- aws/resource_aws_lambda_alias_test.go | 2 +- aws/resource_aws_lambda_function_test.go | 2 +- aws/resource_aws_ram_resource_share_accepter_test.go | 2 +- 4 files changed, 5 insertions(+), 5 deletions(-) diff --git a/aws/provider_test.go b/aws/provider_test.go index cdc19055ca0..2ea3d897b84 100644 --- a/aws/provider_test.go +++ b/aws/provider_test.go @@ -127,7 +127,7 @@ func testAccCheckResourceAttrRegionalARNNoAccount(resourceName, attributeName, a } // testAccCheckResourceAttrRegionalARNAccountID ensures the Terraform state exactly matches a formatted ARN with region and specific account ID -func testAccCheckResourceAttrRegionalARNAccountID(resourceName, attributeName, accountID, arnService, arnResource string) resource.TestCheckFunc { +func testAccCheckResourceAttrRegionalARNAccountID(resourceName, attributeName, arnService, accountID, arnResource string) resource.TestCheckFunc { return func(s *terraform.State) error { attributeValue := arn.ARN{ AccountID: accountID, @@ -182,7 +182,7 @@ func testAccMatchResourceAttrRegionalARNNoAccount(resourceName, attributeName, a } // testAccMatchResourceAttrRegionalARNAccountID ensures the Terraform state regexp matches a formatted ARN with region and specific account ID -func testAccMatchResourceAttrRegionalARNAccountID(resourceName, attributeName, accountID, arnService string, arnResourceRegexp *regexp.Regexp) resource.TestCheckFunc { +func testAccMatchResourceAttrRegionalARNAccountID(resourceName, attributeName, arnService, accountID string, arnResourceRegexp *regexp.Regexp) resource.TestCheckFunc { return func(s *terraform.State) error { arnRegexp := arn.ARN{ AccountID: accountID, diff --git a/aws/resource_aws_lambda_alias_test.go b/aws/resource_aws_lambda_alias_test.go index 32e4602587a..1a5126fc464 100644 --- a/aws/resource_aws_lambda_alias_test.go +++ b/aws/resource_aws_lambda_alias_test.go @@ -208,7 +208,7 @@ func testAccCheckAwsLambdaAliasAttributes(mapping *lambda.AliasConfiguration) re func testAccCheckAwsLambdaAliasInvokeArn(name string, mapping *lambda.AliasConfiguration) resource.TestCheckFunc { return func(s *terraform.State) error { arn := aws.StringValue(mapping.AliasArn) - return testAccCheckResourceAttrRegionalARNAccountID(name, "invoke_arn", "lambda", "apigateway", fmt.Sprintf("path/2015-03-31/functions/%s/invocations", arn))(s) + return testAccCheckResourceAttrRegionalARNAccountID(name, "invoke_arn", "apigateway", "lambda", fmt.Sprintf("path/2015-03-31/functions/%s/invocations", arn))(s) } } diff --git a/aws/resource_aws_lambda_function_test.go b/aws/resource_aws_lambda_function_test.go index 1b681973696..33fbd48251a 100644 --- a/aws/resource_aws_lambda_function_test.go +++ b/aws/resource_aws_lambda_function_test.go @@ -1796,7 +1796,7 @@ func testAccCheckAwsLambdaFunctionExists(res, funcName string, function *lambda. func testAccCheckAwsLambdaFunctionInvokeArn(name string, function *lambda.GetFunctionOutput) resource.TestCheckFunc { return func(s *terraform.State) error { arn := aws.StringValue(function.Configuration.FunctionArn) - return testAccCheckResourceAttrRegionalARNAccountID(name, "invoke_arn", "lambda", "apigateway", fmt.Sprintf("path/2015-03-31/functions/%s/invocations", arn))(s) + return testAccCheckResourceAttrRegionalARNAccountID(name, "invoke_arn", "apigateway", "lambda", fmt.Sprintf("path/2015-03-31/functions/%s/invocations", arn))(s) } } diff --git a/aws/resource_aws_ram_resource_share_accepter_test.go b/aws/resource_aws_ram_resource_share_accepter_test.go index b14589158d8..3b668c05bbf 100644 --- a/aws/resource_aws_ram_resource_share_accepter_test.go +++ b/aws/resource_aws_ram_resource_share_accepter_test.go @@ -34,7 +34,7 @@ func TestAccAwsRamResourceShareAccepter_basic(t *testing.T) { Check: resource.ComposeTestCheckFunc( testAccCheckAwsRamResourceShareAccepterExists(resourceName), resource.TestCheckResourceAttrPair(resourceName, "share_arn", principalAssociationResourceName, "resource_share_arn"), - testAccMatchResourceAttrRegionalARNAccountID(resourceName, "invitation_arn", `\d{12}`, "ram", regexp.MustCompile(fmt.Sprintf("resource-share-invitation/%s$", uuidRegexPattern))), + testAccMatchResourceAttrRegionalARNAccountID(resourceName, "invitation_arn", "ram", `\d{12}`, regexp.MustCompile(fmt.Sprintf("resource-share-invitation/%s$", uuidRegexPattern))), resource.TestMatchResourceAttr(resourceName, "share_id", regexp.MustCompile(fmt.Sprintf(`^rs-%s$`, uuidRegexPattern))), resource.TestCheckResourceAttr(resourceName, "status", ram.ResourceShareStatusActive), testAccCheckResourceAttrAccountID(resourceName, "receiver_account_id"), From 1fcf2305ce7ae512cce9998b8e1c369f19524651 Mon Sep 17 00:00:00 2001 From: Graham Davison Date: Tue, 26 May 2020 15:55:55 -0700 Subject: [PATCH 336/475] Removes missed test --- aws/resource_aws_iot_role_alias_test.go | 1 - 1 file changed, 1 deletion(-) diff --git a/aws/resource_aws_iot_role_alias_test.go b/aws/resource_aws_iot_role_alias_test.go index ea321d97fa9..ff5b70c6b6f 100644 --- a/aws/resource_aws_iot_role_alias_test.go +++ b/aws/resource_aws_iot_role_alias_test.go @@ -61,7 +61,6 @@ func TestAccAWSIotRoleAlias_basic(t *testing.T) { Config: testAccAWSIotRoleAliasConfigUpdate5(alias2), Check: resource.ComposeTestCheckFunc( testAccCheckAWSIotRoleAliasExists(resourceName2), - resource.TestMatchResourceAttr(resourceName2, "role_arn", regexp.MustCompile(".+?bogus")), testAccMatchResourceAttrGlobalARN(resourceName2, "role_arn", "iam", regexp.MustCompile("role/rolebogus")), ), }, From 5ced3d47ce37fcf4ab83da922432b11b45ad74c5 Mon Sep 17 00:00:00 2001 From: Gilbert Gilb's Date: Wed, 27 May 2020 03:38:32 +0200 Subject: [PATCH 337/475] resource/aws_acm_certificate: Update pending DNS validation record creation time from 1 minute to 5 minutes. (#12371) When an ACM certificate has a lot of SANs (>20), it takes more than 1 minute to AWS to generate all the challenges. This waits for the challenges 5 minutes instead of 1 minute. --- aws/resource_aws_acm_certificate.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/aws/resource_aws_acm_certificate.go b/aws/resource_aws_acm_certificate.go index dcc95600b4f..d020554e541 100644 --- a/aws/resource_aws_acm_certificate.go +++ b/aws/resource_aws_acm_certificate.go @@ -227,7 +227,7 @@ func resourceAwsAcmCertificateRead(d *schema.ResourceData, meta interface{}) err CertificateArn: aws.String(d.Id()), } - return resource.Retry(time.Duration(1)*time.Minute, func() *resource.RetryError { + return resource.Retry(time.Duration(5)*time.Minute, func() *resource.RetryError { resp, err := acmconn.DescribeCertificate(params) if err != nil { From 98df32df0b341acc1673ce21355662c3c4facb4b Mon Sep 17 00:00:00 2001 From: Brian Flad Date: Tue, 26 May 2020 21:40:06 -0400 Subject: [PATCH 338/475] Update CHANGELOG for #12371 --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 38eb6f58575..d95ee0ef625 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -6,6 +6,7 @@ ENHANCMENTS: BUG FIXES: +* resource/aws_acm_certificate: Update pending DNS validation record creation time from 1 minute to 5 minutes (better support for certificates with high amount of Subject Alternative Names) [GH-12371] * resource/aws_ecs_task_definition: Ensure `efs_volume_configuration` changes are properly detected [GH-12571] / [GH-12751] * resource/aws_lightsail_instance: `ram_size` now properly set [GH-13430] * resource/aws_ses_event_destination: Correctly refresh entire resource state (prevent unexpected differences from version 2.63.0 and properly perform drift detection) [GH-13464] From 14b113986ddebbff887056102edc62bca7ae491a Mon Sep 17 00:00:00 2001 From: appilon Date: Wed, 27 May 2020 11:26:51 -0400 Subject: [PATCH 339/475] service/elasticsearch: Fix schema type mismatch (#13397) * Fix schema type mismatch * Add test check --- aws/data_source_aws_elasticsearch_domain.go | 2 +- aws/data_source_aws_elasticsearch_domain_test.go | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/aws/data_source_aws_elasticsearch_domain.go b/aws/data_source_aws_elasticsearch_domain.go index 3860ce98c7a..174219bf6f2 100644 --- a/aws/data_source_aws_elasticsearch_domain.go +++ b/aws/data_source_aws_elasticsearch_domain.go @@ -238,7 +238,7 @@ func dataSourceAwsElasticSearchDomain() *schema.Resource { Computed: true, }, "processing": { - Type: schema.TypeString, + Type: schema.TypeBool, Computed: true, }, diff --git a/aws/data_source_aws_elasticsearch_domain_test.go b/aws/data_source_aws_elasticsearch_domain_test.go index ed9448e7a49..3343b813993 100644 --- a/aws/data_source_aws_elasticsearch_domain_test.go +++ b/aws/data_source_aws_elasticsearch_domain_test.go @@ -20,6 +20,7 @@ func TestAccAWSDataElasticsearchDomain_basic(t *testing.T) { { Config: testAccAWSElasticsearchDomainConfigWithDataSource(rInt), Check: resource.ComposeAggregateTestCheckFunc( + resource.TestCheckResourceAttr(datasourceName, "processing", "false"), resource.TestCheckResourceAttrPair(datasourceName, "elasticsearch_version", resourceName, "elasticsearch_version"), resource.TestCheckResourceAttrPair(datasourceName, "cluster_config.#", resourceName, "cluster_config.#"), resource.TestCheckResourceAttrPair(datasourceName, "cluster_config.0.instance_type", resourceName, "cluster_config.0.instance_type"), From d759f87fc8161fccd08a4ccaa0e11b9847a9e97a Mon Sep 17 00:00:00 2001 From: appilon Date: Wed, 27 May 2020 11:29:01 -0400 Subject: [PATCH 340/475] Update CHANGELOG.md --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index d95ee0ef625..ae8f36c61e4 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -6,6 +6,7 @@ ENHANCMENTS: BUG FIXES: +* data-source/aws_elasticsearch_domain: `processing` is now correctly set [GH-13397] * resource/aws_acm_certificate: Update pending DNS validation record creation time from 1 minute to 5 minutes (better support for certificates with high amount of Subject Alternative Names) [GH-12371] * resource/aws_ecs_task_definition: Ensure `efs_volume_configuration` changes are properly detected [GH-12571] / [GH-12751] * resource/aws_lightsail_instance: `ram_size` now properly set [GH-13430] From 24927ba13ffe9bc977e48860413760a81b96a468 Mon Sep 17 00:00:00 2001 From: Brian Flad Date: Wed, 27 May 2020 13:33:48 -0400 Subject: [PATCH 341/475] resource/aws_autoscaling_group: Ignore ordering differences for `tags` argument (#13515) Reference: https://github.com/terraform-providers/terraform-provider-aws/issues/13469 Now that we are properly setting this attribute into the Terraform state, it highlighted ordering issues, which was not previously caught by the acceptance testing for the resource. Previously (after test configuration adjustment): ``` --- FAIL: TestAccAWSAutoScalingGroup_basic (147.82s) TestAccAWSAutoScalingGroup_basic: testing.go:684: Step 0 error: After applying this step, the plan was not empty: DIFF: UPDATE: aws_autoscaling_group.bar ... tags.#: "3" => "3" tags.0.key: "FromTags1" => "FromTags1" tags.0.propagate_at_launch: "true" => "true" tags.0.value: "value1" => "value1" tags.1.key: "FromTags2" => "FromTags3" tags.1.propagate_at_launch: "true" => "true" tags.1.value: "value2" => "value3" tags.2.key: "FromTags3" => "FromTags2" tags.2.propagate_at_launch: "true" => "true" tags.2.value: "value3" => "value2" ... ``` Output from acceptance testing: ``` --- PASS: TestAccAWSAutoScalingGroup_ALB_TargetGroups (187.12s) --- PASS: TestAccAWSAutoScalingGroup_ALB_TargetGroups_ELBCapacity (342.93s) --- PASS: TestAccAWSAutoScalingGroup_autoGeneratedName (79.14s) --- PASS: TestAccAWSAutoScalingGroup_basic (267.48s) --- PASS: TestAccAWSAutoScalingGroup_classicVpcZoneIdentifier (78.67s) --- PASS: TestAccAWSAutoScalingGroup_emptyAvailabilityZones (91.64s) --- PASS: TestAccAWSAutoScalingGroup_enablingMetrics (207.54s) --- PASS: TestAccAWSAutoScalingGroup_initialLifecycleHook (304.85s) --- PASS: TestAccAWSAutoScalingGroup_launchTemplate (87.94s) --- PASS: TestAccAWSAutoScalingGroup_LaunchTemplate_IAMInstanceProfile (99.20s) --- PASS: TestAccAWSAutoScalingGroup_launchTemplate_update (175.02s) --- PASS: TestAccAWSAutoScalingGroup_launchTempPartitionNum (90.52s) --- PASS: TestAccAWSAutoScalingGroup_LoadBalancers (569.76s) --- PASS: TestAccAWSAutoScalingGroup_MaxInstanceLifetime (87.50s) --- PASS: TestAccAWSAutoScalingGroup_MixedInstancesPolicy (83.65s) --- PASS: TestAccAWSAutoScalingGroup_MixedInstancesPolicy_InstancesDistribution_OnDemandAllocationStrategy (56.61s) --- PASS: TestAccAWSAutoScalingGroup_MixedInstancesPolicy_InstancesDistribution_OnDemandBaseCapacity (160.95s) --- PASS: TestAccAWSAutoScalingGroup_MixedInstancesPolicy_InstancesDistribution_OnDemandPercentageAboveBaseCapacity (83.85s) --- PASS: TestAccAWSAutoScalingGroup_MixedInstancesPolicy_InstancesDistribution_SpotAllocationStrategy (116.76s) --- PASS: TestAccAWSAutoScalingGroup_MixedInstancesPolicy_InstancesDistribution_SpotInstancePools (112.29s) --- PASS: TestAccAWSAutoScalingGroup_MixedInstancesPolicy_InstancesDistribution_SpotMaxPrice (160.14s) --- PASS: TestAccAWSAutoScalingGroup_MixedInstancesPolicy_LaunchTemplate_LaunchTemplateSpecification_LaunchTemplateName (88.11s) --- PASS: TestAccAWSAutoScalingGroup_MixedInstancesPolicy_LaunchTemplate_LaunchTemplateSpecification_Version (116.78s) --- PASS: TestAccAWSAutoScalingGroup_MixedInstancesPolicy_LaunchTemplate_Override_InstanceType (123.93s) --- PASS: TestAccAWSAutoScalingGroup_MixedInstancesPolicy_LaunchTemplate_Override_WeightedCapacity (168.12s) --- PASS: TestAccAWSAutoScalingGroup_namePrefix (78.08s) --- PASS: TestAccAWSAutoScalingGroup_serviceLinkedRoleARN (53.32s) --- PASS: TestAccAWSAutoScalingGroup_suspendingProcesses (242.59s) --- PASS: TestAccAWSAutoScalingGroup_tags (287.70s) --- PASS: TestAccAWSAutoScalingGroup_TargetGroupArns (316.34s) --- PASS: TestAccAWSAutoScalingGroup_terminationPolicies (154.29s) --- PASS: TestAccAWSAutoScalingGroup_VpcUpdates (175.10s) --- PASS: TestAccAWSAutoScalingGroup_WithLoadBalancer (423.35s) --- PASS: TestAccAWSAutoScalingGroup_WithLoadBalancer_ToTargetGroup (428.41s) --- PASS: TestAccAWSAutoScalingGroup_withMetrics (114.18s) --- PASS: TestAccAWSAutoScalingGroup_withPlacementGroup (175.16s) ``` --- aws/autoscaling_tags.go | 6 +++--- aws/resource_aws_autoscaling_group.go | 6 +++--- aws/resource_aws_autoscaling_group_test.go | 8 ++++---- website/docs/r/autoscaling_group.html.markdown | 4 ++-- 4 files changed, 12 insertions(+), 12 deletions(-) diff --git a/aws/autoscaling_tags.go b/aws/autoscaling_tags.go index 7df5a53fc99..91eecc5fbca 100644 --- a/aws/autoscaling_tags.go +++ b/aws/autoscaling_tags.go @@ -80,12 +80,12 @@ func setAutoscalingTags(conn *autoscaling.AutoScaling, d *schema.ResourceData) e removeTags = append(removeTags, r...) oraw, nraw = d.GetChange("tags") - old, err = autoscalingTagsFromList(oraw.([]interface{}), resourceID) + old, err = autoscalingTagsFromList(oraw.(*schema.Set).List(), resourceID) if err != nil { return err } - new, err = autoscalingTagsFromList(nraw.([]interface{}), resourceID) + new, err = autoscalingTagsFromList(nraw.(*schema.Set).List(), resourceID) if err != nil { return err } @@ -165,7 +165,7 @@ func autoscalingTagsFromList(vs []interface{}, resourceID string) ([]*autoscalin result := make([]*autoscaling.Tag, 0, len(vs)) for _, tag := range vs { attr, ok := tag.(map[string]interface{}) - if !ok { + if !ok || len(attr) == 0 { continue } diff --git a/aws/resource_aws_autoscaling_group.go b/aws/resource_aws_autoscaling_group.go index bdc93a4920d..6758d7a6c21 100644 --- a/aws/resource_aws_autoscaling_group.go +++ b/aws/resource_aws_autoscaling_group.go @@ -396,7 +396,7 @@ func resourceAwsAutoscalingGroup() *schema.Resource { "tag": autoscalingTagSchema(), "tags": { - Type: schema.TypeList, + Type: schema.TypeSet, Optional: true, Elem: &schema.Schema{ Type: schema.TypeMap, @@ -548,7 +548,7 @@ func resourceAwsAutoscalingGroupCreate(d *schema.ResourceData, meta interface{}) } if v, ok := d.GetOk("tags"); ok { - tags, err := autoscalingTagsFromList(v.([]interface{}), resourceID) + tags, err := autoscalingTagsFromList(v.(*schema.Set).List(), resourceID) if err != nil { return err } @@ -734,7 +734,7 @@ func resourceAwsAutoscalingGroupRead(d *schema.ResourceData, meta interface{}) e if v, tagsOk = d.GetOk("tags"); tagsOk { tags := map[string]struct{}{} - for _, tag := range v.([]interface{}) { + for _, tag := range v.(*schema.Set).List() { attr, ok := tag.(map[string]interface{}) if !ok { continue diff --git a/aws/resource_aws_autoscaling_group_test.go b/aws/resource_aws_autoscaling_group_test.go index b19d7e5c018..4c391520c5b 100644 --- a/aws/resource_aws_autoscaling_group_test.go +++ b/aws/resource_aws_autoscaling_group_test.go @@ -2276,13 +2276,13 @@ resource "aws_autoscaling_group" "bar" { propagate_at_launch = true }, { - key = "FromTags2" - value = "value2" + key = "FromTags3" + value = "value3" propagate_at_launch = true }, { - key = "FromTags3" - value = "value3" + key = "FromTags2" + value = "value2" propagate_at_launch = true }, ] diff --git a/website/docs/r/autoscaling_group.html.markdown b/website/docs/r/autoscaling_group.html.markdown index 2d4360c9ee2..93cc0805fb6 100644 --- a/website/docs/r/autoscaling_group.html.markdown +++ b/website/docs/r/autoscaling_group.html.markdown @@ -197,8 +197,8 @@ The following arguments are supported: * `termination_policies` (Optional) A list of policies to decide how the instances in the auto scale group should be terminated. The allowed values are `OldestInstance`, `NewestInstance`, `OldestLaunchConfiguration`, `ClosestToNextInstanceHour`, `OldestLaunchTemplate`, `AllocationStrategy`, `Default`. * `suspended_processes` - (Optional) A list of processes to suspend for the AutoScaling Group. The allowed values are `Launch`, `Terminate`, `HealthCheck`, `ReplaceUnhealthy`, `AZRebalance`, `AlarmNotification`, `ScheduledActions`, `AddToLoadBalancer`. Note that if you suspend either the `Launch` or `Terminate` process types, it can prevent your autoscaling group from functioning properly. -* `tag` (Optional) A list of tag blocks. Tags documented below. -* `tags` (Optional) A list of tag blocks (maps). Tags documented below. +* `tag` (Optional) Configuration block(s) containing resource tags. Conflicts with `tags`. Documented below. +* `tags` (Optional) Set of maps containing resource tags. Conflicts with `tag`. Documented below. * `placement_group` (Optional) The name of the placement group into which you'll launch your instances, if any. * `metrics_granularity` - (Optional) The granularity to associate with the metrics to collect. The only valid value is `1Minute`. Default is `1Minute`. * `enabled_metrics` - (Optional) A list of metrics to collect. The allowed values are `GroupDesiredCapacity`, `GroupInServiceCapacity`, `GroupPendingCapacity`, `GroupMinSize`, `GroupMaxSize`, `GroupInServiceInstances`, `GroupPendingInstances`, `GroupStandbyInstances`, `GroupStandbyCapacity`, `GroupTerminatingCapacity`, `GroupTerminatingInstances`, `GroupTotalCapacity`, `GroupTotalInstances`. From 0c03aca73be0a7209e39890e37082c551adbb031 Mon Sep 17 00:00:00 2001 From: Brian Flad Date: Wed, 27 May 2020 13:34:48 -0400 Subject: [PATCH 342/475] Update CHANGELOG for #13515 --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index ae8f36c61e4..309831f1e1e 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -8,6 +8,7 @@ BUG FIXES: * data-source/aws_elasticsearch_domain: `processing` is now correctly set [GH-13397] * resource/aws_acm_certificate: Update pending DNS validation record creation time from 1 minute to 5 minutes (better support for certificates with high amount of Subject Alternative Names) [GH-12371] +* resource/aws_autoscaling_group: Ignore ordering differences for `tags` argument (prevent unexpected differences from version 2.63.0) [GH-13515] * resource/aws_ecs_task_definition: Ensure `efs_volume_configuration` changes are properly detected [GH-12571] / [GH-12751] * resource/aws_lightsail_instance: `ram_size` now properly set [GH-13430] * resource/aws_ses_event_destination: Correctly refresh entire resource state (prevent unexpected differences from version 2.63.0 and properly perform drift detection) [GH-13464] From a9c937528d8952c88262b581f4bafbfd47e6de97 Mon Sep 17 00:00:00 2001 From: jdb1441 <43754140+jdb1441@users.noreply.github.com> Date: Wed, 27 May 2020 14:32:11 -0500 Subject: [PATCH 343/475] docs/resource/aws_ecs_service: Remove ARN mention from capacity_provider argument (#12060) Confirmed that the service does not recognize the capacity provider when the ecs service is pointed to the arn of the capacity provider. This returns the error message "No Container Instances were found in your capacity provider" and the Cloudwatch metric "CapacityProviderReservation" is not adjusted. Once the name is used for the capacity provider the service properly launches a task in the provisioning state, "CapacityProviderReservation" is incremented, and an instance is added to the ASG. --- website/docs/r/ecs_service.html.markdown | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/website/docs/r/ecs_service.html.markdown b/website/docs/r/ecs_service.html.markdown index 87b60ca8e01..f90f5313335 100644 --- a/website/docs/r/ecs_service.html.markdown +++ b/website/docs/r/ecs_service.html.markdown @@ -103,7 +103,7 @@ The following arguments are supported: The `capacity_provider_strategy` configuration block supports the following: -* `capacity_provider` - (Required) The short name or full Amazon Resource Name (ARN) of the capacity provider. +* `capacity_provider` - (Required) The short name of the capacity provider. * `weight` - (Required) The relative percentage of the total number of launched tasks that should use the specified capacity provider. * `base` - (Optional) The number of tasks, at a minimum, to run on the specified capacity provider. Only one capacity provider in a capacity provider strategy can have a base defined. From f64055c0b89ad1b4c422cf3345061ea397992133 Mon Sep 17 00:00:00 2001 From: appilon Date: Wed, 27 May 2020 15:56:28 -0400 Subject: [PATCH 344/475] service/apigateway: Fix schema set errors (#13403) * Fix schema set errors Removed undefined and unneeded `request_validator_id` from request validator import. Set `settings` properly and return error. The acceptance tests would have never caught this error since the fields are user configurable, the config would be the defacto state. * Mark fields as Optional + Computed * write flattener --- ...esource_aws_api_gateway_method_settings.go | 40 ++++++++++++++----- ...ource_aws_api_gateway_request_validator.go | 1 - 2 files changed, 30 insertions(+), 11 deletions(-) diff --git a/aws/resource_aws_api_gateway_method_settings.go b/aws/resource_aws_api_gateway_method_settings.go index eeba69d1b3e..e7312199215 100644 --- a/aws/resource_aws_api_gateway_method_settings.go +++ b/aws/resource_aws_api_gateway_method_settings.go @@ -42,42 +42,52 @@ func resourceAwsApiGatewayMethodSettings() *schema.Resource { "metrics_enabled": { Type: schema.TypeBool, Optional: true, + Computed: true, }, "logging_level": { Type: schema.TypeString, Optional: true, + Computed: true, }, "data_trace_enabled": { Type: schema.TypeBool, Optional: true, + Computed: true, }, "throttling_burst_limit": { Type: schema.TypeInt, Optional: true, + Computed: true, }, "throttling_rate_limit": { Type: schema.TypeFloat, Optional: true, + Computed: true, }, "caching_enabled": { Type: schema.TypeBool, Optional: true, + Computed: true, }, "cache_ttl_in_seconds": { Type: schema.TypeInt, Optional: true, + Computed: true, }, "cache_data_encrypted": { Type: schema.TypeBool, Optional: true, + Computed: true, }, "require_authorization_for_cache_control": { Type: schema.TypeBool, Optional: true, + Computed: true, }, "unauthorized_cache_control_header_strategy": { Type: schema.TypeString, Optional: true, + Computed: true, }, }, }, @@ -86,6 +96,23 @@ func resourceAwsApiGatewayMethodSettings() *schema.Resource { } } +func flattenAwsApiGatewayMethodSettings(settings *apigateway.MethodSetting) []interface{} { + return []interface{}{ + map[string]interface{}{ + "metrics_enabled": settings.MetricsEnabled, + "logging_level": settings.LoggingLevel, + "data_trace_enabled": settings.DataTraceEnabled, + "throttling_burst_limit": settings.ThrottlingBurstLimit, + "throttling_rate_limit": settings.ThrottlingRateLimit, + "caching_enabled": settings.CachingEnabled, + "cache_ttl_in_seconds": settings.CacheTtlInSeconds, + "cache_data_encrypted": settings.CacheDataEncrypted, + "require_authorization_for_cache_control": settings.RequireAuthorizationForCacheControl, + "unauthorized_cache_control_header_strategy": settings.UnauthorizedCacheControlHeaderStrategy, + }, + } +} + func resourceAwsApiGatewayMethodSettingsRead(d *schema.ResourceData, meta interface{}) error { conn := meta.(*AWSClient).apigatewayconn @@ -113,16 +140,9 @@ func resourceAwsApiGatewayMethodSettingsRead(d *schema.ResourceData, meta interf return nil } - d.Set("settings.0.metrics_enabled", settings.MetricsEnabled) - d.Set("settings.0.logging_level", settings.LoggingLevel) - d.Set("settings.0.data_trace_enabled", settings.DataTraceEnabled) - d.Set("settings.0.throttling_burst_limit", settings.ThrottlingBurstLimit) - d.Set("settings.0.throttling_rate_limit", settings.ThrottlingRateLimit) - d.Set("settings.0.caching_enabled", settings.CachingEnabled) - d.Set("settings.0.cache_ttl_in_seconds", settings.CacheTtlInSeconds) - d.Set("settings.0.cache_data_encrypted", settings.CacheDataEncrypted) - d.Set("settings.0.require_authorization_for_cache_control", settings.RequireAuthorizationForCacheControl) - d.Set("settings.0.unauthorized_cache_control_header_strategy", settings.UnauthorizedCacheControlHeaderStrategy) + if err := d.Set("settings", flattenAwsApiGatewayMethodSettings(settings)); err != nil { + return fmt.Errorf("error setting settings: %s", err) + } return nil } diff --git a/aws/resource_aws_api_gateway_request_validator.go b/aws/resource_aws_api_gateway_request_validator.go index 5a0b19f96ae..ab22c5ca25c 100644 --- a/aws/resource_aws_api_gateway_request_validator.go +++ b/aws/resource_aws_api_gateway_request_validator.go @@ -25,7 +25,6 @@ func resourceAwsApiGatewayRequestValidator() *schema.Resource { } restApiID := idParts[0] requestValidatorID := idParts[1] - d.Set("request_validator_id", requestValidatorID) d.Set("rest_api_id", restApiID) d.SetId(requestValidatorID) return []*schema.ResourceData{d}, nil From 0ff89ce0e33cce9e87707a5cc51874a9b7b4c89d Mon Sep 17 00:00:00 2001 From: appilon Date: Wed, 27 May 2020 15:57:34 -0400 Subject: [PATCH 345/475] Update CHANGELOG.md --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 309831f1e1e..649df0628ef 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -8,6 +8,7 @@ BUG FIXES: * data-source/aws_elasticsearch_domain: `processing` is now correctly set [GH-13397] * resource/aws_acm_certificate: Update pending DNS validation record creation time from 1 minute to 5 minutes (better support for certificates with high amount of Subject Alternative Names) [GH-12371] +* resource/aws_api_gateway_method_settings: `settings` now properly set [GH-13403] * resource/aws_autoscaling_group: Ignore ordering differences for `tags` argument (prevent unexpected differences from version 2.63.0) [GH-13515] * resource/aws_ecs_task_definition: Ensure `efs_volume_configuration` changes are properly detected [GH-12571] / [GH-12751] * resource/aws_lightsail_instance: `ram_size` now properly set [GH-13430] From c13025c74d71d5867de106fd1d87e837107f32f2 Mon Sep 17 00:00:00 2001 From: Simon Davis Date: Wed, 27 May 2020 11:40:30 -0700 Subject: [PATCH 346/475] add new section on service availablity precheck add fake implementation change title and add to table of contents add note explaining --- .../running-and-writing-acceptance-tests.md | 31 +++++++++++++++++++ 1 file changed, 31 insertions(+) diff --git a/docs/contributing/running-and-writing-acceptance-tests.md b/docs/contributing/running-and-writing-acceptance-tests.md index 25cde2dbaed..9ff7f1954c6 100644 --- a/docs/contributing/running-and-writing-acceptance-tests.md +++ b/docs/contributing/running-and-writing-acceptance-tests.md @@ -14,6 +14,7 @@ - [Randomized Naming](#randomized-naming) - [Other Recommended Variables](#other-recommended-variables) - [Basic Acceptance Tests](#basic-acceptance-tests) + - [Service Availability PreCheck](#service-availability-precheck) - [Disappears Acceptance Tests](#disappears-acceptance-tests) - [Per Attribute Acceptance Tests](#per-attribute-acceptance-tests) - [Cross-Account Acceptance Tests](#cross-account-acceptance-tests) @@ -496,6 +497,36 @@ resource "aws_example_thing" "test" { } ``` +#### Service Availability PreCheck + +When new AWS services are added to the provider, a simple read-only request (e.g. list all X service things) should be implemented in an acceptance test PreCheck function that helps the acceptance testing determine if the service exists for the particular environment it runs in. Note: This was not common practice in the past so many existing tests will not include this step. + +For example: + +```go +func TestAccAwsExampleThing_basic(t *testing.T) { + rName := acctest.RandomWithPrefix("tf-acc-test") + resourceName := "aws_example_thing.test" + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t), testAccPreCheckAwsExample(t) }, + // ... additional checks follow ... + }) +} + +func testAccPreCheckAwsExample(t *testing.T) { + conn := testAccProvider.Meta().(*AWSClient).exampleconn + input := &example.ListThingsInput{} + _, err := conn.ListThings(input) + if testAccPreCheckSkipError(err) { + t.Skipf("skipping acceptance testing: %s", err) + } + if err != nil { + t.Fatalf("unexpected PreCheck error: %s", err) + } +} +``` + #### Disappears Acceptance Tests This test is generally implemented second. It is straightforward to setup once the basic test is passing since it can reuse that test configuration. It prevents a common bug report with Terraform resources that error when they can not be found (e.g. deleted outside Terraform). From c4a0ccf2d5867793c049407f728a6e57135e9197 Mon Sep 17 00:00:00 2001 From: Angie Pinilla Date: Wed, 27 May 2020 17:22:28 -0400 Subject: [PATCH 347/475] add disappears conditions in Read methods of ses receipt rule resources --- ...esource_aws_ses_active_receipt_rule_set.go | 5 +++ ...ce_aws_ses_active_receipt_rule_set_test.go | 32 +++++++++++++++++++ aws/resource_aws_ses_receipt_rule.go | 11 ++++--- aws/resource_aws_ses_receipt_rule_set_test.go | 21 ++++++++++++ aws/resource_aws_ses_receipt_rule_test.go | 32 +++++++++++++++++++ 5 files changed, 96 insertions(+), 5 deletions(-) diff --git a/aws/resource_aws_ses_active_receipt_rule_set.go b/aws/resource_aws_ses_active_receipt_rule_set.go index a06faa8b988..e44b526469a 100644 --- a/aws/resource_aws_ses_active_receipt_rule_set.go +++ b/aws/resource_aws_ses_active_receipt_rule_set.go @@ -51,6 +51,11 @@ func resourceAwsSesActiveReceiptRuleSetRead(d *schema.ResourceData, meta interfa response, err := conn.DescribeActiveReceiptRuleSet(describeOpts) if err != nil { + if isAWSErr(err, ses.ErrCodeRuleSetDoesNotExistException, "") { + log.Printf("[WARN] SES Receipt Rule Set (%s) belonging to SES Active Receipt Rule Set not found, removing from state", d.Id()) + d.SetId("") + return nil + } return err } diff --git a/aws/resource_aws_ses_active_receipt_rule_set_test.go b/aws/resource_aws_ses_active_receipt_rule_set_test.go index 5beecdef39a..4285849c891 100644 --- a/aws/resource_aws_ses_active_receipt_rule_set_test.go +++ b/aws/resource_aws_ses_active_receipt_rule_set_test.go @@ -28,6 +28,38 @@ func TestAccAWSSESActiveReceiptRuleSet_basic(t *testing.T) { }) } +func TestAccAWSSESActiveReceiptRuleSet_disappears(t *testing.T) { + resourceName := "aws_ses_active_receipt_rule_set.test" + receiptRuleSetResourceName := "aws_ses_receipt_rule_set.test" + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { + testAccPreCheck(t) + testAccPreCheckAWSSES(t) + }, + Providers: testAccProviders, + CheckDestroy: testAccCheckSESActiveReceiptRuleSetDestroy, + Steps: []resource.TestStep{ + { + Config: testAccAWSSESActiveReceiptRuleSetConfig, + Check: resource.ComposeTestCheckFunc( + testAccCheckAwsSESActiveReceiptRuleSetExists(resourceName), + testAccCheckResourceDisappears(testAccProvider, resourceAwsSesReceiptRuleSet(), receiptRuleSetResourceName), + ), + ExpectNonEmptyPlan: true, + }, + { + Config: testAccAWSSESActiveReceiptRuleSetConfig, + Check: resource.ComposeTestCheckFunc( + testAccCheckAwsSESActiveReceiptRuleSetExists(resourceName), + testAccCheckResourceDisappears(testAccProvider, resourceAwsSesActiveReceiptRuleSet(), resourceName), + ), + ExpectNonEmptyPlan: true, + }, + }, + }) +} + func testAccCheckSESActiveReceiptRuleSetDestroy(s *terraform.State) error { conn := testAccProvider.Meta().(*AWSClient).sesconn diff --git a/aws/resource_aws_ses_receipt_rule.go b/aws/resource_aws_ses_receipt_rule.go index 4afcda29691..1e7b98d9d24 100644 --- a/aws/resource_aws_ses_receipt_rule.go +++ b/aws/resource_aws_ses_receipt_rule.go @@ -8,7 +8,6 @@ import ( "strings" "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/aws/awserr" "github.com/aws/aws-sdk-go/service/ses" "github.com/hashicorp/terraform-plugin-sdk/helper/hashcode" "github.com/hashicorp/terraform-plugin-sdk/helper/schema" @@ -437,14 +436,16 @@ func resourceAwsSesReceiptRuleRead(d *schema.ResourceData, meta interface{}) err response, err := conn.DescribeReceiptRule(describeOpts) if err != nil { - _, ok := err.(awserr.Error) - if ok && err.(awserr.Error).Code() == "RuleDoesNotExist" { + if isAWSErr(err, ses.ErrCodeRuleDoesNotExistException, "") { log.Printf("[WARN] SES Receipt Rule (%s) not found", d.Id()) d.SetId("") return nil - } else { - return err + } else if isAWSErr(err, ses.ErrCodeRuleSetDoesNotExistException, "") { + log.Printf("[WARN] SES Receipt Rule Set (%s) belonging to SES Receipt Rule (%s) not found, removing from state", aws.StringValue(describeOpts.RuleSetName), d.Id()) + d.SetId("") + return nil } + return err } d.Set("enabled", response.Rule.Enabled) diff --git a/aws/resource_aws_ses_receipt_rule_set_test.go b/aws/resource_aws_ses_receipt_rule_set_test.go index d6f7b662da5..1f945ecbf97 100644 --- a/aws/resource_aws_ses_receipt_rule_set_test.go +++ b/aws/resource_aws_ses_receipt_rule_set_test.go @@ -105,6 +105,27 @@ func TestAccAWSSESReceiptRuleSet_basic(t *testing.T) { }) } +func TestAccAWSSESReceiptRuleSet_disappears(t *testing.T) { + resourceName := "aws_ses_receipt_rule_set.test" + rName := acctest.RandomWithPrefix("tf-acc-test") + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSSES(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckSESReceiptRuleSetDestroy, + Steps: []resource.TestStep{ + { + Config: testAccAWSSESReceiptRuleSetConfig(rName), + Check: resource.ComposeTestCheckFunc( + testAccCheckAwsSESReceiptRuleSetExists(resourceName), + testAccCheckResourceDisappears(testAccProvider, resourceAwsSesReceiptRuleSet(), resourceName), + ), + ExpectNonEmptyPlan: true, + }, + }, + }) +} + func testAccCheckSESReceiptRuleSetDestroy(s *terraform.State) error { conn := testAccProvider.Meta().(*AWSClient).sesconn diff --git a/aws/resource_aws_ses_receipt_rule_test.go b/aws/resource_aws_ses_receipt_rule_test.go index 283b635b167..a85d2c2efd8 100644 --- a/aws/resource_aws_ses_receipt_rule_test.go +++ b/aws/resource_aws_ses_receipt_rule_test.go @@ -113,6 +113,38 @@ func TestAccAWSSESReceiptRule_actions(t *testing.T) { }) } +func TestAccAWSSESReceiptRule_disappears(t *testing.T) { + rInt := acctest.RandInt() + resourceName := "aws_ses_receipt_rule.basic" + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { + testAccPreCheck(t) + testAccPreCheckAWSSES(t) + }, + Providers: testAccProviders, + CheckDestroy: testAccCheckSESReceiptRuleDestroy, + Steps: []resource.TestStep{ + { + Config: testAccAWSSESReceiptRuleBasicConfig(rInt), + Check: resource.ComposeTestCheckFunc( + testAccCheckAwsSESReceiptRuleExists(resourceName), + testAccCheckResourceDisappears(testAccProvider, resourceAwsSesReceiptRuleSet(), resourceName), + ), + ExpectNonEmptyPlan: true, + }, + { + Config: testAccAWSSESReceiptRuleBasicConfig(rInt), + Check: resource.ComposeTestCheckFunc( + testAccCheckAwsSESReceiptRuleExists(resourceName), + testAccCheckResourceDisappears(testAccProvider, resourceAwsSesReceiptRule(), resourceName), + ), + ExpectNonEmptyPlan: true, + }, + }, + }) +} + func testAccCheckSESReceiptRuleDestroy(s *terraform.State) error { conn := testAccProvider.Meta().(*AWSClient).sesconn From d6f33d50b6c5baefc1b46f4469ae4a33734d1953 Mon Sep 17 00:00:00 2001 From: Angie Pinilla Date: Wed, 27 May 2020 17:25:01 -0400 Subject: [PATCH 348/475] refine if-condition --- aws/resource_aws_ses_receipt_rule.go | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/aws/resource_aws_ses_receipt_rule.go b/aws/resource_aws_ses_receipt_rule.go index 1e7b98d9d24..e0a96775320 100644 --- a/aws/resource_aws_ses_receipt_rule.go +++ b/aws/resource_aws_ses_receipt_rule.go @@ -440,7 +440,8 @@ func resourceAwsSesReceiptRuleRead(d *schema.ResourceData, meta interface{}) err log.Printf("[WARN] SES Receipt Rule (%s) not found", d.Id()) d.SetId("") return nil - } else if isAWSErr(err, ses.ErrCodeRuleSetDoesNotExistException, "") { + } + if isAWSErr(err, ses.ErrCodeRuleSetDoesNotExistException, "") { log.Printf("[WARN] SES Receipt Rule Set (%s) belonging to SES Receipt Rule (%s) not found, removing from state", aws.StringValue(describeOpts.RuleSetName), d.Id()) d.SetId("") return nil From 24735ae504920fabf232916e8055f843780e5090 Mon Sep 17 00:00:00 2001 From: Angie Pinilla Date: Wed, 27 May 2020 17:49:52 -0400 Subject: [PATCH 349/475] update test random naming and disappears step --- ...ce_aws_ses_active_receipt_rule_set_test.go | 27 +++++++++---------- aws/resource_aws_ses_receipt_rule_test.go | 3 ++- 2 files changed, 14 insertions(+), 16 deletions(-) diff --git a/aws/resource_aws_ses_active_receipt_rule_set_test.go b/aws/resource_aws_ses_active_receipt_rule_set_test.go index 4285849c891..f3543a06640 100644 --- a/aws/resource_aws_ses_active_receipt_rule_set_test.go +++ b/aws/resource_aws_ses_active_receipt_rule_set_test.go @@ -2,6 +2,7 @@ package aws import ( "fmt" + "github.com/hashicorp/terraform-plugin-sdk/helper/acctest" "testing" "github.com/aws/aws-sdk-go/service/ses" @@ -10,6 +11,8 @@ import ( ) func TestAccAWSSESActiveReceiptRuleSet_basic(t *testing.T) { + rName := acctest.RandomWithPrefix("tf-acc-test") + resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) @@ -19,7 +22,7 @@ func TestAccAWSSESActiveReceiptRuleSet_basic(t *testing.T) { CheckDestroy: testAccCheckSESActiveReceiptRuleSetDestroy, Steps: []resource.TestStep{ { - Config: testAccAWSSESActiveReceiptRuleSetConfig, + Config: testAccAWSSESActiveReceiptRuleSetConfig(rName), Check: resource.ComposeTestCheckFunc( testAccCheckAwsSESActiveReceiptRuleSetExists("aws_ses_active_receipt_rule_set.test"), ), @@ -29,8 +32,8 @@ func TestAccAWSSESActiveReceiptRuleSet_basic(t *testing.T) { } func TestAccAWSSESActiveReceiptRuleSet_disappears(t *testing.T) { + rName := acctest.RandomWithPrefix("tf-acc-test") resourceName := "aws_ses_active_receipt_rule_set.test" - receiptRuleSetResourceName := "aws_ses_receipt_rule_set.test" resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { @@ -41,15 +44,7 @@ func TestAccAWSSESActiveReceiptRuleSet_disappears(t *testing.T) { CheckDestroy: testAccCheckSESActiveReceiptRuleSetDestroy, Steps: []resource.TestStep{ { - Config: testAccAWSSESActiveReceiptRuleSetConfig, - Check: resource.ComposeTestCheckFunc( - testAccCheckAwsSESActiveReceiptRuleSetExists(resourceName), - testAccCheckResourceDisappears(testAccProvider, resourceAwsSesReceiptRuleSet(), receiptRuleSetResourceName), - ), - ExpectNonEmptyPlan: true, - }, - { - Config: testAccAWSSESActiveReceiptRuleSetConfig, + Config: testAccAWSSESActiveReceiptRuleSetConfig(rName), Check: resource.ComposeTestCheckFunc( testAccCheckAwsSESActiveReceiptRuleSetExists(resourceName), testAccCheckResourceDisappears(testAccProvider, resourceAwsSesActiveReceiptRuleSet(), resourceName), @@ -109,12 +104,14 @@ func testAccCheckAwsSESActiveReceiptRuleSetExists(n string) resource.TestCheckFu } } -const testAccAWSSESActiveReceiptRuleSetConfig = ` +func testAccAWSSESActiveReceiptRuleSetConfig(name string) string { + return fmt.Sprintf(` resource "aws_ses_receipt_rule_set" "test" { - rule_set_name = "test-receipt-rule" + rule_set_name = "%s" } resource "aws_ses_active_receipt_rule_set" "test" { - rule_set_name = "${aws_ses_receipt_rule_set.test.rule_set_name}" + rule_set_name = "${aws_ses_receipt_rule_set.test.rule_set_name}" } -` +`, name) +} \ No newline at end of file diff --git a/aws/resource_aws_ses_receipt_rule_test.go b/aws/resource_aws_ses_receipt_rule_test.go index a85d2c2efd8..3458aaca824 100644 --- a/aws/resource_aws_ses_receipt_rule_test.go +++ b/aws/resource_aws_ses_receipt_rule_test.go @@ -116,6 +116,7 @@ func TestAccAWSSESReceiptRule_actions(t *testing.T) { func TestAccAWSSESReceiptRule_disappears(t *testing.T) { rInt := acctest.RandInt() resourceName := "aws_ses_receipt_rule.basic" + ruleSetResourceName := "aws_ses_receipt_rule_set.test" resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { @@ -129,7 +130,7 @@ func TestAccAWSSESReceiptRule_disappears(t *testing.T) { Config: testAccAWSSESReceiptRuleBasicConfig(rInt), Check: resource.ComposeTestCheckFunc( testAccCheckAwsSESReceiptRuleExists(resourceName), - testAccCheckResourceDisappears(testAccProvider, resourceAwsSesReceiptRuleSet(), resourceName), + testAccCheckResourceDisappears(testAccProvider, resourceAwsSesReceiptRuleSet(), ruleSetResourceName), ), ExpectNonEmptyPlan: true, }, From d0e6b2d68cd55170fdf898bb37f761d4b46963cd Mon Sep 17 00:00:00 2001 From: Angie Pinilla Date: Wed, 27 May 2020 17:53:46 -0400 Subject: [PATCH 350/475] run go fmt --- aws/resource_aws_ses_active_receipt_rule_set_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/aws/resource_aws_ses_active_receipt_rule_set_test.go b/aws/resource_aws_ses_active_receipt_rule_set_test.go index f3543a06640..7cbc03bf0e5 100644 --- a/aws/resource_aws_ses_active_receipt_rule_set_test.go +++ b/aws/resource_aws_ses_active_receipt_rule_set_test.go @@ -114,4 +114,4 @@ resource "aws_ses_active_receipt_rule_set" "test" { rule_set_name = "${aws_ses_receipt_rule_set.test.rule_set_name}" } `, name) -} \ No newline at end of file +} From 7d4f07314c6834403d37a6cb2aeb124db435c23f Mon Sep 17 00:00:00 2001 From: Angie Pinilla Date: Wed, 27 May 2020 18:25:23 -0400 Subject: [PATCH 351/475] update destroy/exists methods with id search --- aws/resource_aws_ses_active_receipt_rule_set_test.go | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/aws/resource_aws_ses_active_receipt_rule_set_test.go b/aws/resource_aws_ses_active_receipt_rule_set_test.go index 7cbc03bf0e5..442a0dea8ba 100644 --- a/aws/resource_aws_ses_active_receipt_rule_set_test.go +++ b/aws/resource_aws_ses_active_receipt_rule_set_test.go @@ -2,6 +2,7 @@ package aws import ( "fmt" + "github.com/aws/aws-sdk-go/aws" "github.com/hashicorp/terraform-plugin-sdk/helper/acctest" "testing" @@ -68,7 +69,7 @@ func testAccCheckSESActiveReceiptRuleSetDestroy(s *terraform.State) error { return err } - if response.Metadata != nil && *response.Metadata.Name == "test-receipt-rule" { + if response.Metadata != nil && (aws.StringValue(response.Metadata.Name) == rs.Primary.ID) { return fmt.Errorf("Active receipt rule set still exists") } @@ -96,8 +97,8 @@ func testAccCheckAwsSESActiveReceiptRuleSetExists(n string) resource.TestCheckFu return err } - if *response.Metadata.Name != "test-receipt-rule" { - return fmt.Errorf("The active receipt rule set (%s) was not set to test-receipt-rule", *response.Metadata.Name) + if response.Metadata != nil && (aws.StringValue(response.Metadata.Name) != rs.Primary.ID) { + return fmt.Errorf("The active receipt rule set (%s) was not set to test-receipt-rule", aws.StringValue(response.Metadata.Name)) } return nil From b3c20fbb0c6be9c4596bb8733d4c20e6894a2cb5 Mon Sep 17 00:00:00 2001 From: Angie Pinilla Date: Wed, 27 May 2020 18:28:07 -0400 Subject: [PATCH 352/475] fix error formatting --- aws/resource_aws_ses_active_receipt_rule_set_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/aws/resource_aws_ses_active_receipt_rule_set_test.go b/aws/resource_aws_ses_active_receipt_rule_set_test.go index 442a0dea8ba..498789225c6 100644 --- a/aws/resource_aws_ses_active_receipt_rule_set_test.go +++ b/aws/resource_aws_ses_active_receipt_rule_set_test.go @@ -98,7 +98,7 @@ func testAccCheckAwsSESActiveReceiptRuleSetExists(n string) resource.TestCheckFu } if response.Metadata != nil && (aws.StringValue(response.Metadata.Name) != rs.Primary.ID) { - return fmt.Errorf("The active receipt rule set (%s) was not set to test-receipt-rule", aws.StringValue(response.Metadata.Name)) + return fmt.Errorf("The active receipt rule set (%s) was not set to %s", aws.StringValue(response.Metadata.Name), rs.Primary.ID) } return nil From 8c00cd4017f2105ae48825c181ad9045f5059939 Mon Sep 17 00:00:00 2001 From: Angie Pinilla Date: Wed, 27 May 2020 18:36:54 -0400 Subject: [PATCH 353/475] save name in resourcename var --- aws/resource_aws_ses_active_receipt_rule_set_test.go | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/aws/resource_aws_ses_active_receipt_rule_set_test.go b/aws/resource_aws_ses_active_receipt_rule_set_test.go index 498789225c6..370478dd89a 100644 --- a/aws/resource_aws_ses_active_receipt_rule_set_test.go +++ b/aws/resource_aws_ses_active_receipt_rule_set_test.go @@ -13,6 +13,7 @@ import ( func TestAccAWSSESActiveReceiptRuleSet_basic(t *testing.T) { rName := acctest.RandomWithPrefix("tf-acc-test") + resourceName := "aws_ses_active_receipt_rule_set.test" resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { @@ -25,7 +26,7 @@ func TestAccAWSSESActiveReceiptRuleSet_basic(t *testing.T) { { Config: testAccAWSSESActiveReceiptRuleSetConfig(rName), Check: resource.ComposeTestCheckFunc( - testAccCheckAwsSESActiveReceiptRuleSetExists("aws_ses_active_receipt_rule_set.test"), + testAccCheckAwsSESActiveReceiptRuleSetExists(resourceName), ), }, }, From 39158b41236d440ac4a5a9e8d4d7505ec8bb3d4e Mon Sep 17 00:00:00 2001 From: appilon Date: Wed, 27 May 2020 20:06:58 -0400 Subject: [PATCH 354/475] service/sns: Fix schema error (#13437) * Fix schema error * Fix typo * Switch to updating/reading each attribute --- aws/resource_aws_sns_topic.go | 302 +++++++++++++++++++++++++++++----- 1 file changed, 259 insertions(+), 43 deletions(-) diff --git a/aws/resource_aws_sns_topic.go b/aws/resource_aws_sns_topic.go index 0a9f320b380..b250e593a33 100644 --- a/aws/resource_aws_sns_topic.go +++ b/aws/resource_aws_sns_topic.go @@ -3,6 +3,7 @@ package aws import ( "fmt" "log" + "strconv" "strings" "github.com/aws/aws-sdk-go/aws" @@ -14,27 +15,6 @@ import ( "github.com/terraform-providers/terraform-provider-aws/aws/internal/keyvaluetags" ) -// Mutable attributes -var SNSAttributeMap = map[string]string{ - "application_failure_feedback_role_arn": "ApplicationFailureFeedbackRoleArn", - "application_success_feedback_role_arn": "ApplicationSuccessFeedbackRoleArn", - "application_success_feedback_sample_rate": "ApplicationSuccessFeedbackSampleRate", - "arn": "TopicArn", - "delivery_policy": "DeliveryPolicy", - "display_name": "DisplayName", - "http_failure_feedback_role_arn": "HTTPFailureFeedbackRoleArn", - "http_success_feedback_role_arn": "HTTPSuccessFeedbackRoleArn", - "http_success_feedback_sample_rate": "HTTPSuccessFeedbackSampleRate", - "kms_master_key_id": "KmsMasterKeyId", - "lambda_failure_feedback_role_arn": "LambdaFailureFeedbackRoleArn", - "lambda_success_feedback_role_arn": "LambdaSuccessFeedbackRoleArn", - "lambda_success_feedback_sample_rate": "LambdaSuccessFeedbackSampleRate", - "policy": "Policy", - "sqs_failure_feedback_role_arn": "SQSFailureFeedbackRoleArn", - "sqs_success_feedback_role_arn": "SQSSuccessFeedbackRoleArn", - "sqs_success_feedback_sample_rate": "SQSSuccessFeedbackSampleRate", -} - func resourceAwsSnsTopic() *schema.Resource { return &schema.Resource{ Create: resourceAwsSnsTopicCreate, @@ -176,13 +156,107 @@ func resourceAwsSnsTopicCreate(d *schema.ResourceData, meta interface{}) error { d.SetId(*output.TopicArn) - for terraformAttrName, snsAttrName := range SNSAttributeMap { - if d.HasChange(terraformAttrName) { - _, terraformAttrValue := d.GetChange(terraformAttrName) - err := updateAwsSnsTopicAttribute(d.Id(), snsAttrName, terraformAttrValue, snsconn) - if err != nil { - return err - } + // update mutable attributes + if d.HasChange("application_failure_feedback_role_arn") { + _, v := d.GetChange("application_failure_feedback_role_arn") + if err := updateAwsSnsTopicAttribute(d.Id(), "ApplicationFailureFeedbackRoleArn", v, snsconn); err != nil { + return err + } + } + if d.HasChange("application_success_feedback_role_arn") { + _, v := d.GetChange("application_success_feedback_role_arn") + if err := updateAwsSnsTopicAttribute(d.Id(), "ApplicationSuccessFeedbackRoleArn", v, snsconn); err != nil { + return err + } + } + if d.HasChange("arn") { + _, v := d.GetChange("arn") + if err := updateAwsSnsTopicAttribute(d.Id(), "TopicArn", v, snsconn); err != nil { + return err + } + } + if d.HasChange("delivery_policy") { + _, v := d.GetChange("delivery_policy") + if err := updateAwsSnsTopicAttribute(d.Id(), "DeliveryPolicy", v, snsconn); err != nil { + return err + } + } + if d.HasChange("display_name") { + _, v := d.GetChange("display_name") + if err := updateAwsSnsTopicAttribute(d.Id(), "DisplayName", v, snsconn); err != nil { + return err + } + } + if d.HasChange("http_failure_feedback_role_arn") { + _, v := d.GetChange("http_failure_feedback_role_arn") + if err := updateAwsSnsTopicAttribute(d.Id(), "HTTPFailureFeedbackRoleArn", v, snsconn); err != nil { + return err + } + } + if d.HasChange("http_success_feedback_role_arn") { + _, v := d.GetChange("http_success_feedback_role_arn") + if err := updateAwsSnsTopicAttribute(d.Id(), "HTTPSuccessFeedbackRoleArn", v, snsconn); err != nil { + return err + } + } + if d.HasChange("kms_master_key_id") { + _, v := d.GetChange("kms_master_key_id") + if err := updateAwsSnsTopicAttribute(d.Id(), "KmsMasterKeyId", v, snsconn); err != nil { + return err + } + } + if d.HasChange("lambda_failure_feedback_role_arn") { + _, v := d.GetChange("lambda_failure_feedback_role_arn") + if err := updateAwsSnsTopicAttribute(d.Id(), "LambdaFailureFeedbackRoleArn", v, snsconn); err != nil { + return err + } + } + if d.HasChange("lambda_success_feedback_role_arn") { + _, v := d.GetChange("lambda_success_feedback_role_arn") + if err := updateAwsSnsTopicAttribute(d.Id(), "LambdaSuccessFeedbackRoleArn", v, snsconn); err != nil { + return err + } + } + if d.HasChange("policy") { + _, v := d.GetChange("policy") + if err := updateAwsSnsTopicAttribute(d.Id(), "Policy", v, snsconn); err != nil { + return err + } + } + if d.HasChange("sqs_failure_feedback_role_arn") { + _, v := d.GetChange("sqs_failure_feedback_role_arn") + if err := updateAwsSnsTopicAttribute(d.Id(), "SQSFailureFeedbackRoleArn", v, snsconn); err != nil { + return err + } + } + if d.HasChange("sqs_success_feedback_role_arn") { + _, v := d.GetChange("sqs_success_feedback_role_arn") + if err := updateAwsSnsTopicAttribute(d.Id(), "SQSSuccessFeedbackRoleArn", v, snsconn); err != nil { + return err + } + } + if d.HasChange("application_success_feedback_sample_rate") { + _, v := d.GetChange("application_success_feedback_sample_rate") + if err := updateAwsSnsTopicAttribute(d.Id(), "ApplicationSuccessFeedbackSampleRate", v, snsconn); err != nil { + return err + } + } + if d.HasChange("http_success_feedback_sample_rate") { + _, v := d.GetChange("http_success_feedback_sample_rate") + if err := updateAwsSnsTopicAttribute(d.Id(), "HTTPSuccessFeedbackSampleRate", v, snsconn); err != nil { + return err + } + } + if d.HasChange("lambda_success_feedback_sample_rate") { + _, v := d.GetChange("lambda_success_feedback_sample_rate") + if err := updateAwsSnsTopicAttribute(d.Id(), "LambdaSuccessFeedbackSampleRate", v, snsconn); err != nil { + return err + } + } + if d.HasChange("sqs_success_feedback_sample_rate") { + _, v := d.GetChange("sqs_success_feedback_sample_rate") + if err := updateAwsSnsTopicAttribute(d.Id(), "SQSSuccessFeedbackSampleRate", v, snsconn); err != nil { + return err } } @@ -190,21 +264,115 @@ func resourceAwsSnsTopicCreate(d *schema.ResourceData, meta interface{}) error { } func resourceAwsSnsTopicUpdate(d *schema.ResourceData, meta interface{}) error { - conn := meta.(*AWSClient).snsconn + snsconn := meta.(*AWSClient).snsconn - for terraformAttrName, snsAttrName := range SNSAttributeMap { - if d.HasChange(terraformAttrName) { - _, terraformAttrValue := d.GetChange(terraformAttrName) - err := updateAwsSnsTopicAttribute(d.Id(), snsAttrName, terraformAttrValue, conn) - if err != nil { - return err - } + // update mutable attributes + if d.HasChange("application_failure_feedback_role_arn") { + _, v := d.GetChange("application_failure_feedback_role_arn") + if err := updateAwsSnsTopicAttribute(d.Id(), "ApplicationFailureFeedbackRoleArn", v, snsconn); err != nil { + return err + } + } + if d.HasChange("application_success_feedback_role_arn") { + _, v := d.GetChange("application_success_feedback_role_arn") + if err := updateAwsSnsTopicAttribute(d.Id(), "ApplicationSuccessFeedbackRoleArn", v, snsconn); err != nil { + return err + } + } + if d.HasChange("arn") { + _, v := d.GetChange("arn") + if err := updateAwsSnsTopicAttribute(d.Id(), "TopicArn", v, snsconn); err != nil { + return err + } + } + if d.HasChange("delivery_policy") { + _, v := d.GetChange("delivery_policy") + if err := updateAwsSnsTopicAttribute(d.Id(), "DeliveryPolicy", v, snsconn); err != nil { + return err + } + } + if d.HasChange("display_name") { + _, v := d.GetChange("display_name") + if err := updateAwsSnsTopicAttribute(d.Id(), "DisplayName", v, snsconn); err != nil { + return err + } + } + if d.HasChange("http_failure_feedback_role_arn") { + _, v := d.GetChange("http_failure_feedback_role_arn") + if err := updateAwsSnsTopicAttribute(d.Id(), "HTTPFailureFeedbackRoleArn", v, snsconn); err != nil { + return err + } + } + if d.HasChange("http_success_feedback_role_arn") { + _, v := d.GetChange("http_success_feedback_role_arn") + if err := updateAwsSnsTopicAttribute(d.Id(), "HTTPSuccessFeedbackRoleArn", v, snsconn); err != nil { + return err + } + } + if d.HasChange("kms_master_key_id") { + _, v := d.GetChange("kms_master_key_id") + if err := updateAwsSnsTopicAttribute(d.Id(), "KmsMasterKeyId", v, snsconn); err != nil { + return err + } + } + if d.HasChange("lambda_failure_feedback_role_arn") { + _, v := d.GetChange("lambda_failure_feedback_role_arn") + if err := updateAwsSnsTopicAttribute(d.Id(), "LambdaFailureFeedbackRoleArn", v, snsconn); err != nil { + return err + } + } + if d.HasChange("lambda_success_feedback_role_arn") { + _, v := d.GetChange("lambda_success_feedback_role_arn") + if err := updateAwsSnsTopicAttribute(d.Id(), "LambdaSuccessFeedbackRoleArn", v, snsconn); err != nil { + return err + } + } + if d.HasChange("policy") { + _, v := d.GetChange("policy") + if err := updateAwsSnsTopicAttribute(d.Id(), "Policy", v, snsconn); err != nil { + return err + } + } + if d.HasChange("sqs_failure_feedback_role_arn") { + _, v := d.GetChange("sqs_failure_feedback_role_arn") + if err := updateAwsSnsTopicAttribute(d.Id(), "SQSFailureFeedbackRoleArn", v, snsconn); err != nil { + return err + } + } + if d.HasChange("sqs_success_feedback_role_arn") { + _, v := d.GetChange("sqs_success_feedback_role_arn") + if err := updateAwsSnsTopicAttribute(d.Id(), "SQSSuccessFeedbackRoleArn", v, snsconn); err != nil { + return err + } + } + if d.HasChange("application_success_feedback_sample_rate") { + _, v := d.GetChange("application_success_feedback_sample_rate") + if err := updateAwsSnsTopicAttribute(d.Id(), "ApplicationSuccessFeedbackSampleRate", v, snsconn); err != nil { + return err + } + } + if d.HasChange("http_success_feedback_sample_rate") { + _, v := d.GetChange("http_success_feedback_sample_rate") + if err := updateAwsSnsTopicAttribute(d.Id(), "HTTPSuccessFeedbackSampleRate", v, snsconn); err != nil { + return err + } + } + if d.HasChange("lambda_success_feedback_sample_rate") { + _, v := d.GetChange("lambda_success_feedback_sample_rate") + if err := updateAwsSnsTopicAttribute(d.Id(), "LambdaSuccessFeedbackSampleRate", v, snsconn); err != nil { + return err + } + } + if d.HasChange("sqs_success_feedback_sample_rate") { + _, v := d.GetChange("sqs_success_feedback_sample_rate") + if err := updateAwsSnsTopicAttribute(d.Id(), "SQSSuccessFeedbackSampleRate", v, snsconn); err != nil { + return err } } if d.HasChange("tags") { o, n := d.GetChange("tags") - if err := keyvaluetags.SnsUpdateTags(conn, d.Id(), o, n); err != nil { + if err := keyvaluetags.SnsUpdateTags(snsconn, d.Id(), o, n); err != nil { return fmt.Errorf("error updating tags: %s", err) } } @@ -230,14 +398,62 @@ func resourceAwsSnsTopicRead(d *schema.ResourceData, meta interface{}) error { return err } + // set the mutable attributes if attributeOutput.Attributes != nil && len(attributeOutput.Attributes) > 0 { - attrmap := attributeOutput.Attributes - for terraformAttrName, snsAttrName := range SNSAttributeMap { - d.Set(terraformAttrName, attrmap[snsAttrName]) + // set the string values + d.Set("application_failure_feedback_role_arn", aws.StringValue(attributeOutput.Attributes["ApplicationFailureFeedbackRoleArn"])) + d.Set("application_success_feedback_role_arn", aws.StringValue(attributeOutput.Attributes["ApplicationSuccessFeedbackRoleArn"])) + d.Set("arn", aws.StringValue(attributeOutput.Attributes["TopicArn"])) + d.Set("delivery_policy", aws.StringValue(attributeOutput.Attributes["DeliveryPolicy"])) + d.Set("display_name", aws.StringValue(attributeOutput.Attributes["DisplayName"])) + d.Set("http_failure_feedback_role_arn", aws.StringValue(attributeOutput.Attributes["HTTPFailureFeedbackRoleArn"])) + d.Set("http_success_feedback_role_arn", aws.StringValue(attributeOutput.Attributes["HTTPSuccessFeedbackRoleArn"])) + d.Set("kms_master_key_id", aws.StringValue(attributeOutput.Attributes["KmsMasterKeyId"])) + d.Set("lambda_failure_feedback_role_arn", aws.StringValue(attributeOutput.Attributes["LambdaFailureFeedbackRoleArn"])) + d.Set("lambda_success_feedback_role_arn", aws.StringValue(attributeOutput.Attributes["LambdaSuccessFeedbackRoleArn"])) + d.Set("policy", aws.StringValue(attributeOutput.Attributes["Policy"])) + d.Set("sqs_failure_feedback_role_arn", aws.StringValue(attributeOutput.Attributes["SQSFailureFeedbackRoleArn"])) + d.Set("sqs_success_feedback_role_arn", aws.StringValue(attributeOutput.Attributes["SQSSuccessFeedbackRoleArn"])) + + // set the number values + var vStr string + var v int64 + var err error + + vStr = aws.StringValue(attributeOutput.Attributes["ApplicationSuccessFeedbackSampleRate"]) + if vStr != "" { + v, err = strconv.ParseInt(vStr, 10, 64) + if err != nil { + return fmt.Errorf("error parsing integer attribute 'ApplicationSuccessFeedbackSampleRate': %s", err) + } + d.Set("application_success_feedback_sample_rate", v) } - } else { - for terraformAttrName := range SNSAttributeMap { - d.Set(terraformAttrName, "") + + vStr = aws.StringValue(attributeOutput.Attributes["HTTPSuccessFeedbackSampleRate"]) + if vStr != "" { + v, err = strconv.ParseInt(vStr, 10, 64) + if err != nil { + return fmt.Errorf("error parsing integer attribute 'HTTPSuccessFeedbackSampleRate': %s", err) + } + d.Set("http_success_feedback_sample_rate", v) + } + + vStr = aws.StringValue(attributeOutput.Attributes["LambdaSuccessFeedbackSampleRate"]) + if vStr != "" { + v, err = strconv.ParseInt(vStr, 10, 64) + if err != nil { + return fmt.Errorf("error parsing integer attribute 'LambdaSuccessFeedbackSampleRate': %s", err) + } + d.Set("lambda_success_feedback_sample_rate", v) + } + + vStr = aws.StringValue(attributeOutput.Attributes["SQSSuccessFeedbackSampleRate"]) + if vStr != "" { + v, err = strconv.ParseInt(vStr, 10, 64) + if err != nil { + return fmt.Errorf("error parsing integer attribute 'SQSSuccessFeedbackSampleRate': %s", err) + } + d.Set("sqs_success_feedback_sample_rate", v) } } From 5676e8c9418c4ea2f106ee98660bb597877b5f99 Mon Sep 17 00:00:00 2001 From: appilon Date: Wed, 27 May 2020 20:08:09 -0400 Subject: [PATCH 355/475] Update CHANGELOG.md --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 649df0628ef..1651d2a2e01 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -13,6 +13,7 @@ BUG FIXES: * resource/aws_ecs_task_definition: Ensure `efs_volume_configuration` changes are properly detected [GH-12571] / [GH-12751] * resource/aws_lightsail_instance: `ram_size` now properly set [GH-13430] * resource/aws_ses_event_destination: Correctly refresh entire resource state (prevent unexpected differences from version 2.63.0 and properly perform drift detection) [GH-13464] +* resource/aws_sns_topic: Attributes of type `schema.TypeInt` are now correctly set [GH-13437] ## 2.63.0 (May 22, 2020) From a6e3960081b999c76f2d20cd62dd2bba5b2aa0d4 Mon Sep 17 00:00:00 2001 From: appilon Date: Wed, 27 May 2020 20:09:00 -0400 Subject: [PATCH 356/475] service/opsworks: Fix schema error (#13435) * Fix schema error * Allow state passthrough for secure env vars --- aws/resource_aws_opsworks_application.go | 49 +++++++++++++----------- 1 file changed, 27 insertions(+), 22 deletions(-) diff --git a/aws/resource_aws_opsworks_application.go b/aws/resource_aws_opsworks_application.go index 759ec59d18b..11530759c24 100644 --- a/aws/resource_aws_opsworks_application.go +++ b/aws/resource_aws_opsworks_application.go @@ -387,37 +387,42 @@ func resourceAwsOpsworksApplicationDelete(d *schema.ResourceData, meta interface return err } -func resourceAwsOpsworksSetApplicationEnvironmentVariable(d *schema.ResourceData, v []*opsworks.EnvironmentVariable) { - log.Printf("[DEBUG] envs: %s %d", v, len(v)) - if len(v) == 0 { +func resourceAwsOpsworksFindEnvironmentVariable(key string, vs []*opsworks.EnvironmentVariable) *opsworks.EnvironmentVariable { + for _, v := range vs { + if aws.StringValue(v.Key) == key { + return v + } + } + return nil +} + +func resourceAwsOpsworksSetApplicationEnvironmentVariable(d *schema.ResourceData, vs []*opsworks.EnvironmentVariable) { + if len(vs) == 0 { d.Set("environment", nil) return } - newValue := make([]*map[string]interface{}, len(v)) - - for i := 0; i < len(v); i++ { - config := v[i] - data := make(map[string]interface{}) - newValue[i] = &data - if config.Key != nil { - data["key"] = *config.Key - } - if config.Value != nil { - data["value"] = *config.Value - } - if config.Secure != nil { + // sensitive variables are returned obfuscated from the API, this creates a + // permadiff between the obfuscated API response and the config value. We + // start with the existing state so it can passthrough when the key is secure + values := d.Get("environment").(*schema.Set).List() - if aws.BoolValue(config.Secure) { - data["secure"] = &opsworksTrueString - } else { - data["secure"] = &opsworksFalseString + for i := 0; i < len(values); i++ { + value := values[i].(map[string]interface{}) + if v := resourceAwsOpsworksFindEnvironmentVariable(value["key"].(string), vs); v != nil { + if !aws.BoolValue(v.Secure) { + value["secure"] = aws.BoolValue(v.Secure) + value["key"] = aws.StringValue(v.Key) + value["value"] = aws.StringValue(v.Value) + values[i] = value } + } else { + // delete if not found in API response + values = append(values[:i], values[i+1:]...) } - log.Printf("[DEBUG] v: %s", data) } - d.Set("environment", newValue) + d.Set("environment", values) } func resourceAwsOpsworksApplicationEnvironmentVariable(d *schema.ResourceData) []*opsworks.EnvironmentVariable { From 6ecdbbec1d33b3d3b84fe694ecb6a199d47fd63a Mon Sep 17 00:00:00 2001 From: appilon Date: Wed, 27 May 2020 20:09:49 -0400 Subject: [PATCH 357/475] Update CHANGELOG.md --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 1651d2a2e01..f09244b38ad 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -12,6 +12,7 @@ BUG FIXES: * resource/aws_autoscaling_group: Ignore ordering differences for `tags` argument (prevent unexpected differences from version 2.63.0) [GH-13515] * resource/aws_ecs_task_definition: Ensure `efs_volume_configuration` changes are properly detected [GH-12571] / [GH-12751] * resource/aws_lightsail_instance: `ram_size` now properly set [GH-13430] +* resource/aws_opsworks_application: `environment` `secure` now properly set [GH-13435] * resource/aws_ses_event_destination: Correctly refresh entire resource state (prevent unexpected differences from version 2.63.0 and properly perform drift detection) [GH-13464] * resource/aws_sns_topic: Attributes of type `schema.TypeInt` are now correctly set [GH-13437] From 706ff3bf144e407d1ee44e44cc6f3b88305bf0c7 Mon Sep 17 00:00:00 2001 From: appilon Date: Wed, 27 May 2020 20:10:29 -0400 Subject: [PATCH 358/475] service/elb: Fix schema errors (#13418) * Fix schema errors Fixed string to int type mismatches. Noticed attr name typo `attributes` --> `attribute`. * return error * fix wrong pointer helper * Comment out setting 'attribute' * fix comment --- ...esource_aws_lb_cookie_stickiness_policy.go | 7 ++++++- aws/resource_aws_lb_ssl_negotiation_policy.go | 20 ++++++++++++++----- ...aws_load_balancer_backend_server_policy.go | 6 +++++- ...ource_aws_load_balancer_listener_policy.go | 6 +++++- 4 files changed, 31 insertions(+), 8 deletions(-) diff --git a/aws/resource_aws_lb_cookie_stickiness_policy.go b/aws/resource_aws_lb_cookie_stickiness_policy.go index ec1c169d863..77fad73af6f 100644 --- a/aws/resource_aws_lb_cookie_stickiness_policy.go +++ b/aws/resource_aws_lb_cookie_stickiness_policy.go @@ -3,6 +3,7 @@ package aws import ( "fmt" "log" + "strconv" "strings" "github.com/aws/aws-sdk-go/aws" @@ -129,7 +130,11 @@ func resourceAwsLBCookieStickinessPolicyRead(d *schema.ResourceData, meta interf if *cookieAttr.AttributeName != "CookieExpirationPeriod" { return fmt.Errorf("Unable to find cookie expiration period.") } - d.Set("cookie_expiration_period", cookieAttr.AttributeValue) + cookieVal, err := strconv.Atoi(aws.StringValue(cookieAttr.AttributeValue)) + if err != nil { + return fmt.Errorf("Error parsing cookie expiration period: %s", err) + } + d.Set("cookie_expiration_period", cookieVal) d.Set("name", policyName) d.Set("load_balancer", lbName) diff --git a/aws/resource_aws_lb_ssl_negotiation_policy.go b/aws/resource_aws_lb_ssl_negotiation_policy.go index 17e6af10534..842080af6fb 100644 --- a/aws/resource_aws_lb_ssl_negotiation_policy.go +++ b/aws/resource_aws_lb_ssl_negotiation_policy.go @@ -139,15 +139,25 @@ func resourceAwsLBSSLNegotiationPolicyRead(d *schema.ResourceData, meta interfac return fmt.Errorf("Unable to find policy %#v", getResp.PolicyDescriptions) } - // We can get away with this because there's only one policy returned - policyDesc := getResp.PolicyDescriptions[0] - attributes := flattenPolicyAttributes(policyDesc.PolicyAttributeDescriptions) - d.Set("attributes", attributes) - d.Set("name", policyName) d.Set("load_balancer", lbName) d.Set("lb_port", lbPort) + // TODO: fix attribute + // This was previously erroneously setting "attributes", however this cannot + // be changed without introducing problematic side effects. The ELB service + // automatically expands the results to include all SSL attributes + // (unordered, so we'd need to switch to TypeSet anyways), which we would be + // quite impractical to force practitioners to write out and potentially + // update each time the API updates since there is nearly 100 attributes. + + // We can get away with this because there's only one policy returned + // policyDesc := getResp.PolicyDescriptions[0] + // attributes := flattenPolicyAttributes(policyDesc.PolicyAttributeDescriptions) + // if err := d.Set("attribute", attributes); err != nil { + // return fmt.Errorf("error setting attribute: %s", err) + // } + return nil } diff --git a/aws/resource_aws_load_balancer_backend_server_policy.go b/aws/resource_aws_load_balancer_backend_server_policy.go index 2db9c73130d..e902dc085b3 100644 --- a/aws/resource_aws_load_balancer_backend_server_policy.go +++ b/aws/resource_aws_load_balancer_backend_server_policy.go @@ -100,7 +100,11 @@ func resourceAwsLoadBalancerBackendServerPoliciesRead(d *schema.ResourceData, me } d.Set("load_balancer_name", loadBalancerName) - d.Set("instance_port", instancePort) + instancePortVal, err := strconv.ParseInt(instancePort, 10, 64) + if err != nil { + return fmt.Errorf("error parsing instance port: %s", err) + } + d.Set("instance_port", instancePortVal) d.Set("policy_names", flattenStringList(policyNames)) return nil diff --git a/aws/resource_aws_load_balancer_listener_policy.go b/aws/resource_aws_load_balancer_listener_policy.go index ff7ada242e7..da6b51582e9 100644 --- a/aws/resource_aws_load_balancer_listener_policy.go +++ b/aws/resource_aws_load_balancer_listener_policy.go @@ -100,7 +100,11 @@ func resourceAwsLoadBalancerListenerPoliciesRead(d *schema.ResourceData, meta in } d.Set("load_balancer_name", loadBalancerName) - d.Set("load_balancer_port", loadBalancerPort) + loadBalancerPortVal, err := strconv.ParseInt(loadBalancerPort, 10, 64) + if err != nil { + return fmt.Errorf("error parsing load balancer port: %s", err) + } + d.Set("load_balancer_port", loadBalancerPortVal) d.Set("policy_names", flattenStringList(policyNames)) return nil From bafd3e6f90f63049ebf3acbc910f660d79b6f21c Mon Sep 17 00:00:00 2001 From: appilon Date: Wed, 27 May 2020 20:12:12 -0400 Subject: [PATCH 359/475] Update CHANGELOG.md --- CHANGELOG.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index f09244b38ad..3e415774ac2 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -11,7 +11,10 @@ BUG FIXES: * resource/aws_api_gateway_method_settings: `settings` now properly set [GH-13403] * resource/aws_autoscaling_group: Ignore ordering differences for `tags` argument (prevent unexpected differences from version 2.63.0) [GH-13515] * resource/aws_ecs_task_definition: Ensure `efs_volume_configuration` changes are properly detected [GH-12571] / [GH-12751] +* resource/aws_lb_cookie_stickiness_policy: `cookie_expiration_policy` now properly set [GH-13418] * resource/aws_lightsail_instance: `ram_size` now properly set [GH-13430] +* resource/aws_load_balancer_backend_server_policy: `instance_port` now properly set [GH-13418] +* resource/aws_load_balancer_listener_policy: `load_balancer_port` now properly set [GH-13418] * resource/aws_opsworks_application: `environment` `secure` now properly set [GH-13435] * resource/aws_ses_event_destination: Correctly refresh entire resource state (prevent unexpected differences from version 2.63.0 and properly perform drift detection) [GH-13464] * resource/aws_sns_topic: Attributes of type `schema.TypeInt` are now correctly set [GH-13437] From 8bfadfae0be31cd47122126173739ee226d996a9 Mon Sep 17 00:00:00 2001 From: Angie Pinilla Date: Wed, 27 May 2020 20:13:52 -0400 Subject: [PATCH 360/475] update Read method error messaging and acctest --- aws/resource_aws_ses_template.go | 4 +- aws/resource_aws_ses_template_test.go | 68 ++++++++++++++++++++------- 2 files changed, 52 insertions(+), 20 deletions(-) diff --git a/aws/resource_aws_ses_template.go b/aws/resource_aws_ses_template.go index 9d09b483239..6e63429376b 100644 --- a/aws/resource_aws_ses_template.go +++ b/aws/resource_aws_ses_template.go @@ -89,12 +89,12 @@ func resourceAwsSesTemplateRead(d *schema.ResourceData, meta interface{}) error log.Printf("[DEBUG] Reading SES template: %#v", input) gto, err := conn.GetTemplate(&input) if err != nil { - if isAWSErr(err, "TemplateDoesNotExist", "") { + if isAWSErr(err, ses.ErrCodeTemplateDoesNotExistException, "") { log.Printf("[WARN] SES template %q not found, removing from state", d.Id()) d.SetId("") return nil } - return fmt.Errorf("Reading SES template '%s' failed: %s", *input.TemplateName, err.Error()) + return fmt.Errorf("Reading SES template '%s' failed: %s", aws.StringValue(input.TemplateName), err.Error()) } d.Set("html", gto.Template.HtmlPart) diff --git a/aws/resource_aws_ses_template_test.go b/aws/resource_aws_ses_template_test.go index 420cb209b91..2ca234a44bb 100644 --- a/aws/resource_aws_ses_template_test.go +++ b/aws/resource_aws_ses_template_test.go @@ -16,7 +16,7 @@ import ( func TestAccAWSSesTemplate_Basic(t *testing.T) { resourceName := "aws_ses_template.test" - name := acctest.RandString(5) + rName := acctest.RandomWithPrefix("tf-acc-test") var template ses.Template resource.ParallelTest(t, resource.TestCase{ @@ -25,10 +25,10 @@ func TestAccAWSSesTemplate_Basic(t *testing.T) { CheckDestroy: testAccCheckSesTemplateDestroy, Steps: []resource.TestStep{ { - Config: testAccCheckAwsSesTemplateResourceConfigBasic1(name), + Config: testAccCheckAwsSesTemplateResourceConfigBasic1(rName), Check: resource.ComposeTestCheckFunc( - testAccCheckSesTemplate(resourceName, &template), - resource.TestCheckResourceAttr(resourceName, "name", name), + testAccCheckSesTemplateExists(resourceName, &template), + resource.TestCheckResourceAttr(resourceName, "name", rName), resource.TestCheckResourceAttr(resourceName, "html", "html"), resource.TestCheckResourceAttr(resourceName, "subject", "subject"), resource.TestCheckResourceAttr(resourceName, "text", ""), @@ -45,9 +45,9 @@ func TestAccAWSSesTemplate_Basic(t *testing.T) { func TestAccAWSSesTemplate_Update(t *testing.T) { t.Skipf("Skip due to SES.UpdateTemplate eventual consistency issues") - name := acctest.RandString(5) - var template ses.Template + rName := acctest.RandomWithPrefix("tf-acc-test") resourceName := "aws_ses_template.test" + var template ses.Template resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSSES(t) }, @@ -55,10 +55,10 @@ func TestAccAWSSesTemplate_Update(t *testing.T) { CheckDestroy: testAccCheckSesTemplateDestroy, Steps: []resource.TestStep{ { - Config: testAccCheckAwsSesTemplateResourceConfigBasic1(name), + Config: testAccCheckAwsSesTemplateResourceConfigBasic1(rName), Check: resource.ComposeTestCheckFunc( - testAccCheckSesTemplate(resourceName, &template), - resource.TestCheckResourceAttr(resourceName, "name", name), + testAccCheckSesTemplateExists(resourceName, &template), + resource.TestCheckResourceAttr(resourceName, "name", rName), resource.TestCheckResourceAttr(resourceName, "html", "html"), resource.TestCheckResourceAttr(resourceName, "subject", "subject"), resource.TestCheckResourceAttr(resourceName, "text", ""), @@ -70,20 +70,20 @@ func TestAccAWSSesTemplate_Update(t *testing.T) { ImportStateVerify: true, }, { - Config: testAccCheckAwsSesTemplateResourceConfigBasic2(name), + Config: testAccCheckAwsSesTemplateResourceConfigBasic2(rName), Check: resource.ComposeTestCheckFunc( - testAccCheckSesTemplate(resourceName, &template), - resource.TestCheckResourceAttr(resourceName, "name", name), + testAccCheckSesTemplateExists(resourceName, &template), + resource.TestCheckResourceAttr(resourceName, "name", rName), resource.TestCheckResourceAttr(resourceName, "html", "html"), resource.TestCheckResourceAttr(resourceName, "subject", "subject"), resource.TestCheckResourceAttr(resourceName, "text", "text"), ), }, { - Config: testAccCheckAwsSesTemplateResourceConfigBasic3(name), + Config: testAccCheckAwsSesTemplateResourceConfigBasic3(rName), Check: resource.ComposeTestCheckFunc( - testAccCheckSesTemplate(resourceName, &template), - resource.TestCheckResourceAttr(resourceName, "name", name), + testAccCheckSesTemplateExists(resourceName, &template), + resource.TestCheckResourceAttr(resourceName, "name", rName), resource.TestCheckResourceAttr(resourceName, "html", "html update"), resource.TestCheckResourceAttr(resourceName, "subject", "subject"), resource.TestCheckResourceAttr(resourceName, "text", ""), @@ -93,7 +93,29 @@ func TestAccAWSSesTemplate_Update(t *testing.T) { }) } -func testAccCheckSesTemplate(pr string, template *ses.Template) resource.TestCheckFunc { +func TestAccAWSSesTemplate_disappears(t *testing.T) { + resourceName := "aws_ses_template.test" + rName := acctest.RandomWithPrefix("tf-acc-test") + var template ses.Template + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSSES(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckSesTemplateDestroy, + Steps: []resource.TestStep{ + { + Config: testAccCheckAwsSesTemplateResourceConfigBasic1(rName), + Check: resource.ComposeTestCheckFunc( + testAccCheckSesTemplateExists(resourceName, &template), + testAccCheckResourceDisappears(testAccProvider, resourceAwsSesTemplate(), resourceName), + ), + ExpectNonEmptyPlan: true, + }, + }, + }) +} + +func testAccCheckSesTemplateExists(pr string, template *ses.Template) resource.TestCheckFunc { return func(s *terraform.State) error { conn := testAccProvider.Meta().(*AWSClient).sesconn rs, ok := s.RootModule().Resources[pr] @@ -109,8 +131,18 @@ func testAccCheckSesTemplate(pr string, template *ses.Template) resource.TestChe TemplateName: aws.String(rs.Primary.ID), } - _, err := conn.GetTemplate(&input) - return err + templateOutput, err := conn.GetTemplate(&input) + if err != nil { + return err + } + + if templateOutput == nil || templateOutput.Template == nil { + return fmt.Errorf("SES Template (%s) not found", rs.Primary.ID) + } + + *template = *templateOutput.Template + + return nil } } From 289c8bca2c5125a83478ee709abbe6acd7fc4a7c Mon Sep 17 00:00:00 2001 From: Max Marrone Date: Wed, 27 May 2020 23:35:23 -0400 Subject: [PATCH 361/475] Fixup: Change link to https and remove stray period. --- website/docs/r/lambda_permission.html.markdown | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/website/docs/r/lambda_permission.html.markdown b/website/docs/r/lambda_permission.html.markdown index 09e9759c8e7..8dc04100051 100644 --- a/website/docs/r/lambda_permission.html.markdown +++ b/website/docs/r/lambda_permission.html.markdown @@ -149,7 +149,7 @@ resource "aws_lambda_permission" "lambda_permission" { * `statement_id_prefix` - (Optional) A statement identifier prefix. Terraform will generate a unique suffix. Conflicts with `statement_id`. [1]: https://developer.amazon.com/docs/custom-skills/host-a-custom-skill-as-an-aws-lambda-function.html#use-aws-cli -[2]: http://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-control-access-using-iam-policies-to-invoke-api.html. +[2]: https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-control-access-using-iam-policies-to-invoke-api.html ## Import From 4147664155b9622b0c333432176174e0fed68cb6 Mon Sep 17 00:00:00 2001 From: Max Marrone Date: Wed, 27 May 2020 23:36:24 -0400 Subject: [PATCH 362/475] Fixup: 'principal', not 'principle'. --- website/docs/r/lambda_permission.html.markdown | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/website/docs/r/lambda_permission.html.markdown b/website/docs/r/lambda_permission.html.markdown index 8dc04100051..c07408e9078 100644 --- a/website/docs/r/lambda_permission.html.markdown +++ b/website/docs/r/lambda_permission.html.markdown @@ -140,8 +140,8 @@ resource "aws_lambda_permission" "lambda_permission" { The permission will then apply to the specific qualified ARN. e.g. `arn:aws:lambda:aws-region:acct-id:function:function-name:2` * `source_account` - (Optional) This parameter is used for S3 and SES. The AWS account ID (without a hyphen) of the source owner. - * `source_arn` - (Optional) When the principle is an AWS service, the ARN of the specific resource within that service to grant permission to. - Without this, any resource from `principle` will be granted permission – even if that resource is from another account. + * `source_arn` - (Optional) When the principal is an AWS service, the ARN of the specific resource within that service to grant permission to. + Without this, any resource from `principal` will be granted permission – even if that resource is from another account. For S3, this should be the ARN of the S3 Bucket. For CloudWatch Events, this should be the ARN of the CloudWatch Events Rule. For API Gateway, this should be the ARN of the API, as described [here][2]. From 6b21967e7d340638d8e4f7c7272fecd86a22d370 Mon Sep 17 00:00:00 2001 From: Sam Martin Date: Thu, 28 May 2020 12:33:37 +0100 Subject: [PATCH 363/475] docs/resource/aws_acm_certificate: Removed erroneous use of "to" (#13531) --- website/docs/r/acm_certificate.html.markdown | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/website/docs/r/acm_certificate.html.markdown b/website/docs/r/acm_certificate.html.markdown index 70a13a08ea9..3c188c714b9 100644 --- a/website/docs/r/acm_certificate.html.markdown +++ b/website/docs/r/acm_certificate.html.markdown @@ -16,7 +16,7 @@ This resource does not deal with validation of a certificate but can provide inp for other resources implementing the validation. It does not wait for a certificate to be issued. Use a [`aws_acm_certificate_validation`](acm_certificate_validation.html) resource for this. -Most commonly, this resource is used to together with [`aws_route53_record`](route53_record.html) and +Most commonly, this resource is used together with [`aws_route53_record`](route53_record.html) and [`aws_acm_certificate_validation`](acm_certificate_validation.html) to request a DNS validated certificate, deploy the required validation records and wait for validation to complete. From 18ec7c859ee2041e65e7dfa647d1fafc7540e209 Mon Sep 17 00:00:00 2001 From: Mike Dalrymple Date: Thu, 28 May 2020 06:54:01 -0600 Subject: [PATCH 364/475] Revised from_email_address to remove > < and incorporate quotes around display name. --- website/docs/r/cognito_user_pool.markdown | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/website/docs/r/cognito_user_pool.markdown b/website/docs/r/cognito_user_pool.markdown index 0e1d250a212..f0fb63d964b 100644 --- a/website/docs/r/cognito_user_pool.markdown +++ b/website/docs/r/cognito_user_pool.markdown @@ -90,7 +90,7 @@ The following arguments are supported: * `reply_to_email_address` (Optional) - The REPLY-TO email address. * `source_arn` (Optional) - The ARN of the SES verified email identity to to use. Required if `email_sending_account` is set to `DEVELOPER`. - * `from_email_address` (Optional) - Sender’s email address or sender’s name with their email address (e.g. "john@example.com" or "John Smith <john@example.com>") + * `from_email_address` (Optional) - Sender’s email address or sender’s name with their email address (e.g. `john@example.com` or `\"John Smith\" `) * `email_sending_account` (Optional) - The email delivery method to use. `COGNITO_DEFAULT` for the default email functionality built into Cognito or `DEVELOPER` to use your Amazon SES configuration. #### Lambda Configuration From f4bed82b5588e5c1643763fd6ea15b82cd7e8f21 Mon Sep 17 00:00:00 2001 From: Kit Ewbank Date: Thu, 28 May 2020 09:45:43 -0400 Subject: [PATCH 365/475] Use 'validation.StringInSlice' with SDK-defined string constants. --- ...ce_aws_kinesis_firehose_delivery_stream.go | 157 +++++++----------- 1 file changed, 58 insertions(+), 99 deletions(-) diff --git a/aws/resource_aws_kinesis_firehose_delivery_stream.go b/aws/resource_aws_kinesis_firehose_delivery_stream.go index 786d203447a..f4a519c02d8 100644 --- a/aws/resource_aws_kinesis_firehose_delivery_stream.go +++ b/aws/resource_aws_kinesis_firehose_delivery_stream.go @@ -74,7 +74,7 @@ func s3ConfigurationSchema() *schema.Schema { "compression_format": { Type: schema.TypeString, Optional: true, - Default: "UNCOMPRESSED", + Default: firehose.CompressionFormatUncompressed, }, "kms_key_arn": { @@ -124,26 +124,18 @@ func processingConfigurationSchema() *schema.Schema { "parameter_name": { Type: schema.TypeString, Required: true, - ValidateFunc: func(v interface{}, k string) (ws []string, errors []error) { - value := v.(string) - if value != "LambdaArn" && value != "NumberOfRetries" && value != "RoleArn" && value != "BufferSizeInMBs" && value != "BufferIntervalInSeconds" { - errors = append(errors, fmt.Errorf( - "%q must be one of 'LambdaArn', 'NumberOfRetries', 'RoleArn', 'BufferSizeInMBs', 'BufferIntervalInSeconds'", k)) - } - return - }, + ValidateFunc: validation.StringInSlice([]string{ + firehose.ProcessorParameterNameLambdaArn, + firehose.ProcessorParameterNameNumberOfRetries, + firehose.ProcessorParameterNameRoleArn, + firehose.ProcessorParameterNameBufferSizeInMbs, + firehose.ProcessorParameterNameBufferIntervalInSeconds, + }, false), }, "parameter_value": { - Type: schema.TypeString, - Required: true, - ValidateFunc: func(v interface{}, k string) (ws []string, errors []error) { - value := v.(string) - if len(value) < 1 || len(value) > 512 { - errors = append(errors, fmt.Errorf( - "%q must be at least one character long and at most 512 characters long", k)) - } - return - }, + Type: schema.TypeString, + Required: true, + ValidateFunc: validation.StringLenBetween(1, 512), }, }, }, @@ -151,14 +143,9 @@ func processingConfigurationSchema() *schema.Schema { "type": { Type: schema.TypeString, Required: true, - ValidateFunc: func(v interface{}, k string) (ws []string, errors []error) { - value := v.(string) - if value != "Lambda" { - errors = append(errors, fmt.Errorf( - "%q must be 'Lambda'", k)) - } - return - }, + ValidateFunc: validation.StringInSlice([]string{ + firehose.ProcessorTypeLambda, + }, false), }, }, }, @@ -639,6 +626,7 @@ func flattenKinesisFirehoseDeliveryStream(d *schema.ResourceData, s *firehose.De } d.Set("destination_id", destination.DestinationId) } + return nil } @@ -669,17 +657,10 @@ func resourceAwsKinesisFirehoseDeliveryStream() *schema.Resource { MigrateState: resourceAwsKinesisFirehoseMigrateState, Schema: map[string]*schema.Schema{ "name": { - Type: schema.TypeString, - Required: true, - ForceNew: true, - ValidateFunc: func(v interface{}, k string) (ws []string, errors []error) { - value := v.(string) - if len(value) > 64 { - errors = append(errors, fmt.Errorf( - "%q cannot be longer than 64 characters", k)) - } - return - }, + Type: schema.TypeString, + Required: true, + ForceNew: true, + ValidateFunc: validation.StringLenBetween(1, 64), }, "tags": tagsSchema(), @@ -734,14 +715,13 @@ func resourceAwsKinesisFirehoseDeliveryStream() *schema.Resource { value := v.(string) return strings.ToLower(value) }, - ValidateFunc: func(v interface{}, k string) (ws []string, errors []error) { - value := v.(string) - if value != "s3" && value != "extended_s3" && value != "redshift" && value != "elasticsearch" && value != "splunk" { - errors = append(errors, fmt.Errorf( - "%q must be one of 's3', 'extended_s3', 'redshift', 'elasticsearch', 'splunk'", k)) - } - return - }, + ValidateFunc: validation.StringInSlice([]string{ + "elasticsearch", + "extended_s3", + "redshift", + "s3", + "splunk", + }, false), }, "s3_configuration": s3ConfigurationSchema(), @@ -773,7 +753,7 @@ func resourceAwsKinesisFirehoseDeliveryStream() *schema.Resource { "compression_format": { Type: schema.TypeString, Optional: true, - Default: "UNCOMPRESSED", + Default: firehose.CompressionFormatUncompressed, }, "data_format_conversion_configuration": { @@ -1058,15 +1038,11 @@ func resourceAwsKinesisFirehoseDeliveryStream() *schema.Resource { "s3_backup_mode": { Type: schema.TypeString, Optional: true, - Default: "Disabled", - ValidateFunc: func(v interface{}, k string) (ws []string, errors []error) { - value := v.(string) - if value != "Disabled" && value != "Enabled" { - errors = append(errors, fmt.Errorf( - "%q must be one of 'Disabled', 'Enabled'", k)) - } - return - }, + Default: firehose.S3BackupModeDisabled, + ValidateFunc: validation.StringInSlice([]string{ + firehose.S3BackupModeDisabled, + firehose.S3BackupModeEnabled, + }, false), }, "s3_backup_configuration": s3ConfigurationSchema(), @@ -1110,15 +1086,11 @@ func resourceAwsKinesisFirehoseDeliveryStream() *schema.Resource { "s3_backup_mode": { Type: schema.TypeString, Optional: true, - Default: "Disabled", - ValidateFunc: func(v interface{}, k string) (ws []string, errors []error) { - value := v.(string) - if value != "Disabled" && value != "Enabled" { - errors = append(errors, fmt.Errorf( - "%q must be one of 'Disabled', 'Enabled'", k)) - } - return - }, + Default: firehose.S3BackupModeDisabled, + ValidateFunc: validation.StringInSlice([]string{ + firehose.S3BackupModeDisabled, + firehose.S3BackupModeEnabled, + }, false), }, "s3_backup_configuration": s3ConfigurationSchema(), @@ -1204,15 +1176,14 @@ func resourceAwsKinesisFirehoseDeliveryStream() *schema.Resource { "index_rotation_period": { Type: schema.TypeString, Optional: true, - Default: "OneDay", - ValidateFunc: func(v interface{}, k string) (ws []string, errors []error) { - value := v.(string) - if value != "NoRotation" && value != "OneHour" && value != "OneDay" && value != "OneWeek" && value != "OneMonth" { - errors = append(errors, fmt.Errorf( - "%q must be one of 'NoRotation', 'OneHour', 'OneDay', 'OneWeek', 'OneMonth'", k)) - } - return - }, + Default: firehose.ElasticsearchIndexRotationPeriodOneDay, + ValidateFunc: validation.StringInSlice([]string{ + firehose.ElasticsearchIndexRotationPeriodNoRotation, + firehose.ElasticsearchIndexRotationPeriodOneHour, + firehose.ElasticsearchIndexRotationPeriodOneDay, + firehose.ElasticsearchIndexRotationPeriodOneWeek, + firehose.ElasticsearchIndexRotationPeriodOneMonth, + }, false), }, "retry_duration": { @@ -1238,15 +1209,11 @@ func resourceAwsKinesisFirehoseDeliveryStream() *schema.Resource { Type: schema.TypeString, ForceNew: true, Optional: true, - Default: "FailedDocumentsOnly", - ValidateFunc: func(v interface{}, k string) (ws []string, errors []error) { - value := v.(string) - if value != "FailedDocumentsOnly" && value != "AllDocuments" { - errors = append(errors, fmt.Errorf( - "%q must be one of 'FailedDocumentsOnly', 'AllDocuments'", k)) - } - return - }, + Default: firehose.ElasticsearchS3BackupModeFailedDocumentsOnly, + ValidateFunc: validation.StringInSlice([]string{ + firehose.ElasticsearchS3BackupModeFailedDocumentsOnly, + firehose.ElasticsearchS3BackupModeAllDocuments, + }, false), }, "type_name": { @@ -1291,14 +1258,10 @@ func resourceAwsKinesisFirehoseDeliveryStream() *schema.Resource { Type: schema.TypeString, Optional: true, Default: firehose.HECEndpointTypeRaw, - ValidateFunc: func(v interface{}, k string) (ws []string, errors []error) { - value := v.(string) - if value != firehose.HECEndpointTypeRaw && value != firehose.HECEndpointTypeEvent { - errors = append(errors, fmt.Errorf( - "%q must be one of 'Raw', 'Event'", k)) - } - return - }, + ValidateFunc: validation.StringInSlice([]string{ + firehose.HECEndpointTypeRaw, + firehose.HECEndpointTypeEvent, + }, false), }, "hec_token": { @@ -1310,14 +1273,10 @@ func resourceAwsKinesisFirehoseDeliveryStream() *schema.Resource { Type: schema.TypeString, Optional: true, Default: firehose.SplunkS3BackupModeFailedEventsOnly, - ValidateFunc: func(v interface{}, k string) (ws []string, errors []error) { - value := v.(string) - if value != firehose.SplunkS3BackupModeFailedEventsOnly && value != firehose.SplunkS3BackupModeAllEvents { - errors = append(errors, fmt.Errorf( - "%q must be one of 'FailedEventsOnly', 'AllEvents'", k)) - } - return - }, + ValidateFunc: validation.StringInSlice([]string{ + firehose.SplunkS3BackupModeFailedEventsOnly, + firehose.SplunkS3BackupModeAllEvents, + }, false), }, "retry_duration": { From f9af5218f27e2ca9467c32d32cf8443c191acf7f Mon Sep 17 00:00:00 2001 From: Kit Ewbank Date: Thu, 28 May 2020 09:46:55 -0400 Subject: [PATCH 366/475] r/aws_kinesis_firehose_delivery_stream: Set 'kinesis_source_configuration' in Read function. --- ...ce_aws_kinesis_firehose_delivery_stream.go | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/aws/resource_aws_kinesis_firehose_delivery_stream.go b/aws/resource_aws_kinesis_firehose_delivery_stream.go index f4a519c02d8..b14703ffda3 100644 --- a/aws/resource_aws_kinesis_firehose_delivery_stream.go +++ b/aws/resource_aws_kinesis_firehose_delivery_stream.go @@ -571,6 +571,19 @@ func flattenProcessingConfiguration(pc *firehose.ProcessingConfiguration, roleAr return processingConfiguration } +func flattenFirehoseKinesisSourceConfiguration(desc *firehose.KinesisStreamSourceDescription) []interface{} { + if desc == nil { + return []interface{}{} + } + + mDesc := map[string]interface{}{ + "kinesis_stream_arn": aws.StringValue(desc.KinesisStreamARN), + "role_arn": aws.StringValue(desc.RoleARN), + } + + return []interface{}{mDesc} +} + func flattenKinesisFirehoseDeliveryStream(d *schema.ResourceData, s *firehose.DeliveryStreamDescription) error { d.Set("version_id", s.VersionId) d.Set("arn", s.DeliveryStreamARN) @@ -586,6 +599,12 @@ func flattenKinesisFirehoseDeliveryStream(d *schema.ResourceData, s *firehose.De return fmt.Errorf("error setting server_side_encryption: %s", err) } + if s.Source != nil { + if err := d.Set("kinesis_source_configuration", flattenFirehoseKinesisSourceConfiguration(s.Source.KinesisStreamSourceDescription)); err != nil { + return fmt.Errorf("error setting kinesis_source_configuration: %s", err) + } + } + if len(s.Destinations) > 0 { destination := s.Destinations[0] if destination.RedshiftDestinationDescription != nil { From d0290a2702876f7faea0a4c50cc6f26dba4324e3 Mon Sep 17 00:00:00 2001 From: Henrik Gundersen Date: Thu, 28 May 2020 16:17:26 +0200 Subject: [PATCH 367/475] Fixes tiny typo in logo title in README.md (#13533) --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index ae3c4c3fa90..95c58fa9378 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,5 @@ - Terraform logo + Terraform logo # Terraform Provider for AWS @@ -46,4 +46,4 @@ Responses to our most frequently asked questions can be found in our [FAQ](docs/ The Terraform AWS Provider is the work of thousands of contributors. We appreciate your help! -To contribute, please read the contribution guidelines: [Contributing to Terraform - AWS Provider](docs/CONTRIBUTING.md) \ No newline at end of file +To contribute, please read the contribution guidelines: [Contributing to Terraform - AWS Provider](docs/CONTRIBUTING.md) From 569fb51f48b7c84a39f56e0d57075f9400a920f3 Mon Sep 17 00:00:00 2001 From: Joe Hosteny Date: Thu, 28 May 2020 10:20:15 -0400 Subject: [PATCH 368/475] resource/aws_iot_topic_rule: Add step_functions configuration block (#13520) Output from acceptance testing: ``` --- PASS: TestAccAWSIoTTopicRule_cloudwatchmetric (17.14s) --- PASS: TestAccAWSIoTTopicRule_kinesis (17.31s) --- PASS: TestAccAWSIoTTopicRule_republish (17.95s) --- PASS: TestAccAWSIoTTopicRule_iot_analytics (19.13s) --- PASS: TestAccAWSIoTTopicRule_dynamoDbv2 (19.98s) --- PASS: TestAccAWSIoTTopicRule_cloudwatchalarm (20.36s) --- PASS: TestAccAWSIoTTopicRule_republish_with_qos (20.17s) --- PASS: TestAccAWSIoTTopicRule_basic (20.64s) --- PASS: TestAccAWSIoTTopicRule_sns (20.75s) --- PASS: TestAccAWSIoTTopicRule_firehose (20.99s) --- PASS: TestAccAWSIoTTopicRule_step_functions (21.03s) --- PASS: TestAccAWSIoTTopicRule_lambda (21.38s) --- PASS: TestAccAWSIoTTopicRule_elasticsearch (21.29s) --- PASS: TestAccAWSIoTTopicRule_s3 (21.39s) --- PASS: TestAccAWSIoTTopicRule_sqs (27.13s) --- PASS: TestAccAWSIoTTopicRule_iot_events (27.23s) --- PASS: TestAccAWSIoTTopicRule_dynamodb (28.99s) --- PASS: TestAccAWSIoTTopicRule_firehose_separator (28.97s) --- PASS: TestAccAWSIoTTopicRule_Tags (33.82s) ``` --- aws/resource_aws_iot_topic_rule.go | 100 ++++++++++++++++++++ aws/resource_aws_iot_topic_rule_test.go | 42 ++++++++ website/docs/r/iot_topic_rule.html.markdown | 6 ++ 3 files changed, 148 insertions(+) diff --git a/aws/resource_aws_iot_topic_rule.go b/aws/resource_aws_iot_topic_rule.go index 2eaae9e1da1..ca0d756d716 100644 --- a/aws/resource_aws_iot_topic_rule.go +++ b/aws/resource_aws_iot_topic_rule.go @@ -348,6 +348,27 @@ func resourceAwsIotTopicRule() *schema.Resource { }, }, }, + "step_functions": { + Type: schema.TypeSet, + Optional: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "execution_name_prefix": { + Type: schema.TypeString, + Optional: true, + }, + "state_machine_name": { + Type: schema.TypeString, + Required: true, + }, + "role_arn": { + Type: schema.TypeString, + Required: true, + ValidateFunc: validateArn, + }, + }, + }, + }, "sns": { Type: schema.TypeSet, Optional: true, @@ -514,6 +535,10 @@ func resourceAwsIotTopicRuleRead(d *schema.ResourceData, meta interface{}) error return fmt.Errorf("error setting sqs: %w", err) } + if err := d.Set("step_functions", flattenIotStepFunctionsActions(out.Rule.Actions)); err != nil { + return fmt.Errorf("error setting step_functions: %w", err) + } + return nil } @@ -535,6 +560,7 @@ func resourceAwsIotTopicRuleUpdate(d *schema.ResourceData, meta interface{}) err "lambda", "republish", "s3", + "step_functions", "sns", "sql", "sql_version", @@ -928,6 +954,7 @@ func expandIotSnsAction(tfList []interface{}) *iot.SnsAction { return apiObject } + func expandIotSqsAction(tfList []interface{}) *iot.SqsAction { if len(tfList) == 0 || tfList[0] == nil { return nil @@ -951,6 +978,29 @@ func expandIotSqsAction(tfList []interface{}) *iot.SqsAction { return apiObject } +func expandIotStepFunctionsAction(tfList []interface{}) *iot.StepFunctionsAction { + if len(tfList) == 0 || tfList[0] == nil { + return nil + } + + apiObject := &iot.StepFunctionsAction{} + tfMap := tfList[0].(map[string]interface{}) + + if v, ok := tfMap["execution_name_prefix"].(string); ok && v != "" { + apiObject.ExecutionNamePrefix = aws.String(v) + } + + if v, ok := tfMap["state_machine_name"].(string); ok && v != "" { + apiObject.StateMachineName = aws.String(v) + } + + if v, ok := tfMap["role_arn"].(string); ok && v != "" { + apiObject.RoleArn = aws.String(v) + } + + return apiObject +} + func expandIotTopicRulePayload(d *schema.ResourceData) *iot.TopicRulePayload { var actions []*iot.Action @@ -1108,6 +1158,17 @@ func expandIotTopicRulePayload(d *schema.ResourceData) *iot.TopicRulePayload { actions = append(actions, &iot.Action{Sqs: action}) } + // Legacy root attribute handling + for _, tfMapRaw := range d.Get("step_functions").(*schema.Set).List() { + action := expandIotStepFunctionsAction([]interface{}{tfMapRaw}) + + if action == nil { + continue + } + + actions = append(actions, &iot.Action{StepFunctions: action}) + } + // Prevent sending empty Actions: // - missing required field, CreateTopicRuleInput.TopicRulePayload.Actions if len(actions) == 0 { @@ -1718,3 +1779,42 @@ func flattenIotSqsAction(apiObject *iot.SqsAction) []interface{} { return []interface{}{tfMap} } + +// Legacy root attribute handling +func flattenIotStepFunctionsActions(actions []*iot.Action) []interface{} { + results := make([]interface{}, 0) + + for _, action := range actions { + if action == nil { + continue + } + + if v := action.StepFunctions; v != nil { + results = append(results, flattenIotStepFunctionsAction(v)...) + } + } + + return results +} + +func flattenIotStepFunctionsAction(apiObject *iot.StepFunctionsAction) []interface{} { + if apiObject == nil { + return nil + } + + tfMap := make(map[string]interface{}) + + if v := apiObject.ExecutionNamePrefix; v != nil { + tfMap["execution_name_prefix"] = aws.StringValue(v) + } + + if v := apiObject.StateMachineName; v != nil { + tfMap["state_machine_name"] = aws.StringValue(v) + } + + if v := apiObject.RoleArn; v != nil { + tfMap["role_arn"] = aws.StringValue(v) + } + + return []interface{}{tfMap} +} diff --git a/aws/resource_aws_iot_topic_rule_test.go b/aws/resource_aws_iot_topic_rule_test.go index ed885007539..c1f205f4e77 100644 --- a/aws/resource_aws_iot_topic_rule_test.go +++ b/aws/resource_aws_iot_topic_rule_test.go @@ -439,6 +439,30 @@ func TestAccAWSIoTTopicRule_sqs(t *testing.T) { }) } +func TestAccAWSIoTTopicRule_step_functions(t *testing.T) { + rName := acctest.RandString(5) + resourceName := "aws_iot_topic_rule.rule" + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSIoTTopicRuleDestroy, + Steps: []resource.TestStep{ + { + Config: testAccAWSIoTTopicRule_step_functions(rName), + Check: resource.ComposeTestCheckFunc( + testAccCheckAWSIoTTopicRuleExists("aws_iot_topic_rule.rule"), + ), + }, + { + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + }, + }, + }) +} + func TestAccAWSIoTTopicRule_iot_analytics(t *testing.T) { rName := acctest.RandString(5) @@ -905,6 +929,24 @@ resource "aws_iot_topic_rule" "rule" { `, rName) } +func testAccAWSIoTTopicRule_step_functions(rName string) string { + return fmt.Sprintf(testAccAWSIoTTopicRuleRole+` +resource "aws_iot_topic_rule" "rule" { + name = "test_rule_%[1]s" + description = "Example rule" + enabled = true + sql = "SELECT * FROM 'topic/test'" + sql_version = "2015-10-08" + + step_functions { + execution_name_prefix = "myprefix" + state_machine_name = "mystatemachine" + role_arn = "${aws_iam_role.iot_role.arn}" + } +} +`, rName) +} + func testAccAWSIoTTopicRule_iot_analytics(rName string) string { return fmt.Sprintf(testAccAWSIoTTopicRuleRole+` resource "aws_iot_topic_rule" "rule" { diff --git a/website/docs/r/iot_topic_rule.html.markdown b/website/docs/r/iot_topic_rule.html.markdown index 03b6829f9fc..8c37cc80730 100644 --- a/website/docs/r/iot_topic_rule.html.markdown +++ b/website/docs/r/iot_topic_rule.html.markdown @@ -161,6 +161,12 @@ The `sqs` object takes the following arguments: * `role_arn` - (Required) The ARN of the IAM role that grants access. * `use_base64` - (Required) Specifies whether to use Base64 encoding. +The `step_functions` object takes the following arguments: + +* `execution_name_prefix` - (Optional) The prefix used to generate, along with a UUID, the unique state machine execution name. +* `state_machine_name` - (Required) The name of the Step Functions state machine whose execution will be started. +* `role_arn` - (Required) The ARN of the IAM role that grants access to start execution of the state machine. + The `iot_analytics` object takes the following arguments: * `channel_name` - (Required) Name of AWS IOT Analytics channel. From d98678a3c62ff6ed895a78d5a08fbe6d2337b5a1 Mon Sep 17 00:00:00 2001 From: Brian Flad Date: Thu, 28 May 2020 10:20:59 -0400 Subject: [PATCH 369/475] Update CHANGELOG for #13520 --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 3e415774ac2..a5138563967 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,7 @@ ENHANCMENTS: +* resource/aws_iot_topic_rule: Add `step_functions` configuration block [GH-13520] * resource/aws_ses_event_destination: Support resource import [GH-13464] BUG FIXES: From 9cd798a63371d9d9726d046c32b8f2f96027989f Mon Sep 17 00:00:00 2001 From: Kit Ewbank Date: Thu, 28 May 2020 10:29:16 -0400 Subject: [PATCH 370/475] r/aws_kinesis_firehose_delivery_stream: Verify import of 'kinesis_source_configuration' and add '_disappears' test. --- ...s_kinesis_firehose_delivery_stream_test.go | 73 +++++++++++++++++++ 1 file changed, 73 insertions(+) diff --git a/aws/resource_aws_kinesis_firehose_delivery_stream_test.go b/aws/resource_aws_kinesis_firehose_delivery_stream_test.go index d6980bf8c04..a20eb30a07d 100644 --- a/aws/resource_aws_kinesis_firehose_delivery_stream_test.go +++ b/aws/resource_aws_kinesis_firehose_delivery_stream_test.go @@ -125,6 +125,36 @@ func TestAccAWSKinesisFirehoseDeliveryStream_basic(t *testing.T) { }) } +func TestAccAWSKinesisFirehoseDeliveryStream_disappears(t *testing.T) { + resourceName := "aws_kinesis_firehose_delivery_stream.test" + rInt := acctest.RandInt() + + funcName := fmt.Sprintf("aws_kinesis_firehose_ds_import_%d", rInt) + policyName := fmt.Sprintf("tf_acc_policy_%d", rInt) + roleName := fmt.Sprintf("tf_acc_role_%d", rInt) + var stream firehose.DeliveryStreamDescription + + config := testAccFirehoseAWSLambdaConfigBasic(funcName, policyName, roleName) + + fmt.Sprintf(testAccKinesisFirehoseDeliveryStreamConfig_extendedS3basic, + rInt, rInt, rInt, rInt) + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckKinesisFirehoseDeliveryStreamDestroy, + Steps: []resource.TestStep{ + { + Config: config, + Check: resource.ComposeTestCheckFunc( + testAccCheckKinesisFirehoseDeliveryStreamExists(resourceName, &stream), + testAccCheckResourceDisappears(testAccProvider, resourceAwsKinesisFirehoseDeliveryStream(), resourceName), + ), + ExpectNonEmptyPlan: true, + }, + }, + }) +} + func TestAccAWSKinesisFirehoseDeliveryStream_s3basic(t *testing.T) { var stream firehose.DeliveryStreamDescription ri := acctest.RandInt() @@ -862,6 +892,34 @@ func TestAccAWSKinesisFirehoseDeliveryStream_ExtendedS3Updates(t *testing.T) { }) } +func TestAccAWSKinesisFirehoseDeliveryStream_ExtendedS3_KinesisStreamSource(t *testing.T) { + var stream firehose.DeliveryStreamDescription + ri := acctest.RandInt() + resourceName := "aws_kinesis_firehose_delivery_stream.test" + config := fmt.Sprintf(testAccKinesisFirehoseDeliveryStreamConfig_extendedS3_KinesisStreamSource, + ri, ri, ri, ri, ri, ri, ri) + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckKinesisFirehoseDeliveryStreamDestroy, + Steps: []resource.TestStep{ + { + Config: config, + Check: resource.ComposeTestCheckFunc( + testAccCheckKinesisFirehoseDeliveryStreamExists(resourceName, &stream), + testAccCheckAWSKinesisFirehoseDeliveryStreamAttributes(&stream, nil, nil, nil, nil, nil), + ), + }, + { + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + }, + }, + }) +} + func TestAccAWSKinesisFirehoseDeliveryStream_RedshiftConfigUpdates(t *testing.T) { var stream firehose.DeliveryStreamDescription @@ -1721,6 +1779,21 @@ resource "aws_kinesis_firehose_delivery_stream" "test" { } ` +var testAccKinesisFirehoseDeliveryStreamConfig_extendedS3_KinesisStreamSource = testAccKinesisFirehoseDeliveryStreamBaseConfig + testAccFirehoseKinesisStreamSource + ` +resource "aws_kinesis_firehose_delivery_stream" "test" { + depends_on = ["aws_iam_role_policy.firehose", "aws_iam_role_policy.kinesis_source"] + name = "terraform-kinesis-firehose-basictest-%d" + kinesis_source_configuration { + kinesis_stream_arn = "${aws_kinesis_stream.source.arn}" + role_arn = "${aws_iam_role.kinesis_source.arn}" + } + destination = "extended_s3" + extended_s3_configuration { + role_arn = "${aws_iam_role.firehose.arn}" + bucket_arn = "${aws_s3_bucket.bucket.arn}" + } +}` + func testAccKinesisFirehoseDeliveryStreamConfig_ExtendedS3_DataFormatConversionConfiguration_Enabled(rName string, rInt int, enabled bool) string { return fmt.Sprintf(testAccKinesisFirehoseDeliveryStreamBaseConfig, rInt, rInt, rInt) + fmt.Sprintf(` resource "aws_glue_catalog_database" "test" { From 2f522e33878ab8a9dede1eb457993683dc78f19e Mon Sep 17 00:00:00 2001 From: Kit Ewbank Date: Thu, 28 May 2020 10:34:59 -0400 Subject: [PATCH 371/475] Documentation: Additional resources affected by the provider 'skip_requesting_account_id' attribute (#13507) * Additional resource affected by the provider 'skip_requesting_account_id' attribute. * Add note about ARN synthesis to contribution guide. --- .../pullrequest-submission-and-lifecycle.md | 24 ++++++++++-- website/docs/index.html.markdown | 37 ++++++++++++++++++- 2 files changed, 56 insertions(+), 5 deletions(-) diff --git a/docs/contributing/pullrequest-submission-and-lifecycle.md b/docs/contributing/pullrequest-submission-and-lifecycle.md index 4b380826e26..6cf53454aa1 100644 --- a/docs/contributing/pullrequest-submission-and-lifecycle.md +++ b/docs/contributing/pullrequest-submission-and-lifecycle.md @@ -2,8 +2,8 @@ - [Pull Request Lifecycle](#pull-request-lifecycle) - [Branch Prefixes](#branch-prefixes) -- [Common Review Items](#common-review-items) - - [Go Coding Style](#go-coding-style) +- [Common Review Items](#common-review-items) + - [Go Coding Style](#go-coding-style) - [Resource Contribution Guidelines](#resource-contribution-guidelines) We appreciate direct contributions to the provider codebase. Here's what to @@ -131,11 +131,27 @@ The below are style-based items that _may_ be noted during review and are recomm - [ ] __Implements Error Message Context__: Returning errors from resource `Create`, `Read`, `Update`, and `Delete` functions should include additional messaging about the location or cause of the error for operators and code maintainers by wrapping with [`fmt.Errorf()`](https://godoc.org/golang.org/x/exp/errors/fmt#Errorf). - An example `Delete` API error: `return fmt.Errorf("error deleting {SERVICE} {THING} (%s): %s", d.Id(), err)` - An example `d.Set()` error: `return fmt.Errorf("error setting {ATTRIBUTE}: %s", err)` -- [ ] __Implements arn Attribute__: APIs that return an Amazon Resource Name (ARN), should implement `arn` as an attribute. +- [ ] __Implements arn Attribute__: APIs that return an Amazon Resource Name (ARN) should implement `arn` as an attribute. Alternatively, the ARN can be synthesized using the AWS Go SDK [`arn.ARN`](https://docs.aws.amazon.com/sdk-for-go/api/aws/arn/#ARN) structure. For example: + + ```go + // Direct Connect Virtual Interface ARN. + // See https://docs.aws.amazon.com/directconnect/latest/UserGuide/security_iam_service-with-iam.html#security_iam_service-with-iam-id-based-policies-resources. + arn := arn.ARN{ + Partition: meta.(*AWSClient).partition, + Region: meta.(*AWSClient).region, + Service: "directconnect", + AccountID: meta.(*AWSClient).accountid, + Resource: fmt.Sprintf("dxvif/%s", d.Id()), + }.String() + d.Set("arn", arn) + ``` + + When the `arn` attribute is synthesized this way, add the resource to the [list](https://www.terraform.io/docs/providers/aws/index.html#argument-reference) of those affected by the provider's `skip_requesting_account_id` attribute. + - [ ] __Implements Warning Logging With Resource State Removal__: If a resource is removed outside of Terraform (e.g. via different tool, API, or web UI), `d.SetId("")` and `return nil` can be used in the resource `Read` function to trigger resource recreation. When this occurs, a warning log message should be printed beforehand: `log.Printf("[WARN] {SERVICE} {THING} (%s) not found, removing from state", d.Id())` - [ ] __Uses isAWSErr() with AWS Go SDK Error Objects__: Use the available `isAWSErr(err error, code string, message string)` helper function instead of the `awserr` package to compare error code and message contents. - [ ] __Uses %s fmt Verb with AWS Go SDK Objects__: AWS Go SDK objects implement `String()` so using the `%v`, `%#v`, or `%+v` fmt verbs with the object are extraneous or provide unhelpful detail. - [ ] __Uses Elem with TypeMap__: While provider schema validation does not error when the `Elem` configuration is not present with `Type: schema.TypeMap` attributes, including the explicit `Elem: &schema.Schema{Type: schema.TypeString}` is recommended. - [ ] __Uses American English for Attribute Naming__: For any ambiguity with attribute naming, prefer American English over British English. e.g. `color` instead of `colour`. - [ ] __Skips Timestamp Attributes__: Generally, creation and modification dates from the API should be omitted from the schema. -- [ ] __Skips Error() Call with AWS Go SDK Error Objects__: Error objects do not need to have `Error()` called. \ No newline at end of file +- [ ] __Skips Error() Call with AWS Go SDK Error Objects__: Error objects do not need to have `Error()` called. diff --git a/website/docs/index.html.markdown b/website/docs/index.html.markdown index 1cc5df3721d..8f5b0b928bd 100644 --- a/website/docs/index.html.markdown +++ b/website/docs/index.html.markdown @@ -225,44 +225,79 @@ for more information about connecting to alternate AWS endpoints or AWS compatib - [`aws_api_gateway_deployment` resource](/docs/providers/aws/r/api_gateway_deployment.html) - [`aws_api_gateway_rest_api` resource](/docs/providers/aws/r/api_gateway_rest_api.html) - [`aws_api_gateway_stage` resource](/docs/providers/aws/r/api_gateway_stage.html) + - [`aws_apigatewayv2_api` resource](/docs/providers/aws/r/apigatewayv2_api.html) + - [`aws_apigatewayv2_stage` resource](/docs/providers/aws/r/apigatewayv2_stage.html) + - [`aws_athena_workgroup` resource](/docs/providers/aws/r/athena_workgroup.html) - [`aws_budgets_budget` resource](/docs/providers/aws/r/budgets_budget.html) - [`aws_cognito_identity_pool` resource](/docs/providers/aws/r/cognito_identity_pool.html) - [`aws_cognito_user_pool` resource](/docs/providers/aws/r/cognito_user_pool.html) - [`aws_cognito_user_pools` data source](/docs/providers/aws/d/cognito_user_pools.html) + - [`aws_dms_event_subscription` resource](/docs/providers/aws/r/dms_event_subscription.html) - [`aws_dms_replication_subnet_group` resource](/docs/providers/aws/r/dms_replication_subnet_group.html) - [`aws_dx_connection` resource](/docs/providers/aws/r/dx_connection.html) - [`aws_dx_hosted_private_virtual_interface_accepter` resource](/docs/providers/aws/r/dx_hosted_private_virtual_interface_accepter.html) - [`aws_dx_hosted_private_virtual_interface` resource](/docs/providers/aws/r/dx_hosted_private_virtual_interface.html) - [`aws_dx_hosted_public_virtual_interface_accepter` resource](/docs/providers/aws/r/dx_hosted_public_virtual_interface_accepter.html) - [`aws_dx_hosted_public_virtual_interface` resource](/docs/providers/aws/r/dx_hosted_public_virtual_interface.html) + - [`aws_dx_hosted_transit_virtual_interface_accepter` resource](/docs/providers/aws/r/dx_hosted_transit_virtual_interface_accepter.html) + - [`aws_dx_hosted_transit_virtual_interface` resource](/docs/providers/aws/r/dx_hosted_transit_virtual_interface.html) - [`aws_dx_lag` resource](/docs/providers/aws/r/dx_lag.html) - [`aws_dx_private_virtual_interface` resource](/docs/providers/aws/r/dx_private_virtual_interface.html) - [`aws_dx_public_virtual_interface` resource](/docs/providers/aws/r/dx_public_virtual_interface.html) + - [`aws_dx_transit_virtual_interface` resource](/docs/providers/aws/r/dx_transit_virtual_interface.html) - [`aws_ebs_volume` data source](/docs/providers/aws/d/ebs_volume.html) + - [`aws_ecs_capacity_provider` resource (import)](/docs/providers/aws/r/ecs_capacity_provider.html) - [`aws_ecs_cluster` resource (import)](/docs/providers/aws/r/ecs_cluster.html) - [`aws_ecs_service` resource (import)](/docs/providers/aws/r/ecs_service.html) + - [`aws_efs_access_point` data source](/docs/providers/aws/d/efs_access_point.html) + - [`aws_efs_access_point` resource](/docs/providers/aws/r/efs_access_point.html) - [`aws_efs_file_system` data source](/docs/providers/aws/d/efs_file_system.html) - [`aws_efs_file_system` resource](/docs/providers/aws/r/efs_file_system.html) - [`aws_efs_mount_target` data source](/docs/providers/aws/d/efs_mount_target.html) - [`aws_efs_mount_target` resource](/docs/providers/aws/r/efs_mount_target.html) - [`aws_elasticache_cluster` data source](/docs/providers/aws/d/elasticache_cluster.html) - [`aws_elasticache_cluster` resource](/docs/providers/aws/r/elasticache_cluster.html) + - [`aws_elb` data source](/docs/providers/aws/d/elb.html) - [`aws_elb` resource](/docs/providers/aws/r/elb.html) + - [`aws_glue_connection` resource](/docs/providers/aws/r/glue_connection.html) - [`aws_glue_crawler` resource](/docs/providers/aws/r/glue_crawler.html) + - [`aws_glue_job` resource](/docs/providers/aws/r/glue_job.html) + - [`aws_glue_trigger` resource](/docs/providers/aws/r/glue_trigger.html) - [`aws_instance` data source](/docs/providers/aws/d/instance.html) - [`aws_instance` resource](/docs/providers/aws/r/instance.html) + - [`aws_launch_template` data source](/docs/providers/aws/d/launch_template.html) - [`aws_launch_template` resource](/docs/providers/aws/r/launch_template.html) - [`aws_redshift_cluster` resource](/docs/providers/aws/r/redshift_cluster.html) + - [`aws_redshift_event_subscription` resource](/docs/providers/aws/r/redshift_event_subscription.html) + - [`aws_redshift_parameter_group` resource](/docs/providers/aws/r/redshift_parameter_group.html) + - [`aws_redshift_snapshot_copy_grant` resource](/docs/providers/aws/r/redshift_snapshot_copy_grant.html) + - [`aws_redshift_snapshot_schedule` resource](/docs/providers/aws/r/redshift_snapshot_schedule.html) - [`aws_redshift_subnet_group` resource](/docs/providers/aws/r/redshift_subnet_group.html) - [`aws_s3_account_public_access_block` resource](/docs/providers/aws/r/s3_account_public_access_block.html) - - [`aws_ses_domain_identity_verification` resource](/docs/providers/aws/r/ses_domain_identity_verification.html) - [`aws_ses_domain_identity` resource](/docs/providers/aws/r/ses_domain_identity.html) + - [`aws_ses_domain_identity_verification` resource](/docs/providers/aws/r/ses_domain_identity_verification.html) + - [`aws_ses_email_identity` resource](/docs/providers/aws/r/ses_email_identity.html) + - [`aws_ssm_document` data source](/docs/providers/aws/d/ssm_document.html) - [`aws_ssm_document` resource](/docs/providers/aws/r/ssm_document.html) + - [`aws_ssm_parameter` data source](/docs/providers/aws/d/ssm_parameter.html) - [`aws_ssm_parameter` resource](/docs/providers/aws/r/ssm_parameter.html) - [`aws_vpc` data source](/docs/providers/aws/d/vpc.html) - [`aws_vpc` resource](/docs/providers/aws/r/vpc.html) + - [`aws_waf_geo_match_set` resource](/docs/providers/aws/r/waf_geo_match_set.html) - [`aws_waf_ipset` resource](/docs/providers/aws/r/waf_ipset.html) + - [`aws_waf_rate_based_rule` resource](/docs/providers/aws/r/waf_rate_based_rule.html) + - [`aws_waf_regex_match_set` resource](/docs/providers/aws/r/waf_regex_match_set.html) + - [`aws_waf_regex_pattern_set` resource](/docs/providers/aws/r/waf_regex_pattern_set.html) - [`aws_wafregional_ipset` resource](/docs/providers/aws/r/wafregional_ipset.html) + - [`aws_wafregional_rate_based_rule` resource](/docs/providers/aws/r/wafregional_rate_based_rule.html) + - [`aws_wafregional_rule` resource](/docs/providers/aws/r/wafregional_rule.html) + - [`aws_wafregional_rule_group` resource](/docs/providers/aws/r/wafregional_rule_group.html) + - [`aws_wafregional_web_acl` resource](/docs/providers/aws/r/wafregional_web_acl.html) + - [`aws_waf_rule` resource](/docs/providers/aws/r/waf_rule.html) + - [`aws_waf_rule_group` resource](/docs/providers/aws/r/waf_rule_group.html) + - [`aws_waf_size_constraint_set` resource](/docs/providers/aws/r/waf_size_constraint_set.html) + - [`aws_waf_web_acl` resource](/docs/providers/aws/r/waf_web_acl.html) + - [`aws_waf_xss_match_set` resource](/docs/providers/aws/r/waf_xss_match_set.html) * `skip_metadata_api_check` - (Optional) Skip the AWS Metadata API check. Useful for AWS API implementations that do not have a metadata From 115435e00484b4681938b7daa50ff952ebc3d9a4 Mon Sep 17 00:00:00 2001 From: appilon Date: Thu, 28 May 2020 11:12:15 -0400 Subject: [PATCH 372/475] service/directoryservice: Fix schema error on `connect_ips` (#13395) * Fix schema error on `connect_ips` Define `connect_ips` attribute in schema to prevent error. Add documentation, would have added test checks but existing tests don't check this `connect_settings` at all. * Reorder attributes * Add acceptance tests --- ..._source_aws_directory_service_directory.go | 6 ++ ...ce_aws_directory_service_directory_test.go | 86 +++++++++++++++++++ ...esource_aws_directory_service_directory.go | 6 ++ ...ce_aws_directory_service_directory_test.go | 1 + .../directory_service_directory.html.markdown | 1 + .../directory_service_directory.html.markdown | 3 + 6 files changed, 103 insertions(+) diff --git a/aws/data_source_aws_directory_service_directory.go b/aws/data_source_aws_directory_service_directory.go index e2892d8785b..f21555ae90a 100644 --- a/aws/data_source_aws_directory_service_directory.go +++ b/aws/data_source_aws_directory_service_directory.go @@ -64,6 +64,12 @@ func dataSourceAwsDirectoryServiceDirectory() *schema.Resource { Computed: true, Elem: &schema.Resource{ Schema: map[string]*schema.Schema{ + "connect_ips": { + Type: schema.TypeSet, + Computed: true, + Elem: &schema.Schema{Type: schema.TypeString}, + Set: schema.HashString, + }, "customer_username": { Type: schema.TypeString, Computed: true, diff --git a/aws/data_source_aws_directory_service_directory_test.go b/aws/data_source_aws_directory_service_directory_test.go index ea441cf319d..768e6c25b1a 100644 --- a/aws/data_source_aws_directory_service_directory_test.go +++ b/aws/data_source_aws_directory_service_directory_test.go @@ -71,6 +71,28 @@ func TestAccDataSourceAwsDirectoryServiceDirectory_MicrosoftAD(t *testing.T) { }) } +func TestAccDataSourceAWSDirectoryServiceDirectory_connector(t *testing.T) { + resourceName := "aws_directory_service_directory.connector" + dataSourceName := "data.aws_directory_service_directory.test-ad-connector" + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { + testAccPreCheck(t) + testAccPreCheckAWSDirectoryService(t) + testAccPreCheckAWSDirectoryServiceSimpleDirectory(t) + }, + Providers: testAccProviders, + Steps: []resource.TestStep{ + { + Config: testAccDataSourceDirectoryServiceDirectoryConfig_connector, + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttrPair(dataSourceName, "connect_settings.0.connect_ips", resourceName, "connect_settings.0.connect_ips"), + ), + }, + }, + }) +} + func testAccDataSourceAwsDirectoryServiceDirectoryConfig_Prerequisites(adType string) string { return fmt.Sprintf(` data "aws_availability_zones" "available" { @@ -160,3 +182,67 @@ data "aws_directory_service_directory" "test-microsoft-ad" { } `, alias) } + +const testAccDataSourceDirectoryServiceDirectoryConfig_connector = ` +data "aws_availability_zones" "available" { + state = "available" + + filter { + name = "opt-in-status" + values = ["opt-in-not-required"] + } +} + +resource "aws_directory_service_directory" "test" { + name = "corp.notexample.com" + password = "SuperSecretPassw0rd" + size = "Small" + + vpc_settings { + vpc_id = "${aws_vpc.main.id}" + subnet_ids = ["${aws_subnet.foo.id}", "${aws_subnet.test.id}"] + } +} + +resource "aws_directory_service_directory" "connector" { + name = "corp.notexample.com" + password = "SuperSecretPassw0rd" + size = "Small" + type = "ADConnector" + + connect_settings { + customer_dns_ips = aws_directory_service_directory.test.dns_ip_addresses + customer_username = "Administrator" + vpc_id = "${aws_vpc.main.id}" + subnet_ids = ["${aws_subnet.foo.id}", "${aws_subnet.test.id}"] + } +} + +resource "aws_vpc" "main" { + cidr_block = "10.0.0.0/16" + tags = { + Name = "terraform-testacc-directory-service-directory-connector" + } +} + +resource "aws_subnet" "foo" { + vpc_id = "${aws_vpc.main.id}" + availability_zone = "${data.aws_availability_zones.available.names[0]}" + cidr_block = "10.0.1.0/24" + tags = { + Name = "tf-acc-directory-service-directory-connector-foo" + } +} +resource "aws_subnet" "test" { + vpc_id = "${aws_vpc.main.id}" + availability_zone = "${data.aws_availability_zones.available.names[1]}" + cidr_block = "10.0.2.0/24" + tags = { + Name = "tf-acc-directory-service-directory-connector-test" + } +} + +data "aws_directory_service_directory" "test-ad-connector" { + directory_id = "${aws_directory_service_directory.connector.id}" +} +` diff --git a/aws/resource_aws_directory_service_directory.go b/aws/resource_aws_directory_service_directory.go index fcd49045671..747a4288dba 100644 --- a/aws/resource_aws_directory_service_directory.go +++ b/aws/resource_aws_directory_service_directory.go @@ -92,6 +92,12 @@ func resourceAwsDirectoryServiceDirectory() *schema.Resource { ForceNew: true, Elem: &schema.Resource{ Schema: map[string]*schema.Schema{ + "connect_ips": { + Type: schema.TypeSet, + Computed: true, + Elem: &schema.Schema{Type: schema.TypeString}, + Set: schema.HashString, + }, "customer_username": { Type: schema.TypeString, Required: true, diff --git a/aws/resource_aws_directory_service_directory_test.go b/aws/resource_aws_directory_service_directory_test.go index 546265ea1b9..ad54eebe556 100644 --- a/aws/resource_aws_directory_service_directory_test.go +++ b/aws/resource_aws_directory_service_directory_test.go @@ -224,6 +224,7 @@ func TestAccAWSDirectoryServiceDirectory_connector(t *testing.T) { Check: resource.ComposeTestCheckFunc( testAccCheckServiceDirectoryExists("aws_directory_service_directory.connector"), resource.TestCheckResourceAttrSet("aws_directory_service_directory.connector", "security_group_id"), + resource.TestCheckResourceAttrSet("aws_directory_service_directory.connector", "connect_settings.0.connect_ips.#"), ), }, { diff --git a/website/docs/d/directory_service_directory.html.markdown b/website/docs/d/directory_service_directory.html.markdown index d9f0173205c..e6dfd12e755 100644 --- a/website/docs/d/directory_service_directory.html.markdown +++ b/website/docs/d/directory_service_directory.html.markdown @@ -45,6 +45,7 @@ data "aws_directory_service_directory" "example" { `connect_settings` (for `ADConnector`) is also exported with the following attributes: + * `connect_ips` - The IP addresses of the AD Connector servers. * `customer_username` - The username corresponding to the password provided. * `customer_dns_ips` - The DNS IP addresses of the domain to connect to. * `subnet_ids` - The identifiers of the subnets for the connector servers (2 subnets in 2 different AZs). diff --git a/website/docs/r/directory_service_directory.html.markdown b/website/docs/r/directory_service_directory.html.markdown index f760741207c..fe46a2d17ed 100644 --- a/website/docs/r/directory_service_directory.html.markdown +++ b/website/docs/r/directory_service_directory.html.markdown @@ -158,6 +158,9 @@ In addition to all arguments above, the following attributes are exported: * `dns_ip_addresses` - A list of IP addresses of the DNS servers for the directory or connector. * `security_group_id` - The ID of the security group created by the directory. +`connect_settings` (for `ADConnector`) is also exported with the following attributes: + + * `connect_ips` - The IP addresses of the AD Connector servers. ## Import From 5f2bf91a2387df97fb1d7729b20e60d8832e5f62 Mon Sep 17 00:00:00 2001 From: appilon Date: Thu, 28 May 2020 11:13:25 -0400 Subject: [PATCH 373/475] Update CHANGELOG.md --- CHANGELOG.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index a5138563967..7c0f4898e85 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,8 @@ ENHANCMENTS: +* data-source/aws_directory_service_directory: `connect_settings` `connect_ips` attribute now set [GH-13395] +* resource/aws_directory_service_directory: `connect_settings` `connect_ips` attribute now set [GH-13395] * resource/aws_iot_topic_rule: Add `step_functions` configuration block [GH-13520] * resource/aws_ses_event_destination: Support resource import [GH-13464] From 91feaae41422d9c296e9387f0cd382d07878a333 Mon Sep 17 00:00:00 2001 From: angie pinilla Date: Thu, 28 May 2020 11:38:00 -0400 Subject: [PATCH 374/475] Update CHANGELOG for #13522 --- CHANGELOG.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 7c0f4898e85..b780c88baa1 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,6 @@ ## 2.64.0 (Unreleased) -ENHANCMENTS: +ENHANCEMENTS: * data-source/aws_directory_service_directory: `connect_settings` `connect_ips` attribute now set [GH-13395] * resource/aws_directory_service_directory: `connect_settings` `connect_ips` attribute now set [GH-13395] @@ -19,7 +19,9 @@ BUG FIXES: * resource/aws_load_balancer_backend_server_policy: `instance_port` now properly set [GH-13418] * resource/aws_load_balancer_listener_policy: `load_balancer_port` now properly set [GH-13418] * resource/aws_opsworks_application: `environment` `secure` now properly set [GH-13435] +* resource/aws_ses_active_receipt_rule_set: Recreate resource when destroyed outside of Terraform [GH-9086] * resource/aws_ses_event_destination: Correctly refresh entire resource state (prevent unexpected differences from version 2.63.0 and properly perform drift detection) [GH-13464] +* resource/aws_ses_receipt_rule: Recreate resource when destroyed outside of Terraform [GH-9086] * resource/aws_sns_topic: Attributes of type `schema.TypeInt` are now correctly set [GH-13437] ## 2.63.0 (May 22, 2020) From cf7b81f9a4896785987dc8f4edc66d4e5430f7fb Mon Sep 17 00:00:00 2001 From: angie pinilla Date: Thu, 28 May 2020 12:03:08 -0400 Subject: [PATCH 375/475] Update CHANGELOG for #13364 --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index b780c88baa1..c124815637a 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -19,6 +19,7 @@ BUG FIXES: * resource/aws_load_balancer_backend_server_policy: `instance_port` now properly set [GH-13418] * resource/aws_load_balancer_listener_policy: `load_balancer_port` now properly set [GH-13418] * resource/aws_opsworks_application: `environment` `secure` now properly set [GH-13435] +* resource/aws_security_group_rule: Correctly set `description` after state refresh when `source_security_group_id` refers to a security group across accounts [GH-13364] * resource/aws_ses_active_receipt_rule_set: Recreate resource when destroyed outside of Terraform [GH-9086] * resource/aws_ses_event_destination: Correctly refresh entire resource state (prevent unexpected differences from version 2.63.0 and properly perform drift detection) [GH-13464] * resource/aws_ses_receipt_rule: Recreate resource when destroyed outside of Terraform [GH-9086] From 70ef9422833acc02078d2a5aec09e39a17828a22 Mon Sep 17 00:00:00 2001 From: Kit Ewbank Date: Thu, 28 May 2020 12:03:20 -0400 Subject: [PATCH 376/475] r/aws_appmesh_route: Correctly handle routes with 0 weights. --- aws/resource_aws_appmesh_route_test.go | 97 ++++++++++++++++++++++++++ aws/structure.go | 4 +- 2 files changed, 99 insertions(+), 2 deletions(-) diff --git a/aws/resource_aws_appmesh_route_test.go b/aws/resource_aws_appmesh_route_test.go index 74addbea822..f4450b1ec83 100644 --- a/aws/resource_aws_appmesh_route_test.go +++ b/aws/resource_aws_appmesh_route_test.go @@ -159,6 +159,29 @@ func testAccAwsAppmeshRoute_httpRoute(t *testing.T) { testAccCheckResourceAttrRegionalARN(resourceName, "arn", "appmesh", fmt.Sprintf("mesh/%s/virtualRouter/%s/route/%s", meshName, vrName, rName)), ), }, + { + Config: testAccAppmeshRouteConfig_httpRouteUpdatedWithZeroWeight(meshName, vrName, vn1Name, vn2Name, rName), + Check: resource.ComposeTestCheckFunc( + testAccCheckAppmeshRouteExists(resourceName, &r), + resource.TestCheckResourceAttr(resourceName, "name", rName), + resource.TestCheckResourceAttr(resourceName, "mesh_name", meshName), + resource.TestCheckResourceAttr(resourceName, "virtual_router_name", vrName), + resource.TestCheckResourceAttr(resourceName, "spec.#", "1"), + resource.TestCheckResourceAttr(resourceName, "spec.0.http_route.#", "1"), + resource.TestCheckResourceAttr(resourceName, "spec.0.http_route.0.action.#", "1"), + resource.TestCheckResourceAttr(resourceName, "spec.0.http_route.0.action.0.weighted_target.#", "2"), + resource.TestCheckResourceAttr(resourceName, "spec.0.http_route.0.match.#", "1"), + resource.TestCheckResourceAttr(resourceName, "spec.0.http_route.0.match.0.header.#", "0"), + resource.TestCheckResourceAttr(resourceName, "spec.0.http_route.0.match.0.method", ""), + resource.TestCheckResourceAttr(resourceName, "spec.0.http_route.0.match.0.prefix", "/path"), + resource.TestCheckResourceAttr(resourceName, "spec.0.http_route.0.match.0.scheme", ""), + resource.TestCheckResourceAttr(resourceName, "spec.0.priority", "0"), + resource.TestCheckResourceAttr(resourceName, "spec.0.tcp_route.#", "0"), + resource.TestCheckResourceAttrSet(resourceName, "created_date"), + resource.TestCheckResourceAttrSet(resourceName, "last_updated_date"), + testAccCheckResourceAttrRegionalARN(resourceName, "arn", "appmesh", fmt.Sprintf("mesh/%s/virtualRouter/%s/route/%s", meshName, vrName, rName)), + ), + }, { ResourceName: resourceName, ImportStateIdFunc: testAccAwsAppmeshRouteImportStateIdFunc(resourceName), @@ -219,6 +242,24 @@ func testAccAwsAppmeshRoute_tcpRoute(t *testing.T) { testAccCheckResourceAttrRegionalARN(resourceName, "arn", "appmesh", fmt.Sprintf("mesh/%s/virtualRouter/%s/route/%s", meshName, vrName, rName)), ), }, + { + Config: testAccAppmeshRouteConfig_tcpRouteUpdatedWithZeroWeight(meshName, vrName, vn1Name, vn2Name, rName), + Check: resource.ComposeTestCheckFunc( + testAccCheckAppmeshRouteExists(resourceName, &r), + resource.TestCheckResourceAttr(resourceName, "name", rName), + resource.TestCheckResourceAttr(resourceName, "mesh_name", meshName), + resource.TestCheckResourceAttr(resourceName, "virtual_router_name", vrName), + resource.TestCheckResourceAttr(resourceName, "spec.#", "1"), + resource.TestCheckResourceAttr(resourceName, "spec.0.http_route.#", "0"), + resource.TestCheckResourceAttr(resourceName, "spec.0.priority", "0"), + resource.TestCheckResourceAttr(resourceName, "spec.0.tcp_route.#", "1"), + resource.TestCheckResourceAttr(resourceName, "spec.0.tcp_route.0.action.#", "1"), + resource.TestCheckResourceAttr(resourceName, "spec.0.tcp_route.0.action.0.weighted_target.#", "2"), + resource.TestCheckResourceAttrSet(resourceName, "created_date"), + resource.TestCheckResourceAttrSet(resourceName, "last_updated_date"), + testAccCheckResourceAttrRegionalARN(resourceName, "arn", "appmesh", fmt.Sprintf("mesh/%s/virtualRouter/%s/route/%s", meshName, vrName, rName)), + ), + }, { ResourceName: resourceName, ImportStateIdFunc: testAccAwsAppmeshRouteImportStateIdFunc(resourceName), @@ -596,6 +637,36 @@ resource "aws_appmesh_route" "test" { `, rName) } +func testAccAppmeshRouteConfig_httpRouteUpdatedWithZeroWeight(meshName, vrName, vn1Name, vn2Name, rName string) string { + return testAccAppmeshRouteConfigBase(meshName, vrName, vn1Name, vn2Name) + fmt.Sprintf(` +resource "aws_appmesh_route" "test" { + name = %[1]q + mesh_name = "${aws_appmesh_mesh.test.id}" + virtual_router_name = "${aws_appmesh_virtual_router.test.name}" + + spec { + http_route { + match { + prefix = "/path" + } + + action { + weighted_target { + virtual_node = "${aws_appmesh_virtual_node.foo.name}" + weight = 99 + } + + weighted_target { + virtual_node = "${aws_appmesh_virtual_node.bar.name}" + weight = 0 + } + } + } + } +} +`, rName) +} + func testAccAppmeshRouteConfig_tcpRoute(meshName, vrName, vn1Name, vn2Name, rName string) string { return testAccAppmeshRouteConfigBase(meshName, vrName, vn1Name, vn2Name) + fmt.Sprintf(` resource "aws_appmesh_route" "test" { @@ -643,6 +714,32 @@ resource "aws_appmesh_route" "test" { `, rName) } +func testAccAppmeshRouteConfig_tcpRouteUpdatedWithZeroWeight(meshName, vrName, vn1Name, vn2Name, rName string) string { + return testAccAppmeshRouteConfigBase(meshName, vrName, vn1Name, vn2Name) + fmt.Sprintf(` +resource "aws_appmesh_route" "test" { + name = %[1]q + mesh_name = "${aws_appmesh_mesh.test.id}" + virtual_router_name = "${aws_appmesh_virtual_router.test.name}" + + spec { + tcp_route { + action { + weighted_target { + virtual_node = "${aws_appmesh_virtual_node.foo.name}" + weight = 99 + } + + weighted_target { + virtual_node = "${aws_appmesh_virtual_node.bar.name}" + weight = 0 + } + } + } + } +} +`, rName) +} + func testAccAppmeshRouteConfigWithTags(meshName, vrName, vn1Name, vn2Name, rName, tagKey1, tagValue1, tagKey2, tagValue2 string) string { return testAccAppmeshRouteConfigBase(meshName, vrName, vn1Name, vn2Name) + fmt.Sprintf(` resource "aws_appmesh_route" "test" { diff --git a/aws/structure.go b/aws/structure.go index e6ea51ff241..4906bb99bfb 100644 --- a/aws/structure.go +++ b/aws/structure.go @@ -5130,7 +5130,7 @@ func expandAppmeshRouteSpec(vSpec []interface{}) *appmesh.RouteSpec { if vVirtualNode, ok := mWeightedTarget["virtual_node"].(string); ok && vVirtualNode != "" { weightedTarget.VirtualNode = aws.String(vVirtualNode) } - if vWeight, ok := mWeightedTarget["weight"].(int); ok && vWeight > 0 { + if vWeight, ok := mWeightedTarget["weight"].(int); ok { weightedTarget.Weight = aws.Int64(int64(vWeight)) } @@ -5234,7 +5234,7 @@ func expandAppmeshRouteSpec(vSpec []interface{}) *appmesh.RouteSpec { if vVirtualNode, ok := mWeightedTarget["virtual_node"].(string); ok && vVirtualNode != "" { weightedTarget.VirtualNode = aws.String(vVirtualNode) } - if vWeight, ok := mWeightedTarget["weight"].(int); ok && vWeight > 0 { + if vWeight, ok := mWeightedTarget["weight"].(int); ok { weightedTarget.Weight = aws.Int64(int64(vWeight)) } From 64fd8eb3628b6bf348c665d50f0eb010a3f38fa5 Mon Sep 17 00:00:00 2001 From: angie pinilla Date: Thu, 28 May 2020 13:10:03 -0400 Subject: [PATCH 377/475] Update CHANGELOG for #13417 --- CHANGELOG.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index c124815637a..410c22c10a0 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -13,6 +13,8 @@ BUG FIXES: * resource/aws_acm_certificate: Update pending DNS validation record creation time from 1 minute to 5 minutes (better support for certificates with high amount of Subject Alternative Names) [GH-12371] * resource/aws_api_gateway_method_settings: `settings` now properly set [GH-13403] * resource/aws_autoscaling_group: Ignore ordering differences for `tags` argument (prevent unexpected differences from version 2.63.0) [GH-13515] +* resource/aws_codebuild_project: Enable drift detection for `environment_variable` argument [GH-6427] +* resource/aws_codebuild_project: Prevent `inconsistent final plan` errors with `source` configuration block [GH-10615] * resource/aws_ecs_task_definition: Ensure `efs_volume_configuration` changes are properly detected [GH-12571] / [GH-12751] * resource/aws_lb_cookie_stickiness_policy: `cookie_expiration_policy` now properly set [GH-13418] * resource/aws_lightsail_instance: `ram_size` now properly set [GH-13430] From 202fc0afdf01ebebe198c2b5d1fdd4ce105476f6 Mon Sep 17 00:00:00 2001 From: Kit Ewbank Date: Thu, 28 May 2020 14:50:16 -0400 Subject: [PATCH 378/475] Changes after review. --- examples/api-gateway-websocket-chat-app/README.md | 5 +---- examples/api-gateway-websocket-chat-app/main.tf | 4 +--- .../terraform.template.tfvars | 4 ---- examples/api-gateway-websocket-chat-app/variables.tf | 11 ++--------- 4 files changed, 4 insertions(+), 20 deletions(-) diff --git a/examples/api-gateway-websocket-chat-app/README.md b/examples/api-gateway-websocket-chat-app/README.md index 74e065f6a3b..d8dda5f1239 100644 --- a/examples/api-gateway-websocket-chat-app/README.md +++ b/examples/api-gateway-websocket-chat-app/README.md @@ -8,10 +8,7 @@ It's based on the [AWS Serverless Application Model](https://docs.aws.amazon.com Either `cp terraform.template.tfvars terraform.tfvars` and modify that new file accordingly or provide variables via CLI: ``` -terraform apply \ - -var="aws_access_key=yourawsaccesskey" \ - -var="aws_secret_key=yourawssecretkey" \ - -var="aws_region=us-east-1" +terraform apply -var="aws_region=us-east-1" ``` The `WebSocketURI` output contains the URL of the API endpoint to be used when following the [instructions](https://github.com/aws-samples/simple-websockets-chat-app#testing-the-chat-api) for testing. diff --git a/examples/api-gateway-websocket-chat-app/main.tf b/examples/api-gateway-websocket-chat-app/main.tf index 963c3257503..e5e566c4468 100644 --- a/examples/api-gateway-websocket-chat-app/main.tf +++ b/examples/api-gateway-websocket-chat-app/main.tf @@ -8,9 +8,7 @@ # provider "aws" { - access_key = "${var.aws_access_key}" - secret_key = "${var.aws_secret_key}" - region = "${var.aws_region}" + region = "${var.aws_region}" } provider "archive" {} diff --git a/examples/api-gateway-websocket-chat-app/terraform.template.tfvars b/examples/api-gateway-websocket-chat-app/terraform.template.tfvars index 286c3091224..bb891daf459 100644 --- a/examples/api-gateway-websocket-chat-app/terraform.template.tfvars +++ b/examples/api-gateway-websocket-chat-app/terraform.template.tfvars @@ -1,5 +1 @@ -aws_access_key = "yourawsaccesskey" - -aws_secret_key = "yourawssecretkey" - aws_region = "us-east-1" diff --git a/examples/api-gateway-websocket-chat-app/variables.tf b/examples/api-gateway-websocket-chat-app/variables.tf index e1143d86d0a..e4f8705a6ac 100644 --- a/examples/api-gateway-websocket-chat-app/variables.tf +++ b/examples/api-gateway-websocket-chat-app/variables.tf @@ -1,11 +1,4 @@ -variable "aws_access_key" { - description = "" -} - -variable "aws_secret_key" { - description = "" -} - variable "aws_region" { - description = "" + description = "AWS region" + default = "us-west-2" } From 0aadb2c6a3e921e7a7ca9e26103a9efd22d16ea2 Mon Sep 17 00:00:00 2001 From: DrFaust92 Date: Fri, 3 Apr 2020 14:58:56 +0300 Subject: [PATCH 379/475] refactor tests + add disappearing test case move vpc to base config from each other config --- ...ce_aws_directory_service_directory_test.go | 465 +++++------------- 1 file changed, 112 insertions(+), 353 deletions(-) diff --git a/aws/resource_aws_directory_service_directory_test.go b/aws/resource_aws_directory_service_directory_test.go index ad54eebe556..909b1ed9bc8 100644 --- a/aws/resource_aws_directory_service_directory_test.go +++ b/aws/resource_aws_directory_service_directory_test.go @@ -72,6 +72,7 @@ func testSweepDirectoryServiceDirectories(region string) error { } func TestAccAWSDirectoryServiceDirectory_basic(t *testing.T) { + var ds directoryservice.DirectoryDescription resourceName := "aws_directory_service_directory.test" resource.ParallelTest(t, resource.TestCase{ @@ -86,8 +87,8 @@ func TestAccAWSDirectoryServiceDirectory_basic(t *testing.T) { { Config: testAccDirectoryServiceDirectoryConfig, Check: resource.ComposeTestCheckFunc( - testAccCheckServiceDirectoryExists("aws_directory_service_directory.test"), - resource.TestCheckResourceAttrSet("aws_directory_service_directory.test", "security_group_id"), + testAccCheckServiceDirectoryExists(resourceName, &ds), + resource.TestCheckResourceAttrSet(resourceName, "security_group_id"), ), }, { @@ -103,6 +104,7 @@ func TestAccAWSDirectoryServiceDirectory_basic(t *testing.T) { } func TestAccAWSDirectoryServiceDirectory_tags(t *testing.T) { + var ds directoryservice.DirectoryDescription resourceName := "aws_directory_service_directory.test" resource.ParallelTest(t, resource.TestCase{ @@ -117,10 +119,10 @@ func TestAccAWSDirectoryServiceDirectory_tags(t *testing.T) { { Config: testAccDirectoryServiceDirectoryTagsConfig, Check: resource.ComposeTestCheckFunc( - testAccCheckServiceDirectoryExists("aws_directory_service_directory.test"), - resource.TestCheckResourceAttr("aws_directory_service_directory.test", "tags.%", "2"), - resource.TestCheckResourceAttr("aws_directory_service_directory.test", "tags.foo", "test"), - resource.TestCheckResourceAttr("aws_directory_service_directory.test", "tags.project", "test"), + testAccCheckServiceDirectoryExists(resourceName, &ds), + resource.TestCheckResourceAttr(resourceName, "tags.%", "2"), + resource.TestCheckResourceAttr(resourceName, "tags.foo", "test"), + resource.TestCheckResourceAttr(resourceName, "tags.project", "test"), ), }, { @@ -134,19 +136,19 @@ func TestAccAWSDirectoryServiceDirectory_tags(t *testing.T) { { Config: testAccDirectoryServiceDirectoryUpdateTagsConfig, Check: resource.ComposeTestCheckFunc( - testAccCheckServiceDirectoryExists("aws_directory_service_directory.test"), - resource.TestCheckResourceAttr("aws_directory_service_directory.test", "tags.%", "3"), - resource.TestCheckResourceAttr("aws_directory_service_directory.test", "tags.foo", "test"), - resource.TestCheckResourceAttr("aws_directory_service_directory.test", "tags.project", "test2"), - resource.TestCheckResourceAttr("aws_directory_service_directory.test", "tags.fizz", "buzz"), + testAccCheckServiceDirectoryExists(resourceName, &ds), + resource.TestCheckResourceAttr(resourceName, "tags.%", "3"), + resource.TestCheckResourceAttr(resourceName, "tags.foo", "test"), + resource.TestCheckResourceAttr(resourceName, "tags.project", "test2"), + resource.TestCheckResourceAttr(resourceName, "tags.fizz", "buzz"), ), }, { Config: testAccDirectoryServiceDirectoryRemoveTagsConfig, Check: resource.ComposeTestCheckFunc( - testAccCheckServiceDirectoryExists("aws_directory_service_directory.test"), - resource.TestCheckResourceAttr("aws_directory_service_directory.test", "tags.%", "1"), - resource.TestCheckResourceAttr("aws_directory_service_directory.test", "tags.foo", "test"), + testAccCheckServiceDirectoryExists(resourceName, &ds), + resource.TestCheckResourceAttr(resourceName, "tags.%", "1"), + resource.TestCheckResourceAttr(resourceName, "tags.foo", "test"), ), }, }, @@ -154,6 +156,7 @@ func TestAccAWSDirectoryServiceDirectory_tags(t *testing.T) { } func TestAccAWSDirectoryServiceDirectory_microsoft(t *testing.T) { + var ds directoryservice.DirectoryDescription resourceName := "aws_directory_service_directory.test" resource.ParallelTest(t, resource.TestCase{ @@ -164,8 +167,8 @@ func TestAccAWSDirectoryServiceDirectory_microsoft(t *testing.T) { { Config: testAccDirectoryServiceDirectoryConfig_microsoft, Check: resource.ComposeTestCheckFunc( - testAccCheckServiceDirectoryExists("aws_directory_service_directory.test"), - resource.TestCheckResourceAttr("aws_directory_service_directory.test", "edition", directoryservice.DirectoryEditionEnterprise), + testAccCheckServiceDirectoryExists(resourceName, &ds), + resource.TestCheckResourceAttr(resourceName, "edition", directoryservice.DirectoryEditionEnterprise), ), }, { @@ -181,6 +184,7 @@ func TestAccAWSDirectoryServiceDirectory_microsoft(t *testing.T) { } func TestAccAWSDirectoryServiceDirectory_microsoftStandard(t *testing.T) { + var ds directoryservice.DirectoryDescription resourceName := "aws_directory_service_directory.test" resource.ParallelTest(t, resource.TestCase{ @@ -191,8 +195,8 @@ func TestAccAWSDirectoryServiceDirectory_microsoftStandard(t *testing.T) { { Config: testAccDirectoryServiceDirectoryConfig_microsoftStandard, Check: resource.ComposeTestCheckFunc( - testAccCheckServiceDirectoryExists("aws_directory_service_directory.test"), - resource.TestCheckResourceAttr("aws_directory_service_directory.test", "edition", directoryservice.DirectoryEditionStandard), + testAccCheckServiceDirectoryExists(resourceName, &ds), + resource.TestCheckResourceAttr(resourceName, "edition", directoryservice.DirectoryEditionStandard), ), }, { @@ -208,6 +212,7 @@ func TestAccAWSDirectoryServiceDirectory_microsoftStandard(t *testing.T) { } func TestAccAWSDirectoryServiceDirectory_connector(t *testing.T) { + var ds directoryservice.DirectoryDescription resourceName := "aws_directory_service_directory.test" resource.ParallelTest(t, resource.TestCase{ @@ -222,8 +227,8 @@ func TestAccAWSDirectoryServiceDirectory_connector(t *testing.T) { { Config: testAccDirectoryServiceDirectoryConfig_connector, Check: resource.ComposeTestCheckFunc( - testAccCheckServiceDirectoryExists("aws_directory_service_directory.connector"), - resource.TestCheckResourceAttrSet("aws_directory_service_directory.connector", "security_group_id"), + testAccCheckServiceDirectoryExists(resourceName, &ds), + resource.TestCheckResourceAttrSet(resourceName, "security_group_id"), resource.TestCheckResourceAttrSet("aws_directory_service_directory.connector", "connect_settings.0.connect_ips.#"), ), }, @@ -240,8 +245,9 @@ func TestAccAWSDirectoryServiceDirectory_connector(t *testing.T) { } func TestAccAWSDirectoryServiceDirectory_withAliasAndSso(t *testing.T) { + var ds directoryservice.DirectoryDescription alias := acctest.RandomWithPrefix("tf-acc-test") - resourceName := "aws_directory_service_directory.test2" + resourceName := "aws_directory_service_directory.test" resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { @@ -255,9 +261,9 @@ func TestAccAWSDirectoryServiceDirectory_withAliasAndSso(t *testing.T) { { Config: testAccDirectoryServiceDirectoryConfig_withAlias(alias), Check: resource.ComposeTestCheckFunc( - testAccCheckServiceDirectoryExists("aws_directory_service_directory.test2"), - testAccCheckServiceDirectoryAlias("aws_directory_service_directory.test2", alias), - testAccCheckServiceDirectorySso("aws_directory_service_directory.test2", false), + testAccCheckServiceDirectoryExists(resourceName, &ds), + testAccCheckServiceDirectoryAlias(resourceName, alias), + testAccCheckServiceDirectorySso(resourceName, false), ), }, { @@ -271,17 +277,17 @@ func TestAccAWSDirectoryServiceDirectory_withAliasAndSso(t *testing.T) { { Config: testAccDirectoryServiceDirectoryConfig_withSso(alias), Check: resource.ComposeTestCheckFunc( - testAccCheckServiceDirectoryExists("aws_directory_service_directory.test2"), - testAccCheckServiceDirectoryAlias("aws_directory_service_directory.test2", alias), - testAccCheckServiceDirectorySso("aws_directory_service_directory.test2", true), + testAccCheckServiceDirectoryExists(resourceName, &ds), + testAccCheckServiceDirectoryAlias(resourceName, alias), + testAccCheckServiceDirectorySso(resourceName, true), ), }, { Config: testAccDirectoryServiceDirectoryConfig_withSso_modified(alias), Check: resource.ComposeTestCheckFunc( - testAccCheckServiceDirectoryExists("aws_directory_service_directory.test2"), - testAccCheckServiceDirectoryAlias("aws_directory_service_directory.test2", alias), - testAccCheckServiceDirectorySso("aws_directory_service_directory.test2", false), + testAccCheckServiceDirectoryExists(resourceName, &ds), + testAccCheckServiceDirectoryAlias(resourceName, alias), + testAccCheckServiceDirectorySso(resourceName, false), ), }, }, @@ -301,7 +307,7 @@ func testAccCheckDirectoryServiceDirectoryDestroy(s *terraform.State) error { } out, err := dsconn.DescribeDirectories(&input) - if isAWSErr(err, "EntityDoesNotExistException", "") { + if isAWSErr(err, directoryservice.ErrCodeEntityDoesNotExistException, "") { continue } @@ -317,7 +323,32 @@ func testAccCheckDirectoryServiceDirectoryDestroy(s *terraform.State) error { return nil } -func testAccCheckServiceDirectoryExists(name string) resource.TestCheckFunc { +func TestAccAWSDirectoryServiceDirectory_disappears(t *testing.T) { + var ds directoryservice.DirectoryDescription + resourceName := "aws_directory_service_directory.test" + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { + testAccPreCheck(t) + testAccPreCheckAWSDirectoryService(t) + testAccPreCheckAWSDirectoryServiceSimpleDirectory(t) + }, + Providers: testAccProviders, + CheckDestroy: testAccCheckDirectoryServiceDirectoryDestroy, + Steps: []resource.TestStep{ + { + Config: testAccDirectoryServiceDirectoryConfig, + Check: resource.ComposeTestCheckFunc( + testAccCheckServiceDirectoryExists(resourceName, &ds), + testAccCheckServiceDirectoryDisappears(&ds), + ), + ExpectNonEmptyPlan: true, + }, + }, + }) +} + +func testAccCheckServiceDirectoryExists(name string, ds *directoryservice.DirectoryDescription) resource.TestCheckFunc { return func(s *terraform.State) error { rs, ok := s.RootModule().Resources[name] if !ok { @@ -346,6 +377,29 @@ func testAccCheckServiceDirectoryExists(name string) resource.TestCheckFunc { *out.DirectoryDescriptions[0].DirectoryId, rs.Primary.ID) } + *ds = *out.DirectoryDescriptions[0] + + return nil + } +} + +func testAccCheckServiceDirectoryDisappears(ds *directoryservice.DirectoryDescription) resource.TestCheckFunc { + return func(s *terraform.State) error { + dsconn := testAccProvider.Meta().(*AWSClient).dsconn + _, err := dsconn.DeleteDirectory(&directoryservice.DeleteDirectoryInput{ + DirectoryId: ds.DirectoryId, + }) + if err != nil { + return err + } + + dsId := aws.StringValue(ds.DirectoryId) + log.Printf("[DEBUG] Waiting for Directory Service Directory (%q) to be deleted", dsId) + err = waitForDirectoryServiceDirectoryDeletion(dsconn, dsId) + if err != nil { + return fmt.Errorf("error waiting for Directory Service (%s) to be deleted: %s", dsId, err) + } + return nil } } @@ -447,7 +501,7 @@ func testAccPreCheckAWSDirectoryServiceSimpleDirectory(t *testing.T) { } } -const testAccDirectoryServiceDirectoryConfig = ` +const testAccDirectoryServiceDirectoryConfigBase = ` data "aws_availability_zones" "available" { state = "available" @@ -457,21 +511,10 @@ data "aws_availability_zones" "available" { } } -resource "aws_directory_service_directory" "test" { - name = "corp.notexample.com" - password = "SuperSecretPassw0rd" - size = "Small" - - vpc_settings { - vpc_id = "${aws_vpc.main.id}" - subnet_ids = ["${aws_subnet.foo.id}", "${aws_subnet.test.id}"] - } -} - resource "aws_vpc" "main" { cidr_block = "10.0.0.0/16" tags = { - Name = "terraform-testacc-directory-service-directory" + Name = "terraform-testacc-directory-service-directory-tags" } } @@ -493,16 +536,20 @@ resource "aws_subnet" "test" { } ` -const testAccDirectoryServiceDirectoryTagsConfig = ` -data "aws_availability_zones" "available" { - state = "available" +const testAccDirectoryServiceDirectoryConfig = testAccDirectoryServiceDirectoryConfigBase + ` +resource "aws_directory_service_directory" "test" { + name = "corp.notexample.com" + password = "SuperSecretPassw0rd" + size = "Small" - filter { - name = "opt-in-status" - values = ["opt-in-not-required"] + vpc_settings { + vpc_id = "${aws_vpc.main.id}" + subnet_ids = ["${aws_subnet.foo.id}", "${aws_subnet.test.id}"] } } +` +const testAccDirectoryServiceDirectoryTagsConfig = testAccDirectoryServiceDirectoryConfigBase + ` resource "aws_directory_service_directory" "test" { name = "corp.notexample.com" password = "SuperSecretPassw0rd" @@ -518,42 +565,9 @@ resource "aws_directory_service_directory" "test" { project = "test" } } - -resource "aws_vpc" "main" { - cidr_block = "10.0.0.0/16" - tags = { - Name = "terraform-testacc-directory-service-directory-tags" - } -} - -resource "aws_subnet" "foo" { - vpc_id = "${aws_vpc.main.id}" - availability_zone = "${data.aws_availability_zones.available.names[0]}" - cidr_block = "10.0.1.0/24" - tags = { - Name = "tf-acc-directory-service-directory-tags-foo" - } -} -resource "aws_subnet" "test" { - vpc_id = "${aws_vpc.main.id}" - availability_zone = "${data.aws_availability_zones.available.names[1]}" - cidr_block = "10.0.2.0/24" - tags = { - Name = "tf-acc-directory-service-directory-tags-test" - } -} ` -const testAccDirectoryServiceDirectoryUpdateTagsConfig = ` -data "aws_availability_zones" "available" { - state = "available" - - filter { - name = "opt-in-status" - values = ["opt-in-not-required"] - } -} - +const testAccDirectoryServiceDirectoryUpdateTagsConfig = testAccDirectoryServiceDirectoryConfigBase + ` resource "aws_directory_service_directory" "test" { name = "corp.notexample.com" password = "SuperSecretPassw0rd" @@ -570,42 +584,9 @@ resource "aws_directory_service_directory" "test" { fizz = "buzz" } } - -resource "aws_vpc" "main" { - cidr_block = "10.0.0.0/16" - tags = { - Name = "terraform-testacc-directory-service-directory-tags" - } -} - -resource "aws_subnet" "foo" { - vpc_id = "${aws_vpc.main.id}" - availability_zone = "${data.aws_availability_zones.available.names[0]}" - cidr_block = "10.0.1.0/24" - tags = { - Name = "tf-acc-directory-service-directory-tags-foo" - } -} -resource "aws_subnet" "test" { - vpc_id = "${aws_vpc.main.id}" - availability_zone = "${data.aws_availability_zones.available.names[1]}" - cidr_block = "10.0.2.0/24" - tags = { - Name = "tf-acc-directory-service-directory-tags-test" - } -} ` -const testAccDirectoryServiceDirectoryRemoveTagsConfig = ` -data "aws_availability_zones" "available" { - state = "available" - - filter { - name = "opt-in-status" - values = ["opt-in-not-required"] - } -} - +const testAccDirectoryServiceDirectoryRemoveTagsConfig = testAccDirectoryServiceDirectoryConfigBase + ` resource "aws_directory_service_directory" "test" { name = "corp.notexample.com" password = "SuperSecretPassw0rd" @@ -620,43 +601,10 @@ resource "aws_directory_service_directory" "test" { foo = "test" } } - -resource "aws_vpc" "main" { - cidr_block = "10.0.0.0/16" - tags = { - Name = "terraform-testacc-directory-service-directory-tags" - } -} - -resource "aws_subnet" "foo" { - vpc_id = "${aws_vpc.main.id}" - availability_zone = "${data.aws_availability_zones.available.names[0]}" - cidr_block = "10.0.1.0/24" - tags = { - Name = "tf-acc-directory-service-directory-tags-foo" - } -} -resource "aws_subnet" "test" { - vpc_id = "${aws_vpc.main.id}" - availability_zone = "${data.aws_availability_zones.available.names[1]}" - cidr_block = "10.0.2.0/24" - tags = { - Name = "tf-acc-directory-service-directory-tags-test" - } -} ` -const testAccDirectoryServiceDirectoryConfig_connector = ` -data "aws_availability_zones" "available" { - state = "available" - - filter { - name = "opt-in-status" - values = ["opt-in-not-required"] - } -} - -resource "aws_directory_service_directory" "test" { +const testAccDirectoryServiceDirectoryConfig_connector = testAccDirectoryServiceDirectoryConfigBase + ` +resource "aws_directory_service_directory" "base" { name = "corp.notexample.com" password = "SuperSecretPassw0rd" size = "Small" @@ -667,55 +615,22 @@ resource "aws_directory_service_directory" "test" { } } -resource "aws_directory_service_directory" "connector" { +resource "aws_directory_service_directory" "test" { name = "corp.notexample.com" password = "SuperSecretPassw0rd" size = "Small" type = "ADConnector" connect_settings { - customer_dns_ips = aws_directory_service_directory.test.dns_ip_addresses + customer_dns_ips = aws_directory_service_directory.base.dns_ip_addresses customer_username = "Administrator" vpc_id = "${aws_vpc.main.id}" subnet_ids = ["${aws_subnet.foo.id}", "${aws_subnet.test.id}"] } } - -resource "aws_vpc" "main" { - cidr_block = "10.0.0.0/16" - tags = { - Name = "terraform-testacc-directory-service-directory-connector" - } -} - -resource "aws_subnet" "foo" { - vpc_id = "${aws_vpc.main.id}" - availability_zone = "${data.aws_availability_zones.available.names[0]}" - cidr_block = "10.0.1.0/24" - tags = { - Name = "tf-acc-directory-service-directory-connector-foo" - } -} -resource "aws_subnet" "test" { - vpc_id = "${aws_vpc.main.id}" - availability_zone = "${data.aws_availability_zones.available.names[1]}" - cidr_block = "10.0.2.0/24" - tags = { - Name = "tf-acc-directory-service-directory-connector-test" - } -} ` -const testAccDirectoryServiceDirectoryConfig_microsoft = ` -data "aws_availability_zones" "available" { - state = "available" - - filter { - name = "opt-in-status" - values = ["opt-in-not-required"] - } -} - +const testAccDirectoryServiceDirectoryConfig_microsoft = testAccDirectoryServiceDirectoryConfigBase + ` resource "aws_directory_service_directory" "test" { name = "corp.notexample.com" password = "SuperSecretPassw0rd" @@ -726,42 +641,9 @@ resource "aws_directory_service_directory" "test" { subnet_ids = ["${aws_subnet.foo.id}", "${aws_subnet.test.id}"] } } - -resource "aws_vpc" "main" { - cidr_block = "10.0.0.0/16" - tags = { - Name = "terraform-testacc-directory-service-directory-microsoft" - } -} - -resource "aws_subnet" "foo" { - vpc_id = "${aws_vpc.main.id}" - availability_zone = "${data.aws_availability_zones.available.names[0]}" - cidr_block = "10.0.1.0/24" - tags = { - Name = "tf-acc-directory-service-directory-microsoft-foo" - } -} -resource "aws_subnet" "test" { - vpc_id = "${aws_vpc.main.id}" - availability_zone = "${data.aws_availability_zones.available.names[1]}" - cidr_block = "10.0.2.0/24" - tags = { - Name = "tf-acc-directory-service-directory-microsoft-test" - } -} ` -const testAccDirectoryServiceDirectoryConfig_microsoftStandard = ` -data "aws_availability_zones" "available" { - state = "available" - - filter { - name = "opt-in-status" - values = ["opt-in-not-required"] - } -} - +const testAccDirectoryServiceDirectoryConfig_microsoftStandard = testAccDirectoryServiceDirectoryConfigBase + ` resource "aws_directory_service_directory" "test" { name = "corp.notexample.com" password = "SuperSecretPassw0rd" @@ -773,44 +655,11 @@ resource "aws_directory_service_directory" "test" { subnet_ids = ["${aws_subnet.foo.id}", "${aws_subnet.test.id}"] } } - -resource "aws_vpc" "main" { - cidr_block = "10.0.0.0/16" - tags = { - Name = "terraform-testacc-directory-service-directory-microsoft" - } -} - -resource "aws_subnet" "foo" { - vpc_id = "${aws_vpc.main.id}" - availability_zone = "${data.aws_availability_zones.available.names[0]}" - cidr_block = "10.0.1.0/24" - tags = { - Name = "tf-acc-directory-service-directory-microsoft-foo" - } -} -resource "aws_subnet" "test" { - vpc_id = "${aws_vpc.main.id}" - availability_zone = "${data.aws_availability_zones.available.names[1]}" - cidr_block = "10.0.2.0/24" - tags = { - Name = "tf-acc-directory-service-directory-microsoft-test" - } -} ` func testAccDirectoryServiceDirectoryConfig_withAlias(alias string) string { - return fmt.Sprintf(` -data "aws_availability_zones" "available" { - state = "available" - - filter { - name = "opt-in-status" - values = ["opt-in-not-required"] - } -} - -resource "aws_directory_service_directory" "test2" { + return testAccDirectoryServiceDirectoryConfigBase + fmt.Sprintf(` +resource "aws_directory_service_directory" "test" { name = "corp.notexample.com" password = "SuperSecretPassw0rd" size = "Small" @@ -821,45 +670,12 @@ resource "aws_directory_service_directory" "test2" { subnet_ids = ["${aws_subnet.foo.id}", "${aws_subnet.test.id}"] } } - -resource "aws_vpc" "main" { - cidr_block = "10.0.0.0/16" - tags = { - Name = "terraform-testacc-directory-service-directory-with-alias" - } -} - -resource "aws_subnet" "foo" { - vpc_id = "${aws_vpc.main.id}" - availability_zone = "${data.aws_availability_zones.available.names[0]}" - cidr_block = "10.0.1.0/24" - tags = { - Name = "tf-acc-directory-service-directory-with-alias-foo" - } -} -resource "aws_subnet" "test" { - vpc_id = "${aws_vpc.main.id}" - availability_zone = "${data.aws_availability_zones.available.names[1]}" - cidr_block = "10.0.2.0/24" - tags = { - Name = "tf-acc-directory-service-directory-with-alias-test" - } -} `, alias) } func testAccDirectoryServiceDirectoryConfig_withSso(alias string) string { - return fmt.Sprintf(` -data "aws_availability_zones" "available" { - state = "available" - - filter { - name = "opt-in-status" - values = ["opt-in-not-required"] - } -} - -resource "aws_directory_service_directory" "test2" { + return testAccDirectoryServiceDirectoryConfigBase + fmt.Sprintf(` +resource "aws_directory_service_directory" "test" { name = "corp.notexample.com" password = "SuperSecretPassw0rd" size = "Small" @@ -871,45 +687,12 @@ resource "aws_directory_service_directory" "test2" { subnet_ids = ["${aws_subnet.foo.id}", "${aws_subnet.test.id}"] } } - -resource "aws_vpc" "main" { - cidr_block = "10.0.0.0/16" - tags = { - Name = "terraform-testacc-directory-service-directory-with-sso" - } -} - -resource "aws_subnet" "foo" { - vpc_id = "${aws_vpc.main.id}" - availability_zone = "${data.aws_availability_zones.available.names[0]}" - cidr_block = "10.0.1.0/24" - tags = { - Name = "tf-acc-directory-service-directory-with-sso-foo" - } -} -resource "aws_subnet" "test" { - vpc_id = "${aws_vpc.main.id}" - availability_zone = "${data.aws_availability_zones.available.names[1]}" - cidr_block = "10.0.2.0/24" - tags = { - Name = "tf-acc-directory-service-directory-with-sso-test" - } -} `, alias) } func testAccDirectoryServiceDirectoryConfig_withSso_modified(alias string) string { - return fmt.Sprintf(` -data "aws_availability_zones" "available" { - state = "available" - - filter { - name = "opt-in-status" - values = ["opt-in-not-required"] - } -} - -resource "aws_directory_service_directory" "test2" { + return testAccDirectoryServiceDirectoryConfigBase + fmt.Sprintf(` +resource "aws_directory_service_directory" "test" { name = "corp.notexample.com" password = "SuperSecretPassw0rd" size = "Small" @@ -921,29 +704,5 @@ resource "aws_directory_service_directory" "test2" { subnet_ids = ["${aws_subnet.foo.id}", "${aws_subnet.test.id}"] } } - -resource "aws_vpc" "main" { - cidr_block = "10.0.0.0/16" - tags = { - Name = "terraform-testacc-directory-service-directory-with-sso-modified" - } -} - -resource "aws_subnet" "foo" { - vpc_id = "${aws_vpc.main.id}" - availability_zone = "${data.aws_availability_zones.available.names[0]}" - cidr_block = "10.0.1.0/24" - tags = { - Name = "tf-acc-directory-service-directory-with-sso-foo" - } -} -resource "aws_subnet" "test" { - vpc_id = "${aws_vpc.main.id}" - availability_zone = "${data.aws_availability_zones.available.names[1]}" - cidr_block = "10.0.2.0/24" - tags = { - Name = "tf-acc-directory-service-directory-with-sso-test" - } -} `, alias) } From 68eaefe870e20b26d4686dbea67821c7435d3b0c Mon Sep 17 00:00:00 2001 From: DrFaust92 Date: Fri, 3 Apr 2020 15:00:04 +0300 Subject: [PATCH 380/475] refactor --- aws/structure.go | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/aws/structure.go b/aws/structure.go index e6ea51ff241..c795865fa83 100644 --- a/aws/structure.go +++ b/aws/structure.go @@ -1620,8 +1620,8 @@ func flattenDSVpcSettings( return nil } - settings["subnet_ids"] = schema.NewSet(schema.HashString, flattenStringList(s.SubnetIds)) - settings["vpc_id"] = *s.VpcId + settings["subnet_ids"] = flattenStringSet(s.SubnetIds) + settings["vpc_id"] = aws.StringValue(s.VpcId) return []map[string]interface{}{settings} } @@ -1736,11 +1736,11 @@ func flattenDSConnectSettings( settings := make(map[string]interface{}) - settings["customer_dns_ips"] = schema.NewSet(schema.HashString, flattenStringList(customerDnsIps)) - settings["connect_ips"] = schema.NewSet(schema.HashString, flattenStringList(s.ConnectIps)) - settings["customer_username"] = *s.CustomerUserName - settings["subnet_ids"] = schema.NewSet(schema.HashString, flattenStringList(s.SubnetIds)) - settings["vpc_id"] = *s.VpcId + settings["customer_dns_ips"] = flattenStringSet(customerDnsIps) + settings["connect_ips"] = flattenStringSet(s.ConnectIps) + settings["customer_username"] = aws.StringValue(s.CustomerUserName) + settings["subnet_ids"] = flattenStringSet(s.SubnetIds) + settings["vpc_id"] = aws.StringValue(s.VpcId) return []map[string]interface{}{settings} } From 2f21e52fa2eb334f3925da0cfe22519d192b0180 Mon Sep 17 00:00:00 2001 From: DrFaust92 Date: Fri, 3 Apr 2020 15:01:57 +0300 Subject: [PATCH 381/475] add plan time validation to `customer_dns_ips` and `dns_ip_addresses` add support for SharedMSAD type refactor to use flattenStringSet --- ...esource_aws_directory_service_directory.go | 30 ++++++++++++++----- 1 file changed, 22 insertions(+), 8 deletions(-) diff --git a/aws/resource_aws_directory_service_directory.go b/aws/resource_aws_directory_service_directory.go index 747a4288dba..4fdcb5311fc 100644 --- a/aws/resource_aws_directory_service_directory.go +++ b/aws/resource_aws_directory_service_directory.go @@ -107,8 +107,11 @@ func resourceAwsDirectoryServiceDirectory() *schema.Resource { Type: schema.TypeSet, Required: true, ForceNew: true, - Elem: &schema.Schema{Type: schema.TypeString}, - Set: schema.HashString, + Elem: &schema.Schema{ + Type: schema.TypeString, + ValidateFunc: validation.SingleIP(), + }, + Set: schema.HashString, }, "subnet_ids": { Type: schema.TypeSet, @@ -135,8 +138,11 @@ func resourceAwsDirectoryServiceDirectory() *schema.Resource { Computed: true, }, "dns_ip_addresses": { - Type: schema.TypeSet, - Elem: &schema.Schema{Type: schema.TypeString}, + Type: schema.TypeSet, + Elem: &schema.Schema{ + Type: schema.TypeString, + ValidateFunc: validation.SingleIP(), + }, Set: schema.HashString, Computed: true, }, @@ -153,6 +159,7 @@ func resourceAwsDirectoryServiceDirectory() *schema.Resource { directoryservice.DirectoryTypeAdconnector, directoryservice.DirectoryTypeMicrosoftAd, directoryservice.DirectoryTypeSimpleAd, + directoryservice.DirectoryTypeSharedMicrosoftAd, }, false), }, "edition": { @@ -463,17 +470,24 @@ func resourceAwsDirectoryServiceDirectoryRead(d *schema.ResourceData, meta inter d.Set("description", dir.Description) if *dir.Type == directoryservice.DirectoryTypeAdconnector { - d.Set("dns_ip_addresses", schema.NewSet(schema.HashString, flattenStringList(dir.ConnectSettings.ConnectIps))) + d.Set("dns_ip_addresses", flattenStringSet(dir.ConnectSettings.ConnectIps)) } else { - d.Set("dns_ip_addresses", schema.NewSet(schema.HashString, flattenStringList(dir.DnsIpAddrs))) + d.Set("dns_ip_addresses", flattenStringSet(dir.DnsIpAddrs)) } d.Set("name", dir.Name) d.Set("short_name", dir.ShortName) d.Set("size", dir.Size) d.Set("edition", dir.Edition) d.Set("type", dir.Type) - d.Set("vpc_settings", flattenDSVpcSettings(dir.VpcSettings)) - d.Set("connect_settings", flattenDSConnectSettings(dir.DnsIpAddrs, dir.ConnectSettings)) + + if err := d.Set("vpc_settings", flattenDSVpcSettings(dir.VpcSettings)); err != nil { + return fmt.Errorf("error setting VPC settings: %s", err) + } + + if err := d.Set("connect_settings", flattenDSConnectSettings(dir.DnsIpAddrs, dir.ConnectSettings)); err != nil { + return fmt.Errorf("error setting connect settings: %s", err) + } + d.Set("enable_sso", dir.SsoEnabled) if aws.StringValue(dir.Type) == directoryservice.DirectoryTypeAdconnector { From 865784050bc1285ca3b11c98f7c66f07e57611a3 Mon Sep 17 00:00:00 2001 From: DrFaust92 Date: Fri, 3 Apr 2020 17:35:47 +0300 Subject: [PATCH 382/475] add missing `connect_ips` attribute add `security_group_id` and `security_group_id` attributes --- aws/resource_aws_directory_service_directory.go | 14 ++++++++++++++ aws/structure.go | 2 ++ 2 files changed, 16 insertions(+) diff --git a/aws/resource_aws_directory_service_directory.go b/aws/resource_aws_directory_service_directory.go index 4fdcb5311fc..916af0a0d4c 100644 --- a/aws/resource_aws_directory_service_directory.go +++ b/aws/resource_aws_directory_service_directory.go @@ -125,6 +125,20 @@ func resourceAwsDirectoryServiceDirectory() *schema.Resource { Required: true, ForceNew: true, }, + "security_group_id": { + Type: schema.TypeString, + Computed: true, + }, + "connect_ips": { + Type: schema.TypeSet, + Computed: true, + Elem: &schema.Schema{Type: schema.TypeString}, + }, + "availability_zones": { + Type: schema.TypeSet, + Computed: true, + Elem: &schema.Schema{Type: schema.TypeString}, + }, }, }, }, diff --git a/aws/structure.go b/aws/structure.go index c795865fa83..91c74905be7 100644 --- a/aws/structure.go +++ b/aws/structure.go @@ -1741,6 +1741,8 @@ func flattenDSConnectSettings( settings["customer_username"] = aws.StringValue(s.CustomerUserName) settings["subnet_ids"] = flattenStringSet(s.SubnetIds) settings["vpc_id"] = aws.StringValue(s.VpcId) + settings["security_group_id"] = aws.StringValue(s.SecurityGroupId) + settings["availability_zones"] = flattenStringSet(s.AvailabilityZones) return []map[string]interface{}{settings} } From fa3b6de8291d6f3b8c1d808cfb35e1c1c27201e2 Mon Sep 17 00:00:00 2001 From: DrFaust92 Date: Fri, 3 Apr 2020 17:39:43 +0300 Subject: [PATCH 383/475] add `security_group_id` and `availability_zones` attributes to vpc_settings --- aws/resource_aws_directory_service_directory.go | 9 +++++++++ aws/structure.go | 2 ++ 2 files changed, 11 insertions(+) diff --git a/aws/resource_aws_directory_service_directory.go b/aws/resource_aws_directory_service_directory.go index 916af0a0d4c..816253fd2bc 100644 --- a/aws/resource_aws_directory_service_directory.go +++ b/aws/resource_aws_directory_service_directory.go @@ -82,6 +82,15 @@ func resourceAwsDirectoryServiceDirectory() *schema.Resource { Required: true, ForceNew: true, }, + "security_group_id": { + Type: schema.TypeString, + Computed: true, + }, + "availability_zones": { + Type: schema.TypeSet, + Computed: true, + Elem: &schema.Schema{Type: schema.TypeString}, + }, }, }, }, diff --git a/aws/structure.go b/aws/structure.go index 91c74905be7..d76a9af31b4 100644 --- a/aws/structure.go +++ b/aws/structure.go @@ -1622,6 +1622,8 @@ func flattenDSVpcSettings( settings["subnet_ids"] = flattenStringSet(s.SubnetIds) settings["vpc_id"] = aws.StringValue(s.VpcId) + settings["security_group_id"] = aws.StringValue(s.SecurityGroupId) + settings["availability_zones"] = flattenStringSet(s.AvailabilityZones) return []map[string]interface{}{settings} } From 5c39050037f22c0fce5d827afc94328a0d4ba74f Mon Sep 17 00:00:00 2001 From: DrFaust92 Date: Fri, 3 Apr 2020 17:46:14 +0300 Subject: [PATCH 384/475] remove computed field validation --- aws/resource_aws_directory_service_directory.go | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/aws/resource_aws_directory_service_directory.go b/aws/resource_aws_directory_service_directory.go index 816253fd2bc..b15d678c36f 100644 --- a/aws/resource_aws_directory_service_directory.go +++ b/aws/resource_aws_directory_service_directory.go @@ -161,11 +161,8 @@ func resourceAwsDirectoryServiceDirectory() *schema.Resource { Computed: true, }, "dns_ip_addresses": { - Type: schema.TypeSet, - Elem: &schema.Schema{ - Type: schema.TypeString, - ValidateFunc: validation.SingleIP(), - }, + Type: schema.TypeSet, + Elem: &schema.Schema{Type: schema.TypeString}, Set: schema.HashString, Computed: true, }, From b70a968fdf6682acde96e658e97d68b50ffc2b7f Mon Sep 17 00:00:00 2001 From: DrFaust92 Date: Fri, 3 Apr 2020 17:51:48 +0300 Subject: [PATCH 385/475] formatting --- ...ce_aws_directory_service_directory_test.go | 24 +++++++++---------- 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/aws/resource_aws_directory_service_directory_test.go b/aws/resource_aws_directory_service_directory_test.go index 909b1ed9bc8..c285b873c3b 100644 --- a/aws/resource_aws_directory_service_directory_test.go +++ b/aws/resource_aws_directory_service_directory_test.go @@ -560,10 +560,10 @@ resource "aws_directory_service_directory" "test" { subnet_ids = ["${aws_subnet.foo.id}", "${aws_subnet.test.id}"] } - tags = { - foo = "test" - project = "test" - } + tags = { + foo = "test" + project = "test" + } } ` @@ -578,11 +578,11 @@ resource "aws_directory_service_directory" "test" { subnet_ids = ["${aws_subnet.foo.id}", "${aws_subnet.test.id}"] } - tags = { - foo = "test" - project = "test2" - fizz = "buzz" - } + tags = { + foo = "test" + project = "test2" + fizz = "buzz" + } } ` @@ -597,9 +597,9 @@ resource "aws_directory_service_directory" "test" { subnet_ids = ["${aws_subnet.foo.id}", "${aws_subnet.test.id}"] } - tags = { - foo = "test" - } + tags = { + foo = "test" + } } ` From 663daefc0c64c621e131c863101166e3cf21e38b Mon Sep 17 00:00:00 2001 From: DrFaust92 Date: Fri, 3 Apr 2020 17:54:28 +0300 Subject: [PATCH 386/475] refactor test resource names --- ...ce_aws_directory_service_directory_test.go | 54 +++++++++---------- 1 file changed, 27 insertions(+), 27 deletions(-) diff --git a/aws/resource_aws_directory_service_directory_test.go b/aws/resource_aws_directory_service_directory_test.go index c285b873c3b..45a975c7630 100644 --- a/aws/resource_aws_directory_service_directory_test.go +++ b/aws/resource_aws_directory_service_directory_test.go @@ -511,23 +511,23 @@ data "aws_availability_zones" "available" { } } -resource "aws_vpc" "main" { +resource "aws_vpc" "test" { cidr_block = "10.0.0.0/16" tags = { Name = "terraform-testacc-directory-service-directory-tags" } } -resource "aws_subnet" "foo" { - vpc_id = "${aws_vpc.main.id}" +resource "aws_subnet" "test1" { + vpc_id = "${aws_vpc.test.id}" availability_zone = "${data.aws_availability_zones.available.names[0]}" cidr_block = "10.0.1.0/24" tags = { Name = "tf-acc-directory-service-directory-foo" } } -resource "aws_subnet" "test" { - vpc_id = "${aws_vpc.main.id}" +resource "aws_subnet" "test2" { + vpc_id = "${aws_vpc.test.id}" availability_zone = "${data.aws_availability_zones.available.names[1]}" cidr_block = "10.0.2.0/24" tags = { @@ -543,8 +543,8 @@ resource "aws_directory_service_directory" "test" { size = "Small" vpc_settings { - vpc_id = "${aws_vpc.main.id}" - subnet_ids = ["${aws_subnet.foo.id}", "${aws_subnet.test.id}"] + vpc_id = "${aws_vpc.test.id}" + subnet_ids = ["${aws_subnet.test1.id}", "${aws_subnet.test2.id}"] } } ` @@ -556,8 +556,8 @@ resource "aws_directory_service_directory" "test" { size = "Small" vpc_settings { - vpc_id = "${aws_vpc.main.id}" - subnet_ids = ["${aws_subnet.foo.id}", "${aws_subnet.test.id}"] + vpc_id = "${aws_vpc.test.id}" + subnet_ids = ["${aws_subnet.test1.id}", "${aws_subnet.test2.id}"] } tags = { @@ -574,8 +574,8 @@ resource "aws_directory_service_directory" "test" { size = "Small" vpc_settings { - vpc_id = "${aws_vpc.main.id}" - subnet_ids = ["${aws_subnet.foo.id}", "${aws_subnet.test.id}"] + vpc_id = "${aws_vpc.test.id}" + subnet_ids = ["${aws_subnet.test1.id}", "${aws_subnet.test2.id}"] } tags = { @@ -593,8 +593,8 @@ resource "aws_directory_service_directory" "test" { size = "Small" vpc_settings { - vpc_id = "${aws_vpc.main.id}" - subnet_ids = ["${aws_subnet.foo.id}", "${aws_subnet.test.id}"] + vpc_id = "${aws_vpc.test.id}" + subnet_ids = ["${aws_subnet.test1.id}", "${aws_subnet.test2.id}"] } tags = { @@ -610,8 +610,8 @@ resource "aws_directory_service_directory" "base" { size = "Small" vpc_settings { - vpc_id = "${aws_vpc.main.id}" - subnet_ids = ["${aws_subnet.foo.id}", "${aws_subnet.test.id}"] + vpc_id = "${aws_vpc.test.id}" + subnet_ids = ["${aws_subnet.test1.id}", "${aws_subnet.test2.id}"] } } @@ -624,8 +624,8 @@ resource "aws_directory_service_directory" "test" { connect_settings { customer_dns_ips = aws_directory_service_directory.base.dns_ip_addresses customer_username = "Administrator" - vpc_id = "${aws_vpc.main.id}" - subnet_ids = ["${aws_subnet.foo.id}", "${aws_subnet.test.id}"] + vpc_id = "${aws_vpc.test.id}" + subnet_ids = ["${aws_subnet.test1.id}", "${aws_subnet.test2.id}"] } } ` @@ -637,8 +637,8 @@ resource "aws_directory_service_directory" "test" { type = "MicrosoftAD" vpc_settings { - vpc_id = "${aws_vpc.main.id}" - subnet_ids = ["${aws_subnet.foo.id}", "${aws_subnet.test.id}"] + vpc_id = "${aws_vpc.test.id}" + subnet_ids = ["${aws_subnet.test1.id}", "${aws_subnet.test2.id}"] } } ` @@ -651,8 +651,8 @@ resource "aws_directory_service_directory" "test" { edition = "Standard" vpc_settings { - vpc_id = "${aws_vpc.main.id}" - subnet_ids = ["${aws_subnet.foo.id}", "${aws_subnet.test.id}"] + vpc_id = "${aws_vpc.test.id}" + subnet_ids = ["${aws_subnet.test1.id}", "${aws_subnet.test2.id}"] } } ` @@ -666,8 +666,8 @@ resource "aws_directory_service_directory" "test" { alias = %[1]q vpc_settings { - vpc_id = "${aws_vpc.main.id}" - subnet_ids = ["${aws_subnet.foo.id}", "${aws_subnet.test.id}"] + vpc_id = "${aws_vpc.test.id}" + subnet_ids = ["${aws_subnet.test1.id}", "${aws_subnet.test2.id}"] } } `, alias) @@ -683,8 +683,8 @@ resource "aws_directory_service_directory" "test" { enable_sso = true vpc_settings { - vpc_id = "${aws_vpc.main.id}" - subnet_ids = ["${aws_subnet.foo.id}", "${aws_subnet.test.id}"] + vpc_id = "${aws_vpc.test.id}" + subnet_ids = ["${aws_subnet.test1.id}", "${aws_subnet.test2.id}"] } } `, alias) @@ -700,8 +700,8 @@ resource "aws_directory_service_directory" "test" { enable_sso = false vpc_settings { - vpc_id = "${aws_vpc.main.id}" - subnet_ids = ["${aws_subnet.foo.id}", "${aws_subnet.test.id}"] + vpc_id = "${aws_vpc.test.id}" + subnet_ids = ["${aws_subnet.test1.id}", "${aws_subnet.test2.id}"] } } `, alias) From 7ac8dda34c92203ccc9ca8468b51c1655b0f81d2 Mon Sep 17 00:00:00 2001 From: DrFaust92 Date: Fri, 3 Apr 2020 18:05:58 +0300 Subject: [PATCH 387/475] add attributes to data source --- ..._source_aws_directory_service_directory.go | 34 +++++++++++++++++-- 1 file changed, 32 insertions(+), 2 deletions(-) diff --git a/aws/data_source_aws_directory_service_directory.go b/aws/data_source_aws_directory_service_directory.go index f21555ae90a..3d338a65dc0 100644 --- a/aws/data_source_aws_directory_service_directory.go +++ b/aws/data_source_aws_directory_service_directory.go @@ -56,6 +56,15 @@ func dataSourceAwsDirectoryServiceDirectory() *schema.Resource { Type: schema.TypeString, Computed: true, }, + "security_group_id": { + Type: schema.TypeString, + Computed: true, + }, + "availability_zones": { + Type: schema.TypeSet, + Computed: true, + Elem: &schema.Schema{Type: schema.TypeString}, + }, }, }, }, @@ -90,6 +99,20 @@ func dataSourceAwsDirectoryServiceDirectory() *schema.Resource { Type: schema.TypeString, Computed: true, }, + "security_group_id": { + Type: schema.TypeString, + Computed: true, + }, + "connect_ips": { + Type: schema.TypeSet, + Computed: true, + Elem: &schema.Schema{Type: schema.TypeString}, + }, + "availability_zones": { + Type: schema.TypeSet, + Computed: true, + Elem: &schema.Schema{Type: schema.TypeString}, + }, }, }, }, @@ -160,8 +183,15 @@ func dataSourceAwsDirectoryServiceDirectoryRead(d *schema.ResourceData, meta int d.Set("size", dir.Size) d.Set("edition", dir.Edition) d.Set("type", dir.Type) - d.Set("vpc_settings", flattenDSVpcSettings(dir.VpcSettings)) - d.Set("connect_settings", flattenDSConnectSettings(dir.DnsIpAddrs, dir.ConnectSettings)) + + if err := d.Set("vpc_settings", flattenDSVpcSettings(dir.VpcSettings)); err != nil { + return fmt.Errorf("error setting VPC settings: %s", err) + } + + if err := d.Set("connect_settings", flattenDSConnectSettings(dir.DnsIpAddrs, dir.ConnectSettings)); err != nil { + return fmt.Errorf("error setting connect settings: %s", err) + } + d.Set("enable_sso", dir.SsoEnabled) if aws.StringValue(dir.Type) == directoryservice.DirectoryTypeAdconnector { From cc22b9db174cf46d2ecb104cc13112cc35e3dff8 Mon Sep 17 00:00:00 2001 From: DrFaust92 Date: Fri, 3 Apr 2020 18:09:40 +0300 Subject: [PATCH 388/475] remove sg id --- aws/data_source_aws_directory_service_directory.go | 13 ------------- aws/resource_aws_directory_service_directory.go | 13 ------------- 2 files changed, 26 deletions(-) diff --git a/aws/data_source_aws_directory_service_directory.go b/aws/data_source_aws_directory_service_directory.go index 3d338a65dc0..659c4279546 100644 --- a/aws/data_source_aws_directory_service_directory.go +++ b/aws/data_source_aws_directory_service_directory.go @@ -56,10 +56,6 @@ func dataSourceAwsDirectoryServiceDirectory() *schema.Resource { Type: schema.TypeString, Computed: true, }, - "security_group_id": { - Type: schema.TypeString, - Computed: true, - }, "availability_zones": { Type: schema.TypeSet, Computed: true, @@ -99,15 +95,6 @@ func dataSourceAwsDirectoryServiceDirectory() *schema.Resource { Type: schema.TypeString, Computed: true, }, - "security_group_id": { - Type: schema.TypeString, - Computed: true, - }, - "connect_ips": { - Type: schema.TypeSet, - Computed: true, - Elem: &schema.Schema{Type: schema.TypeString}, - }, "availability_zones": { Type: schema.TypeSet, Computed: true, diff --git a/aws/resource_aws_directory_service_directory.go b/aws/resource_aws_directory_service_directory.go index b15d678c36f..fc9ac52cec4 100644 --- a/aws/resource_aws_directory_service_directory.go +++ b/aws/resource_aws_directory_service_directory.go @@ -82,10 +82,6 @@ func resourceAwsDirectoryServiceDirectory() *schema.Resource { Required: true, ForceNew: true, }, - "security_group_id": { - Type: schema.TypeString, - Computed: true, - }, "availability_zones": { Type: schema.TypeSet, Computed: true, @@ -134,15 +130,6 @@ func resourceAwsDirectoryServiceDirectory() *schema.Resource { Required: true, ForceNew: true, }, - "security_group_id": { - Type: schema.TypeString, - Computed: true, - }, - "connect_ips": { - Type: schema.TypeSet, - Computed: true, - Elem: &schema.Schema{Type: schema.TypeString}, - }, "availability_zones": { Type: schema.TypeSet, Computed: true, From be21dcff4d3d6353b19fc3796f748e20cf2d63a5 Mon Sep 17 00:00:00 2001 From: DrFaust92 Date: Fri, 3 Apr 2020 18:11:12 +0300 Subject: [PATCH 389/475] remove sg id --- aws/structure.go | 3 --- 1 file changed, 3 deletions(-) diff --git a/aws/structure.go b/aws/structure.go index d76a9af31b4..4291365e3a5 100644 --- a/aws/structure.go +++ b/aws/structure.go @@ -1622,7 +1622,6 @@ func flattenDSVpcSettings( settings["subnet_ids"] = flattenStringSet(s.SubnetIds) settings["vpc_id"] = aws.StringValue(s.VpcId) - settings["security_group_id"] = aws.StringValue(s.SecurityGroupId) settings["availability_zones"] = flattenStringSet(s.AvailabilityZones) return []map[string]interface{}{settings} @@ -1739,11 +1738,9 @@ func flattenDSConnectSettings( settings := make(map[string]interface{}) settings["customer_dns_ips"] = flattenStringSet(customerDnsIps) - settings["connect_ips"] = flattenStringSet(s.ConnectIps) settings["customer_username"] = aws.StringValue(s.CustomerUserName) settings["subnet_ids"] = flattenStringSet(s.SubnetIds) settings["vpc_id"] = aws.StringValue(s.VpcId) - settings["security_group_id"] = aws.StringValue(s.SecurityGroupId) settings["availability_zones"] = flattenStringSet(s.AvailabilityZones) return []map[string]interface{}{settings} From 309b45e266030aab8e45b1eccdd3332b7ed64043 Mon Sep 17 00:00:00 2001 From: Ilia Lazebnik Date: Sat, 4 Apr 2020 00:04:26 +0300 Subject: [PATCH 390/475] Update resource_aws_directory_service_directory.go --- aws/resource_aws_directory_service_directory.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/aws/resource_aws_directory_service_directory.go b/aws/resource_aws_directory_service_directory.go index fc9ac52cec4..b8ebba807c3 100644 --- a/aws/resource_aws_directory_service_directory.go +++ b/aws/resource_aws_directory_service_directory.go @@ -114,7 +114,7 @@ func resourceAwsDirectoryServiceDirectory() *schema.Resource { ForceNew: true, Elem: &schema.Schema{ Type: schema.TypeString, - ValidateFunc: validation.SingleIP(), + ValidateFunc: validation.IsIPAddress(), }, Set: schema.HashString, }, From fb2f5562abebd6fcd144c38fb196dc4a12de00ff Mon Sep 17 00:00:00 2001 From: Ilia Lazebnik Date: Sat, 4 Apr 2020 00:40:25 +0300 Subject: [PATCH 391/475] Update resource_aws_directory_service_directory.go --- aws/resource_aws_directory_service_directory.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/aws/resource_aws_directory_service_directory.go b/aws/resource_aws_directory_service_directory.go index b8ebba807c3..a32c9e00349 100644 --- a/aws/resource_aws_directory_service_directory.go +++ b/aws/resource_aws_directory_service_directory.go @@ -114,7 +114,7 @@ func resourceAwsDirectoryServiceDirectory() *schema.Resource { ForceNew: true, Elem: &schema.Schema{ Type: schema.TypeString, - ValidateFunc: validation.IsIPAddress(), + ValidateFunc: validation.IsIPAddress, }, Set: schema.HashString, }, From 690bf0637554d2937f7dd38cf90a7665420111e9 Mon Sep 17 00:00:00 2001 From: DrFaust92 Date: Thu, 28 May 2020 22:41:33 +0300 Subject: [PATCH 392/475] revert connect ips removal --- aws/structure.go | 1 + 1 file changed, 1 insertion(+) diff --git a/aws/structure.go b/aws/structure.go index 4291365e3a5..d0628b26339 100644 --- a/aws/structure.go +++ b/aws/structure.go @@ -1738,6 +1738,7 @@ func flattenDSConnectSettings( settings := make(map[string]interface{}) settings["customer_dns_ips"] = flattenStringSet(customerDnsIps) + settings["connect_ips"] = flattenStringSet(s.ConnectIps) settings["customer_username"] = aws.StringValue(s.CustomerUserName) settings["subnet_ids"] = flattenStringSet(s.SubnetIds) settings["vpc_id"] = aws.StringValue(s.VpcId) From 11691daf8b1c1cb397adc237546c227adeeb55ba Mon Sep 17 00:00:00 2001 From: DrFaust92 Date: Thu, 28 May 2020 22:48:11 +0300 Subject: [PATCH 393/475] reuse disappears func --- ...ce_aws_directory_service_directory_test.go | 23 +------------------ 1 file changed, 1 insertion(+), 22 deletions(-) diff --git a/aws/resource_aws_directory_service_directory_test.go b/aws/resource_aws_directory_service_directory_test.go index 45a975c7630..7e1448929d4 100644 --- a/aws/resource_aws_directory_service_directory_test.go +++ b/aws/resource_aws_directory_service_directory_test.go @@ -340,7 +340,7 @@ func TestAccAWSDirectoryServiceDirectory_disappears(t *testing.T) { Config: testAccDirectoryServiceDirectoryConfig, Check: resource.ComposeTestCheckFunc( testAccCheckServiceDirectoryExists(resourceName, &ds), - testAccCheckServiceDirectoryDisappears(&ds), + testAccCheckResourceDisappears(testAccProvider, resourceAwsDirectoryServiceDirectory(), resourceName), ), ExpectNonEmptyPlan: true, }, @@ -383,27 +383,6 @@ func testAccCheckServiceDirectoryExists(name string, ds *directoryservice.Direct } } -func testAccCheckServiceDirectoryDisappears(ds *directoryservice.DirectoryDescription) resource.TestCheckFunc { - return func(s *terraform.State) error { - dsconn := testAccProvider.Meta().(*AWSClient).dsconn - _, err := dsconn.DeleteDirectory(&directoryservice.DeleteDirectoryInput{ - DirectoryId: ds.DirectoryId, - }) - if err != nil { - return err - } - - dsId := aws.StringValue(ds.DirectoryId) - log.Printf("[DEBUG] Waiting for Directory Service Directory (%q) to be deleted", dsId) - err = waitForDirectoryServiceDirectoryDeletion(dsconn, dsId) - if err != nil { - return fmt.Errorf("error waiting for Directory Service (%s) to be deleted: %s", dsId, err) - } - - return nil - } -} - func testAccCheckServiceDirectoryAlias(name, alias string) resource.TestCheckFunc { return func(s *terraform.State) error { rs, ok := s.RootModule().Resources[name] From f530b62d0022607335a72e720b84fe2cff256dfd Mon Sep 17 00:00:00 2001 From: John Pinkerton Date: Thu, 28 May 2020 15:55:15 -0400 Subject: [PATCH 394/475] Update security group example --- website/docs/r/security_group.html.markdown | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/website/docs/r/security_group.html.markdown b/website/docs/r/security_group.html.markdown index d0f6051e5fb..0b4227d481a 100644 --- a/website/docs/r/security_group.html.markdown +++ b/website/docs/r/security_group.html.markdown @@ -36,7 +36,7 @@ resource "aws_security_group" "allow_tls" { from_port = 443 to_port = 443 protocol = "tcp" - cidr_blocks = aws_vpc.main.cidr_block + cidr_blocks = [aws_vpc.main.cidr_block] } egress { From 9702a433145b5d141aabdc46df0ea8efab921dc8 Mon Sep 17 00:00:00 2001 From: DrFaust92 Date: Thu, 28 May 2020 23:33:10 +0300 Subject: [PATCH 395/475] reuse disappears func --- aws/resource_aws_directory_service_directory_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/aws/resource_aws_directory_service_directory_test.go b/aws/resource_aws_directory_service_directory_test.go index 7e1448929d4..db725d02b24 100644 --- a/aws/resource_aws_directory_service_directory_test.go +++ b/aws/resource_aws_directory_service_directory_test.go @@ -229,7 +229,7 @@ func TestAccAWSDirectoryServiceDirectory_connector(t *testing.T) { Check: resource.ComposeTestCheckFunc( testAccCheckServiceDirectoryExists(resourceName, &ds), resource.TestCheckResourceAttrSet(resourceName, "security_group_id"), - resource.TestCheckResourceAttrSet("aws_directory_service_directory.connector", "connect_settings.0.connect_ips.#"), + resource.TestCheckResourceAttrSet(resourceName, "connect_settings.0.connect_ips.#"), ), }, { From 6b6ce4a495b34c13114af485ca65ab278b52670f Mon Sep 17 00:00:00 2001 From: Angie Pinilla Date: Thu, 28 May 2020 16:36:12 -0400 Subject: [PATCH 396/475] document default value --- website/docs/r/launch_template.html.markdown | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/website/docs/r/launch_template.html.markdown b/website/docs/r/launch_template.html.markdown index c17ea099f32..9f487030eaf 100644 --- a/website/docs/r/launch_template.html.markdown +++ b/website/docs/r/launch_template.html.markdown @@ -168,7 +168,7 @@ Each `block_device_mappings` supports the following: The `ebs` block supports the following: -* `delete_on_termination` - Whether the volume should be destroyed on instance termination (Default: `false`). See [Preserving Amazon EBS Volumes on Instance Termination](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/terminating-instances.html#preserving-volumes-on-termination) for more information. +* `delete_on_termination` - Whether the volume should be destroyed on instance termination. Defaults to `false` if not set. See [Preserving Amazon EBS Volumes on Instance Termination](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/terminating-instances.html#preserving-volumes-on-termination) for more information. * `encrypted` - Enables [EBS encryption](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html) on the volume (Default: `false`). Cannot be used with `snapshot_id`. * `iops` - The amount of provisioned @@ -288,7 +288,7 @@ Check limitations for autoscaling group in [Creating an Auto Scaling Group Using Each `network_interfaces` block supports the following: * `associate_public_ip_address` - Associate a public ip address with the network interface. Boolean value. -* `delete_on_termination` - Whether the network interface should be destroyed on instance termination. +* `delete_on_termination` - Whether the network interface should be destroyed on instance termination. Defaults to `false` if not set. * `description` - Description of the network interface. * `device_index` - The integer index of the network interface attachment. * `ipv6_addresses` - One or more specific IPv6 addresses from the IPv6 CIDR block range of your subnet. Conflicts with `ipv6_address_count` From 9e2bfed35b838b6f87ea47562aa6c372c51d9647 Mon Sep 17 00:00:00 2001 From: DrFaust92 Date: Fri, 29 May 2020 01:22:14 +0300 Subject: [PATCH 397/475] minor naming changes --- ...ource_aws_directory_service_directory_test.go | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/aws/resource_aws_directory_service_directory_test.go b/aws/resource_aws_directory_service_directory_test.go index db725d02b24..7f66ef0c36b 100644 --- a/aws/resource_aws_directory_service_directory_test.go +++ b/aws/resource_aws_directory_service_directory_test.go @@ -295,7 +295,7 @@ func TestAccAWSDirectoryServiceDirectory_withAliasAndSso(t *testing.T) { } func testAccCheckDirectoryServiceDirectoryDestroy(s *terraform.State) error { - dsconn := testAccProvider.Meta().(*AWSClient).dsconn + conn := testAccProvider.Meta().(*AWSClient).dsconn for _, rs := range s.RootModule().Resources { if rs.Type != "aws_directory_service_directory" { @@ -305,7 +305,7 @@ func testAccCheckDirectoryServiceDirectoryDestroy(s *terraform.State) error { input := directoryservice.DescribeDirectoriesInput{ DirectoryIds: []*string{aws.String(rs.Primary.ID)}, } - out, err := dsconn.DescribeDirectories(&input) + out, err := conn.DescribeDirectories(&input) if isAWSErr(err, directoryservice.ErrCodeEntityDoesNotExistException, "") { continue @@ -359,8 +359,8 @@ func testAccCheckServiceDirectoryExists(name string, ds *directoryservice.Direct return fmt.Errorf("No ID is set") } - dsconn := testAccProvider.Meta().(*AWSClient).dsconn - out, err := dsconn.DescribeDirectories(&directoryservice.DescribeDirectoriesInput{ + conn := testAccProvider.Meta().(*AWSClient).dsconn + out, err := conn.DescribeDirectories(&directoryservice.DescribeDirectoriesInput{ DirectoryIds: []*string{aws.String(rs.Primary.ID)}, }) @@ -394,8 +394,8 @@ func testAccCheckServiceDirectoryAlias(name, alias string) resource.TestCheckFun return fmt.Errorf("No ID is set") } - dsconn := testAccProvider.Meta().(*AWSClient).dsconn - out, err := dsconn.DescribeDirectories(&directoryservice.DescribeDirectoriesInput{ + conn := testAccProvider.Meta().(*AWSClient).dsconn + out, err := conn.DescribeDirectories(&directoryservice.DescribeDirectoriesInput{ DirectoryIds: []*string{aws.String(rs.Primary.ID)}, }) @@ -423,8 +423,8 @@ func testAccCheckServiceDirectorySso(name string, ssoEnabled bool) resource.Test return fmt.Errorf("No ID is set") } - dsconn := testAccProvider.Meta().(*AWSClient).dsconn - out, err := dsconn.DescribeDirectories(&directoryservice.DescribeDirectoriesInput{ + conn := testAccProvider.Meta().(*AWSClient).dsconn + out, err := conn.DescribeDirectories(&directoryservice.DescribeDirectoriesInput{ DirectoryIds: []*string{aws.String(rs.Primary.ID)}, }) From bbc5082bfafbb644df02bc1f7e8dce1c8e092f98 Mon Sep 17 00:00:00 2001 From: tf-release-bot Date: Fri, 29 May 2020 00:00:02 +0000 Subject: [PATCH 398/475] v2.64.0 --- CHANGELOG.md | 44 ++++++++++++++++++++++---------------------- 1 file changed, 22 insertions(+), 22 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 410c22c10a0..f48d1641a30 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,31 +1,31 @@ -## 2.64.0 (Unreleased) +## 2.64.0 (May 28, 2020) ENHANCEMENTS: -* data-source/aws_directory_service_directory: `connect_settings` `connect_ips` attribute now set [GH-13395] -* resource/aws_directory_service_directory: `connect_settings` `connect_ips` attribute now set [GH-13395] -* resource/aws_iot_topic_rule: Add `step_functions` configuration block [GH-13520] -* resource/aws_ses_event_destination: Support resource import [GH-13464] +* data-source/aws_directory_service_directory: `connect_settings` `connect_ips` attribute now set ([#13395](https://github.com/terraform-providers/terraform-provider-aws/issues/13395)) +* resource/aws_directory_service_directory: `connect_settings` `connect_ips` attribute now set ([#13395](https://github.com/terraform-providers/terraform-provider-aws/issues/13395)) +* resource/aws_iot_topic_rule: Add `step_functions` configuration block ([#13520](https://github.com/terraform-providers/terraform-provider-aws/issues/13520)) +* resource/aws_ses_event_destination: Support resource import ([#13464](https://github.com/terraform-providers/terraform-provider-aws/issues/13464)) BUG FIXES: -* data-source/aws_elasticsearch_domain: `processing` is now correctly set [GH-13397] -* resource/aws_acm_certificate: Update pending DNS validation record creation time from 1 minute to 5 minutes (better support for certificates with high amount of Subject Alternative Names) [GH-12371] -* resource/aws_api_gateway_method_settings: `settings` now properly set [GH-13403] -* resource/aws_autoscaling_group: Ignore ordering differences for `tags` argument (prevent unexpected differences from version 2.63.0) [GH-13515] -* resource/aws_codebuild_project: Enable drift detection for `environment_variable` argument [GH-6427] -* resource/aws_codebuild_project: Prevent `inconsistent final plan` errors with `source` configuration block [GH-10615] -* resource/aws_ecs_task_definition: Ensure `efs_volume_configuration` changes are properly detected [GH-12571] / [GH-12751] -* resource/aws_lb_cookie_stickiness_policy: `cookie_expiration_policy` now properly set [GH-13418] -* resource/aws_lightsail_instance: `ram_size` now properly set [GH-13430] -* resource/aws_load_balancer_backend_server_policy: `instance_port` now properly set [GH-13418] -* resource/aws_load_balancer_listener_policy: `load_balancer_port` now properly set [GH-13418] -* resource/aws_opsworks_application: `environment` `secure` now properly set [GH-13435] -* resource/aws_security_group_rule: Correctly set `description` after state refresh when `source_security_group_id` refers to a security group across accounts [GH-13364] -* resource/aws_ses_active_receipt_rule_set: Recreate resource when destroyed outside of Terraform [GH-9086] -* resource/aws_ses_event_destination: Correctly refresh entire resource state (prevent unexpected differences from version 2.63.0 and properly perform drift detection) [GH-13464] -* resource/aws_ses_receipt_rule: Recreate resource when destroyed outside of Terraform [GH-9086] -* resource/aws_sns_topic: Attributes of type `schema.TypeInt` are now correctly set [GH-13437] +* data-source/aws_elasticsearch_domain: `processing` is now correctly set ([#13397](https://github.com/terraform-providers/terraform-provider-aws/issues/13397)) +* resource/aws_acm_certificate: Update pending DNS validation record creation time from 1 minute to 5 minutes (better support for certificates with high amount of Subject Alternative Names) ([#12371](https://github.com/terraform-providers/terraform-provider-aws/issues/12371)) +* resource/aws_api_gateway_method_settings: `settings` now properly set ([#13403](https://github.com/terraform-providers/terraform-provider-aws/issues/13403)) +* resource/aws_autoscaling_group: Ignore ordering differences for `tags` argument (prevent unexpected differences from version 2.63.0) ([#13515](https://github.com/terraform-providers/terraform-provider-aws/issues/13515)) +* resource/aws_codebuild_project: Enable drift detection for `environment_variable` argument ([#6427](https://github.com/terraform-providers/terraform-provider-aws/issues/6427)) +* resource/aws_codebuild_project: Prevent `inconsistent final plan` errors with `source` configuration block ([#10615](https://github.com/terraform-providers/terraform-provider-aws/issues/10615)) +* resource/aws_ecs_task_definition: Ensure `efs_volume_configuration` changes are properly detected ([#12571](https://github.com/terraform-providers/terraform-provider-aws/issues/12571)] / [[#12751](https://github.com/terraform-providers/terraform-provider-aws/issues/12751)) +* resource/aws_lb_cookie_stickiness_policy: `cookie_expiration_policy` now properly set ([#13418](https://github.com/terraform-providers/terraform-provider-aws/issues/13418)) +* resource/aws_lightsail_instance: `ram_size` now properly set ([#13430](https://github.com/terraform-providers/terraform-provider-aws/issues/13430)) +* resource/aws_load_balancer_backend_server_policy: `instance_port` now properly set ([#13418](https://github.com/terraform-providers/terraform-provider-aws/issues/13418)) +* resource/aws_load_balancer_listener_policy: `load_balancer_port` now properly set ([#13418](https://github.com/terraform-providers/terraform-provider-aws/issues/13418)) +* resource/aws_opsworks_application: `environment` `secure` now properly set ([#13435](https://github.com/terraform-providers/terraform-provider-aws/issues/13435)) +* resource/aws_security_group_rule: Correctly set `description` after state refresh when `source_security_group_id` refers to a security group across accounts ([#13364](https://github.com/terraform-providers/terraform-provider-aws/issues/13364)) +* resource/aws_ses_active_receipt_rule_set: Recreate resource when destroyed outside of Terraform ([#9086](https://github.com/terraform-providers/terraform-provider-aws/issues/9086)) +* resource/aws_ses_event_destination: Correctly refresh entire resource state (prevent unexpected differences from version 2.63.0 and properly perform drift detection) ([#13464](https://github.com/terraform-providers/terraform-provider-aws/issues/13464)) +* resource/aws_ses_receipt_rule: Recreate resource when destroyed outside of Terraform ([#9086](https://github.com/terraform-providers/terraform-provider-aws/issues/9086)) +* resource/aws_sns_topic: Attributes of type `schema.TypeInt` are now correctly set ([#13437](https://github.com/terraform-providers/terraform-provider-aws/issues/13437)) ## 2.63.0 (May 22, 2020) From 02322fa78757146fd882c339398797492b73c206 Mon Sep 17 00:00:00 2001 From: tf-release-bot Date: Fri, 29 May 2020 00:18:11 +0000 Subject: [PATCH 399/475] Cleanup after v2.64.0 release --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index f48d1641a30..d8ea955c4ff 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,4 @@ +## 2.65.0 (Unreleased) ## 2.64.0 (May 28, 2020) ENHANCEMENTS: From db55821885825d332fdff37a484d286200f45976 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rub=C3=A9n=20del=20Campo?= Date: Sun, 29 Mar 2020 20:28:17 +0200 Subject: [PATCH 400/475] Implement weighted target groups in aws_lb_listener_rule and aws_lb_listener --- aws/resource_aws_lb_listener.go | 128 ++++++++++++++++++++++++++- aws/resource_aws_lb_listener_rule.go | 128 ++++++++++++++++++++++++++- 2 files changed, 250 insertions(+), 6 deletions(-) diff --git a/aws/resource_aws_lb_listener.go b/aws/resource_aws_lb_listener.go index 74d1f327998..856912112fa 100644 --- a/aws/resource_aws_lb_listener.go +++ b/aws/resource_aws_lb_listener.go @@ -104,6 +104,58 @@ func resourceAwsLbListener() *schema.Resource { Type: schema.TypeString, Optional: true, DiffSuppressFunc: suppressIfDefaultActionTypeNot("forward"), + ConflictsWith: []string{"default_action.0.forward"}, + }, + + "forward": { + Type: schema.TypeList, + Optional: true, + DiffSuppressFunc: suppressIfDefaultActionTypeNot("forward"), + MaxItems: 1, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "target_group": { + Type: schema.TypeSet, + MinItems: 2, + MaxItems: 5, + Required: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "arn": { + Type: schema.TypeString, + Required: true, + }, + "weight": { + Type: schema.TypeInt, + ValidateFunc: validation.IntBetween(0, 999), + Default: 1, + Optional: true, + }, + }, + }, + }, + "stickiness": { + Type: schema.TypeList, + Optional: true, + DiffSuppressFunc: suppressMissingOptionalConfigurationBlock, + MaxItems: 1, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "enabled": { + Type: schema.TypeBool, + Optional: true, + Default: false, + }, + "duration": { + Type: schema.TypeInt, + Required: true, + ValidateFunc: validation.IntBetween(1, 604800), + }, + }, + }, + }, + }, + }, }, "redirect": { @@ -372,7 +424,9 @@ func resourceAwsLbListenerCreate(d *schema.ResourceData, meta interface{}) error switch defaultActionMap["type"].(string) { case "forward": - action.TargetGroupArn = aws.String(defaultActionMap["target_group_arn"].(string)) + if err := lbListenerDefaultRuleActionForward(defaultActionMap, action); err != nil { + return err + } case "redirect": redirectList := defaultActionMap["redirect"].([]interface{}) @@ -586,7 +640,30 @@ func resourceAwsLbListenerRead(d *schema.ResourceData, meta interface{}) error { switch aws.StringValue(defaultAction.Type) { case "forward": - defaultActionMap["target_group_arn"] = aws.StringValue(defaultAction.TargetGroupArn) + if aws.StringValue(defaultAction.TargetGroupArn) != "" { + defaultActionMap["target_group_arn"] = aws.StringValue(defaultAction.TargetGroupArn) + } else { + targetGroups := make([]map[string]interface{}, 0, len(defaultAction.ForwardConfig.TargetGroups)) + for _, targetGroup := range defaultAction.ForwardConfig.TargetGroups { + targetGroups = append(targetGroups, + map[string]interface{}{ + "arn": aws.StringValue(targetGroup.TargetGroupArn), + "weight": aws.Int64Value(targetGroup.Weight), + }, + ) + } + defaultActionMap["forward"] = []map[string]interface{}{ + { + "target_group": targetGroups, + "stickiness": []map[string]interface{}{ + { + "enabled": aws.BoolValue(defaultAction.ForwardConfig.TargetGroupStickinessConfig.Enabled), + "duration": aws.Int64Value(defaultAction.ForwardConfig.TargetGroupStickinessConfig.DurationSeconds), + }, + }, + }, + } + } case "redirect": defaultActionMap["redirect"] = []map[string]interface{}{ @@ -701,7 +778,9 @@ func resourceAwsLbListenerUpdate(d *schema.ResourceData, meta interface{}) error switch defaultActionMap["type"].(string) { case "forward": - action.TargetGroupArn = aws.String(defaultActionMap["target_group_arn"].(string)) + if err := lbListenerDefaultRuleActionForward(defaultActionMap, action); err != nil { + return err + } case "redirect": redirectList := defaultActionMap["redirect"].([]interface{}) @@ -846,3 +925,46 @@ func resourceAwsLbListenerDelete(d *schema.ResourceData, meta interface{}) error return nil } + +func lbListenerDefaultRuleActionForward(actionMap map[string]interface{}, action *elbv2.Action) error { + forwardList := actionMap["forward"].([]interface{}) + targetGroupArn := actionMap["target_group_arn"].(string) + + if targetGroupArn != "" { + action.TargetGroupArn = aws.String(targetGroupArn) + } else if len(forwardList) == 1 { + forwardMap := forwardList[0].(map[string]interface{}) + targetGroupsInput := forwardMap["target_group"].(*schema.Set).List() + weightedTargetGroups := make([]*elbv2.TargetGroupTuple, len(targetGroupsInput)) + + for i, input := range targetGroupsInput { + weightedTargetGroup := input.(map[string]interface{}) + weightedTargetGroups[i] = &elbv2.TargetGroupTuple{ + TargetGroupArn: aws.String(weightedTargetGroup["arn"].(string)), + Weight: aws.Int64(int64(weightedTargetGroup["weight"].(int))), + } + } + + action.ForwardConfig = &elbv2.ForwardActionConfig{ + TargetGroups: weightedTargetGroups, + } + + stickinessInput := forwardMap["stickiness"].([]interface{}) + if len(stickinessInput) != 0 { + stickyInputMap := stickinessInput[0].(map[string]interface{}) + if stickyInputMap["enabled"].(bool) { + action.ForwardConfig.TargetGroupStickinessConfig = &elbv2.TargetGroupStickinessConfig{ + Enabled: aws.Bool(stickyInputMap["enabled"].(bool)), + DurationSeconds: aws.Int64(int64(stickyInputMap["duration"].(int))), + } + } else { + action.ForwardConfig.TargetGroupStickinessConfig = &elbv2.TargetGroupStickinessConfig{ + Enabled: aws.Bool(false), + } + } + } + } else { + return errors.New("for actions of type 'forward', you must specify a 'forward' block or 'target_group_arn'") + } + return nil +} diff --git a/aws/resource_aws_lb_listener_rule.go b/aws/resource_aws_lb_listener_rule.go index c4cbac50cb4..2136ee27250 100644 --- a/aws/resource_aws_lb_listener_rule.go +++ b/aws/resource_aws_lb_listener_rule.go @@ -72,6 +72,58 @@ func resourceAwsLbbListenerRule() *schema.Resource { Type: schema.TypeString, Optional: true, DiffSuppressFunc: suppressIfActionTypeNot("forward"), + ConflictsWith: []string{"action.0.forward"}, + }, + + "forward": { + Type: schema.TypeList, + Optional: true, + DiffSuppressFunc: suppressIfActionTypeNot("forward"), + MaxItems: 1, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "target_group": { + Type: schema.TypeSet, + MinItems: 2, + MaxItems: 5, + Required: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "arn": { + Type: schema.TypeString, + Required: true, + }, + "weight": { + Type: schema.TypeInt, + ValidateFunc: validation.IntBetween(0, 999), + Default: 1, + Optional: true, + }, + }, + }, + }, + "stickiness": { + Type: schema.TypeList, + Optional: true, + DiffSuppressFunc: suppressMissingOptionalConfigurationBlock, + MaxItems: 1, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "enabled": { + Type: schema.TypeBool, + Optional: true, + Default: false, + }, + "duration": { + Type: schema.TypeInt, + Required: true, + ValidateFunc: validation.IntBetween(1, 604800), + }, + }, + }, + }, + }, + }, }, "redirect": { @@ -560,7 +612,9 @@ func resourceAwsLbListenerRuleCreate(d *schema.ResourceData, meta interface{}) e switch actionMap["type"].(string) { case "forward": - action.TargetGroupArn = aws.String(actionMap["target_group_arn"].(string)) + if err := lbListenerRuleActionForward(actionMap, action); err != nil { + return err + } case "redirect": redirectList := actionMap["redirect"].([]interface{}) @@ -789,7 +843,30 @@ func resourceAwsLbListenerRuleRead(d *schema.ResourceData, meta interface{}) err switch actionMap["type"] { case "forward": - actionMap["target_group_arn"] = aws.StringValue(action.TargetGroupArn) + if aws.StringValue(action.TargetGroupArn) != "" { + actionMap["target_group_arn"] = aws.StringValue(action.TargetGroupArn) + } else { + targetGroups := make([]map[string]interface{}, 0, len(action.ForwardConfig.TargetGroups)) + for _, targetGroup := range action.ForwardConfig.TargetGroups { + targetGroups = append(targetGroups, + map[string]interface{}{ + "arn": aws.StringValue(targetGroup.TargetGroupArn), + "weight": aws.Int64Value(targetGroup.Weight), + }, + ) + } + actionMap["forward"] = []map[string]interface{}{ + { + "target_group": targetGroups, + "stickiness": []map[string]interface{}{ + { + "enabled": aws.BoolValue(action.ForwardConfig.TargetGroupStickinessConfig.Enabled), + "duration": aws.Int64Value(action.ForwardConfig.TargetGroupStickinessConfig.DurationSeconds), + }, + }, + }, + } + } case "redirect": actionMap["redirect"] = []map[string]interface{}{ @@ -968,7 +1045,9 @@ func resourceAwsLbListenerRuleUpdate(d *schema.ResourceData, meta interface{}) e switch actionMap["type"].(string) { case "forward": - action.TargetGroupArn = aws.String(actionMap["target_group_arn"].(string)) + if err := lbListenerRuleActionForward(actionMap, action); err != nil { + return err + } case "redirect": redirectList := actionMap["redirect"].([]interface{}) @@ -1298,3 +1377,46 @@ func lbListenerRuleConditions(conditions []interface{}) ([]*elbv2.RuleCondition, } return elbConditions, nil } + +func lbListenerRuleActionForward(actionMap map[string]interface{}, action *elbv2.Action) error { + forwardList := actionMap["forward"].([]interface{}) + targetGroupArn := actionMap["target_group_arn"].(string) + + if targetGroupArn != "" { + action.TargetGroupArn = aws.String(targetGroupArn) + } else if len(forwardList) == 1 { + forwardMap := forwardList[0].(map[string]interface{}) + targetGroupsInput := forwardMap["target_group"].(*schema.Set).List() + weightedTargetGroups := make([]*elbv2.TargetGroupTuple, len(targetGroupsInput)) + + for i, input := range targetGroupsInput { + weightedTargetGroup := input.(map[string]interface{}) + weightedTargetGroups[i] = &elbv2.TargetGroupTuple{ + TargetGroupArn: aws.String(weightedTargetGroup["arn"].(string)), + Weight: aws.Int64(int64(weightedTargetGroup["weight"].(int))), + } + } + + action.ForwardConfig = &elbv2.ForwardActionConfig{ + TargetGroups: weightedTargetGroups, + } + + stickinessInput := forwardMap["stickiness"].([]interface{}) + if len(stickinessInput) != 0 { + stickyInputMap := stickinessInput[0].(map[string]interface{}) + if stickyInputMap["enabled"].(bool) { + action.ForwardConfig.TargetGroupStickinessConfig = &elbv2.TargetGroupStickinessConfig{ + Enabled: aws.Bool(stickyInputMap["enabled"].(bool)), + DurationSeconds: aws.Int64(int64(stickyInputMap["duration"].(int))), + } + } else { + action.ForwardConfig.TargetGroupStickinessConfig = &elbv2.TargetGroupStickinessConfig{ + Enabled: aws.Bool(false), + } + } + } + } else { + return errors.New("for actions of type 'forward', you must specify a 'forward' block or 'target_group_arn'") + } + return nil +} From c8017861c96d19d0c3fdf596430096670e24985a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rub=C3=A9n=20del=20Campo?= Date: Sun, 29 Mar 2020 20:29:11 +0200 Subject: [PATCH 401/475] Implement weighted target group acceptance tests --- aws/resource_aws_lb_listener_rule_test.go | 512 ++++++++++++++++++++++ aws/resource_aws_lb_listener_test.go | 461 +++++++++++++++++++ 2 files changed, 973 insertions(+) diff --git a/aws/resource_aws_lb_listener_rule_test.go b/aws/resource_aws_lb_listener_rule_test.go index 6c46befc047..ad00e9be294 100644 --- a/aws/resource_aws_lb_listener_rule_test.go +++ b/aws/resource_aws_lb_listener_rule_test.go @@ -97,6 +97,82 @@ func TestAccAWSLBListenerRule_basic(t *testing.T) { }) } +func TestAccAWSLBListenerRule_forwardWeighted(t *testing.T) { + var conf elbv2.Rule + lbName := fmt.Sprintf("testrule-weighted-%s", acctest.RandStringFromCharSet(13, acctest.CharSetAlphaNum)) + targetGroupName1 := fmt.Sprintf("testtargetgroup-%s", acctest.RandStringFromCharSet(10, acctest.CharSetAlphaNum)) + targetGroupName2 := fmt.Sprintf("testtargetgroup-%s", acctest.RandStringFromCharSet(10, acctest.CharSetAlphaNum)) + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + IDRefreshName: "aws_lb_listener_rule.weighted", + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSLBListenerRuleDestroy, + Steps: []resource.TestStep{ + { + Config: testAccAWSLBListenerRuleConfig_forwardWeighted(lbName, targetGroupName1, targetGroupName2), + Check: resource.ComposeAggregateTestCheckFunc( + testAccCheckAWSLBListenerRuleExists("aws_lb_listener_rule.weighted", &conf), + resource.TestCheckResourceAttrSet("aws_lb_listener_rule.weighted", "arn"), + resource.TestCheckResourceAttrSet("aws_lb_listener_rule.weighted", "listener_arn"), + resource.TestCheckResourceAttr("aws_lb_listener_rule.weighted", "priority", "100"), + resource.TestCheckResourceAttr("aws_lb_listener_rule.weighted", "action.#", "1"), + resource.TestCheckResourceAttr("aws_lb_listener_rule.weighted", "action.0.order", "1"), + resource.TestCheckResourceAttr("aws_lb_listener_rule.weighted", "action.0.type", "forward"), + resource.TestCheckResourceAttr("aws_lb_listener_rule.weighted", "action.0.forward.#", "1"), + resource.TestCheckResourceAttr("aws_lb_listener_rule.weighted", "action.0.forward.0.target_group.#", "2"), + resource.TestCheckResourceAttr("aws_lb_listener_rule.weighted", "action.0.forward.0.stickiness.0.enabled", "false"), + resource.TestCheckResourceAttr("aws_lb_listener_rule.weighted", "action.0.forward.0.stickiness.0.duration", "0"), + resource.TestCheckResourceAttr("aws_lb_listener_rule.weighted", "action.0.redirect.#", "0"), + resource.TestCheckResourceAttr("aws_lb_listener_rule.weighted", "action.0.fixed_response.#", "0"), + resource.TestCheckResourceAttr("aws_lb_listener_rule.weighted", "action.0.authenticate_cognito.#", "0"), + resource.TestCheckResourceAttr("aws_lb_listener_rule.weighted", "action.0.authenticate_oidc.#", "0"), + resource.TestCheckResourceAttr("aws_lb_listener_rule.weighted", "condition.#", "1"), + ), + }, + { + Config: testAccAWSLBListenerRuleConfig_changeForwardWeightedStickiness(lbName, targetGroupName1, targetGroupName2), + Check: resource.ComposeAggregateTestCheckFunc( + testAccCheckAWSLBListenerRuleExists("aws_lb_listener_rule.weighted", &conf), + resource.TestCheckResourceAttrSet("aws_lb_listener_rule.weighted", "arn"), + resource.TestCheckResourceAttrSet("aws_lb_listener_rule.weighted", "listener_arn"), + resource.TestCheckResourceAttr("aws_lb_listener_rule.weighted", "priority", "100"), + resource.TestCheckResourceAttr("aws_lb_listener_rule.weighted", "action.#", "1"), + resource.TestCheckResourceAttr("aws_lb_listener_rule.weighted", "action.0.order", "1"), + resource.TestCheckResourceAttr("aws_lb_listener_rule.weighted", "action.0.type", "forward"), + resource.TestCheckResourceAttr("aws_lb_listener_rule.weighted", "action.0.forward.#", "1"), + resource.TestCheckResourceAttr("aws_lb_listener_rule.weighted", "action.0.forward.0.target_group.#", "2"), + resource.TestCheckResourceAttr("aws_lb_listener_rule.weighted", "action.0.forward.0.stickiness.0.enabled", "true"), + resource.TestCheckResourceAttr("aws_lb_listener_rule.weighted", "action.0.forward.0.stickiness.0.duration", "3600"), + resource.TestCheckResourceAttr("aws_lb_listener_rule.weighted", "action.0.redirect.#", "0"), + resource.TestCheckResourceAttr("aws_lb_listener_rule.weighted", "action.0.fixed_response.#", "0"), + resource.TestCheckResourceAttr("aws_lb_listener_rule.weighted", "action.0.authenticate_cognito.#", "0"), + resource.TestCheckResourceAttr("aws_lb_listener_rule.weighted", "action.0.authenticate_oidc.#", "0"), + resource.TestCheckResourceAttr("aws_lb_listener_rule.weighted", "condition.#", "1"), + ), + }, + { + Config: testAccAWSLBListenerRuleConfig_changeForwardWeightedToBasic(lbName, targetGroupName1, targetGroupName2), + Check: resource.ComposeAggregateTestCheckFunc( + testAccCheckAWSLBListenerRuleExists("aws_lb_listener_rule.weighted", &conf), + resource.TestCheckResourceAttrSet("aws_lb_listener_rule.weighted", "arn"), + resource.TestCheckResourceAttrSet("aws_lb_listener_rule.weighted", "listener_arn"), + resource.TestCheckResourceAttr("aws_lb_listener_rule.weighted", "priority", "100"), + resource.TestCheckResourceAttr("aws_lb_listener_rule.weighted", "action.#", "1"), + resource.TestCheckResourceAttr("aws_lb_listener_rule.weighted", "action.0.order", "1"), + resource.TestCheckResourceAttr("aws_lb_listener_rule.weighted", "action.0.type", "forward"), + resource.TestCheckResourceAttrSet("aws_lb_listener_rule.weighted", "action.0.target_group_arn"), + resource.TestCheckResourceAttr("aws_lb_listener_rule.weighted", "action.0.redirect.#", "0"), + resource.TestCheckResourceAttr("aws_lb_listener_rule.weighted", "action.0.fixed_response.#", "0"), + resource.TestCheckResourceAttr("aws_lb_listener_rule.weighted", "action.0.authenticate_cognito.#", "0"), + resource.TestCheckResourceAttr("aws_lb_listener_rule.weighted", "action.0.authenticate_oidc.#", "0"), + resource.TestCheckResourceAttr("aws_lb_listener_rule.weighted", "condition.#", "1"), + ), + }, + }, + }) +} + func TestAccAWSLBListenerRuleBackwardsCompatibility(t *testing.T) { var conf elbv2.Rule lbName := fmt.Sprintf("testrule-basic-%s", acctest.RandStringFromCharSet(13, acctest.CharSetAlphaNum)) @@ -1515,6 +1591,442 @@ resource "aws_security_group" "alb_test" { `, lbName, targetGroupName) } +func testAccAWSLBListenerRuleConfig_forwardWeighted(lbName, targetGroupName1 string, targetGroupName2 string) string { + return fmt.Sprintf(` +resource "aws_lb_listener_rule" "weighted" { + listener_arn = "${aws_lb_listener.front_end.arn}" + priority = 100 + + action { + type = "forward" + forward { + target_group { + arn = "${aws_lb_target_group.test1.arn}" + weight = 1 + } + target_group { + arn = "${aws_lb_target_group.test2.arn}" + weight = 1 + } + } + } + + condition { + field = "path-pattern" + values = ["/weighted/*"] + } +} + +resource "aws_lb_listener" "front_end" { + load_balancer_arn = "${aws_lb.alb_test.id}" + protocol = "HTTP" + port = "80" + + default_action { + target_group_arn = "${aws_lb_target_group.test1.arn}" + type = "forward" + } +} + +resource "aws_lb" "alb_test" { + name = "%s" + internal = true + security_groups = ["${aws_security_group.alb_test.id}"] + subnets = ["${aws_subnet.alb_test.*.id[0]}", "${aws_subnet.alb_test.*.id[1]}"] + + idle_timeout = 30 + enable_deletion_protection = false + + tags = { + Name = "TestAccAWSALB_basic" + } +} + +resource "aws_lb_target_group" "test1" { + name = "%s" + port = 8080 + protocol = "HTTP" + vpc_id = "${aws_vpc.alb_test.id}" + + health_check { + path = "/health" + interval = 60 + port = 8081 + protocol = "HTTP" + timeout = 3 + healthy_threshold = 3 + unhealthy_threshold = 3 + matcher = "200-299" + } +} + +resource "aws_lb_target_group" "test2" { + name = "%s" + port = 8080 + protocol = "HTTP" + vpc_id = "${aws_vpc.alb_test.id}" + + health_check { + path = "/health" + interval = 60 + port = 8081 + protocol = "HTTP" + timeout = 3 + healthy_threshold = 3 + unhealthy_threshold = 3 + matcher = "200-299" + } +} + +variable "subnets" { + default = ["10.0.1.0/24", "10.0.2.0/24"] + type = "list" +} + +data "aws_availability_zones" "available" { + state = "available" + + filter { + name = "opt-in-status" + values = ["opt-in-not-required"] + } +} + +resource "aws_vpc" "alb_test" { + cidr_block = "10.0.0.0/16" + + tags = { + Name = "terraform-testacc-lb-listener-rule-basic" + } +} + +resource "aws_subnet" "alb_test" { + count = 2 + vpc_id = "${aws_vpc.alb_test.id}" + cidr_block = "${element(var.subnets, count.index)}" + map_public_ip_on_launch = true + availability_zone = "${element(data.aws_availability_zones.available.names, count.index)}" + + tags = { + Name = "tf-acc-lb-listener-rule-basic-${count.index}" + } +} + +resource "aws_security_group" "alb_test" { + name = "allow_all_alb_test" + description = "Used for ALB Testing" + vpc_id = "${aws_vpc.alb_test.id}" + + ingress { + from_port = 0 + to_port = 0 + protocol = "-1" + cidr_blocks = ["0.0.0.0/0"] + } + + egress { + from_port = 0 + to_port = 0 + protocol = "-1" + cidr_blocks = ["0.0.0.0/0"] + } + + tags = { + Name = "TestAccAWSALB_basic" + } +} +`, lbName, targetGroupName1, targetGroupName2) +} + +func testAccAWSLBListenerRuleConfig_changeForwardWeightedStickiness(lbName, targetGroupName1 string, targetGroupName2 string) string { + return fmt.Sprintf(` +resource "aws_lb_listener_rule" "weighted" { + listener_arn = "${aws_lb_listener.front_end.arn}" + priority = 100 + + action { + type = "forward" + forward { + target_group { + arn = "${aws_lb_target_group.test1.arn}" + weight = 1 + } + target_group { + arn = "${aws_lb_target_group.test2.arn}" + weight = 1 + } + stickiness { + enabled = true + duration = 3600 + } + } + } + + condition { + field = "path-pattern" + values = ["/weighted/*"] + } +} + +resource "aws_lb_listener" "front_end" { + load_balancer_arn = "${aws_lb.alb_test.id}" + protocol = "HTTP" + port = "80" + + default_action { + target_group_arn = "${aws_lb_target_group.test1.arn}" + type = "forward" + } +} + +resource "aws_lb" "alb_test" { + name = "%s" + internal = true + security_groups = ["${aws_security_group.alb_test.id}"] + subnets = ["${aws_subnet.alb_test.*.id[0]}", "${aws_subnet.alb_test.*.id[1]}"] + + idle_timeout = 30 + enable_deletion_protection = false + + tags = { + Name = "TestAccAWSALB_basic" + } +} + +resource "aws_lb_target_group" "test1" { + name = "%s" + port = 8080 + protocol = "HTTP" + vpc_id = "${aws_vpc.alb_test.id}" + + health_check { + path = "/health" + interval = 60 + port = 8081 + protocol = "HTTP" + timeout = 3 + healthy_threshold = 3 + unhealthy_threshold = 3 + matcher = "200-299" + } +} + +resource "aws_lb_target_group" "test2" { + name = "%s" + port = 8080 + protocol = "HTTP" + vpc_id = "${aws_vpc.alb_test.id}" + + health_check { + path = "/health" + interval = 60 + port = 8081 + protocol = "HTTP" + timeout = 3 + healthy_threshold = 3 + unhealthy_threshold = 3 + matcher = "200-299" + } +} + +variable "subnets" { + default = ["10.0.1.0/24", "10.0.2.0/24"] + type = "list" +} + +data "aws_availability_zones" "available" { + state = "available" + + filter { + name = "opt-in-status" + values = ["opt-in-not-required"] + } +} + +resource "aws_vpc" "alb_test" { + cidr_block = "10.0.0.0/16" + + tags = { + Name = "terraform-testacc-lb-listener-rule-basic" + } +} + +resource "aws_subnet" "alb_test" { + count = 2 + vpc_id = "${aws_vpc.alb_test.id}" + cidr_block = "${element(var.subnets, count.index)}" + map_public_ip_on_launch = true + availability_zone = "${element(data.aws_availability_zones.available.names, count.index)}" + + tags = { + Name = "tf-acc-lb-listener-rule-basic-${count.index}" + } +} + +resource "aws_security_group" "alb_test" { + name = "allow_all_alb_test" + description = "Used for ALB Testing" + vpc_id = "${aws_vpc.alb_test.id}" + + ingress { + from_port = 0 + to_port = 0 + protocol = "-1" + cidr_blocks = ["0.0.0.0/0"] + } + + egress { + from_port = 0 + to_port = 0 + protocol = "-1" + cidr_blocks = ["0.0.0.0/0"] + } + + tags = { + Name = "TestAccAWSALB_basic" + } +} +`, lbName, targetGroupName1, targetGroupName2) +} + +func testAccAWSLBListenerRuleConfig_changeForwardWeightedToBasic(lbName, targetGroupName1 string, targetGroupName2 string) string { + return fmt.Sprintf(` +resource "aws_lb_listener_rule" "weighted" { + listener_arn = "${aws_lb_listener.front_end.arn}" + priority = 100 + + action { + type = "forward" + target_group_arn = "${aws_lb_target_group.test1.arn}" + } + + condition { + field = "path-pattern" + values = ["/weighted/*"] + } +} + +resource "aws_lb_listener" "front_end" { + load_balancer_arn = "${aws_lb.alb_test.id}" + protocol = "HTTP" + port = "80" + + default_action { + target_group_arn = "${aws_lb_target_group.test1.arn}" + type = "forward" + } +} + +resource "aws_lb" "alb_test" { + name = "%s" + internal = true + security_groups = ["${aws_security_group.alb_test.id}"] + subnets = ["${aws_subnet.alb_test.*.id[0]}", "${aws_subnet.alb_test.*.id[1]}"] + + idle_timeout = 30 + enable_deletion_protection = false + + tags = { + Name = "TestAccAWSALB_basic" + } +} + +resource "aws_lb_target_group" "test1" { + name = "%s" + port = 8080 + protocol = "HTTP" + vpc_id = "${aws_vpc.alb_test.id}" + + health_check { + path = "/health" + interval = 60 + port = 8081 + protocol = "HTTP" + timeout = 3 + healthy_threshold = 3 + unhealthy_threshold = 3 + matcher = "200-299" + } +} + +resource "aws_lb_target_group" "test2" { + name = "%s" + port = 8080 + protocol = "HTTP" + vpc_id = "${aws_vpc.alb_test.id}" + + health_check { + path = "/health" + interval = 60 + port = 8081 + protocol = "HTTP" + timeout = 3 + healthy_threshold = 3 + unhealthy_threshold = 3 + matcher = "200-299" + } +} + +variable "subnets" { + default = ["10.0.1.0/24", "10.0.2.0/24"] + type = "list" +} + +data "aws_availability_zones" "available" { + state = "available" + + filter { + name = "opt-in-status" + values = ["opt-in-not-required"] + } +} + +resource "aws_vpc" "alb_test" { + cidr_block = "10.0.0.0/16" + + tags = { + Name = "terraform-testacc-lb-listener-rule-basic" + } +} + +resource "aws_subnet" "alb_test" { + count = 2 + vpc_id = "${aws_vpc.alb_test.id}" + cidr_block = "${element(var.subnets, count.index)}" + map_public_ip_on_launch = true + availability_zone = "${element(data.aws_availability_zones.available.names, count.index)}" + + tags = { + Name = "tf-acc-lb-listener-rule-basic-${count.index}" + } +} + +resource "aws_security_group" "alb_test" { + name = "allow_all_alb_test" + description = "Used for ALB Testing" + vpc_id = "${aws_vpc.alb_test.id}" + + ingress { + from_port = 0 + to_port = 0 + protocol = "-1" + cidr_blocks = ["0.0.0.0/0"] + } + + egress { + from_port = 0 + to_port = 0 + protocol = "-1" + cidr_blocks = ["0.0.0.0/0"] + } + + tags = { + Name = "TestAccAWSALB_basic" + } +} +`, lbName, targetGroupName1, targetGroupName2) +} + func testAccAWSLBListenerRuleConfigBackwardsCompatibility(lbName, targetGroupName string) string { return fmt.Sprintf(` resource "aws_alb_listener_rule" "static" { diff --git a/aws/resource_aws_lb_listener_test.go b/aws/resource_aws_lb_listener_test.go index d711bcd586a..8aa76d1faf8 100644 --- a/aws/resource_aws_lb_listener_test.go +++ b/aws/resource_aws_lb_listener_test.go @@ -43,6 +43,76 @@ func TestAccAWSLBListener_basic(t *testing.T) { }) } +func TestAccAWSLBListener_forwardWeighted(t *testing.T) { + var conf elbv2.Listener + lbName := fmt.Sprintf("testlistener-basic-%s", acctest.RandStringFromCharSet(13, acctest.CharSetAlphaNum)) + targetGroupName1 := fmt.Sprintf("testtargetgroup-%s", acctest.RandStringFromCharSet(10, acctest.CharSetAlphaNum)) + targetGroupName2 := fmt.Sprintf("testtargetgroup-%s", acctest.RandStringFromCharSet(10, acctest.CharSetAlphaNum)) + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + IDRefreshName: "aws_lb_listener.weighted", + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSLBListenerDestroy, + Steps: []resource.TestStep{ + { + Config: testAccAWSLBListenerConfig_forwardWeighted(lbName, targetGroupName1, targetGroupName2), + Check: resource.ComposeAggregateTestCheckFunc( + testAccCheckAWSLBListenerExists("aws_lb_listener.weighted", &conf), + resource.TestCheckResourceAttrSet("aws_lb_listener.weighted", "load_balancer_arn"), + resource.TestCheckResourceAttrSet("aws_lb_listener.weighted", "arn"), + resource.TestCheckResourceAttr("aws_lb_listener.weighted", "protocol", "HTTP"), + resource.TestCheckResourceAttr("aws_lb_listener.weighted", "port", "80"), + resource.TestCheckResourceAttr("aws_lb_listener.weighted", "default_action.#", "1"), + resource.TestCheckResourceAttr("aws_lb_listener.weighted", "default_action.0.order", "1"), + resource.TestCheckResourceAttr("aws_lb_listener.weighted", "default_action.0.type", "forward"), + resource.TestCheckResourceAttr("aws_lb_listener.weighted", "default_action.0.forward.#", "1"), + resource.TestCheckResourceAttr("aws_lb_listener.weighted", "default_action.0.forward.0.target_group.#", "2"), + resource.TestCheckResourceAttr("aws_lb_listener.weighted", "default_action.0.forward.0.stickiness.0.enabled", "false"), + resource.TestCheckResourceAttr("aws_lb_listener.weighted", "default_action.0.forward.0.stickiness.0.duration", "0"), + resource.TestCheckResourceAttr("aws_lb_listener.weighted", "default_action.0.redirect.#", "0"), + resource.TestCheckResourceAttr("aws_lb_listener.weighted", "default_action.0.fixed_response.#", "0"), + ), + }, + { + Config: testAccAWSLBListenerConfig_changeForwardWeightedStickiness(lbName, targetGroupName1, targetGroupName2), + Check: resource.ComposeAggregateTestCheckFunc( + testAccCheckAWSLBListenerExists("aws_lb_listener.weighted", &conf), + resource.TestCheckResourceAttrSet("aws_lb_listener.weighted", "load_balancer_arn"), + resource.TestCheckResourceAttrSet("aws_lb_listener.weighted", "arn"), + resource.TestCheckResourceAttr("aws_lb_listener.weighted", "protocol", "HTTP"), + resource.TestCheckResourceAttr("aws_lb_listener.weighted", "port", "80"), + resource.TestCheckResourceAttr("aws_lb_listener.weighted", "default_action.#", "1"), + resource.TestCheckResourceAttr("aws_lb_listener.weighted", "default_action.0.order", "1"), + resource.TestCheckResourceAttr("aws_lb_listener.weighted", "default_action.0.type", "forward"), + resource.TestCheckResourceAttr("aws_lb_listener.weighted", "default_action.0.forward.#", "1"), + resource.TestCheckResourceAttr("aws_lb_listener.weighted", "default_action.0.forward.0.target_group.#", "2"), + resource.TestCheckResourceAttr("aws_lb_listener.weighted", "default_action.0.forward.0.stickiness.0.enabled", "true"), + resource.TestCheckResourceAttr("aws_lb_listener.weighted", "default_action.0.forward.0.stickiness.0.duration", "3600"), + resource.TestCheckResourceAttr("aws_lb_listener.weighted", "default_action.0.redirect.#", "0"), + resource.TestCheckResourceAttr("aws_lb_listener.weighted", "default_action.0.fixed_response.#", "0"), + ), + }, + { + Config: testAccAWSLBListenerConfig_changeForwardWeightedToBasic(lbName, targetGroupName1, targetGroupName2), + Check: resource.ComposeAggregateTestCheckFunc( + testAccCheckAWSLBListenerExists("aws_lb_listener.weighted", &conf), + resource.TestCheckResourceAttrSet("aws_lb_listener.weighted", "load_balancer_arn"), + resource.TestCheckResourceAttrSet("aws_lb_listener.weighted", "arn"), + resource.TestCheckResourceAttr("aws_lb_listener.weighted", "protocol", "HTTP"), + resource.TestCheckResourceAttr("aws_lb_listener.weighted", "port", "80"), + resource.TestCheckResourceAttr("aws_lb_listener.weighted", "default_action.#", "1"), + resource.TestCheckResourceAttr("aws_lb_listener.weighted", "default_action.0.order", "1"), + resource.TestCheckResourceAttr("aws_lb_listener.weighted", "default_action.0.type", "forward"), + resource.TestCheckResourceAttrSet("aws_lb_listener.weighted", "default_action.0.target_group_arn"), + resource.TestCheckResourceAttr("aws_lb_listener.weighted", "default_action.0.redirect.#", "0"), + resource.TestCheckResourceAttr("aws_lb_listener.weighted", "default_action.0.fixed_response.#", "0"), + ), + }, + }, + }) +} + func TestAccAWSLBListener_basicUdp(t *testing.T) { var conf elbv2.Listener lbName := fmt.Sprintf("testlistener-basic-%s", acctest.RandStringFromCharSet(13, acctest.CharSetAlphaNum)) @@ -555,6 +625,397 @@ resource "aws_security_group" "alb_test" { `, lbName, targetGroupName) } +func testAccAWSLBListenerConfig_forwardWeighted(lbName, targetGroupName1 string, targetGroupName2 string) string { + return fmt.Sprintf(` +resource "aws_lb_listener" "weighted" { + load_balancer_arn = "${aws_lb.alb_test.id}" + protocol = "HTTP" + port = "80" + + default_action { + type = "forward" + forward { + target_group { + arn = "${aws_lb_target_group.test1.arn}" + weight = 1 + } + target_group { + arn = "${aws_lb_target_group.test2.arn}" + weight = 1 + } + } + } +} + +resource "aws_lb" "alb_test" { + name = "%s" + internal = true + security_groups = ["${aws_security_group.alb_test.id}"] + subnets = ["${aws_subnet.alb_test.*.id[0]}", "${aws_subnet.alb_test.*.id[1]}"] + + idle_timeout = 30 + enable_deletion_protection = false + + tags = { + Name = "TestAccAWSALB_basic" + } +} + +resource "aws_lb_target_group" "test1" { + name = "%s" + port = 8080 + protocol = "HTTP" + vpc_id = "${aws_vpc.alb_test.id}" + + health_check { + path = "/health" + interval = 60 + port = 8081 + protocol = "HTTP" + timeout = 3 + healthy_threshold = 3 + unhealthy_threshold = 3 + matcher = "200-299" + } +} + +resource "aws_lb_target_group" "test2" { + name = "%s" + port = 8080 + protocol = "HTTP" + vpc_id = "${aws_vpc.alb_test.id}" + + health_check { + path = "/health" + interval = 60 + port = 8081 + protocol = "HTTP" + timeout = 3 + healthy_threshold = 3 + unhealthy_threshold = 3 + matcher = "200-299" + } +} + +variable "subnets" { + default = ["10.0.1.0/24", "10.0.2.0/24"] + type = "list" +} + +data "aws_availability_zones" "available" { + state = "available" + + filter { + name = "opt-in-status" + values = ["opt-in-not-required"] + } +} + +resource "aws_vpc" "alb_test" { + cidr_block = "10.0.0.0/16" + + tags = { + Name = "terraform-testacc-lb-listener-basic" + } +} + +resource "aws_subnet" "alb_test" { + count = 2 + vpc_id = "${aws_vpc.alb_test.id}" + cidr_block = "${element(var.subnets, count.index)}" + map_public_ip_on_launch = true + availability_zone = "${element(data.aws_availability_zones.available.names, count.index)}" + + tags = { + Name = "tf-acc-lb-listener-basic-${count.index}" + } +} + +resource "aws_security_group" "alb_test" { + name = "allow_all_alb_test" + description = "Used for ALB Testing" + vpc_id = "${aws_vpc.alb_test.id}" + + ingress { + from_port = 0 + to_port = 0 + protocol = "-1" + cidr_blocks = ["0.0.0.0/0"] + } + + egress { + from_port = 0 + to_port = 0 + protocol = "-1" + cidr_blocks = ["0.0.0.0/0"] + } + + tags = { + Name = "TestAccAWSALB_basic" + } +} +`, lbName, targetGroupName1, targetGroupName2) +} + +func testAccAWSLBListenerConfig_changeForwardWeightedStickiness(lbName, targetGroupName1 string, targetGroupName2 string) string { + return fmt.Sprintf(` +resource "aws_lb_listener" "weighted" { + load_balancer_arn = "${aws_lb.alb_test.id}" + protocol = "HTTP" + port = "80" + + default_action { + type = "forward" + forward { + target_group { + arn = "${aws_lb_target_group.test1.arn}" + weight = 1 + } + target_group { + arn = "${aws_lb_target_group.test2.arn}" + weight = 1 + } + stickiness { + enabled = true + duration = 3600 + } + } + } +} + +resource "aws_lb" "alb_test" { + name = "%s" + internal = true + security_groups = ["${aws_security_group.alb_test.id}"] + subnets = ["${aws_subnet.alb_test.*.id[0]}", "${aws_subnet.alb_test.*.id[1]}"] + + idle_timeout = 30 + enable_deletion_protection = false + + tags = { + Name = "TestAccAWSALB_basic" + } +} + +resource "aws_lb_target_group" "test1" { + name = "%s" + port = 8080 + protocol = "HTTP" + vpc_id = "${aws_vpc.alb_test.id}" + + health_check { + path = "/health" + interval = 60 + port = 8081 + protocol = "HTTP" + timeout = 3 + healthy_threshold = 3 + unhealthy_threshold = 3 + matcher = "200-299" + } +} + +resource "aws_lb_target_group" "test2" { + name = "%s" + port = 8080 + protocol = "HTTP" + vpc_id = "${aws_vpc.alb_test.id}" + + health_check { + path = "/health" + interval = 60 + port = 8081 + protocol = "HTTP" + timeout = 3 + healthy_threshold = 3 + unhealthy_threshold = 3 + matcher = "200-299" + } +} + +variable "subnets" { + default = ["10.0.1.0/24", "10.0.2.0/24"] + type = "list" +} + +data "aws_availability_zones" "available" { + state = "available" + + filter { + name = "opt-in-status" + values = ["opt-in-not-required"] + } +} + +resource "aws_vpc" "alb_test" { + cidr_block = "10.0.0.0/16" + + tags = { + Name = "terraform-testacc-lb-listener-rule-basic" + } +} + +resource "aws_subnet" "alb_test" { + count = 2 + vpc_id = "${aws_vpc.alb_test.id}" + cidr_block = "${element(var.subnets, count.index)}" + map_public_ip_on_launch = true + availability_zone = "${element(data.aws_availability_zones.available.names, count.index)}" + + tags = { + Name = "tf-acc-lb-listener-rule-basic-${count.index}" + } +} + +resource "aws_security_group" "alb_test" { + name = "allow_all_alb_test" + description = "Used for ALB Testing" + vpc_id = "${aws_vpc.alb_test.id}" + + ingress { + from_port = 0 + to_port = 0 + protocol = "-1" + cidr_blocks = ["0.0.0.0/0"] + } + + egress { + from_port = 0 + to_port = 0 + protocol = "-1" + cidr_blocks = ["0.0.0.0/0"] + } + + tags = { + Name = "TestAccAWSALB_basic" + } +} +`, lbName, targetGroupName1, targetGroupName2) +} + +func testAccAWSLBListenerConfig_changeForwardWeightedToBasic(lbName, targetGroupName1 string, targetGroupName2 string) string { + return fmt.Sprintf(` +resource "aws_lb_listener" "weighted" { + load_balancer_arn = "${aws_lb.alb_test.id}" + protocol = "HTTP" + port = "80" + + default_action { + target_group_arn = "${aws_lb_target_group.test1.arn}" + type = "forward" + } +} + +resource "aws_lb" "alb_test" { + name = "%s" + internal = true + security_groups = ["${aws_security_group.alb_test.id}"] + subnets = ["${aws_subnet.alb_test.*.id[0]}", "${aws_subnet.alb_test.*.id[1]}"] + + idle_timeout = 30 + enable_deletion_protection = false + + tags = { + Name = "TestAccAWSALB_basic" + } +} + +resource "aws_lb_target_group" "test1" { + name = "%s" + port = 8080 + protocol = "HTTP" + vpc_id = "${aws_vpc.alb_test.id}" + + health_check { + path = "/health" + interval = 60 + port = 8081 + protocol = "HTTP" + timeout = 3 + healthy_threshold = 3 + unhealthy_threshold = 3 + matcher = "200-299" + } +} + +resource "aws_lb_target_group" "test2" { + name = "%s" + port = 8080 + protocol = "HTTP" + vpc_id = "${aws_vpc.alb_test.id}" + + health_check { + path = "/health" + interval = 60 + port = 8081 + protocol = "HTTP" + timeout = 3 + healthy_threshold = 3 + unhealthy_threshold = 3 + matcher = "200-299" + } +} + +variable "subnets" { + default = ["10.0.1.0/24", "10.0.2.0/24"] + type = "list" +} + +data "aws_availability_zones" "available" { + state = "available" + + filter { + name = "opt-in-status" + values = ["opt-in-not-required"] + } +} + +resource "aws_vpc" "alb_test" { + cidr_block = "10.0.0.0/16" + + tags = { + Name = "terraform-testacc-lb-listener-rule-basic" + } +} + +resource "aws_subnet" "alb_test" { + count = 2 + vpc_id = "${aws_vpc.alb_test.id}" + cidr_block = "${element(var.subnets, count.index)}" + map_public_ip_on_launch = true + availability_zone = "${element(data.aws_availability_zones.available.names, count.index)}" + + tags = { + Name = "tf-acc-lb-listener-rule-basic-${count.index}" + } +} + +resource "aws_security_group" "alb_test" { + name = "allow_all_alb_test" + description = "Used for ALB Testing" + vpc_id = "${aws_vpc.alb_test.id}" + + ingress { + from_port = 0 + to_port = 0 + protocol = "-1" + cidr_blocks = ["0.0.0.0/0"] + } + + egress { + from_port = 0 + to_port = 0 + protocol = "-1" + cidr_blocks = ["0.0.0.0/0"] + } + + tags = { + Name = "TestAccAWSALB_basic" + } +} +`, lbName, targetGroupName1, targetGroupName2) +} + func testAccAWSLBListenerConfig_basicUdp(lbName, targetGroupName string) string { return fmt.Sprintf(` resource "aws_lb_listener" "front_end" { From 081b45f48778d569f003f8117576c9181f4cd509 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rub=C3=A9n=20del=20Campo?= Date: Sun, 29 Mar 2020 20:29:50 +0200 Subject: [PATCH 402/475] Update lb_listener_rule and lb_listener docs for weighted target groups --- website/docs/r/lb_listener.html.markdown | 19 ++++++- website/docs/r/lb_listener_rule.html.markdown | 52 ++++++++++++++++++- 2 files changed, 69 insertions(+), 2 deletions(-) diff --git a/website/docs/r/lb_listener.html.markdown b/website/docs/r/lb_listener.html.markdown index 77c3a7189e6..d4a7f2e18ea 100644 --- a/website/docs/r/lb_listener.html.markdown +++ b/website/docs/r/lb_listener.html.markdown @@ -185,10 +185,27 @@ The following arguments are supported: Action Blocks (for `default_action`) support the following: * `type` - (Required) The type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`. -* `target_group_arn` - (Optional) The ARN of the Target Group to which to route traffic. Required if `type` is `forward`. +* `target_group_arn` - (Optional) The ARN of the Target Group to which to route traffic. Specify only if `type` is `forward` and you want to route to a single target group. To route to one or more target groups, use a `forward` block instead. +* `forward` - (Optional) Information for creating an action that distributes requests among one or more target groups. Specify only if `type` is `forward`. If you specify both `forward` block and `target_group_arn` attribute, you can specify only one target group using `forward` and it must be the same target group specified in `target_group_arn`. * `redirect` - (Optional) Information for creating a redirect action. Required if `type` is `redirect`. * `fixed_response` - (Optional) Information for creating an action that returns a custom HTTP response. Required if `type` is `fixed-response`. +Forward Blocks (for `forward`) support the following: + +* `target_group` - (Required) One or more target groups block. +* `stickiness` - (Optional) The target group stickiness for the rule. + +Target Group Blocks (for `target_group`) supports the following: + +* `arn` - (Required) The Amazon Resource Name (ARN) of the target group. +* `weight` - (Optional) The weight. The range is 0 to 999. + +Target Group Stickiness Config Blocks (for `stickiness`) supports the following: + +* `enabled` - (Required) Indicates whether target group stickiness is enabled. +* `duration` - (Optional) The time period, in seconds, during which requests from a client should be routed to the same target group. The range is 1-604800 seconds (7 days). + + Redirect Blocks (for `redirect`) support the following: ~> **NOTE::** You can reuse URI components using the following reserved keywords: `#{protocol}`, `#{host}`, `#{port}`, `#{path}` (the leading "/" is removed) and `#{query}`. diff --git a/website/docs/r/lb_listener_rule.html.markdown b/website/docs/r/lb_listener_rule.html.markdown index ff9e2cf5ad9..bb3ffc8c324 100644 --- a/website/docs/r/lb_listener_rule.html.markdown +++ b/website/docs/r/lb_listener_rule.html.markdown @@ -51,6 +51,40 @@ resource "aws_lb_listener_rule" "host_based_routing" { listener_arn = "${aws_lb_listener.front_end.arn}" priority = 99 + action { + type = "forward" + forward { + target_group { + arn = "${aws_lb_target_group.main.arn}" + weight = 80 + } + + target_group { + arn = "${aws_lb_target_group.canary.arn}" + weight = 20 + } + + stickiness { + enabled = true + duration = 600 + } + + } + } + + condition { + host_header { + values = ["my-service.*.terraform.io"] + } + } +} + +# Weighted Forward action + +resource "aws_lb_listener_rule" "host_based_weighted_routing" { + listener_arn = "${aws_lb_listener.front_end.arn}" + priority = 99 + action { type = "forward" target_group_arn = "${aws_lb_target_group.static.arn}" @@ -185,12 +219,28 @@ The following arguments are supported: Action Blocks (for `action`) support the following: * `type` - (Required) The type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`. -* `target_group_arn` - (Optional) The ARN of the Target Group to which to route traffic. Required if `type` is `forward`. +* `target_group_arn` - (Optional) The ARN of the Target Group to which to route traffic. Specify only if `type` is `forward` and you want to route to a single target group. To route to one or more target groups, use a `forward` block instead. +* `forward` - (Optional) Information for creating an action that distributes requests among one or more target groups. Specify only if `type` is `forward`. If you specify both `forward` block and `target_group_arn` attribute, you can specify only one target group using `forward` and it must be the same target group specified in `target_group_arn`. * `redirect` - (Optional) Information for creating a redirect action. Required if `type` is `redirect`. * `fixed_response` - (Optional) Information for creating an action that returns a custom HTTP response. Required if `type` is `fixed-response`. * `authenticate_cognito` - (Optional) Information for creating an authenticate action using Cognito. Required if `type` is `authenticate-cognito`. * `authenticate_oidc` - (Optional) Information for creating an authenticate action using OIDC. Required if `type` is `authenticate-oidc`. +Forward Blocks (for `forward`) support the following: + +* `target_group` - (Required) One or more target groups block. +* `stickiness` - (Optional) The target group stickiness for the rule. + +Target Group Blocks (for `target_group`) supports the following: + +* `arn` - (Required) The Amazon Resource Name (ARN) of the target group. +* `weight` - (Optional) The weight. The range is 0 to 999. + +Target Group Stickiness Config Blocks (for `stickiness`) supports the following: + +* `enabled` - (Required) Indicates whether target group stickiness is enabled. +* `duration` - (Optional) The time period, in seconds, during which requests from a client should be routed to the same target group. The range is 1-604800 seconds (7 days). + Redirect Blocks (for `redirect`) support the following: ~> **NOTE::** You can reuse URI components using the following reserved keywords: `#{protocol}`, `#{host}`, `#{port}`, `#{path}` (the leading "/" is removed) and `#{query}`. From 0c4a33c66b0e5ded16200563cd99fe9c7ffa6454 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rub=C3=A9n=20del=20Campo?= Date: Sun, 29 Mar 2020 20:44:36 +0200 Subject: [PATCH 403/475] Prevent exiting without retries if one ResourceInUse error is returned when deleting an LB TargetGroup --- aws/resource_aws_lb_target_group.go | 23 ++++++++++++++++++++++- 1 file changed, 22 insertions(+), 1 deletion(-) diff --git a/aws/resource_aws_lb_target_group.go b/aws/resource_aws_lb_target_group.go index 7f116eb9790..31c71835e85 100644 --- a/aws/resource_aws_lb_target_group.go +++ b/aws/resource_aws_lb_target_group.go @@ -7,6 +7,7 @@ import ( "regexp" "strconv" "strings" + "time" "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/service/elbv2" @@ -495,9 +496,29 @@ func resourceAwsLbTargetGroupUpdate(d *schema.ResourceData, meta interface{}) er func resourceAwsLbTargetGroupDelete(d *schema.ResourceData, meta interface{}) error { elbconn := meta.(*AWSClient).elbv2conn - _, err := elbconn.DeleteTargetGroup(&elbv2.DeleteTargetGroupInput{ + input := &elbv2.DeleteTargetGroupInput{ TargetGroupArn: aws.String(d.Id()), + } + + log.Printf("[DEBUG] Deleting Target Group (%s): %s", d.Id(), input) + err := resource.Retry(2*time.Minute, func() *resource.RetryError { + _, err := elbconn.DeleteTargetGroup(input) + + if isAWSErr(err, "ResourceInUse", "is currently in use by a listener or a rule") { + return resource.RetryableError(err) + } + + if err != nil { + return resource.NonRetryableError(err) + } + + return nil }) + + if isResourceTimeoutError(err) { + _, err = elbconn.DeleteTargetGroup(input) + } + if err != nil { return fmt.Errorf("Error deleting Target Group: %s", err) } From a682c69f4e872da9c1be192b408825b8dd84b1d4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rub=C3=A9n=20del=20Campo?= Date: Sun, 29 Mar 2020 20:58:31 +0200 Subject: [PATCH 404/475] Run make website-lint-fix in lb_listener_rule.html.markdown --- website/docs/r/lb_listener_rule.html.markdown | 34 +++++++++---------- 1 file changed, 17 insertions(+), 17 deletions(-) diff --git a/website/docs/r/lb_listener_rule.html.markdown b/website/docs/r/lb_listener_rule.html.markdown index bb3ffc8c324..68c44a37d2c 100644 --- a/website/docs/r/lb_listener_rule.html.markdown +++ b/website/docs/r/lb_listener_rule.html.markdown @@ -53,23 +53,23 @@ resource "aws_lb_listener_rule" "host_based_routing" { action { type = "forward" - forward { - target_group { - arn = "${aws_lb_target_group.main.arn}" - weight = 80 - } - - target_group { - arn = "${aws_lb_target_group.canary.arn}" - weight = 20 - } - - stickiness { - enabled = true - duration = 600 - } - - } + forward { + target_group { + arn = "${aws_lb_target_group.main.arn}" + weight = 80 + } + + target_group { + arn = "${aws_lb_target_group.canary.arn}" + weight = 20 + } + + stickiness { + enabled = true + duration = 600 + } + + } } condition { From e58ae5766c2f7c3af24e010c2d2cceb32cc21a3a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rub=C3=A9n=20del=20Campo?= Date: Wed, 1 Apr 2020 09:54:56 +0200 Subject: [PATCH 405/475] Fix stickiness duration attirbute not changing when stickiness enabled status is set to false --- aws/resource_aws_lb_listener_rule.go | 12 +++--------- 1 file changed, 3 insertions(+), 9 deletions(-) diff --git a/aws/resource_aws_lb_listener_rule.go b/aws/resource_aws_lb_listener_rule.go index 2136ee27250..47d18c01289 100644 --- a/aws/resource_aws_lb_listener_rule.go +++ b/aws/resource_aws_lb_listener_rule.go @@ -1404,15 +1404,9 @@ func lbListenerRuleActionForward(actionMap map[string]interface{}, action *elbv2 stickinessInput := forwardMap["stickiness"].([]interface{}) if len(stickinessInput) != 0 { stickyInputMap := stickinessInput[0].(map[string]interface{}) - if stickyInputMap["enabled"].(bool) { - action.ForwardConfig.TargetGroupStickinessConfig = &elbv2.TargetGroupStickinessConfig{ - Enabled: aws.Bool(stickyInputMap["enabled"].(bool)), - DurationSeconds: aws.Int64(int64(stickyInputMap["duration"].(int))), - } - } else { - action.ForwardConfig.TargetGroupStickinessConfig = &elbv2.TargetGroupStickinessConfig{ - Enabled: aws.Bool(false), - } + action.ForwardConfig.TargetGroupStickinessConfig = &elbv2.TargetGroupStickinessConfig{ + Enabled: aws.Bool(stickyInputMap["enabled"].(bool)), + DurationSeconds: aws.Int64(int64(stickyInputMap["duration"].(int))), } } } else { From e1ac8563a64bbe495c27dd38e6b0130e8e5d7cb4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rub=C3=A9n=20del=20Campo?= Date: Fri, 29 May 2020 10:17:49 +0200 Subject: [PATCH 406/475] Use testAccMatchResourceAttrRegionalARN instead of resource.TestCheckResourceAttrSet --- aws/resource_aws_lb_listener_rule_test.go | 120 +++++++++++----------- 1 file changed, 60 insertions(+), 60 deletions(-) diff --git a/aws/resource_aws_lb_listener_rule_test.go b/aws/resource_aws_lb_listener_rule_test.go index ad00e9be294..7b8275d8f34 100644 --- a/aws/resource_aws_lb_listener_rule_test.go +++ b/aws/resource_aws_lb_listener_rule_test.go @@ -70,13 +70,13 @@ func TestAccAWSLBListenerRule_basic(t *testing.T) { Config: testAccAWSLBListenerRuleConfig_basic(lbName, targetGroupName), Check: resource.ComposeAggregateTestCheckFunc( testAccCheckAWSLBListenerRuleExists("aws_lb_listener_rule.static", &conf), - resource.TestCheckResourceAttrSet("aws_lb_listener_rule.static", "arn"), - resource.TestCheckResourceAttrSet("aws_lb_listener_rule.static", "listener_arn"), + testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.static", "arn", "elasticloadbalancing", regexp.MustCompile("listener-rule/.+$")), + testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.static", "listener_arn", "elasticloadbalancing", regexp.MustCompile("listener/.+$")), resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "priority", "100"), resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "action.#", "1"), resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "action.0.order", "1"), resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "action.0.type", "forward"), - resource.TestCheckResourceAttrSet("aws_lb_listener_rule.static", "action.0.target_group_arn"), + testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.static", "action.0.target_group_arn", "elasticloadbalancing", regexp.MustCompile("targetgroup/.+$")), resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "action.0.redirect.#", "0"), resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "action.0.fixed_response.#", "0"), resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "action.0.authenticate_cognito.#", "0"), @@ -113,8 +113,8 @@ func TestAccAWSLBListenerRule_forwardWeighted(t *testing.T) { Config: testAccAWSLBListenerRuleConfig_forwardWeighted(lbName, targetGroupName1, targetGroupName2), Check: resource.ComposeAggregateTestCheckFunc( testAccCheckAWSLBListenerRuleExists("aws_lb_listener_rule.weighted", &conf), - resource.TestCheckResourceAttrSet("aws_lb_listener_rule.weighted", "arn"), - resource.TestCheckResourceAttrSet("aws_lb_listener_rule.weighted", "listener_arn"), + testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.weighted", "arn", "elasticloadbalancing", regexp.MustCompile("listener-rule/.+$")), + testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.weighted", "listener_arn", "elasticloadbalancing", regexp.MustCompile("listener/.+$")), resource.TestCheckResourceAttr("aws_lb_listener_rule.weighted", "priority", "100"), resource.TestCheckResourceAttr("aws_lb_listener_rule.weighted", "action.#", "1"), resource.TestCheckResourceAttr("aws_lb_listener_rule.weighted", "action.0.order", "1"), @@ -134,8 +134,8 @@ func TestAccAWSLBListenerRule_forwardWeighted(t *testing.T) { Config: testAccAWSLBListenerRuleConfig_changeForwardWeightedStickiness(lbName, targetGroupName1, targetGroupName2), Check: resource.ComposeAggregateTestCheckFunc( testAccCheckAWSLBListenerRuleExists("aws_lb_listener_rule.weighted", &conf), - resource.TestCheckResourceAttrSet("aws_lb_listener_rule.weighted", "arn"), - resource.TestCheckResourceAttrSet("aws_lb_listener_rule.weighted", "listener_arn"), + testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.weighted", "arn", "elasticloadbalancing", regexp.MustCompile("listener-rule/.+$")), + testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.weighted", "listener_arn", "elasticloadbalancing", regexp.MustCompile("listener/.+$")), resource.TestCheckResourceAttr("aws_lb_listener_rule.weighted", "priority", "100"), resource.TestCheckResourceAttr("aws_lb_listener_rule.weighted", "action.#", "1"), resource.TestCheckResourceAttr("aws_lb_listener_rule.weighted", "action.0.order", "1"), @@ -155,13 +155,13 @@ func TestAccAWSLBListenerRule_forwardWeighted(t *testing.T) { Config: testAccAWSLBListenerRuleConfig_changeForwardWeightedToBasic(lbName, targetGroupName1, targetGroupName2), Check: resource.ComposeAggregateTestCheckFunc( testAccCheckAWSLBListenerRuleExists("aws_lb_listener_rule.weighted", &conf), - resource.TestCheckResourceAttrSet("aws_lb_listener_rule.weighted", "arn"), - resource.TestCheckResourceAttrSet("aws_lb_listener_rule.weighted", "listener_arn"), + testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.weighted", "arn", "elasticloadbalancing", regexp.MustCompile("listener-rule/.+$")), + testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.weighted", "listener_arn", "elasticloadbalancing", regexp.MustCompile("listener/.+$")), resource.TestCheckResourceAttr("aws_lb_listener_rule.weighted", "priority", "100"), resource.TestCheckResourceAttr("aws_lb_listener_rule.weighted", "action.#", "1"), resource.TestCheckResourceAttr("aws_lb_listener_rule.weighted", "action.0.order", "1"), resource.TestCheckResourceAttr("aws_lb_listener_rule.weighted", "action.0.type", "forward"), - resource.TestCheckResourceAttrSet("aws_lb_listener_rule.weighted", "action.0.target_group_arn"), + testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.weighted", "action.0.target_group_arn", "elasticloadbalancing", regexp.MustCompile("targetgroup/.+$")), resource.TestCheckResourceAttr("aws_lb_listener_rule.weighted", "action.0.redirect.#", "0"), resource.TestCheckResourceAttr("aws_lb_listener_rule.weighted", "action.0.fixed_response.#", "0"), resource.TestCheckResourceAttr("aws_lb_listener_rule.weighted", "action.0.authenticate_cognito.#", "0"), @@ -189,13 +189,13 @@ func TestAccAWSLBListenerRuleBackwardsCompatibility(t *testing.T) { Config: testAccAWSLBListenerRuleConfigBackwardsCompatibility(lbName, targetGroupName), Check: resource.ComposeAggregateTestCheckFunc( testAccCheckAWSLBListenerRuleExists("aws_alb_listener_rule.static", &conf), - resource.TestCheckResourceAttrSet("aws_alb_listener_rule.static", "arn"), - resource.TestCheckResourceAttrSet("aws_alb_listener_rule.static", "listener_arn"), + testAccMatchResourceAttrRegionalARN("aws_alb_listener_rule.static", "arn", "elasticloadbalancing", regexp.MustCompile("listener-rule/.+$")), + testAccMatchResourceAttrRegionalARN("aws_alb_listener_rule.static", "listener_arn", "elasticloadbalancing", regexp.MustCompile("listener/.+$")), resource.TestCheckResourceAttr("aws_alb_listener_rule.static", "priority", "100"), resource.TestCheckResourceAttr("aws_alb_listener_rule.static", "action.#", "1"), resource.TestCheckResourceAttr("aws_alb_listener_rule.static", "action.0.order", "1"), resource.TestCheckResourceAttr("aws_alb_listener_rule.static", "action.0.type", "forward"), - resource.TestCheckResourceAttrSet("aws_alb_listener_rule.static", "action.0.target_group_arn"), + testAccMatchResourceAttrRegionalARN("aws_alb_listener_rule.static", "action.0.target_group_arn", "elasticloadbalancing", regexp.MustCompile("targetgroup/.+$")), resource.TestCheckResourceAttr("aws_alb_listener_rule.static", "action.0.redirect.#", "0"), resource.TestCheckResourceAttr("aws_alb_listener_rule.static", "action.0.fixed_response.#", "0"), resource.TestCheckResourceAttr("aws_alb_listener_rule.static", "action.0.authenticate_cognito.#", "0"), @@ -230,8 +230,8 @@ func TestAccAWSLBListenerRule_redirect(t *testing.T) { Config: testAccAWSLBListenerRuleConfig_redirect(lbName), Check: resource.ComposeAggregateTestCheckFunc( testAccCheckAWSLBListenerRuleExists("aws_lb_listener_rule.static", &conf), - resource.TestCheckResourceAttrSet("aws_lb_listener_rule.static", "arn"), - resource.TestCheckResourceAttrSet("aws_lb_listener_rule.static", "listener_arn"), + testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.static", "arn", "elasticloadbalancing", regexp.MustCompile("listener-rule/.+$")), + testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.static", "listener_arn", "elasticloadbalancing", regexp.MustCompile("listener/.+$")), resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "priority", "100"), resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "action.#", "1"), resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "action.0.order", "1"), @@ -268,8 +268,8 @@ func TestAccAWSLBListenerRule_fixedResponse(t *testing.T) { Config: testAccAWSLBListenerRuleConfig_fixedResponse(lbName, "Fixed response content"), Check: resource.ComposeAggregateTestCheckFunc( testAccCheckAWSLBListenerRuleExists("aws_lb_listener_rule.static", &conf), - resource.TestCheckResourceAttrSet("aws_lb_listener_rule.static", "arn"), - resource.TestCheckResourceAttrSet("aws_lb_listener_rule.static", "listener_arn"), + testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.static", "arn", "elasticloadbalancing", regexp.MustCompile("listener-rule/.+$")), + testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.static", "listener_arn", "elasticloadbalancing", regexp.MustCompile("listener/.+$")), resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "priority", "100"), resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "action.#", "1"), resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "action.0.order", "1"), @@ -482,20 +482,20 @@ func TestAccAWSLBListenerRule_cognito(t *testing.T) { Config: testAccAWSLBListenerRuleConfig_cognito(rName, key, certificate), Check: resource.ComposeAggregateTestCheckFunc( testAccCheckAWSLBListenerRuleExists("aws_lb_listener_rule.cognito", &conf), - resource.TestCheckResourceAttrSet("aws_lb_listener_rule.cognito", "arn"), - resource.TestCheckResourceAttrSet("aws_lb_listener_rule.cognito", "listener_arn"), + testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.cognito", "arn", "elasticloadbalancing", regexp.MustCompile("listener-rule/.+$")), + testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.cognito", "listener_arn", "elasticloadbalancing", regexp.MustCompile("listener/.+$")), resource.TestCheckResourceAttr("aws_lb_listener_rule.cognito", "priority", "100"), resource.TestCheckResourceAttr("aws_lb_listener_rule.cognito", "action.#", "2"), resource.TestCheckResourceAttr("aws_lb_listener_rule.cognito", "action.0.order", "1"), resource.TestCheckResourceAttr("aws_lb_listener_rule.cognito", "action.0.type", "authenticate-cognito"), - resource.TestCheckResourceAttrSet("aws_lb_listener_rule.cognito", "action.0.authenticate_cognito.0.user_pool_arn"), + testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.cognito", "action.1.target_group_arn", "cognito-idp", regexp.MustCompile("userpool/.+$")), resource.TestCheckResourceAttrSet("aws_lb_listener_rule.cognito", "action.0.authenticate_cognito.0.user_pool_client_id"), resource.TestCheckResourceAttrSet("aws_lb_listener_rule.cognito", "action.0.authenticate_cognito.0.user_pool_domain"), resource.TestCheckResourceAttr("aws_lb_listener_rule.cognito", "action.0.authenticate_cognito.0.authentication_request_extra_params.%", "1"), resource.TestCheckResourceAttr("aws_lb_listener_rule.cognito", "action.0.authenticate_cognito.0.authentication_request_extra_params.param", "test"), resource.TestCheckResourceAttr("aws_lb_listener_rule.cognito", "action.1.order", "2"), resource.TestCheckResourceAttr("aws_lb_listener_rule.cognito", "action.1.type", "forward"), - resource.TestCheckResourceAttrSet("aws_lb_listener_rule.cognito", "action.1.target_group_arn"), + testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.cognito", "action.1.target_group_arn", "elasticloadbalancing", regexp.MustCompile("targetgroup/.+$")), resource.TestCheckResourceAttr("aws_lb_listener_rule.cognito", "condition.#", "1"), ), }, @@ -519,8 +519,8 @@ func TestAccAWSLBListenerRule_oidc(t *testing.T) { Config: testAccAWSLBListenerRuleConfig_oidc(rName, key, certificate), Check: resource.ComposeAggregateTestCheckFunc( testAccCheckAWSLBListenerRuleExists("aws_lb_listener_rule.oidc", &conf), - resource.TestCheckResourceAttrSet("aws_lb_listener_rule.oidc", "arn"), - resource.TestCheckResourceAttrSet("aws_lb_listener_rule.oidc", "listener_arn"), + testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.oidc", "arn", "elasticloadbalancing", regexp.MustCompile("listener-rule/.+$")), + testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.oidc", "listener_arn", "elasticloadbalancing", regexp.MustCompile("listener/.+$")), resource.TestCheckResourceAttr("aws_lb_listener_rule.oidc", "priority", "100"), resource.TestCheckResourceAttr("aws_lb_listener_rule.oidc", "action.#", "2"), resource.TestCheckResourceAttr("aws_lb_listener_rule.oidc", "action.0.order", "1"), @@ -535,7 +535,7 @@ func TestAccAWSLBListenerRule_oidc(t *testing.T) { resource.TestCheckResourceAttr("aws_lb_listener_rule.oidc", "action.0.authenticate_oidc.0.authentication_request_extra_params.param", "test"), resource.TestCheckResourceAttr("aws_lb_listener_rule.oidc", "action.1.order", "2"), resource.TestCheckResourceAttr("aws_lb_listener_rule.oidc", "action.1.type", "forward"), - resource.TestCheckResourceAttrSet("aws_lb_listener_rule.oidc", "action.1.target_group_arn"), + testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.oidc", "action.1.target_group_arn", "elasticloadbalancing", regexp.MustCompile("targetgroup/.+$")), resource.TestCheckResourceAttr("aws_lb_listener_rule.oidc", "condition.#", "1"), ), }, @@ -661,8 +661,8 @@ func TestAccAWSLBListenerRule_conditionHostHeader(t *testing.T) { Config: testAccAWSLBListenerRuleConfig_conditionHostHeader(lbName), Check: resource.ComposeAggregateTestCheckFunc( testAccCheckAWSLBListenerRuleExists("aws_lb_listener_rule.static", &conf), - resource.TestCheckResourceAttrSet("aws_lb_listener_rule.static", "arn"), - resource.TestCheckResourceAttrSet("aws_lb_listener_rule.static", "listener_arn"), + testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.static", "arn", "elasticloadbalancing", regexp.MustCompile("listener-rule/.+$")), + testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.static", "listener_arn", "elasticloadbalancing", regexp.MustCompile("listener/.+$")), resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "priority", "100"), resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "action.#", "1"), resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.#", "1"), @@ -700,8 +700,8 @@ func TestAccAWSLBListenerRule_conditionHostHeader_deprecated(t *testing.T) { Config: testAccAWSLBListenerRuleConfig_conditionHostHeader_deprecated(lbName), Check: resource.ComposeAggregateTestCheckFunc( testAccCheckAWSLBListenerRuleExists("aws_lb_listener_rule.static", &conf), - resource.TestCheckResourceAttrSet("aws_lb_listener_rule.static", "arn"), - resource.TestCheckResourceAttrSet("aws_lb_listener_rule.static", "listener_arn"), + testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.static", "arn", "elasticloadbalancing", regexp.MustCompile("listener-rule/.+$")), + testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.static", "listener_arn", "elasticloadbalancing", regexp.MustCompile("listener/.+$")), resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "priority", "100"), resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "action.#", "1"), resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.#", "1"), @@ -737,8 +737,8 @@ func TestAccAWSLBListenerRule_conditionHttpHeader(t *testing.T) { Config: testAccAWSLBListenerRuleConfig_conditionHttpHeader(lbName), Check: resource.ComposeAggregateTestCheckFunc( testAccCheckAWSLBListenerRuleExists("aws_lb_listener_rule.static", &conf), - resource.TestCheckResourceAttrSet("aws_lb_listener_rule.static", "arn"), - resource.TestCheckResourceAttrSet("aws_lb_listener_rule.static", "listener_arn"), + testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.static", "arn", "elasticloadbalancing", regexp.MustCompile("listener-rule/.+$")), + testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.static", "listener_arn", "elasticloadbalancing", regexp.MustCompile("listener/.+$")), resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "priority", "100"), resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "action.#", "1"), resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.#", "2"), @@ -800,8 +800,8 @@ func TestAccAWSLBListenerRule_conditionHttpRequestMethod(t *testing.T) { Config: testAccAWSLBListenerRuleConfig_conditionHttpRequestMethod(lbName), Check: resource.ComposeAggregateTestCheckFunc( testAccCheckAWSLBListenerRuleExists("aws_lb_listener_rule.static", &conf), - resource.TestCheckResourceAttrSet("aws_lb_listener_rule.static", "arn"), - resource.TestCheckResourceAttrSet("aws_lb_listener_rule.static", "listener_arn"), + testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.static", "arn", "elasticloadbalancing", regexp.MustCompile("listener-rule/.+$")), + testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.static", "listener_arn", "elasticloadbalancing", regexp.MustCompile("listener/.+$")), resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "priority", "100"), resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "action.#", "1"), resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.#", "1"), @@ -837,8 +837,8 @@ func TestAccAWSLBListenerRule_conditionPathPattern(t *testing.T) { Config: testAccAWSLBListenerRuleConfig_conditionPathPattern(lbName), Check: resource.ComposeAggregateTestCheckFunc( testAccCheckAWSLBListenerRuleExists("aws_lb_listener_rule.static", &conf), - resource.TestCheckResourceAttrSet("aws_lb_listener_rule.static", "arn"), - resource.TestCheckResourceAttrSet("aws_lb_listener_rule.static", "listener_arn"), + testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.static", "arn", "elasticloadbalancing", regexp.MustCompile("listener-rule/.+$")), + testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.static", "listener_arn", "elasticloadbalancing", regexp.MustCompile("listener/.+$")), resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "priority", "100"), resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "action.#", "1"), resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.#", "1"), @@ -876,8 +876,8 @@ func TestAccAWSLBListenerRule_conditionPathPattern_deprecated(t *testing.T) { Config: testAccAWSLBListenerRuleConfig_conditionPathPattern_deprecated(lbName), Check: resource.ComposeAggregateTestCheckFunc( testAccCheckAWSLBListenerRuleExists("aws_lb_listener_rule.static", &conf), - resource.TestCheckResourceAttrSet("aws_lb_listener_rule.static", "arn"), - resource.TestCheckResourceAttrSet("aws_lb_listener_rule.static", "listener_arn"), + testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.static", "arn", "elasticloadbalancing", regexp.MustCompile("listener-rule/.+$")), + testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.static", "listener_arn", "elasticloadbalancing", regexp.MustCompile("listener/.+$")), resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "priority", "100"), resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "action.#", "1"), resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.#", "1"), @@ -913,8 +913,8 @@ func TestAccAWSLBListenerRule_conditionUpdatePathPattern_deprecated(t *testing.T Config: testAccAWSLBListenerRuleConfig_conditionPathPattern_deprecated(lbName), Check: resource.ComposeAggregateTestCheckFunc( testAccCheckAWSLBListenerRuleExists("aws_lb_listener_rule.static", &conf), - resource.TestCheckResourceAttrSet("aws_lb_listener_rule.static", "arn"), - resource.TestCheckResourceAttrSet("aws_lb_listener_rule.static", "listener_arn"), + testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.static", "arn", "elasticloadbalancing", regexp.MustCompile("listener-rule/.+$")), + testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.static", "listener_arn", "elasticloadbalancing", regexp.MustCompile("listener/.+$")), resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.837782343.field", "path-pattern"), resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.837782343.path_pattern.0.values.1973895062", "/public/*"), resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.837782343.values.0", "/public/*"), @@ -924,8 +924,8 @@ func TestAccAWSLBListenerRule_conditionUpdatePathPattern_deprecated(t *testing.T Config: testAccAWSLBListenerRuleConfig_conditionPathPattern_deprecatedUpdated(lbName), Check: resource.ComposeAggregateTestCheckFunc( testAccCheckAWSLBListenerRuleExists("aws_lb_listener_rule.static", &conf), - resource.TestCheckResourceAttrSet("aws_lb_listener_rule.static", "arn"), - resource.TestCheckResourceAttrSet("aws_lb_listener_rule.static", "listener_arn"), + testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.static", "arn", "elasticloadbalancing", regexp.MustCompile("listener-rule/.+$")), + testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.static", "listener_arn", "elasticloadbalancing", regexp.MustCompile("listener/.+$")), resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.3300407761.path_pattern.0.values.1764929539", "/cgi-bin/*"), resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.3300407761.values.0", "/cgi-bin/*"), ), @@ -934,8 +934,8 @@ func TestAccAWSLBListenerRule_conditionUpdatePathPattern_deprecated(t *testing.T Config: testAccAWSLBListenerRuleConfig_conditionPathPattern_migrated(lbName), Check: resource.ComposeAggregateTestCheckFunc( testAccCheckAWSLBListenerRuleExists("aws_lb_listener_rule.static", &conf), - resource.TestCheckResourceAttrSet("aws_lb_listener_rule.static", "arn"), - resource.TestCheckResourceAttrSet("aws_lb_listener_rule.static", "listener_arn"), + testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.static", "arn", "elasticloadbalancing", regexp.MustCompile("listener-rule/.+$")), + testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.static", "listener_arn", "elasticloadbalancing", regexp.MustCompile("listener/.+$")), resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.3300407761.path_pattern.0.values.1764929539", "/cgi-bin/*"), resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.3300407761.values.0", "/cgi-bin/*"), ), @@ -944,8 +944,8 @@ func TestAccAWSLBListenerRule_conditionUpdatePathPattern_deprecated(t *testing.T Config: testAccAWSLBListenerRuleConfig_conditionPathPattern(lbName), Check: resource.ComposeAggregateTestCheckFunc( testAccCheckAWSLBListenerRuleExists("aws_lb_listener_rule.static", &conf), - resource.TestCheckResourceAttrSet("aws_lb_listener_rule.static", "arn"), - resource.TestCheckResourceAttrSet("aws_lb_listener_rule.static", "listener_arn"), + testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.static", "arn", "elasticloadbalancing", regexp.MustCompile("listener-rule/.+$")), + testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.static", "listener_arn", "elasticloadbalancing", regexp.MustCompile("listener/.+$")), resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.2177156802.path_pattern.0.values.1764929539", "/cgi-bin/*"), resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.2177156802.path_pattern.0.values.1973895062", "/public/*"), resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.2177156802.values.0", "/cgi-bin/*"), @@ -971,8 +971,8 @@ func TestAccAWSLBListenerRule_conditionQueryString(t *testing.T) { Config: testAccAWSLBListenerRuleConfig_conditionQueryString(lbName), Check: resource.ComposeAggregateTestCheckFunc( testAccCheckAWSLBListenerRuleExists("aws_lb_listener_rule.static", &conf), - resource.TestCheckResourceAttrSet("aws_lb_listener_rule.static", "arn"), - resource.TestCheckResourceAttrSet("aws_lb_listener_rule.static", "listener_arn"), + testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.static", "arn", "elasticloadbalancing", regexp.MustCompile("listener-rule/.+$")), + testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.static", "listener_arn", "elasticloadbalancing", regexp.MustCompile("listener/.+$")), resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "priority", "100"), resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "action.#", "1"), resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.#", "2"), @@ -1021,8 +1021,8 @@ func TestAccAWSLBListenerRule_conditionSourceIp(t *testing.T) { Config: testAccAWSLBListenerRuleConfig_conditionSourceIp(lbName), Check: resource.ComposeAggregateTestCheckFunc( testAccCheckAWSLBListenerRuleExists("aws_lb_listener_rule.static", &conf), - resource.TestCheckResourceAttrSet("aws_lb_listener_rule.static", "arn"), - resource.TestCheckResourceAttrSet("aws_lb_listener_rule.static", "listener_arn"), + testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.static", "arn", "elasticloadbalancing", regexp.MustCompile("listener-rule/.+$")), + testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.static", "listener_arn", "elasticloadbalancing", regexp.MustCompile("listener/.+$")), resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "priority", "100"), resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "action.#", "1"), resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.#", "1"), @@ -1058,8 +1058,8 @@ func TestAccAWSLBListenerRule_conditionUpdateMixed(t *testing.T) { Config: testAccAWSLBListenerRuleConfig_conditionMixed(lbName), Check: resource.ComposeAggregateTestCheckFunc( testAccCheckAWSLBListenerRuleExists("aws_lb_listener_rule.static", &conf), - resource.TestCheckResourceAttrSet("aws_lb_listener_rule.static", "arn"), - resource.TestCheckResourceAttrSet("aws_lb_listener_rule.static", "listener_arn"), + testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.static", "arn", "elasticloadbalancing", regexp.MustCompile("listener-rule/.+$")), + testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.static", "listener_arn", "elasticloadbalancing", regexp.MustCompile("listener/.+$")), resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "action.#", "1"), resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.#", "2"), resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.837782343.field", "path-pattern"), @@ -1076,8 +1076,8 @@ func TestAccAWSLBListenerRule_conditionUpdateMixed(t *testing.T) { Config: testAccAWSLBListenerRuleConfig_conditionMixed_updated(lbName), Check: resource.ComposeAggregateTestCheckFunc( testAccCheckAWSLBListenerRuleExists("aws_lb_listener_rule.static", &conf), - resource.TestCheckResourceAttrSet("aws_lb_listener_rule.static", "arn"), - resource.TestCheckResourceAttrSet("aws_lb_listener_rule.static", "listener_arn"), + testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.static", "arn", "elasticloadbalancing", regexp.MustCompile("listener-rule/.+$")), + testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.static", "listener_arn", "elasticloadbalancing", regexp.MustCompile("listener/.+$")), resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "action.#", "1"), resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.#", "2"), resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.837782343.field", "path-pattern"), @@ -1094,8 +1094,8 @@ func TestAccAWSLBListenerRule_conditionUpdateMixed(t *testing.T) { Config: testAccAWSLBListenerRuleConfig_conditionMixed_updated2(lbName), Check: resource.ComposeAggregateTestCheckFunc( testAccCheckAWSLBListenerRuleExists("aws_lb_listener_rule.static", &conf), - resource.TestCheckResourceAttrSet("aws_lb_listener_rule.static", "arn"), - resource.TestCheckResourceAttrSet("aws_lb_listener_rule.static", "listener_arn"), + testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.static", "arn", "elasticloadbalancing", regexp.MustCompile("listener-rule/.+$")), + testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.static", "listener_arn", "elasticloadbalancing", regexp.MustCompile("listener/.+$")), resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "action.#", "1"), resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.#", "2"), resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.3300407761.field", "path-pattern"), @@ -1127,8 +1127,8 @@ func TestAccAWSLBListenerRule_conditionMultiple(t *testing.T) { Config: testAccAWSLBListenerRuleConfig_conditionMultiple(lbName), Check: resource.ComposeAggregateTestCheckFunc( testAccCheckAWSLBListenerRuleExists("aws_lb_listener_rule.static", &conf), - resource.TestCheckResourceAttrSet("aws_lb_listener_rule.static", "arn"), - resource.TestCheckResourceAttrSet("aws_lb_listener_rule.static", "listener_arn"), + testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.static", "arn", "elasticloadbalancing", regexp.MustCompile("listener-rule/.+$")), + testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.static", "listener_arn", "elasticloadbalancing", regexp.MustCompile("listener/.+$")), resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "priority", "100"), resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "action.#", "1"), resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.#", "5"), @@ -1206,8 +1206,8 @@ func TestAccAWSLBListenerRule_conditionUpdateMultiple(t *testing.T) { Config: testAccAWSLBListenerRuleConfig_conditionMultiple(lbName), Check: resource.ComposeAggregateTestCheckFunc( testAccCheckAWSLBListenerRuleExists("aws_lb_listener_rule.static", &conf), - resource.TestCheckResourceAttrSet("aws_lb_listener_rule.static", "arn"), - resource.TestCheckResourceAttrSet("aws_lb_listener_rule.static", "listener_arn"), + testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.static", "arn", "elasticloadbalancing", regexp.MustCompile("listener-rule/.+$")), + testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.static", "listener_arn", "elasticloadbalancing", regexp.MustCompile("listener/.+$")), resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "action.#", "1"), resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.#", "5"), resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.139999317.field", "http-header"), @@ -1229,8 +1229,8 @@ func TestAccAWSLBListenerRule_conditionUpdateMultiple(t *testing.T) { Config: testAccAWSLBListenerRuleConfig_conditionMultiple_updated(lbName), Check: resource.ComposeAggregateTestCheckFunc( testAccCheckAWSLBListenerRuleExists("aws_lb_listener_rule.static", &conf), - resource.TestCheckResourceAttrSet("aws_lb_listener_rule.static", "arn"), - resource.TestCheckResourceAttrSet("aws_lb_listener_rule.static", "listener_arn"), + testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.static", "arn", "elasticloadbalancing", regexp.MustCompile("listener-rule/.+$")), + testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.static", "listener_arn", "elasticloadbalancing", regexp.MustCompile("listener/.+$")), resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "action.#", "1"), resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.#", "5"), resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.451778491.field", "http-header"), From d6852b43b28e5749ef70d23ad607dc479b84bfe1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rub=C3=A9n=20del=20Campo?= Date: Fri, 29 May 2020 10:18:20 +0200 Subject: [PATCH 407/475] Use ActionTypeEnum instead of string values --- aws/resource_aws_lb_listener.go | 42 ++++++++++++++-------------- aws/resource_aws_lb_listener_rule.go | 38 ++++++++++++------------- 2 files changed, 40 insertions(+), 40 deletions(-) diff --git a/aws/resource_aws_lb_listener.go b/aws/resource_aws_lb_listener.go index 856912112fa..5c5095a4af3 100644 --- a/aws/resource_aws_lb_listener.go +++ b/aws/resource_aws_lb_listener.go @@ -103,14 +103,14 @@ func resourceAwsLbListener() *schema.Resource { "target_group_arn": { Type: schema.TypeString, Optional: true, - DiffSuppressFunc: suppressIfDefaultActionTypeNot("forward"), + DiffSuppressFunc: suppressIfDefaultActionTypeNot(elbv2.ActionTypeEnumForward), ConflictsWith: []string{"default_action.0.forward"}, }, "forward": { Type: schema.TypeList, Optional: true, - DiffSuppressFunc: suppressIfDefaultActionTypeNot("forward"), + DiffSuppressFunc: suppressIfDefaultActionTypeNot(elbv2.ActionTypeEnumForward), MaxItems: 1, Elem: &schema.Resource{ Schema: map[string]*schema.Schema{ @@ -161,7 +161,7 @@ func resourceAwsLbListener() *schema.Resource { "redirect": { Type: schema.TypeList, Optional: true, - DiffSuppressFunc: suppressIfDefaultActionTypeNot("redirect"), + DiffSuppressFunc: suppressIfDefaultActionTypeNot(elbv2.ActionTypeEnumRedirect), MaxItems: 1, Elem: &schema.Resource{ Schema: map[string]*schema.Schema{ @@ -215,7 +215,7 @@ func resourceAwsLbListener() *schema.Resource { "fixed_response": { Type: schema.TypeList, Optional: true, - DiffSuppressFunc: suppressIfDefaultActionTypeNot("fixed-response"), + DiffSuppressFunc: suppressIfDefaultActionTypeNot(elbv2.ActionTypeEnumFixedResponse), MaxItems: 1, Elem: &schema.Resource{ Schema: map[string]*schema.Schema{ @@ -249,7 +249,7 @@ func resourceAwsLbListener() *schema.Resource { "authenticate_cognito": { Type: schema.TypeList, Optional: true, - DiffSuppressFunc: suppressIfDefaultActionTypeNot("authenticate-cognito"), + DiffSuppressFunc: suppressIfDefaultActionTypeNot(elbv2.ActionTypeEnumAuthenticateCognito), MaxItems: 1, Elem: &schema.Resource{ Schema: map[string]*schema.Schema{ @@ -302,7 +302,7 @@ func resourceAwsLbListener() *schema.Resource { "authenticate_oidc": { Type: schema.TypeList, Optional: true, - DiffSuppressFunc: suppressIfDefaultActionTypeNot("authenticate-oidc"), + DiffSuppressFunc: suppressIfDefaultActionTypeNot(elbv2.ActionTypeEnumAuthenticateOidc), MaxItems: 1, Elem: &schema.Resource{ Schema: map[string]*schema.Schema{ @@ -423,12 +423,12 @@ func resourceAwsLbListenerCreate(d *schema.ResourceData, meta interface{}) error } switch defaultActionMap["type"].(string) { - case "forward": - if err := lbListenerDefaultRuleActionForward(defaultActionMap, action); err != nil { + case elbv2.ActionTypeEnumForward: + if err := lbListenerRuleActionForward(defaultActionMap, action); err != nil { return err } - case "redirect": + case elbv2.ActionTypeEnumRedirect: redirectList := defaultActionMap["redirect"].([]interface{}) if len(redirectList) == 1 { @@ -446,7 +446,7 @@ func resourceAwsLbListenerCreate(d *schema.ResourceData, meta interface{}) error return errors.New("for actions of type 'redirect', you must specify a 'redirect' block") } - case "fixed-response": + case elbv2.ActionTypeEnumFixedResponse: fixedResponseList := defaultActionMap["fixed_response"].([]interface{}) if len(fixedResponseList) == 1 { @@ -639,7 +639,7 @@ func resourceAwsLbListenerRead(d *schema.ResourceData, meta interface{}) error { defaultActionMap["order"] = aws.Int64Value(defaultAction.Order) switch aws.StringValue(defaultAction.Type) { - case "forward": + case elbv2.ActionTypeEnumForward: if aws.StringValue(defaultAction.TargetGroupArn) != "" { defaultActionMap["target_group_arn"] = aws.StringValue(defaultAction.TargetGroupArn) } else { @@ -665,7 +665,7 @@ func resourceAwsLbListenerRead(d *schema.ResourceData, meta interface{}) error { } } - case "redirect": + case elbv2.ActionTypeEnumRedirect: defaultActionMap["redirect"] = []map[string]interface{}{ { "host": aws.StringValue(defaultAction.RedirectConfig.Host), @@ -677,7 +677,7 @@ func resourceAwsLbListenerRead(d *schema.ResourceData, meta interface{}) error { }, } - case "fixed-response": + case elbv2.ActionTypeEnumFixedResponse: defaultActionMap["fixed_response"] = []map[string]interface{}{ { "content_type": aws.StringValue(defaultAction.FixedResponseConfig.ContentType), @@ -686,7 +686,7 @@ func resourceAwsLbListenerRead(d *schema.ResourceData, meta interface{}) error { }, } - case "authenticate-cognito": + case elbv2.ActionTypeEnumAuthenticateCognito: authenticationRequestExtraParams := make(map[string]interface{}) for key, value := range defaultAction.AuthenticateCognitoConfig.AuthenticationRequestExtraParams { authenticationRequestExtraParams[key] = aws.StringValue(value) @@ -704,7 +704,7 @@ func resourceAwsLbListenerRead(d *schema.ResourceData, meta interface{}) error { }, } - case "authenticate-oidc": + case elbv2.ActionTypeEnumAuthenticateOidc: authenticationRequestExtraParams := make(map[string]interface{}) for key, value := range defaultAction.AuthenticateOidcConfig.AuthenticationRequestExtraParams { authenticationRequestExtraParams[key] = aws.StringValue(value) @@ -777,12 +777,12 @@ func resourceAwsLbListenerUpdate(d *schema.ResourceData, meta interface{}) error } switch defaultActionMap["type"].(string) { - case "forward": - if err := lbListenerDefaultRuleActionForward(defaultActionMap, action); err != nil { + case elbv2.ActionTypeEnumForward: + if err := lbListenerRuleActionForward(defaultActionMap, action); err != nil { return err } - case "redirect": + case elbv2.ActionTypeEnumRedirect: redirectList := defaultActionMap["redirect"].([]interface{}) if len(redirectList) == 1 { @@ -800,7 +800,7 @@ func resourceAwsLbListenerUpdate(d *schema.ResourceData, meta interface{}) error return errors.New("for actions of type 'redirect', you must specify a 'redirect' block") } - case "fixed-response": + case elbv2.ActionTypeEnumFixedResponse: fixedResponseList := defaultActionMap["fixed_response"].([]interface{}) if len(fixedResponseList) == 1 { @@ -815,7 +815,7 @@ func resourceAwsLbListenerUpdate(d *schema.ResourceData, meta interface{}) error return errors.New("for actions of type 'fixed-response', you must specify a 'fixed_response' block") } - case "authenticate-cognito": + case elbv2.ActionTypeEnumAuthenticateCognito: authenticateCognitoList := defaultActionMap["authenticate_cognito"].([]interface{}) if len(authenticateCognitoList) == 1 { @@ -849,7 +849,7 @@ func resourceAwsLbListenerUpdate(d *schema.ResourceData, meta interface{}) error return errors.New("for actions of type 'authenticate-cognito', you must specify a 'authenticate_cognito' block") } - case "authenticate-oidc": + case elbv2.ActionTypeEnumAuthenticateOidc: authenticateOidcList := defaultActionMap["authenticate_oidc"].([]interface{}) if len(authenticateOidcList) == 1 { diff --git a/aws/resource_aws_lb_listener_rule.go b/aws/resource_aws_lb_listener_rule.go index 47d18c01289..198648bac5c 100644 --- a/aws/resource_aws_lb_listener_rule.go +++ b/aws/resource_aws_lb_listener_rule.go @@ -71,14 +71,14 @@ func resourceAwsLbbListenerRule() *schema.Resource { "target_group_arn": { Type: schema.TypeString, Optional: true, - DiffSuppressFunc: suppressIfActionTypeNot("forward"), + DiffSuppressFunc: suppressIfActionTypeNot(elbv2.ActionTypeEnumForward), ConflictsWith: []string{"action.0.forward"}, }, "forward": { Type: schema.TypeList, Optional: true, - DiffSuppressFunc: suppressIfActionTypeNot("forward"), + DiffSuppressFunc: suppressIfActionTypeNot(elbv2.ActionTypeEnumForward), MaxItems: 1, Elem: &schema.Resource{ Schema: map[string]*schema.Schema{ @@ -129,7 +129,7 @@ func resourceAwsLbbListenerRule() *schema.Resource { "redirect": { Type: schema.TypeList, Optional: true, - DiffSuppressFunc: suppressIfActionTypeNot("redirect"), + DiffSuppressFunc: suppressIfActionTypeNot(elbv2.ActionTypeEnumRedirect), MaxItems: 1, Elem: &schema.Resource{ Schema: map[string]*schema.Schema{ @@ -183,7 +183,7 @@ func resourceAwsLbbListenerRule() *schema.Resource { "fixed_response": { Type: schema.TypeList, Optional: true, - DiffSuppressFunc: suppressIfActionTypeNot("fixed-response"), + DiffSuppressFunc: suppressIfActionTypeNot(elbv2.ActionTypeEnumFixedResponse), MaxItems: 1, Elem: &schema.Resource{ Schema: map[string]*schema.Schema{ @@ -611,12 +611,12 @@ func resourceAwsLbListenerRuleCreate(d *schema.ResourceData, meta interface{}) e } switch actionMap["type"].(string) { - case "forward": + case elbv2.ActionTypeEnumForward: if err := lbListenerRuleActionForward(actionMap, action); err != nil { return err } - case "redirect": + case elbv2.ActionTypeEnumRedirect: redirectList := actionMap["redirect"].([]interface{}) if len(redirectList) == 1 { @@ -634,7 +634,7 @@ func resourceAwsLbListenerRuleCreate(d *schema.ResourceData, meta interface{}) e return errors.New("for actions of type 'redirect', you must specify a 'redirect' block") } - case "fixed-response": + case elbv2.ActionTypeEnumFixedResponse: fixedResponseList := actionMap["fixed_response"].([]interface{}) if len(fixedResponseList) == 1 { @@ -649,7 +649,7 @@ func resourceAwsLbListenerRuleCreate(d *schema.ResourceData, meta interface{}) e return errors.New("for actions of type 'fixed-response', you must specify a 'fixed_response' block") } - case "authenticate-cognito": + case elbv2.ActionTypeEnumAuthenticateCognito: authenticateCognitoList := actionMap["authenticate_cognito"].([]interface{}) if len(authenticateCognitoList) == 1 { @@ -683,7 +683,7 @@ func resourceAwsLbListenerRuleCreate(d *schema.ResourceData, meta interface{}) e return errors.New("for actions of type 'authenticate-cognito', you must specify a 'authenticate_cognito' block") } - case "authenticate-oidc": + case elbv2.ActionTypeEnumAuthenticateOidc: authenticateOidcList := actionMap["authenticate_oidc"].([]interface{}) if len(authenticateOidcList) == 1 { @@ -842,7 +842,7 @@ func resourceAwsLbListenerRuleRead(d *schema.ResourceData, meta interface{}) err actionMap["order"] = aws.Int64Value(action.Order) switch actionMap["type"] { - case "forward": + case elbv2.ActionTypeEnumForward: if aws.StringValue(action.TargetGroupArn) != "" { actionMap["target_group_arn"] = aws.StringValue(action.TargetGroupArn) } else { @@ -868,7 +868,7 @@ func resourceAwsLbListenerRuleRead(d *schema.ResourceData, meta interface{}) err } } - case "redirect": + case elbv2.ActionTypeEnumRedirect: actionMap["redirect"] = []map[string]interface{}{ { "host": aws.StringValue(action.RedirectConfig.Host), @@ -880,7 +880,7 @@ func resourceAwsLbListenerRuleRead(d *schema.ResourceData, meta interface{}) err }, } - case "fixed-response": + case elbv2.ActionTypeEnumFixedResponse: actionMap["fixed_response"] = []map[string]interface{}{ { "content_type": aws.StringValue(action.FixedResponseConfig.ContentType), @@ -889,7 +889,7 @@ func resourceAwsLbListenerRuleRead(d *schema.ResourceData, meta interface{}) err }, } - case "authenticate-cognito": + case elbv2.ActionTypeEnumAuthenticateCognito: authenticationRequestExtraParams := make(map[string]interface{}) for key, value := range action.AuthenticateCognitoConfig.AuthenticationRequestExtraParams { authenticationRequestExtraParams[key] = aws.StringValue(value) @@ -908,7 +908,7 @@ func resourceAwsLbListenerRuleRead(d *schema.ResourceData, meta interface{}) err }, } - case "authenticate-oidc": + case elbv2.ActionTypeEnumAuthenticateOidc: authenticationRequestExtraParams := make(map[string]interface{}) for key, value := range action.AuthenticateOidcConfig.AuthenticationRequestExtraParams { authenticationRequestExtraParams[key] = aws.StringValue(value) @@ -1044,12 +1044,12 @@ func resourceAwsLbListenerRuleUpdate(d *schema.ResourceData, meta interface{}) e } switch actionMap["type"].(string) { - case "forward": + case elbv2.ActionTypeEnumForward: if err := lbListenerRuleActionForward(actionMap, action); err != nil { return err } - case "redirect": + case elbv2.ActionTypeEnumRedirect: redirectList := actionMap["redirect"].([]interface{}) if len(redirectList) == 1 { @@ -1067,7 +1067,7 @@ func resourceAwsLbListenerRuleUpdate(d *schema.ResourceData, meta interface{}) e return errors.New("for actions of type 'redirect', you must specify a 'redirect' block") } - case "fixed-response": + case elbv2.ActionTypeEnumFixedResponse: fixedResponseList := actionMap["fixed_response"].([]interface{}) if len(fixedResponseList) == 1 { @@ -1082,7 +1082,7 @@ func resourceAwsLbListenerRuleUpdate(d *schema.ResourceData, meta interface{}) e return errors.New("for actions of type 'fixed-response', you must specify a 'fixed_response' block") } - case "authenticate-cognito": + case elbv2.ActionTypeEnumAuthenticateCognito: authenticateCognitoList := actionMap["authenticate_cognito"].([]interface{}) if len(authenticateCognitoList) == 1 { @@ -1116,7 +1116,7 @@ func resourceAwsLbListenerRuleUpdate(d *schema.ResourceData, meta interface{}) e return errors.New("for actions of type 'authenticate-cognito', you must specify a 'authenticate_cognito' block") } - case "authenticate-oidc": + case elbv2.ActionTypeEnumAuthenticateOidc: authenticateOidcList := actionMap["authenticate_oidc"].([]interface{}) if len(authenticateOidcList) == 1 { From ae7b5887954dca017cb87739da07cc5a628023ee Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rub=C3=A9n=20del=20Campo?= Date: Fri, 29 May 2020 10:18:41 +0200 Subject: [PATCH 408/475] Remove lbListenerDefaultRuleActionForward function, use lbListenerRuleActionForward instead --- aws/resource_aws_lb_listener.go | 43 --------------------------------- 1 file changed, 43 deletions(-) diff --git a/aws/resource_aws_lb_listener.go b/aws/resource_aws_lb_listener.go index 5c5095a4af3..01db61416a5 100644 --- a/aws/resource_aws_lb_listener.go +++ b/aws/resource_aws_lb_listener.go @@ -925,46 +925,3 @@ func resourceAwsLbListenerDelete(d *schema.ResourceData, meta interface{}) error return nil } - -func lbListenerDefaultRuleActionForward(actionMap map[string]interface{}, action *elbv2.Action) error { - forwardList := actionMap["forward"].([]interface{}) - targetGroupArn := actionMap["target_group_arn"].(string) - - if targetGroupArn != "" { - action.TargetGroupArn = aws.String(targetGroupArn) - } else if len(forwardList) == 1 { - forwardMap := forwardList[0].(map[string]interface{}) - targetGroupsInput := forwardMap["target_group"].(*schema.Set).List() - weightedTargetGroups := make([]*elbv2.TargetGroupTuple, len(targetGroupsInput)) - - for i, input := range targetGroupsInput { - weightedTargetGroup := input.(map[string]interface{}) - weightedTargetGroups[i] = &elbv2.TargetGroupTuple{ - TargetGroupArn: aws.String(weightedTargetGroup["arn"].(string)), - Weight: aws.Int64(int64(weightedTargetGroup["weight"].(int))), - } - } - - action.ForwardConfig = &elbv2.ForwardActionConfig{ - TargetGroups: weightedTargetGroups, - } - - stickinessInput := forwardMap["stickiness"].([]interface{}) - if len(stickinessInput) != 0 { - stickyInputMap := stickinessInput[0].(map[string]interface{}) - if stickyInputMap["enabled"].(bool) { - action.ForwardConfig.TargetGroupStickinessConfig = &elbv2.TargetGroupStickinessConfig{ - Enabled: aws.Bool(stickyInputMap["enabled"].(bool)), - DurationSeconds: aws.Int64(int64(stickyInputMap["duration"].(int))), - } - } else { - action.ForwardConfig.TargetGroupStickinessConfig = &elbv2.TargetGroupStickinessConfig{ - Enabled: aws.Bool(false), - } - } - } - } else { - return errors.New("for actions of type 'forward', you must specify a 'forward' block or 'target_group_arn'") - } - return nil -} From be1285b5d9a3fcb027c7e6234a13e382018a007b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rub=C3=A9n=20del=20Campo?= Date: Fri, 29 May 2020 10:34:09 +0200 Subject: [PATCH 409/475] Implement resource.TestCheckResourceAttrPair to check for pair values --- aws/resource_aws_lb_listener_rule_test.go | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/aws/resource_aws_lb_listener_rule_test.go b/aws/resource_aws_lb_listener_rule_test.go index 7b8275d8f34..a293f068f1b 100644 --- a/aws/resource_aws_lb_listener_rule_test.go +++ b/aws/resource_aws_lb_listener_rule_test.go @@ -162,6 +162,7 @@ func TestAccAWSLBListenerRule_forwardWeighted(t *testing.T) { resource.TestCheckResourceAttr("aws_lb_listener_rule.weighted", "action.0.order", "1"), resource.TestCheckResourceAttr("aws_lb_listener_rule.weighted", "action.0.type", "forward"), testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.weighted", "action.0.target_group_arn", "elasticloadbalancing", regexp.MustCompile("targetgroup/.+$")), + resource.TestCheckResourceAttrPair("aws_lb_listener_rule.weighted", "action.0.target_group_arn", "aws_lb_target_group.test1", "arn"), resource.TestCheckResourceAttr("aws_lb_listener_rule.weighted", "action.0.redirect.#", "0"), resource.TestCheckResourceAttr("aws_lb_listener_rule.weighted", "action.0.fixed_response.#", "0"), resource.TestCheckResourceAttr("aws_lb_listener_rule.weighted", "action.0.authenticate_cognito.#", "0"), @@ -196,6 +197,7 @@ func TestAccAWSLBListenerRuleBackwardsCompatibility(t *testing.T) { resource.TestCheckResourceAttr("aws_alb_listener_rule.static", "action.0.order", "1"), resource.TestCheckResourceAttr("aws_alb_listener_rule.static", "action.0.type", "forward"), testAccMatchResourceAttrRegionalARN("aws_alb_listener_rule.static", "action.0.target_group_arn", "elasticloadbalancing", regexp.MustCompile("targetgroup/.+$")), + resource.TestCheckResourceAttrPair("aws_lb_listener_rule.static", "action.0.target_group_arn", "aws_alb_target_group.test", "arn"), resource.TestCheckResourceAttr("aws_alb_listener_rule.static", "action.0.redirect.#", "0"), resource.TestCheckResourceAttr("aws_alb_listener_rule.static", "action.0.fixed_response.#", "0"), resource.TestCheckResourceAttr("aws_alb_listener_rule.static", "action.0.authenticate_cognito.#", "0"), @@ -488,7 +490,7 @@ func TestAccAWSLBListenerRule_cognito(t *testing.T) { resource.TestCheckResourceAttr("aws_lb_listener_rule.cognito", "action.#", "2"), resource.TestCheckResourceAttr("aws_lb_listener_rule.cognito", "action.0.order", "1"), resource.TestCheckResourceAttr("aws_lb_listener_rule.cognito", "action.0.type", "authenticate-cognito"), - testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.cognito", "action.1.target_group_arn", "cognito-idp", regexp.MustCompile("userpool/.+$")), + resource.TestCheckResourceAttrSet("aws_lb_listener_rule.cognito", "action.0.authenticate_cognito.0.user_pool_arn"), resource.TestCheckResourceAttrSet("aws_lb_listener_rule.cognito", "action.0.authenticate_cognito.0.user_pool_client_id"), resource.TestCheckResourceAttrSet("aws_lb_listener_rule.cognito", "action.0.authenticate_cognito.0.user_pool_domain"), resource.TestCheckResourceAttr("aws_lb_listener_rule.cognito", "action.0.authenticate_cognito.0.authentication_request_extra_params.%", "1"), @@ -496,6 +498,7 @@ func TestAccAWSLBListenerRule_cognito(t *testing.T) { resource.TestCheckResourceAttr("aws_lb_listener_rule.cognito", "action.1.order", "2"), resource.TestCheckResourceAttr("aws_lb_listener_rule.cognito", "action.1.type", "forward"), testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.cognito", "action.1.target_group_arn", "elasticloadbalancing", regexp.MustCompile("targetgroup/.+$")), + resource.TestCheckResourceAttrPair("aws_lb_listener_rule.cognito", "action.1.target_group_arn", "aws_lb_target_group.test", "arn"), resource.TestCheckResourceAttr("aws_lb_listener_rule.cognito", "condition.#", "1"), ), }, @@ -536,6 +539,7 @@ func TestAccAWSLBListenerRule_oidc(t *testing.T) { resource.TestCheckResourceAttr("aws_lb_listener_rule.oidc", "action.1.order", "2"), resource.TestCheckResourceAttr("aws_lb_listener_rule.oidc", "action.1.type", "forward"), testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.oidc", "action.1.target_group_arn", "elasticloadbalancing", regexp.MustCompile("targetgroup/.+$")), + resource.TestCheckResourceAttrPair("aws_lb_listener_rule.oidc", "action.1.target_group_arn", "aws_lb_target_group.test", "arn"), resource.TestCheckResourceAttr("aws_lb_listener_rule.oidc", "condition.#", "1"), ), }, From de0739cec6d23f0ea30f14f4bdeea5afea467f3c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rub=C3=A9n=20del=20Campo?= Date: Fri, 29 May 2020 12:45:44 +0200 Subject: [PATCH 410/475] Implement resource.TestCheckResourceAttrPair to check for pair values --- aws/resource_aws_lb_listener_test.go | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) diff --git a/aws/resource_aws_lb_listener_test.go b/aws/resource_aws_lb_listener_test.go index 8aa76d1faf8..ebcb0f1cdfc 100644 --- a/aws/resource_aws_lb_listener_test.go +++ b/aws/resource_aws_lb_listener_test.go @@ -3,6 +3,7 @@ package aws import ( "errors" "fmt" + "regexp" "testing" "github.com/aws/aws-sdk-go/aws" @@ -59,8 +60,8 @@ func TestAccAWSLBListener_forwardWeighted(t *testing.T) { Config: testAccAWSLBListenerConfig_forwardWeighted(lbName, targetGroupName1, targetGroupName2), Check: resource.ComposeAggregateTestCheckFunc( testAccCheckAWSLBListenerExists("aws_lb_listener.weighted", &conf), - resource.TestCheckResourceAttrSet("aws_lb_listener.weighted", "load_balancer_arn"), - resource.TestCheckResourceAttrSet("aws_lb_listener.weighted", "arn"), + testAccMatchResourceAttrRegionalARN("aws_lb_listener.weighted", "load_balancer_arn", "elasticloadbalancing", regexp.MustCompile("loadbalancer/.+$")), + testAccMatchResourceAttrRegionalARN("aws_lb_listener.weighted", "arn", "elasticloadbalancing", regexp.MustCompile("listener/.+$")), resource.TestCheckResourceAttr("aws_lb_listener.weighted", "protocol", "HTTP"), resource.TestCheckResourceAttr("aws_lb_listener.weighted", "port", "80"), resource.TestCheckResourceAttr("aws_lb_listener.weighted", "default_action.#", "1"), @@ -78,8 +79,8 @@ func TestAccAWSLBListener_forwardWeighted(t *testing.T) { Config: testAccAWSLBListenerConfig_changeForwardWeightedStickiness(lbName, targetGroupName1, targetGroupName2), Check: resource.ComposeAggregateTestCheckFunc( testAccCheckAWSLBListenerExists("aws_lb_listener.weighted", &conf), - resource.TestCheckResourceAttrSet("aws_lb_listener.weighted", "load_balancer_arn"), - resource.TestCheckResourceAttrSet("aws_lb_listener.weighted", "arn"), + testAccMatchResourceAttrRegionalARN("aws_lb_listener.weighted", "load_balancer_arn", "elasticloadbalancing", regexp.MustCompile("loadbalancer/.+$")), + testAccMatchResourceAttrRegionalARN("aws_lb_listener.weighted", "arn", "elasticloadbalancing", regexp.MustCompile("listener/.+$")), resource.TestCheckResourceAttr("aws_lb_listener.weighted", "protocol", "HTTP"), resource.TestCheckResourceAttr("aws_lb_listener.weighted", "port", "80"), resource.TestCheckResourceAttr("aws_lb_listener.weighted", "default_action.#", "1"), @@ -97,14 +98,16 @@ func TestAccAWSLBListener_forwardWeighted(t *testing.T) { Config: testAccAWSLBListenerConfig_changeForwardWeightedToBasic(lbName, targetGroupName1, targetGroupName2), Check: resource.ComposeAggregateTestCheckFunc( testAccCheckAWSLBListenerExists("aws_lb_listener.weighted", &conf), - resource.TestCheckResourceAttrSet("aws_lb_listener.weighted", "load_balancer_arn"), - resource.TestCheckResourceAttrSet("aws_lb_listener.weighted", "arn"), + testAccMatchResourceAttrRegionalARN("aws_lb_listener.weighted", "load_balancer_arn", "elasticloadbalancing", regexp.MustCompile("loadbalancer/.+$")), + testAccMatchResourceAttrRegionalARN("aws_lb_listener.weighted", "arn", "elasticloadbalancing", regexp.MustCompile("listener/.+$")), resource.TestCheckResourceAttr("aws_lb_listener.weighted", "protocol", "HTTP"), resource.TestCheckResourceAttr("aws_lb_listener.weighted", "port", "80"), resource.TestCheckResourceAttr("aws_lb_listener.weighted", "default_action.#", "1"), resource.TestCheckResourceAttr("aws_lb_listener.weighted", "default_action.0.order", "1"), resource.TestCheckResourceAttr("aws_lb_listener.weighted", "default_action.0.type", "forward"), resource.TestCheckResourceAttrSet("aws_lb_listener.weighted", "default_action.0.target_group_arn"), + testAccMatchResourceAttrRegionalARN("aws_lb_listener.weighted", "default_action.0.target_group_arn", "elasticloadbalancing", regexp.MustCompile("targetgroup/.+$")), + resource.TestCheckResourceAttrPair("aws_lb_listener.weighted", "default_action.0.target_group_arn", "aws_lb_target_group.test1", "arn"), resource.TestCheckResourceAttr("aws_lb_listener.weighted", "default_action.0.redirect.#", "0"), resource.TestCheckResourceAttr("aws_lb_listener.weighted", "default_action.0.fixed_response.#", "0"), ), From b433c690a48e658c35e0f9d48b90ebf894e8d011 Mon Sep 17 00:00:00 2001 From: Kit Ewbank Date: Fri, 29 May 2020 10:14:03 -0400 Subject: [PATCH 411/475] Create Redshift cluster in-VPC. --- ...s_kinesis_firehose_delivery_stream_test.go | 150 ++++++++++++------ 1 file changed, 100 insertions(+), 50 deletions(-) diff --git a/aws/resource_aws_kinesis_firehose_delivery_stream_test.go b/aws/resource_aws_kinesis_firehose_delivery_stream_test.go index a20eb30a07d..f2f788a0732 100644 --- a/aws/resource_aws_kinesis_firehose_delivery_stream_test.go +++ b/aws/resource_aws_kinesis_firehose_delivery_stream_test.go @@ -922,18 +922,9 @@ func TestAccAWSKinesisFirehoseDeliveryStream_ExtendedS3_KinesisStreamSource(t *t func TestAccAWSKinesisFirehoseDeliveryStream_RedshiftConfigUpdates(t *testing.T) { var stream firehose.DeliveryStreamDescription - + rInt := acctest.RandInt() + rName := acctest.RandomWithPrefix("tf-acc-test") resourceName := "aws_kinesis_firehose_delivery_stream.test" - ri := acctest.RandInt() - rString := acctest.RandString(8) - funcName := fmt.Sprintf("aws_kinesis_firehose_delivery_stream_test_%s", rString) - policyName := fmt.Sprintf("tf_acc_policy_%s", rString) - roleName := fmt.Sprintf("tf_acc_role_%s", rString) - preConfig := fmt.Sprintf(testAccKinesisFirehoseDeliveryStreamConfig_RedshiftBasic, - ri, ri, ri, ri, ri) - postConfig := testAccFirehoseAWSLambdaConfigBasic(funcName, policyName, roleName) + - fmt.Sprintf(testAccKinesisFirehoseDeliveryStreamConfig_RedshiftUpdates, - ri, ri, ri, ri, ri) updatedRedshiftConfig := &firehose.RedshiftDestinationDescription{ CopyCommand: &firehose.CopyCommand{ @@ -962,7 +953,7 @@ func TestAccAWSKinesisFirehoseDeliveryStream_RedshiftConfigUpdates(t *testing.T) CheckDestroy: testAccCheckKinesisFirehoseDeliveryStreamDestroy, Steps: []resource.TestStep{ { - Config: preConfig, + Config: testAccKinesisFirehoseDeliveryStreamRedshiftConfig(rName, rInt), Check: resource.ComposeTestCheckFunc( testAccCheckKinesisFirehoseDeliveryStreamExists(resourceName, &stream), testAccCheckAWSKinesisFirehoseDeliveryStreamAttributes(&stream, nil, nil, nil, nil, nil), @@ -975,7 +966,7 @@ func TestAccAWSKinesisFirehoseDeliveryStream_RedshiftConfigUpdates(t *testing.T) ImportStateVerifyIgnore: []string{"redshift_configuration.0.password"}, }, { - Config: postConfig, + Config: testAccKinesisFirehoseDeliveryStreamRedshiftConfigUpdates(rName, rInt), Check: resource.ComposeTestCheckFunc( testAccCheckKinesisFirehoseDeliveryStreamExists(resourceName, &stream), testAccCheckAWSKinesisFirehoseDeliveryStreamAttributes(&stream, nil, nil, updatedRedshiftConfig, nil, nil), @@ -1168,7 +1159,7 @@ func testAccCheckKinesisFirehoseDeliveryStreamExists(n string, stream *firehose. func testAccCheckAWSKinesisFirehoseDeliveryStreamAttributes(stream *firehose.DeliveryStreamDescription, s3config interface{}, extendedS3config interface{}, redshiftConfig interface{}, elasticsearchConfig interface{}, splunkConfig interface{}) resource.TestCheckFunc { return func(s *terraform.State) error { - if !strings.HasPrefix(*stream.DeliveryStreamName, "terraform-kinesis-firehose") { + if !strings.HasPrefix(*stream.DeliveryStreamName, "terraform-kinesis-firehose") && !strings.HasPrefix(*stream.DeliveryStreamName, "tf-acc-test") { return fmt.Errorf("Bad Stream name: %s", *stream.DeliveryStreamName) } for _, rs := range s.RootModule().Resources { @@ -2192,72 +2183,131 @@ resource "aws_kinesis_firehose_delivery_stream" "test" { } ` -var testAccKinesisFirehoseDeliveryStreamBaseRedshiftConfig = testAccKinesisFirehoseDeliveryStreamBaseConfig + ` -resource "aws_redshift_cluster" "test_cluster" { - cluster_identifier = "tf-redshift-cluster-%d" - database_name = "test" - master_username = "testuser" - master_password = "T3stPass" - node_type = "dc1.large" - cluster_type = "single-node" - skip_final_snapshot = true -}` +func testAccKinesisFirehoseDeliveryStreamRedshiftConfigBase(rName string, rInt int) string { + return composeConfig( + fmt.Sprintf(testAccKinesisFirehoseDeliveryStreamBaseConfig, rInt, rInt, rInt), + fmt.Sprintf(` +data "aws_availability_zones" "current" { + state = "available" -var testAccKinesisFirehoseDeliveryStreamConfig_RedshiftBasic = testAccKinesisFirehoseDeliveryStreamBaseRedshiftConfig + ` + filter { + name = "opt-in-status" + values = ["opt-in-not-required"] + } +} + +resource "aws_vpc" "test" { + cidr_block = "10.1.0.0/16" + + tags = { + Name = %[1]q + } +} + +resource "aws_subnet" "test" { + cidr_block = "10.1.1.0/24" + vpc_id = "${aws_vpc.test.id}" + availability_zone = "${data.aws_availability_zones.current.names[0]}" + + tags = { + Name = %[1]q + } +} + +resource "aws_redshift_subnet_group" "test" { + name = %[1]q + description = "test" + subnet_ids = ["${aws_subnet.test.id}"] + } + +resource "aws_redshift_cluster" "test" { + cluster_identifier = %[1]q + availability_zone = "${data.aws_availability_zones.current.names[0]}" + database_name = "test" + master_username = "testuser" + master_password = "T3stPass" + node_type = "dc1.large" + cluster_type = "single-node" + skip_final_snapshot = true + cluster_subnet_group_name = "${aws_redshift_subnet_group.test.id}" + publicly_accessible = false +} +`, rName)) +} + +func testAccKinesisFirehoseDeliveryStreamRedshiftConfig(rName string, rInt int) string { + return composeConfig( + testAccKinesisFirehoseDeliveryStreamRedshiftConfigBase(rName, rInt), + fmt.Sprintf(` resource "aws_kinesis_firehose_delivery_stream" "test" { - depends_on = ["aws_iam_role_policy.firehose", "aws_redshift_cluster.test_cluster"] - name = "terraform-kinesis-firehose-basicredshifttest-%d" + name = %[1]q destination = "redshift" + s3_configuration { - role_arn = "${aws_iam_role.firehose.arn}" + role_arn = "${aws_iam_role.firehose.arn}" bucket_arn = "${aws_s3_bucket.bucket.arn}" } + redshift_configuration { - role_arn = "${aws_iam_role.firehose.arn}" - cluster_jdbcurl = "jdbc:redshift://${aws_redshift_cluster.test_cluster.endpoint}/${aws_redshift_cluster.test_cluster.database_name}" - username = "testuser" - password = "T3stPass" + role_arn = "${aws_iam_role.firehose.arn}" + cluster_jdbcurl = "jdbc:redshift://${aws_redshift_cluster.test.endpoint}/${aws_redshift_cluster.test.database_name}" + username = "testuser" + password = "T3stPass" data_table_name = "test-table" } -}` +} +`, rName)) +} -var testAccKinesisFirehoseDeliveryStreamConfig_RedshiftUpdates = testAccKinesisFirehoseDeliveryStreamBaseRedshiftConfig + ` +func testAccKinesisFirehoseDeliveryStreamRedshiftConfigUpdates(rName string, rInt int) string { + return composeConfig( + testAccFirehoseAWSLambdaConfigBasic(rName, rName, rName), + testAccKinesisFirehoseDeliveryStreamRedshiftConfigBase(rName, rInt), + fmt.Sprintf(` resource "aws_kinesis_firehose_delivery_stream" "test" { - depends_on = ["aws_iam_role_policy.firehose", "aws_redshift_cluster.test_cluster"] - name = "terraform-kinesis-firehose-basicredshifttest-%d" + name = %[1]q destination = "redshift" + s3_configuration { - role_arn = "${aws_iam_role.firehose.arn}" - bucket_arn = "${aws_s3_bucket.bucket.arn}" - buffer_size = 10 - buffer_interval = 400 + role_arn = "${aws_iam_role.firehose.arn}" + bucket_arn = "${aws_s3_bucket.bucket.arn}" + buffer_size = 10 + buffer_interval = 400 compression_format = "GZIP" } + redshift_configuration { - role_arn = "${aws_iam_role.firehose.arn}" - cluster_jdbcurl = "jdbc:redshift://${aws_redshift_cluster.test_cluster.endpoint}/${aws_redshift_cluster.test_cluster.database_name}" - username = "testuser" - password = "T3stPass" - s3_backup_mode = "Enabled" + role_arn = "${aws_iam_role.firehose.arn}" + cluster_jdbcurl = "jdbc:redshift://${aws_redshift_cluster.test.endpoint}/${aws_redshift_cluster.test.database_name}" + username = "testuser" + password = "T3stPass" + s3_backup_mode = "Enabled" + s3_backup_configuration { - role_arn = "${aws_iam_role.firehose.arn}" + role_arn = "${aws_iam_role.firehose.arn}" bucket_arn = "${aws_s3_bucket.bucket.arn}" } - data_table_name = "test-table" - copy_options = "GZIP" + + data_table_name = "test-table" + copy_options = "GZIP" data_table_columns = "test-col" + processing_configuration { enabled = false + processors { type = "Lambda" + parameters { - parameter_name = "LambdaArn" + parameter_name = "LambdaArn" parameter_value = "${aws_lambda_function.lambda_function_test.arn}:$LATEST" } } } } -}` +} +`, rName)) +} var testAccKinesisFirehoseDeliveryStreamConfig_SplunkBasic = testAccKinesisFirehoseDeliveryStreamBaseConfig + ` resource "aws_kinesis_firehose_delivery_stream" "test" { From b6f342e058dac3d36cf41079bf0fb4713ee9db46 Mon Sep 17 00:00:00 2001 From: Mike Dalrymple Date: Fri, 29 May 2020 10:56:01 -0600 Subject: [PATCH 412/475] Further clarification around the use of quoted display names. --- website/docs/r/cognito_user_pool.markdown | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/website/docs/r/cognito_user_pool.markdown b/website/docs/r/cognito_user_pool.markdown index f0fb63d964b..11042380656 100644 --- a/website/docs/r/cognito_user_pool.markdown +++ b/website/docs/r/cognito_user_pool.markdown @@ -90,7 +90,7 @@ The following arguments are supported: * `reply_to_email_address` (Optional) - The REPLY-TO email address. * `source_arn` (Optional) - The ARN of the SES verified email identity to to use. Required if `email_sending_account` is set to `DEVELOPER`. - * `from_email_address` (Optional) - Sender’s email address or sender’s name with their email address (e.g. `john@example.com` or `\"John Smith\" `) + * `from_email_address` (Optional) - Sender’s email address or sender’s display name with their email address (e.g. `john@example.com`, `John Smith ` or `\"John Smith Ph.D.\" `). Escaped double quotes are required around display names that contain certain characters as specified in [RFC 5322](https://tools.ietf.org/html/rfc5322). * `email_sending_account` (Optional) - The email delivery method to use. `COGNITO_DEFAULT` for the default email functionality built into Cognito or `DEVELOPER` to use your Amazon SES configuration. #### Lambda Configuration From a0b65dc6dd2a50f8f20a267ccbe81c40ccbd84ec Mon Sep 17 00:00:00 2001 From: philbal611 <40892347+philbal611@users.noreply.github.com> Date: Fri, 29 May 2020 17:31:51 -0700 Subject: [PATCH 413/475] Update workspaces_workspace.html.markdown The Workspaces service requires AWS-managed CMKs to be specified with an `alias/` [prefix](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-id-alias-name). Configuring as `aws/workspaces` will result in the following error: ```hcl Error: workspace creation failed: The specified key could not be found. Please provide a valid key for encryption. ``` --- website/docs/r/workspaces_workspace.html.markdown | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/website/docs/r/workspaces_workspace.html.markdown b/website/docs/r/workspaces_workspace.html.markdown index 4cbf42b6e2e..861910bdd2f 100644 --- a/website/docs/r/workspaces_workspace.html.markdown +++ b/website/docs/r/workspaces_workspace.html.markdown @@ -31,7 +31,7 @@ resource "aws_workspaces_workspace" "jhon.doe" { root_volume_encryption_enabled = true user_volume_encryption_enabled = true - volume_encryption_key = "aws/workspaces" + volume_encryption_key = "alias/aws/workspaces" workspace_properties { compute_type_name = "VALUE" @@ -64,7 +64,7 @@ The following arguments are supported: * `compute_type_name` – (Optional) The compute type. For more information, see [Amazon WorkSpaces Bundles](http://aws.amazon.com/workspaces/details/#Amazon_WorkSpaces_Bundles). Valid values are `VALUE`, `STANDARD`, `PERFORMANCE`, `POWER`, `GRAPHICS`, `POWERPRO` and `GRAPHICSPRO`. * `root_volume_size_gib` – (Optional) The size of the root volume. -* `running_mode` – (Optional) The size of the root volume. The running mode. For more information, see [Manage the WorkSpace Running Mode](https://docs.aws.amazon.com/workspaces/latest/adminguide/running-mode.html). Valid values are `AUTO_STOP` and `ALWAYS_ON`. +* `running_mode` – (Optional) The running mode. For more information, see [Manage the WorkSpace Running Mode](https://docs.aws.amazon.com/workspaces/latest/adminguide/running-mode.html). Valid values are `AUTO_STOP` and `ALWAYS_ON`. * `running_mode_auto_stop_timeout_in_minutes` – (Optional) The time after a user logs off when WorkSpaces are automatically stopped. Configured in 60-minute intervals. * `user_volume_size_gib` – (Optional) The size of the user storage. From cbae0b02a64a0cb300fa8c063cc94c9562bbe588 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rub=C3=A9n=20del=20Campo?= Date: Sun, 31 May 2020 12:11:21 +0200 Subject: [PATCH 414/475] Refactor acceptance test checks --- aws/resource_aws_lb_listener.go | 1 - aws/resource_aws_lb_listener_rule.go | 1 - aws/resource_aws_lb_listener_rule_test.go | 101 +++++++++++----------- aws/resource_aws_lb_listener_test.go | 85 +++++++++--------- 4 files changed, 94 insertions(+), 94 deletions(-) diff --git a/aws/resource_aws_lb_listener.go b/aws/resource_aws_lb_listener.go index 01db61416a5..019242c8e0b 100644 --- a/aws/resource_aws_lb_listener.go +++ b/aws/resource_aws_lb_listener.go @@ -104,7 +104,6 @@ func resourceAwsLbListener() *schema.Resource { Type: schema.TypeString, Optional: true, DiffSuppressFunc: suppressIfDefaultActionTypeNot(elbv2.ActionTypeEnumForward), - ConflictsWith: []string{"default_action.0.forward"}, }, "forward": { diff --git a/aws/resource_aws_lb_listener_rule.go b/aws/resource_aws_lb_listener_rule.go index 198648bac5c..dd76a7e2833 100644 --- a/aws/resource_aws_lb_listener_rule.go +++ b/aws/resource_aws_lb_listener_rule.go @@ -72,7 +72,6 @@ func resourceAwsLbbListenerRule() *schema.Resource { Type: schema.TypeString, Optional: true, DiffSuppressFunc: suppressIfActionTypeNot(elbv2.ActionTypeEnumForward), - ConflictsWith: []string{"action.0.forward"}, }, "forward": { diff --git a/aws/resource_aws_lb_listener_rule_test.go b/aws/resource_aws_lb_listener_rule_test.go index a293f068f1b..c45095d3915 100644 --- a/aws/resource_aws_lb_listener_rule_test.go +++ b/aws/resource_aws_lb_listener_rule_test.go @@ -99,75 +99,76 @@ func TestAccAWSLBListenerRule_basic(t *testing.T) { func TestAccAWSLBListenerRule_forwardWeighted(t *testing.T) { var conf elbv2.Rule - lbName := fmt.Sprintf("testrule-weighted-%s", acctest.RandStringFromCharSet(13, acctest.CharSetAlphaNum)) - targetGroupName1 := fmt.Sprintf("testtargetgroup-%s", acctest.RandStringFromCharSet(10, acctest.CharSetAlphaNum)) - targetGroupName2 := fmt.Sprintf("testtargetgroup-%s", acctest.RandStringFromCharSet(10, acctest.CharSetAlphaNum)) + resourceName := "aws_lb_listener_rule.weighted" + lbName := acctest.RandomWithPrefix("testrule-weighted") + targetGroupName1 := acctest.RandomWithPrefix("testtargetgroup") + targetGroupName2 := acctest.RandomWithPrefix("testtargetgroup") resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, - IDRefreshName: "aws_lb_listener_rule.weighted", + IDRefreshName: resourceName, Providers: testAccProviders, CheckDestroy: testAccCheckAWSLBListenerRuleDestroy, Steps: []resource.TestStep{ { Config: testAccAWSLBListenerRuleConfig_forwardWeighted(lbName, targetGroupName1, targetGroupName2), Check: resource.ComposeAggregateTestCheckFunc( - testAccCheckAWSLBListenerRuleExists("aws_lb_listener_rule.weighted", &conf), - testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.weighted", "arn", "elasticloadbalancing", regexp.MustCompile("listener-rule/.+$")), - testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.weighted", "listener_arn", "elasticloadbalancing", regexp.MustCompile("listener/.+$")), - resource.TestCheckResourceAttr("aws_lb_listener_rule.weighted", "priority", "100"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.weighted", "action.#", "1"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.weighted", "action.0.order", "1"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.weighted", "action.0.type", "forward"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.weighted", "action.0.forward.#", "1"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.weighted", "action.0.forward.0.target_group.#", "2"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.weighted", "action.0.forward.0.stickiness.0.enabled", "false"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.weighted", "action.0.forward.0.stickiness.0.duration", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.weighted", "action.0.redirect.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.weighted", "action.0.fixed_response.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.weighted", "action.0.authenticate_cognito.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.weighted", "action.0.authenticate_oidc.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.weighted", "condition.#", "1"), + testAccCheckAWSLBListenerRuleExists(resourceName, &conf), + testAccMatchResourceAttrRegionalARN(resourceName, "arn", "elasticloadbalancing", regexp.MustCompile("listener-rule/.+$")), + testAccMatchResourceAttrRegionalARN(resourceName, "listener_arn", "elasticloadbalancing", regexp.MustCompile("listener/.+$")), + resource.TestCheckResourceAttr(resourceName, "priority", "100"), + resource.TestCheckResourceAttr(resourceName, "action.#", "1"), + resource.TestCheckResourceAttr(resourceName, "action.0.order", "1"), + resource.TestCheckResourceAttr(resourceName, "action.0.type", "forward"), + resource.TestCheckResourceAttr(resourceName, "action.0.forward.#", "1"), + resource.TestCheckResourceAttr(resourceName, "action.0.forward.0.target_group.#", "2"), + resource.TestCheckResourceAttr(resourceName, "action.0.forward.0.stickiness.0.enabled", "false"), + resource.TestCheckResourceAttr(resourceName, "action.0.forward.0.stickiness.0.duration", "0"), + resource.TestCheckResourceAttr(resourceName, "action.0.redirect.#", "0"), + resource.TestCheckResourceAttr(resourceName, "action.0.fixed_response.#", "0"), + resource.TestCheckResourceAttr(resourceName, "action.0.authenticate_cognito.#", "0"), + resource.TestCheckResourceAttr(resourceName, "action.0.authenticate_oidc.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.#", "1"), ), }, { Config: testAccAWSLBListenerRuleConfig_changeForwardWeightedStickiness(lbName, targetGroupName1, targetGroupName2), Check: resource.ComposeAggregateTestCheckFunc( - testAccCheckAWSLBListenerRuleExists("aws_lb_listener_rule.weighted", &conf), - testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.weighted", "arn", "elasticloadbalancing", regexp.MustCompile("listener-rule/.+$")), - testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.weighted", "listener_arn", "elasticloadbalancing", regexp.MustCompile("listener/.+$")), - resource.TestCheckResourceAttr("aws_lb_listener_rule.weighted", "priority", "100"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.weighted", "action.#", "1"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.weighted", "action.0.order", "1"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.weighted", "action.0.type", "forward"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.weighted", "action.0.forward.#", "1"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.weighted", "action.0.forward.0.target_group.#", "2"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.weighted", "action.0.forward.0.stickiness.0.enabled", "true"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.weighted", "action.0.forward.0.stickiness.0.duration", "3600"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.weighted", "action.0.redirect.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.weighted", "action.0.fixed_response.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.weighted", "action.0.authenticate_cognito.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.weighted", "action.0.authenticate_oidc.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.weighted", "condition.#", "1"), + testAccCheckAWSLBListenerRuleExists(resourceName, &conf), + testAccMatchResourceAttrRegionalARN(resourceName, "arn", "elasticloadbalancing", regexp.MustCompile("listener-rule/.+$")), + testAccMatchResourceAttrRegionalARN(resourceName, "listener_arn", "elasticloadbalancing", regexp.MustCompile("listener/.+$")), + resource.TestCheckResourceAttr(resourceName, "priority", "100"), + resource.TestCheckResourceAttr(resourceName, "action.#", "1"), + resource.TestCheckResourceAttr(resourceName, "action.0.order", "1"), + resource.TestCheckResourceAttr(resourceName, "action.0.type", "forward"), + resource.TestCheckResourceAttr(resourceName, "action.0.forward.#", "1"), + resource.TestCheckResourceAttr(resourceName, "action.0.forward.0.target_group.#", "2"), + resource.TestCheckResourceAttr(resourceName, "action.0.forward.0.stickiness.0.enabled", "true"), + resource.TestCheckResourceAttr(resourceName, "action.0.forward.0.stickiness.0.duration", "3600"), + resource.TestCheckResourceAttr(resourceName, "action.0.redirect.#", "0"), + resource.TestCheckResourceAttr(resourceName, "action.0.fixed_response.#", "0"), + resource.TestCheckResourceAttr(resourceName, "action.0.authenticate_cognito.#", "0"), + resource.TestCheckResourceAttr(resourceName, "action.0.authenticate_oidc.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.#", "1"), ), }, { Config: testAccAWSLBListenerRuleConfig_changeForwardWeightedToBasic(lbName, targetGroupName1, targetGroupName2), Check: resource.ComposeAggregateTestCheckFunc( - testAccCheckAWSLBListenerRuleExists("aws_lb_listener_rule.weighted", &conf), - testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.weighted", "arn", "elasticloadbalancing", regexp.MustCompile("listener-rule/.+$")), - testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.weighted", "listener_arn", "elasticloadbalancing", regexp.MustCompile("listener/.+$")), - resource.TestCheckResourceAttr("aws_lb_listener_rule.weighted", "priority", "100"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.weighted", "action.#", "1"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.weighted", "action.0.order", "1"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.weighted", "action.0.type", "forward"), - testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.weighted", "action.0.target_group_arn", "elasticloadbalancing", regexp.MustCompile("targetgroup/.+$")), - resource.TestCheckResourceAttrPair("aws_lb_listener_rule.weighted", "action.0.target_group_arn", "aws_lb_target_group.test1", "arn"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.weighted", "action.0.redirect.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.weighted", "action.0.fixed_response.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.weighted", "action.0.authenticate_cognito.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.weighted", "action.0.authenticate_oidc.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.weighted", "condition.#", "1"), + testAccCheckAWSLBListenerRuleExists(resourceName, &conf), + testAccMatchResourceAttrRegionalARN(resourceName, "arn", "elasticloadbalancing", regexp.MustCompile("listener-rule/.+$")), + testAccMatchResourceAttrRegionalARN(resourceName, "listener_arn", "elasticloadbalancing", regexp.MustCompile("listener/.+$")), + resource.TestCheckResourceAttr(resourceName, "priority", "100"), + resource.TestCheckResourceAttr(resourceName, "action.#", "1"), + resource.TestCheckResourceAttr(resourceName, "action.0.order", "1"), + resource.TestCheckResourceAttr(resourceName, "action.0.type", "forward"), + testAccMatchResourceAttrRegionalARN(resourceName, "action.0.target_group_arn", "elasticloadbalancing", regexp.MustCompile("targetgroup/.+$")), + resource.TestCheckResourceAttrPair(resourceName, "action.0.target_group_arn", "aws_lb_target_group.test1", "arn"), + resource.TestCheckResourceAttr(resourceName, "action.0.redirect.#", "0"), + resource.TestCheckResourceAttr(resourceName, "action.0.fixed_response.#", "0"), + resource.TestCheckResourceAttr(resourceName, "action.0.authenticate_cognito.#", "0"), + resource.TestCheckResourceAttr(resourceName, "action.0.authenticate_oidc.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.#", "1"), ), }, }, diff --git a/aws/resource_aws_lb_listener_test.go b/aws/resource_aws_lb_listener_test.go index ebcb0f1cdfc..1d17b6c0be6 100644 --- a/aws/resource_aws_lb_listener_test.go +++ b/aws/resource_aws_lb_listener_test.go @@ -46,70 +46,71 @@ func TestAccAWSLBListener_basic(t *testing.T) { func TestAccAWSLBListener_forwardWeighted(t *testing.T) { var conf elbv2.Listener + resourceName := "aws_lb_listener.weighted" lbName := fmt.Sprintf("testlistener-basic-%s", acctest.RandStringFromCharSet(13, acctest.CharSetAlphaNum)) targetGroupName1 := fmt.Sprintf("testtargetgroup-%s", acctest.RandStringFromCharSet(10, acctest.CharSetAlphaNum)) targetGroupName2 := fmt.Sprintf("testtargetgroup-%s", acctest.RandStringFromCharSet(10, acctest.CharSetAlphaNum)) resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, - IDRefreshName: "aws_lb_listener.weighted", + IDRefreshName: resourceName, Providers: testAccProviders, CheckDestroy: testAccCheckAWSLBListenerDestroy, Steps: []resource.TestStep{ { Config: testAccAWSLBListenerConfig_forwardWeighted(lbName, targetGroupName1, targetGroupName2), Check: resource.ComposeAggregateTestCheckFunc( - testAccCheckAWSLBListenerExists("aws_lb_listener.weighted", &conf), - testAccMatchResourceAttrRegionalARN("aws_lb_listener.weighted", "load_balancer_arn", "elasticloadbalancing", regexp.MustCompile("loadbalancer/.+$")), - testAccMatchResourceAttrRegionalARN("aws_lb_listener.weighted", "arn", "elasticloadbalancing", regexp.MustCompile("listener/.+$")), - resource.TestCheckResourceAttr("aws_lb_listener.weighted", "protocol", "HTTP"), - resource.TestCheckResourceAttr("aws_lb_listener.weighted", "port", "80"), - resource.TestCheckResourceAttr("aws_lb_listener.weighted", "default_action.#", "1"), - resource.TestCheckResourceAttr("aws_lb_listener.weighted", "default_action.0.order", "1"), - resource.TestCheckResourceAttr("aws_lb_listener.weighted", "default_action.0.type", "forward"), - resource.TestCheckResourceAttr("aws_lb_listener.weighted", "default_action.0.forward.#", "1"), - resource.TestCheckResourceAttr("aws_lb_listener.weighted", "default_action.0.forward.0.target_group.#", "2"), - resource.TestCheckResourceAttr("aws_lb_listener.weighted", "default_action.0.forward.0.stickiness.0.enabled", "false"), - resource.TestCheckResourceAttr("aws_lb_listener.weighted", "default_action.0.forward.0.stickiness.0.duration", "0"), - resource.TestCheckResourceAttr("aws_lb_listener.weighted", "default_action.0.redirect.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener.weighted", "default_action.0.fixed_response.#", "0"), + testAccCheckAWSLBListenerExists(resourceName, &conf), + testAccMatchResourceAttrRegionalARN(resourceName, "load_balancer_arn", "elasticloadbalancing", regexp.MustCompile("loadbalancer/.+$")), + testAccMatchResourceAttrRegionalARN(resourceName, "arn", "elasticloadbalancing", regexp.MustCompile("listener/.+$")), + resource.TestCheckResourceAttr(resourceName, "protocol", "HTTP"), + resource.TestCheckResourceAttr(resourceName, "port", "80"), + resource.TestCheckResourceAttr(resourceName, "default_action.#", "1"), + resource.TestCheckResourceAttr(resourceName, "default_action.0.order", "1"), + resource.TestCheckResourceAttr(resourceName, "default_action.0.type", "forward"), + resource.TestCheckResourceAttr(resourceName, "default_action.0.forward.#", "1"), + resource.TestCheckResourceAttr(resourceName, "default_action.0.forward.0.target_group.#", "2"), + resource.TestCheckResourceAttr(resourceName, "default_action.0.forward.0.stickiness.0.enabled", "false"), + resource.TestCheckResourceAttr(resourceName, "default_action.0.forward.0.stickiness.0.duration", "0"), + resource.TestCheckResourceAttr(resourceName, "default_action.0.redirect.#", "0"), + resource.TestCheckResourceAttr(resourceName, "default_action.0.fixed_response.#", "0"), ), }, { Config: testAccAWSLBListenerConfig_changeForwardWeightedStickiness(lbName, targetGroupName1, targetGroupName2), Check: resource.ComposeAggregateTestCheckFunc( - testAccCheckAWSLBListenerExists("aws_lb_listener.weighted", &conf), - testAccMatchResourceAttrRegionalARN("aws_lb_listener.weighted", "load_balancer_arn", "elasticloadbalancing", regexp.MustCompile("loadbalancer/.+$")), - testAccMatchResourceAttrRegionalARN("aws_lb_listener.weighted", "arn", "elasticloadbalancing", regexp.MustCompile("listener/.+$")), - resource.TestCheckResourceAttr("aws_lb_listener.weighted", "protocol", "HTTP"), - resource.TestCheckResourceAttr("aws_lb_listener.weighted", "port", "80"), - resource.TestCheckResourceAttr("aws_lb_listener.weighted", "default_action.#", "1"), - resource.TestCheckResourceAttr("aws_lb_listener.weighted", "default_action.0.order", "1"), - resource.TestCheckResourceAttr("aws_lb_listener.weighted", "default_action.0.type", "forward"), - resource.TestCheckResourceAttr("aws_lb_listener.weighted", "default_action.0.forward.#", "1"), - resource.TestCheckResourceAttr("aws_lb_listener.weighted", "default_action.0.forward.0.target_group.#", "2"), - resource.TestCheckResourceAttr("aws_lb_listener.weighted", "default_action.0.forward.0.stickiness.0.enabled", "true"), - resource.TestCheckResourceAttr("aws_lb_listener.weighted", "default_action.0.forward.0.stickiness.0.duration", "3600"), - resource.TestCheckResourceAttr("aws_lb_listener.weighted", "default_action.0.redirect.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener.weighted", "default_action.0.fixed_response.#", "0"), + testAccCheckAWSLBListenerExists(resourceName, &conf), + testAccMatchResourceAttrRegionalARN(resourceName, "load_balancer_arn", "elasticloadbalancing", regexp.MustCompile("loadbalancer/.+$")), + testAccMatchResourceAttrRegionalARN(resourceName, "arn", "elasticloadbalancing", regexp.MustCompile("listener/.+$")), + resource.TestCheckResourceAttr(resourceName, "protocol", "HTTP"), + resource.TestCheckResourceAttr(resourceName, "port", "80"), + resource.TestCheckResourceAttr(resourceName, "default_action.#", "1"), + resource.TestCheckResourceAttr(resourceName, "default_action.0.order", "1"), + resource.TestCheckResourceAttr(resourceName, "default_action.0.type", "forward"), + resource.TestCheckResourceAttr(resourceName, "default_action.0.forward.#", "1"), + resource.TestCheckResourceAttr(resourceName, "default_action.0.forward.0.target_group.#", "2"), + resource.TestCheckResourceAttr(resourceName, "default_action.0.forward.0.stickiness.0.enabled", "true"), + resource.TestCheckResourceAttr(resourceName, "default_action.0.forward.0.stickiness.0.duration", "3600"), + resource.TestCheckResourceAttr(resourceName, "default_action.0.redirect.#", "0"), + resource.TestCheckResourceAttr(resourceName, "default_action.0.fixed_response.#", "0"), ), }, { Config: testAccAWSLBListenerConfig_changeForwardWeightedToBasic(lbName, targetGroupName1, targetGroupName2), Check: resource.ComposeAggregateTestCheckFunc( - testAccCheckAWSLBListenerExists("aws_lb_listener.weighted", &conf), - testAccMatchResourceAttrRegionalARN("aws_lb_listener.weighted", "load_balancer_arn", "elasticloadbalancing", regexp.MustCompile("loadbalancer/.+$")), - testAccMatchResourceAttrRegionalARN("aws_lb_listener.weighted", "arn", "elasticloadbalancing", regexp.MustCompile("listener/.+$")), - resource.TestCheckResourceAttr("aws_lb_listener.weighted", "protocol", "HTTP"), - resource.TestCheckResourceAttr("aws_lb_listener.weighted", "port", "80"), - resource.TestCheckResourceAttr("aws_lb_listener.weighted", "default_action.#", "1"), - resource.TestCheckResourceAttr("aws_lb_listener.weighted", "default_action.0.order", "1"), - resource.TestCheckResourceAttr("aws_lb_listener.weighted", "default_action.0.type", "forward"), - resource.TestCheckResourceAttrSet("aws_lb_listener.weighted", "default_action.0.target_group_arn"), - testAccMatchResourceAttrRegionalARN("aws_lb_listener.weighted", "default_action.0.target_group_arn", "elasticloadbalancing", regexp.MustCompile("targetgroup/.+$")), - resource.TestCheckResourceAttrPair("aws_lb_listener.weighted", "default_action.0.target_group_arn", "aws_lb_target_group.test1", "arn"), - resource.TestCheckResourceAttr("aws_lb_listener.weighted", "default_action.0.redirect.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener.weighted", "default_action.0.fixed_response.#", "0"), + testAccCheckAWSLBListenerExists(resourceName, &conf), + testAccMatchResourceAttrRegionalARN(resourceName, "load_balancer_arn", "elasticloadbalancing", regexp.MustCompile("loadbalancer/.+$")), + testAccMatchResourceAttrRegionalARN(resourceName, "arn", "elasticloadbalancing", regexp.MustCompile("listener/.+$")), + resource.TestCheckResourceAttr(resourceName, "protocol", "HTTP"), + resource.TestCheckResourceAttr(resourceName, "port", "80"), + resource.TestCheckResourceAttr(resourceName, "default_action.#", "1"), + resource.TestCheckResourceAttr(resourceName, "default_action.0.order", "1"), + resource.TestCheckResourceAttr(resourceName, "default_action.0.type", "forward"), + resource.TestCheckResourceAttrSet(resourceName, "default_action.0.target_group_arn"), + testAccMatchResourceAttrRegionalARN(resourceName, "default_action.0.target_group_arn", "elasticloadbalancing", regexp.MustCompile("targetgroup/.+$")), + resource.TestCheckResourceAttrPair(resourceName, "default_action.0.target_group_arn", "aws_lb_target_group.test1", "arn"), + resource.TestCheckResourceAttr(resourceName, "default_action.0.redirect.#", "0"), + resource.TestCheckResourceAttr(resourceName, "default_action.0.fixed_response.#", "0"), ), }, }, From ddebf3bbdf336bace4c200186b65345bde402249 Mon Sep 17 00:00:00 2001 From: Pavel Platto Date: Sun, 31 May 2020 22:42:37 +0200 Subject: [PATCH 415/475] Fix typo in Athena workgroup validation regex --- aws/resource_aws_athena_workgroup.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/aws/resource_aws_athena_workgroup.go b/aws/resource_aws_athena_workgroup.go index 7dacaca8b5e..8b2960bf414 100644 --- a/aws/resource_aws_athena_workgroup.go +++ b/aws/resource_aws_athena_workgroup.go @@ -103,7 +103,7 @@ func resourceAwsAthenaWorkgroup() *schema.Resource { ForceNew: true, ValidateFunc: validation.All( validation.StringLenBetween(1, 128), - validation.StringMatch(regexp.MustCompile(`^[a-zA-z0-9._-]+$`), "must contain only alphanumeric characters, periods, underscores, and hyphens"), + validation.StringMatch(regexp.MustCompile(`^[a-zA-Z0-9._-]+$`), "must contain only alphanumeric characters, periods, underscores, and hyphens"), ), }, "state": { From 9979cf6e182f03412bc196355f95b1424eab3698 Mon Sep 17 00:00:00 2001 From: Donovan Carthew Date: Thu, 13 Feb 2020 16:18:29 +0200 Subject: [PATCH 416/475] Fix for SES configuration sets state and error handling --- aws/resource_aws_ses_configuration_set.go | 37 ++++----- ...resource_aws_ses_configuration_set_test.go | 77 ++++++++++--------- go.sum | 6 ++ 3 files changed, 64 insertions(+), 56 deletions(-) diff --git a/aws/resource_aws_ses_configuration_set.go b/aws/resource_aws_ses_configuration_set.go index 3e2ed511aad..39624405f95 100644 --- a/aws/resource_aws_ses_configuration_set.go +++ b/aws/resource_aws_ses_configuration_set.go @@ -5,6 +5,7 @@ import ( "log" "github.com/aws/aws-sdk-go/aws" + "github.com/aws/aws-sdk-go/aws/awserr" "github.com/aws/aws-sdk-go/service/ses" "github.com/hashicorp/terraform-plugin-sdk/helper/schema" ) @@ -50,7 +51,11 @@ func resourceAwsSesConfigurationSetCreate(d *schema.ResourceData, meta interface } func resourceAwsSesConfigurationSetRead(d *schema.ResourceData, meta interface{}) error { - configurationSetExists, err := findConfigurationSet(d.Id(), nil, meta) + configurationSetExists, err := findConfigurationSet(d.Id(), meta) + + if err != nil { + return err + } if !configurationSetExists { log.Printf("[WARN] SES Configuration Set (%s) not found", d.Id()) @@ -58,10 +63,6 @@ func resourceAwsSesConfigurationSetRead(d *schema.ResourceData, meta interface{} return nil } - if err != nil { - return err - } - d.Set("name", d.Id()) return nil @@ -78,28 +79,28 @@ func resourceAwsSesConfigurationSetDelete(d *schema.ResourceData, meta interface return err } -func findConfigurationSet(name string, token *string, meta interface{}) (bool, error) { - conn := meta.(*AWSClient).sesconn +func findConfigurationSet(name string, meta interface{}) (bool, error) { + conn := meta.(*AWSClient).sesConn configurationSetExists := false - listOpts := &ses.ListConfigurationSetsInput{ - NextToken: token, + configSetInput := &ses.DescribeConfigurationSetInput{ + ConfigurationSetName: aws.String(name), } - response, err := conn.ListConfigurationSets(listOpts) - for _, element := range response.ConfigurationSets { - if *element.Name == name { - configurationSetExists = true + response, err := conn.DescribeConfigurationSet(configSetInput) + + if err != nil { + if aerr, ok := err.(awserr.Error); ok && aerr.Code() == "ConfigurationSetDoesNotExist" { + return configurationSetExists, nil } + return false, err } - if err != nil && !configurationSetExists && response.NextToken != nil { - configurationSetExists, err = findConfigurationSet(name, response.NextToken, meta) - } + respString := *response.ConfigurationSet.Name - if err != nil { - return false, err + if respString == name { + configurationSetExists = true } return configurationSetExists, nil diff --git a/aws/resource_aws_ses_configuration_set_test.go b/aws/resource_aws_ses_configuration_set_test.go index d98b8005e32..be11b50434b 100644 --- a/aws/resource_aws_ses_configuration_set_test.go +++ b/aws/resource_aws_ses_configuration_set_test.go @@ -6,6 +6,7 @@ import ( "testing" "github.com/aws/aws-sdk-go/aws" + "github.com/aws/aws-sdk-go/aws/awserr" "github.com/aws/aws-sdk-go/service/ses" "github.com/hashicorp/go-multierror" "github.com/hashicorp/terraform-plugin-sdk/helper/acctest" @@ -68,6 +69,8 @@ func testSweepSesConfigurationSets(region string) error { } func TestAccAWSSESConfigurationSet_basic(t *testing.T) { + var escRandomInteger = acctest.RandInt() + resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) @@ -77,7 +80,7 @@ func TestAccAWSSESConfigurationSet_basic(t *testing.T) { CheckDestroy: testAccCheckSESConfigurationSetDestroy, Steps: []resource.TestStep{ { - Config: testAccAWSSESConfigurationSetConfig, + Config: testAccAWSSESConfigurationSetConfig(escRandomInteger), Check: resource.ComposeTestCheckFunc( testAccCheckAwsSESConfigurationSetExists("aws_ses_configuration_set.test"), ), @@ -91,36 +94,6 @@ func TestAccAWSSESConfigurationSet_basic(t *testing.T) { }) } -func testAccCheckSESConfigurationSetDestroy(s *terraform.State) error { - conn := testAccProvider.Meta().(*AWSClient).sesconn - - for _, rs := range s.RootModule().Resources { - if rs.Type != "aws_ses_configuration_set" { - continue - } - - response, err := conn.ListConfigurationSets(&ses.ListConfigurationSetsInput{}) - if err != nil { - return err - } - - found := false - for _, element := range response.ConfigurationSets { - if *element.Name == fmt.Sprintf("some-configuration-set-%d", escRandomInteger) { - found = true - } - } - - if found { - return fmt.Errorf("The configuration set still exists") - } - - } - - return nil - -} - func testAccCheckAwsSESConfigurationSetExists(n string) resource.TestCheckFunc { return func(s *terraform.State) error { rs, ok := s.RootModule().Resources[n] @@ -134,16 +107,19 @@ func testAccCheckAwsSESConfigurationSetExists(n string) resource.TestCheckFunc { conn := testAccProvider.Meta().(*AWSClient).sesconn - response, err := conn.ListConfigurationSets(&ses.ListConfigurationSetsInput{}) + response, err := conn.DescribeConfigurationSet(&ses.DescribeConfigurationSetInput{ + ConfigurationSetName: aws.String(rs.Primary.ID), + }) + if err != nil { return err } found := false - for _, element := range response.ConfigurationSets { - if *element.Name == fmt.Sprintf("some-configuration-set-%d", escRandomInteger) { - found = true - } + respString := *response.ConfigurationSet.Name + + if respString == rs.Primary.ID { + found = true } if !found { @@ -154,9 +130,34 @@ func testAccCheckAwsSESConfigurationSetExists(n string) resource.TestCheckFunc { } } -var escRandomInteger = acctest.RandInt() -var testAccAWSSESConfigurationSetConfig = fmt.Sprintf(` +func testAccCheckSESConfigurationSetDestroy(s *terraform.State) error { + conn := testAccProvider.Meta().(*AWSClient).sesConn + + for _, rs := range s.RootModule().Resources { + if rs.Type != "aws_ses_configuration_set" { + continue + } + + _, err := conn.DescribeConfigurationSet(&ses.DescribeConfigurationSetInput{ + ConfigurationSetName: aws.String(rs.Primary.ID), + }) + + if err == nil { + if aerr, ok := err.(awserr.Error); ok && aerr.Code() == "ConfigurationSetDoesNotExist" { + return fmt.Errorf("The configuration set still exists") + } + return fmt.Errorf("An error occurred: %s", err) + } + } + + return nil + +} + +func testAccAWSSESConfigurationSetConfig(escRandomInteger int) string { + return fmt.Sprintf(` resource "aws_ses_configuration_set" "test" { name = "some-configuration-set-%d" } `, escRandomInteger) +} diff --git a/go.sum b/go.sum index ee2aecf6890..c775d2fd379 100644 --- a/go.sum +++ b/go.sum @@ -39,8 +39,14 @@ github.com/armon/go-radix v1.0.0 h1:F4z6KzEeeQIMeLFa97iZU6vupzoecKdU5TX24SNppXI= github.com/armon/go-radix v1.0.0/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgIH9cCH8= github.com/aws/aws-sdk-go v1.15.78/go.mod h1:E3/ieXAlvM0XWO57iftYVDLLvQ824smPP3ATZkfNZeM= github.com/aws/aws-sdk-go v1.25.3/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpiN924inxo= +<<<<<<< HEAD github.com/aws/aws-sdk-go v1.31.2 h1:REYLkyG1EGES8SJS0QsUwvWix9oQwUbJ8HLgMxUHpKo= github.com/aws/aws-sdk-go v1.31.2/go.mod h1:5zCpMtNQVjRREroY7sYe8lOMRSxkhG6MZveU8YkpAk0= +======= +github.com/aws/aws-sdk-go v1.28.9 h1:grIuBQc+p3dTRXerh5+2OxSuWFi0iXuxbFdTSg0jaW0= +github.com/aws/aws-sdk-go v1.28.9/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpiN924inxo= +github.com/aws/aws-sdk-go v1.29.1 h1:U2vZ5WprhGAMjzb4bKVzl2QecUtZFW2BXVqa5bnd+OY= +>>>>>>> 062343253... Fix for SES configuration sets state and error handling github.com/beevik/etree v1.1.0 h1:T0xke/WvNtMoCqgzPhkX2r4rjY3GDZFi+FjpRZY2Jbs= github.com/beevik/etree v1.1.0/go.mod h1:r8Aw8JqVegEf0w2fDnATrX9VpkMcyFeM0FhwO62wh+A= github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= From 40e9aafdb65e6133839db8f90fa275cf442a100a Mon Sep 17 00:00:00 2001 From: Donovan Carthew Date: Fri, 14 Feb 2020 12:41:56 +0200 Subject: [PATCH 417/475] BAU Fix deps --- go.sum | 6 ------ 1 file changed, 6 deletions(-) diff --git a/go.sum b/go.sum index c775d2fd379..ee2aecf6890 100644 --- a/go.sum +++ b/go.sum @@ -39,14 +39,8 @@ github.com/armon/go-radix v1.0.0 h1:F4z6KzEeeQIMeLFa97iZU6vupzoecKdU5TX24SNppXI= github.com/armon/go-radix v1.0.0/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgIH9cCH8= github.com/aws/aws-sdk-go v1.15.78/go.mod h1:E3/ieXAlvM0XWO57iftYVDLLvQ824smPP3ATZkfNZeM= github.com/aws/aws-sdk-go v1.25.3/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpiN924inxo= -<<<<<<< HEAD github.com/aws/aws-sdk-go v1.31.2 h1:REYLkyG1EGES8SJS0QsUwvWix9oQwUbJ8HLgMxUHpKo= github.com/aws/aws-sdk-go v1.31.2/go.mod h1:5zCpMtNQVjRREroY7sYe8lOMRSxkhG6MZveU8YkpAk0= -======= -github.com/aws/aws-sdk-go v1.28.9 h1:grIuBQc+p3dTRXerh5+2OxSuWFi0iXuxbFdTSg0jaW0= -github.com/aws/aws-sdk-go v1.28.9/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpiN924inxo= -github.com/aws/aws-sdk-go v1.29.1 h1:U2vZ5WprhGAMjzb4bKVzl2QecUtZFW2BXVqa5bnd+OY= ->>>>>>> 062343253... Fix for SES configuration sets state and error handling github.com/beevik/etree v1.1.0 h1:T0xke/WvNtMoCqgzPhkX2r4rjY3GDZFi+FjpRZY2Jbs= github.com/beevik/etree v1.1.0/go.mod h1:r8Aw8JqVegEf0w2fDnATrX9VpkMcyFeM0FhwO62wh+A= github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= From 85f9fabc84313176a4fa58c5d127428f5eaa9405 Mon Sep 17 00:00:00 2001 From: Donovan Carthew Date: Sun, 16 Feb 2020 23:44:24 +0200 Subject: [PATCH 418/475] Fix string handling --- aws/resource_aws_ses_configuration_set.go | 4 +--- aws/resource_aws_ses_configuration_set_test.go | 3 +-- 2 files changed, 2 insertions(+), 5 deletions(-) diff --git a/aws/resource_aws_ses_configuration_set.go b/aws/resource_aws_ses_configuration_set.go index 39624405f95..7c3623ec745 100644 --- a/aws/resource_aws_ses_configuration_set.go +++ b/aws/resource_aws_ses_configuration_set.go @@ -97,9 +97,7 @@ func findConfigurationSet(name string, meta interface{}) (bool, error) { return false, err } - respString := *response.ConfigurationSet.Name - - if respString == name { + if *response.ConfigurationSet.Name == name { configurationSetExists = true } diff --git a/aws/resource_aws_ses_configuration_set_test.go b/aws/resource_aws_ses_configuration_set_test.go index be11b50434b..95e08c8f037 100644 --- a/aws/resource_aws_ses_configuration_set_test.go +++ b/aws/resource_aws_ses_configuration_set_test.go @@ -116,9 +116,8 @@ func testAccCheckAwsSESConfigurationSetExists(n string) resource.TestCheckFunc { } found := false - respString := *response.ConfigurationSet.Name - if respString == rs.Primary.ID { + if *response.ConfigurationSet.Name == rs.Primary.ID { found = true } From e7c2bcff45e81549722819a639e7800af37d456e Mon Sep 17 00:00:00 2001 From: Donovan Carthew Date: Thu, 28 May 2020 23:53:17 +0200 Subject: [PATCH 419/475] Update based on PR review feedback --- aws/resource_aws_ses_configuration_set.go | 5 ++--- ...resource_aws_ses_configuration_set_test.go | 21 ++++++------------- 2 files changed, 8 insertions(+), 18 deletions(-) diff --git a/aws/resource_aws_ses_configuration_set.go b/aws/resource_aws_ses_configuration_set.go index 7c3623ec745..d8e01d598a1 100644 --- a/aws/resource_aws_ses_configuration_set.go +++ b/aws/resource_aws_ses_configuration_set.go @@ -5,7 +5,6 @@ import ( "log" "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/aws/awserr" "github.com/aws/aws-sdk-go/service/ses" "github.com/hashicorp/terraform-plugin-sdk/helper/schema" ) @@ -91,13 +90,13 @@ func findConfigurationSet(name string, meta interface{}) (bool, error) { response, err := conn.DescribeConfigurationSet(configSetInput) if err != nil { - if aerr, ok := err.(awserr.Error); ok && aerr.Code() == "ConfigurationSetDoesNotExist" { + if isAWSErr(err, ses.ErrCodeConfigurationSetDoesNotExistException, "") { return configurationSetExists, nil } return false, err } - if *response.ConfigurationSet.Name == name { + if aws.StringValue(response.ConfigurationSet.Name) == name { configurationSetExists = true } diff --git a/aws/resource_aws_ses_configuration_set_test.go b/aws/resource_aws_ses_configuration_set_test.go index 95e08c8f037..2e3b64466cb 100644 --- a/aws/resource_aws_ses_configuration_set_test.go +++ b/aws/resource_aws_ses_configuration_set_test.go @@ -6,7 +6,6 @@ import ( "testing" "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/aws/awserr" "github.com/aws/aws-sdk-go/service/ses" "github.com/hashicorp/go-multierror" "github.com/hashicorp/terraform-plugin-sdk/helper/acctest" @@ -115,17 +114,11 @@ func testAccCheckAwsSESConfigurationSetExists(n string) resource.TestCheckFunc { return err } - found := false - - if *response.ConfigurationSet.Name == rs.Primary.ID { - found = true - } - - if !found { + if aws.StringValue(response.ConfigurationSet.Name) != rs.Primary.ID { return fmt.Errorf("The configuration set was not created") } - return nil + } } @@ -141,16 +134,14 @@ func testAccCheckSESConfigurationSetDestroy(s *terraform.State) error { ConfigurationSetName: aws.String(rs.Primary.ID), }) - if err == nil { - if aerr, ok := err.(awserr.Error); ok && aerr.Code() == "ConfigurationSetDoesNotExist" { - return fmt.Errorf("The configuration set still exists") + if err != nil { + if isAWSErr(err, ses.ErrCodeConfigurationSetDoesNotExistException, "") { + return nil } - return fmt.Errorf("An error occurred: %s", err) + return err } } - return nil - } func testAccAWSSESConfigurationSetConfig(escRandomInteger int) string { From 12f8a5e49ce89ffc11d86e18cb049142e9dc6f6e Mon Sep 17 00:00:00 2001 From: Donovan Carthew Date: Sun, 31 May 2020 22:53:34 +0200 Subject: [PATCH 420/475] Moved findConfigurationSet logic into resource Read function --- aws/resource_aws_ses_configuration_set.go | 46 +++++++---------------- 1 file changed, 13 insertions(+), 33 deletions(-) diff --git a/aws/resource_aws_ses_configuration_set.go b/aws/resource_aws_ses_configuration_set.go index d8e01d598a1..95945ddd442 100644 --- a/aws/resource_aws_ses_configuration_set.go +++ b/aws/resource_aws_ses_configuration_set.go @@ -50,19 +50,24 @@ func resourceAwsSesConfigurationSetCreate(d *schema.ResourceData, meta interface } func resourceAwsSesConfigurationSetRead(d *schema.ResourceData, meta interface{}) error { - configurationSetExists, err := findConfigurationSet(d.Id(), meta) + conn := meta.(*AWSClient).sesConn - if err != nil { - return err + configSetInput := &ses.DescribeConfigurationSetInput{ + ConfigurationSetName: aws.String(d.Id()), } - if !configurationSetExists { - log.Printf("[WARN] SES Configuration Set (%s) not found", d.Id()) - d.SetId("") - return nil + response, err := conn.DescribeConfigurationSet(configSetInput) + + if err != nil { + if isAWSErr(err, ses.ErrCodeConfigurationSetDoesNotExistException, "") { + log.Printf("[WARN] SES Configuration Set (%s) not found, removing from state", d.Id()) + d.SetId("") + return nil + } + return err } - d.Set("name", d.Id()) + d.Set("name", aws.StringValue(response.ConfigurationSet.Name)) return nil } @@ -77,28 +82,3 @@ func resourceAwsSesConfigurationSetDelete(d *schema.ResourceData, meta interface return err } - -func findConfigurationSet(name string, meta interface{}) (bool, error) { - conn := meta.(*AWSClient).sesConn - - configurationSetExists := false - - configSetInput := &ses.DescribeConfigurationSetInput{ - ConfigurationSetName: aws.String(name), - } - - response, err := conn.DescribeConfigurationSet(configSetInput) - - if err != nil { - if isAWSErr(err, ses.ErrCodeConfigurationSetDoesNotExistException, "") { - return configurationSetExists, nil - } - return false, err - } - - if aws.StringValue(response.ConfigurationSet.Name) == name { - configurationSetExists = true - } - - return configurationSetExists, nil -} From 76d68c2febcec7a0e04bed216fcdba4cd0239c3f Mon Sep 17 00:00:00 2001 From: Donovan Carthew Date: Sun, 31 May 2020 23:19:07 +0200 Subject: [PATCH 421/475] Rebased --- aws/resource_aws_ses_configuration_set.go | 2 +- aws/resource_aws_ses_configuration_set_test.go | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/aws/resource_aws_ses_configuration_set.go b/aws/resource_aws_ses_configuration_set.go index 95945ddd442..f040158464a 100644 --- a/aws/resource_aws_ses_configuration_set.go +++ b/aws/resource_aws_ses_configuration_set.go @@ -50,7 +50,7 @@ func resourceAwsSesConfigurationSetCreate(d *schema.ResourceData, meta interface } func resourceAwsSesConfigurationSetRead(d *schema.ResourceData, meta interface{}) error { - conn := meta.(*AWSClient).sesConn + conn := meta.(*AWSClient).sesconn configSetInput := &ses.DescribeConfigurationSetInput{ ConfigurationSetName: aws.String(d.Id()), diff --git a/aws/resource_aws_ses_configuration_set_test.go b/aws/resource_aws_ses_configuration_set_test.go index 2e3b64466cb..f040c2c32a3 100644 --- a/aws/resource_aws_ses_configuration_set_test.go +++ b/aws/resource_aws_ses_configuration_set_test.go @@ -123,7 +123,7 @@ func testAccCheckAwsSESConfigurationSetExists(n string) resource.TestCheckFunc { } func testAccCheckSESConfigurationSetDestroy(s *terraform.State) error { - conn := testAccProvider.Meta().(*AWSClient).sesConn + conn := testAccProvider.Meta().(*AWSClient).sesconn for _, rs := range s.RootModule().Resources { if rs.Type != "aws_ses_configuration_set" { From f9f09f5ca49a387851996d7dc7b9abc4131ebd80 Mon Sep 17 00:00:00 2001 From: Brian Flad Date: Mon, 1 Jun 2020 11:25:10 -0400 Subject: [PATCH 422/475] docs/provider: Add Acceptance Test Sweeper section to Contributing Guide (#13526) * docs/provider: Add Acceptance Test Sweeper section to Contributing Guide * docs/provider: Update acceptance tests table of contents * docs/provider: Fix wording in Acceptance Test Sweepers section lead-in --- .../running-and-writing-acceptance-tests.md | 147 ++++++++++++++++++ 1 file changed, 147 insertions(+) diff --git a/docs/contributing/running-and-writing-acceptance-tests.md b/docs/contributing/running-and-writing-acceptance-tests.md index 9ff7f1954c6..fbb2caccc52 100644 --- a/docs/contributing/running-and-writing-acceptance-tests.md +++ b/docs/contributing/running-and-writing-acceptance-tests.md @@ -20,6 +20,9 @@ - [Cross-Account Acceptance Tests](#cross-account-acceptance-tests) - [Cross-Region Acceptance Tests](#cross-region-acceptance-tests) - [Data Source Acceptance Testing](#data-source-acceptance-testing) +- [Acceptance Test Sweepers](#acceptance-test-sweepers) + - [Running Test Sweepers](#running-test-sweepers) + - [Writing Test Sweepers](#writing-test-sweepers) - [Acceptance Test Checklist](#acceptance-test-checklist) Terraform includes an acceptance test harness that does most of the repetitive @@ -807,6 +810,150 @@ data "aws_example_thing" "test" { } ``` +## Acceptance Test Sweepers + +When running the acceptance tests, especially when developing or troubleshooting Terraform resources, its possible for code bugs or other issues to prevent the proper destruction of AWS infrastructure. To prevent lingering resources from consuming quota or causing unexpected billing, the Terraform Plugin SDK supports the test sweeper framework to clear out an AWS region of all resources. This section is meant to augment the [Extending Terraform documentation on test sweepers](https://www.terraform.io/docs/extend/testing/acceptance-tests/sweepers.html) with Terraform AWS Provider specific details. + +### Running Test Sweepers + +**WARNING: Test Sweepers will destroy AWS infrastructure and backups in the target AWS account and region! These are designed to override any API deletion protection. Never run these outside a development AWS account that should be completely empty of resources.** + +To run the sweepers for all resources in `us-west-2` and `us-east-1` (default testing regions): + +```console +$ make sweep +``` + +To run a specific resource sweeper: + +```console +$ SWEEPARGS=-sweep-run=aws_example_thing make sweep +``` + +### Writing Test Sweepers + +The first step is to initialize the resource into the test sweeper framework: + +```go +func init() { + resource.AddTestSweepers("aws_example_thing", &resource.Sweeper{ + Name: "aws_example_thing", + F: testSweepExampleThings, + // Optionally + Dependencies: []string{ + "aws_other_thing", + }, + }) +} +``` + +Then add the actual implementation. Preferably, if a paginated SDK call is available: + +```go +func testSweepExampleThings(region string) error { + client, err := sharedClientForRegion(region) + + if err != nil { + return fmt.Errorf("error getting client: %w", err) + } + + conn := client.(*AWSClient).exampleconn + input := &example.ListThingsInput{} + var sweeperErrs *multierror.Error + + err = conn.ListThingsPages(input, func(page *example.ListThingsOutput, isLast bool) bool { + if page == nil { + return !isLast + } + + for _, thing := range page.Things { + id := aws.StringValue(thing.Id) + input := &example.DeleteThingInput{ + Id: thing.Id, + } + + log.Printf("[INFO] Deleting Example Thing: %s", id) + _, err := conn.DeleteThing(input) + + if err != nil { + sweeperErr := fmt.Errorf("error deleting Example Thing (%s): %w", id, err) + log.Printf("[ERROR] %s", sweeperErr) + sweeperErrs = multierror.Append(sweeperErrs, sweeperErr) + continue + } + } + + return !isLast + }) + + if testSweepSkipSweepError(err) { + log.Printf("[WARN] Skipping Example Thing sweep for %s: %s", region, err) + return sweeperErrs.ErrorOrNil() + } + + if err != nil { + sweeperErrs = multierror.Append(sweeperErrs, fmt.Errorf("error retrieving Example Things: %w", err)) + } + + return sweeperErrs.ErrorOrNil() +} +``` + +Otherwise, if no paginated SDK call is available: + +```go +func testSweepExampleThings(region string) error { + client, err := sharedClientForRegion(region) + + if err != nil { + return fmt.Errorf("error getting client: %w", err) + } + + conn := client.(*AWSClient).exampleconn + input := &example.ListThingsInput{} + var sweeperErrs *multierror.Error + + for { + output, err := conn.ListThings(input) + + if testSweepSkipSweepError(err) { + log.Printf("[WARN] Skipping Example Thing sweep for %s: %s", region, err) + return sweeperErrs.ErrorOrNil() + } + + if err != nil { + sweeperErrs = multierror.Append(sweeperErrs, fmt.Errorf("error retrieving Example Thing: %w", err)) + return sweeperErrs + } + + for _, thing := range output.Things { + id := aws.StringValue(thing.Id) + input := &example.DeleteThingInput{ + Id: thing.Id, + } + + log.Printf("[INFO] Deleting Example Thing: %s", id) + _, err := conn.DeleteThing(input) + + if err != nil { + sweeperErr := fmt.Errorf("error deleting Example Thing (%s): %w", id, err) + log.Printf("[ERROR] %s", sweeperErr) + sweeperErrs = multierror.Append(sweeperErrs, sweeperErr) + continue + } + } + + if aws.StringValue(output.NextToken) == "" { + break + } + + input.NextToken = output.NextToken + } + + return sweeperErrs.ErrorOrNil() +} +``` + ## Acceptance Test Checklist The below are required items that will be noted during submission review and prevent immediate merging: From d3d55a328beb47e97742a98e6826a9dc92a1df51 Mon Sep 17 00:00:00 2001 From: Brian Flad Date: Mon, 1 Jun 2020 11:25:48 -0400 Subject: [PATCH 423/475] docs/provider: Add Environment Variable dictionary to Maintaining Guide (#13518) * docs/provider: Add Environment Variable dictionary to Maintaining Guide Initial documentation of all environment variables (beyond standard AWS Go SDK variables) used in the provider acceptance testing. Given the varied implementations and notable extraneous ones, these may warrant future refactoring. * docs/provider: Add os.LookupEnv() environment variables used in testing and missing `EC2_SECURITY_GROUP_RULES_PER_GROUP_LIMIT` --- docs/MAINTAINING.md | 72 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 72 insertions(+) diff --git a/docs/MAINTAINING.md b/docs/MAINTAINING.md index c44e8f82f69..c65894b8dee 100644 --- a/docs/MAINTAINING.md +++ b/docs/MAINTAINING.md @@ -15,6 +15,7 @@ - [Pull Request Merge Process](#pull-request-merge-process) - [Pull Request Types to CHANGELOG](#pull-request-types-to-changelog) - [Breaking Changes](#breaking-changes) +- [Environment Variable Dictionary](#environment-variable-dictionary) - [Label Dictionary](#label-dictionary) @@ -340,6 +341,77 @@ When breaking changes to the provider are necessary we release them in a major v - Add the issue/PR to the next major version milestone. - Leave a comment why this is a breaking change or otherwise only being considered for a major version update. If possible, detail any changes that might be made for the contributor to accomplish the task without a breaking change. +## Environment Variable Dictionary + +Environment variables (beyond standard AWS Go SDK ones) used by acceptance testing. + +| Variable | Description | +|----------|-------------| +| `ACM_CERTIFICATE_ROOT_DOMAIN` | Root domain name to use with ACM Certificate testing. | +| `ACM_CERTIFICATE_MULTIPLE_ISSUED_DOMAIN` | Domain name of ACM Certificate with a multiple issued certificates. **DEPRECATED:** Should be replaced with `aws_acm_certficate` resource usage in tests. | +| `ACM_CERTIFICATE_MULTIPLE_ISSUED_MOST_RECENT_ARN` | Amazon Resource Name of most recent ACM Certificate with a multiple issued certificates. **DEPRECATED:** Should be replaced with `aws_acm_certficate` resource usage in tests. | +| `ACM_CERTIFICATE_SINGLE_ISSUED_DOMAIN` | Domain name of ACM Certificate with a single issued certificate. **DEPRECATED:** Should be replaced with `aws_acm_certficate` resource usage in tests. | +| `ACM_CERTIFICATE_SINGLE_ISSUED_MOST_RECENT_ARN` | Amazon Resource Name of most recent ACM Certificate with a single issued certificate. **DEPRECATED:** Should be replaced with `aws_acm_certficate` resource usage in tests. | +| `ADM_CLIENT_ID` | Identifier for Amazon Device Manager Client in Pinpoint testing. | +| `ADM_CLIENT_SECRET` | Secret for Amazon Device Manager Client in Pinpoint testing. | +| `APNS_BUNDLE_ID` | Identifier for Apple Push Notification Service Bundle in Pinpoint testing. | +| `APNS_CERTIFICATE` | Certificate (PEM format) for Apple Push Notification Service in Pinpoint testing. | +| `APNS_CERTIFICATE_PRIVATE_KEY` | Private key for Apple Push Notification Service in Pinpoint testing. | +| `APNS_SANDBOX_BUNDLE_ID` | Identifier for Sandbox Apple Push Notification Service Bundle in Pinpoint testing. | +| `APNS_SANDBOX_CERTIFICATE` | Certificate (PEM format) for Sandbox Apple Push Notification Service in Pinpoint testing. | +| `APNS_SANDBOX_CERTIFICATE_PRIVATE_KEY` | Private key for Sandbox Apple Push Notification Service in Pinpoint testing. | +| `APNS_SANDBOX_CREDENTIAL` | Credential contents for Sandbox Apple Push Notification Service in SNS Application Platform testing. Conflicts with `APNS_SANDBOX_CREDENTIAL_PATH`. | +| `APNS_SANDBOX_CREDENTIAL_PATH` | Path to credential for Sandbox Apple Push Notification Service in SNS Application Platform testing. Conflicts with `APNS_SANDBOX_CREDENTIAL`. | +| `APNS_SANDBOX_PRINCIPAL` | Principal contents for Sandbox Apple Push Notification Service in SNS Application Platform testing. Conflicts with `APNS_SANDBOX_PRINCIPAL_PATH`. | +| `APNS_SANDBOX_PRINCIPAL_PATH` | Path to principal for Sandbox Apple Push Notification Service in SNS Application Platform testing. Conflicts with `APNS_SANDBOX_PRINCIPAL`. | +| `APNS_SANDBOX_TEAM_ID` | Identifier for Sandbox Apple Push Notification Service Team in Pinpoint testing. | +| `APNS_SANDBOX_TOKEN_KEY` | Token key file content (.p8 format) for Sandbox Apple Push Notification Service in Pinpoint testing. | +| `APNS_SANDBOX_TOKEN_KEY_ID` | Identifier for Sandbox Apple Push Notification Service Token Key in Pinpoint testing. | +| `APNS_TEAM_ID` | Identifier for Apple Push Notification Service Team in Pinpoint testing. | +| `APNS_TOKEN_KEY` | Token key file content (.p8 format) for Apple Push Notification Service in Pinpoint testing. | +| `APNS_TOKEN_KEY_ID` | Identifier for Apple Push Notification Service Token Key in Pinpoint testing. | +| `APNS_VOIP_BUNDLE_ID` | Identifier for VOIP Apple Push Notification Service Bundle in Pinpoint testing. | +| `APNS_VOIP_CERTIFICATE` | Certificate (PEM format) for VOIP Apple Push Notification Service in Pinpoint testing. | +| `APNS_VOIP_CERTIFICATE_PRIVATE_KEY` | Private key for VOIP Apple Push Notification Service in Pinpoint testing. | +| `APNS_VOIP_TEAM_ID` | Identifier for VOIP Apple Push Notification Service Team in Pinpoint testing. | +| `APNS_VOIP_TOKEN_KEY` | Token key file content (.p8 format) for VOIP Apple Push Notification Service in Pinpoint testing. | +| `APNS_VOIP_TOKEN_KEY_ID` | Identifier for VOIP Apple Push Notification Service Token Key in Pinpoint testing. | +| `AWS_ALTERNATE_ACCESS_KEY_ID` | AWS access key ID with access to a secondary AWS account for tests requiring multiple accounts. Requires `AWS_ALTERNATE_SECRET_ACCESS_KEY`. Conflicts with `AWS_ALTERNATE_PROFILE`. | +| `AWS_ALTERNATE_SECRET_ACCESS_KEY` | AWS secret access key with access to a secondary AWS account for tests requiring multiple accounts. Requires `AWS_ALTERNATE_ACCESS_KEY_ID`. Conflicts with `AWS_ALTERNATE_PROFILE`. | +| `AWS_ALTERNATE_PROFILE` | AWS profile with access to a secondary AWS account for tests requiring multiple accounts. Conflicts with `AWS_ALTERNATE_ACCESS_KEY_ID` and `AWS_ALTERNATE_SECRET_ACCESS_KEY`. | +| `AWS_ALTERNATE_REGION` | Secondary AWS region for tests requiring multiple regions. Defaults to `us-east-1`. | +| `AWS_API_GATEWAY_DOMAIN_NAME_CERTIFICATE_ARN` | Amazon Resource Name of ACM Certificate in `us-east-1` for API Gateway Domain Name testing. | +| `AWS_API_GATEWAY_DOMAIN_NAME_CERTIFICATE_BODY` | Certificate body of publicly trusted certificate for API Gateway Domain Name testing. | +| `AWS_API_GATEWAY_DOMAIN_NAME_CERTIFICATE_CHAIN` | Certificate chain of publicly trusted certificate for API Gateway Domain Name testing. | +| `AWS_API_GATEWAY_DOMAIN_NAME_CERTIFICATE_PRIVATE_KEY` | Private key of publicly trusted certificate for API Gateway Domain Name testing. | +| `AWS_API_GATEWAY_DOMAIN_NAME_REGIONAL_CERTIFICATE_NAME_ENABLED` | Flag to enable API Gateway Domain Name regional certificate upload testing. | +| `AWS_CODEBUILD_BITBUCKET_SOURCE_LOCATION` | BitBucket source URL for CodeBuild testing. CodeBuild must have access to this repository via OAuth or Source Credentials. Defaults to `https://terraform@bitbucket.org/terraform/aws-test.git`. | +| `AWS_CODEBUILD_GITHUB_SOURCE_LOCATION` | GitHub source URL for CodeBuild testing. CodeBuild must have access to this repository via OAuth or Source Credentials. Defaults to `https://github.com/hashibot-test/aws-test.git`. | +| `AWS_COGNITO_USER_POOL_DOMAIN_CERTIFICATE_ARN` | Amazon Resource Name of ACM Certificate in `us-east-1` for Cognito User Pool Domain Name testing. | +| `AWS_COGNITO_USER_POOL_DOMAIN_ROOT_DOMAIN` | Root domain name to use with Cognito User Pool Domain testing. | +| `AWS_COIP_POOL_ID` | Identifier for EC2 Customer-Owned Pool related testing. Requires `AWS_OUTPOST_ARN`. | +| `AWS_DEFAULT_REGION` | Primary AWS region for tests. Defaults to `us-west-2`. | +| `AWS_EC2_EIP_PUBLIC_IPV4_POOL` | Identifier for EC2 Public IPv4 Pool for EC2 EIP testing. | +| `AWS_GUARDDUTY_MEMBER_ACCOUNT_ID` | Identifier of AWS Account for GuardDuty Member testing. **DEPRECATED:** Should be replaced with standard alternate account handling for tests. | +| `AWS_GUARDDUTY_MEMBER_EMAIL` | Email address for GuardDuty Member testing. **DEPRECATED:** It may be possible to use a placeholder email address instead. | +| `AWS_OUTPOST_ARN` | Amazon Resource Name of Outpost for Outposts related testing. | +| `DX_CONNECTION_ID` | Identifier for Direct Connect Connection testing. | +| `DX_VIRTUAL_INTERFACE_ID` | Identifier for Direct Connect Virtual Interface testing. | +| `EC2_SECURITY_GROUP_RULES_PER_GROUP_LIMIT` | EC2 Quota for Rules per Security Group. Defaults to 50. **DEPRECATED:** Can be augmented or replaced with Service Quotas lookup. | +| `GCM_API_KEY` | API Key for Google Cloud Messaging in Pinpoint and SNS Platform Application testing. | +| `GITHUB_TOKEN` | GitHub token for CodePipeline testing. | +| `MACIE_MEMBER_ACCOUNT_ID` | Identifier of AWS Account for Macie Member testing. **DEPRECATED:** Should be replaced with standard alternate account handling for tests. | +| `SERVICEQUOTAS_INCREASE_ON_CREATE_QUOTA_CODE` | Quota Code for Service Quotas testing (submits support case). | +| `SERVICEQUOTAS_INCREASE_ON_CREATE_SERVICE_CODE` | Service Code for Service Quotas testing (submits support case). | +| `SERVICEQUOTAS_INCREASE_ON_CREATE_VALUE` | Value of quota increase for Service Quotas testing (submits support case). | +| `SES_DOMAIN_IDENTITY_ROOT_DOMAIN` | Root domain name of publicly accessible and Route 53 configurable domain for SES Domain Identity testing. | +| `SWF_DOMAIN_TESTING_ENABLED` | Enables SWF Domain testing (API does not support deletions). | +| `TEST_AWS_ORGANIZATION_ACCOUNT_EMAIL_DOMAIN` | Email address for Organizations Account testing. | +| `TEST_AWS_SES_VERIFIED_EMAIL_ARN` | Verified SES Email Identity for use in Cognito User Pool testing. | +| `TF_ACC` | Enables Go tests containing `resource.Test()` and `resource.ParallelTest()`. | +| `TF_ACC_ASSUME_ROLE_ARN` | Amazon Resource Name of existing IAM Role to use for limited permissions acceptance testing. | +| `TF_TEST_CLOUDFRONT_RETAIN` | Flag to disable but dangle CloudFront Distributions during testing to reduce feedback time (must be manually destroyed afterwards) | + ## Label Dictionary From 9624fb9fc132cc90feb1481c6b1db55725b71d0e Mon Sep 17 00:00:00 2001 From: angie pinilla Date: Mon, 1 Jun 2020 15:25:04 -0400 Subject: [PATCH 424/475] Update CHANGELOG for #12024 --- CHANGELOG.md | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index d8ea955c4ff..ec20602596c 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,4 +1,9 @@ ## 2.65.0 (Unreleased) + +BUG FIXES: + +* resource/aws_ses_configuration_set: Prevent `Provider produced inconsistent result after apply` errors during creation or import [GH-12024] + ## 2.64.0 (May 28, 2020) ENHANCEMENTS: From f3ff49b62d8f8efaea7aa8699d73b49c35a1ffcf Mon Sep 17 00:00:00 2001 From: Graham Davison Date: Fri, 15 May 2020 17:33:50 -0700 Subject: [PATCH 425/475] Removes custom ARN check for CloudTrail --- aws/resource_aws_cloudtrail_test.go | 74 ++++++++--------------------- 1 file changed, 19 insertions(+), 55 deletions(-) diff --git a/aws/resource_aws_cloudtrail_test.go b/aws/resource_aws_cloudtrail_test.go index d3146fd001a..e7c436d201b 100644 --- a/aws/resource_aws_cloudtrail_test.go +++ b/aws/resource_aws_cloudtrail_test.go @@ -132,7 +132,7 @@ func testAccAWSCloudTrail_basic(t *testing.T) { resource.TestCheckResourceAttr(resourceName, "include_global_service_events", "true"), resource.TestCheckResourceAttr(resourceName, "is_organization_trail", "false"), testAccCheckCloudTrailLogValidationEnabled(resourceName, false, &trail), - testAccCheckCloudTrailKmsKeyIdEquals(resourceName, "", &trail), + resource.TestCheckResourceAttr(resourceName, "kms_key_id", ""), ), }, { @@ -147,7 +147,7 @@ func testAccAWSCloudTrail_basic(t *testing.T) { resource.TestCheckResourceAttr(resourceName, "s3_key_prefix", "prefix"), resource.TestCheckResourceAttr(resourceName, "include_global_service_events", "false"), testAccCheckCloudTrailLogValidationEnabled(resourceName, false, &trail), - testAccCheckCloudTrailKmsKeyIdEquals(resourceName, "", &trail), + resource.TestCheckResourceAttr(resourceName, "kms_key_id", ""), ), }, }, @@ -207,7 +207,7 @@ func testAccAWSCloudTrail_enable_logging(t *testing.T) { // Test that "enable_logging" default works. testAccCheckCloudTrailLoggingEnabled(resourceName, true), testAccCheckCloudTrailLogValidationEnabled(resourceName, false, &trail), - testAccCheckCloudTrailKmsKeyIdEquals(resourceName, "", &trail), + resource.TestCheckResourceAttr(resourceName, "kms_key_id", ""), ), }, { @@ -221,7 +221,7 @@ func testAccAWSCloudTrail_enable_logging(t *testing.T) { testAccCheckCloudTrailExists(resourceName, &trail), testAccCheckCloudTrailLoggingEnabled(resourceName, false), testAccCheckCloudTrailLogValidationEnabled(resourceName, false, &trail), - testAccCheckCloudTrailKmsKeyIdEquals(resourceName, "", &trail), + resource.TestCheckResourceAttr(resourceName, "kms_key_id", ""), ), }, { @@ -230,7 +230,7 @@ func testAccAWSCloudTrail_enable_logging(t *testing.T) { testAccCheckCloudTrailExists(resourceName, &trail), testAccCheckCloudTrailLoggingEnabled(resourceName, true), testAccCheckCloudTrailLogValidationEnabled(resourceName, false, &trail), - testAccCheckCloudTrailKmsKeyIdEquals(resourceName, "", &trail), + resource.TestCheckResourceAttr(resourceName, "kms_key_id", ""), ), }, }, @@ -253,7 +253,7 @@ func testAccAWSCloudTrail_is_multi_region(t *testing.T) { testAccCheckCloudTrailExists(resourceName, &trail), resource.TestCheckResourceAttr(resourceName, "is_multi_region_trail", "false"), testAccCheckCloudTrailLogValidationEnabled(resourceName, false, &trail), - testAccCheckCloudTrailKmsKeyIdEquals(resourceName, "", &trail), + resource.TestCheckResourceAttr(resourceName, "kms_key_id", ""), ), }, { @@ -262,7 +262,7 @@ func testAccAWSCloudTrail_is_multi_region(t *testing.T) { testAccCheckCloudTrailExists(resourceName, &trail), resource.TestCheckResourceAttr(resourceName, "is_multi_region_trail", "true"), testAccCheckCloudTrailLogValidationEnabled(resourceName, false, &trail), - testAccCheckCloudTrailKmsKeyIdEquals(resourceName, "", &trail), + resource.TestCheckResourceAttr(resourceName, "kms_key_id", ""), ), }, { @@ -276,7 +276,7 @@ func testAccAWSCloudTrail_is_multi_region(t *testing.T) { testAccCheckCloudTrailExists(resourceName, &trail), resource.TestCheckResourceAttr(resourceName, "is_multi_region_trail", "false"), testAccCheckCloudTrailLogValidationEnabled(resourceName, false, &trail), - testAccCheckCloudTrailKmsKeyIdEquals(resourceName, "", &trail), + resource.TestCheckResourceAttr(resourceName, "kms_key_id", ""), ), }, }, @@ -299,7 +299,7 @@ func testAccAWSCloudTrail_is_organization(t *testing.T) { testAccCheckCloudTrailExists(resourceName, &trail), resource.TestCheckResourceAttr(resourceName, "is_organization_trail", "true"), testAccCheckCloudTrailLogValidationEnabled(resourceName, false, &trail), - testAccCheckCloudTrailKmsKeyIdEquals(resourceName, "", &trail), + resource.TestCheckResourceAttr(resourceName, "kms_key_id", ""), ), }, { @@ -313,7 +313,7 @@ func testAccAWSCloudTrail_is_organization(t *testing.T) { testAccCheckCloudTrailExists(resourceName, &trail), resource.TestCheckResourceAttr(resourceName, "is_organization_trail", "false"), testAccCheckCloudTrailLogValidationEnabled(resourceName, false, &trail), - testAccCheckCloudTrailKmsKeyIdEquals(resourceName, "", &trail), + resource.TestCheckResourceAttr(resourceName, "kms_key_id", ""), ), }, }, @@ -337,7 +337,7 @@ func testAccAWSCloudTrail_logValidation(t *testing.T) { resource.TestCheckResourceAttr(resourceName, "s3_key_prefix", ""), resource.TestCheckResourceAttr(resourceName, "include_global_service_events", "true"), testAccCheckCloudTrailLogValidationEnabled(resourceName, true, &trail), - testAccCheckCloudTrailKmsKeyIdEquals(resourceName, "", &trail), + resource.TestCheckResourceAttr(resourceName, "kms_key_id", ""), ), }, { @@ -352,7 +352,7 @@ func testAccAWSCloudTrail_logValidation(t *testing.T) { resource.TestCheckResourceAttr(resourceName, "s3_key_prefix", ""), resource.TestCheckResourceAttr(resourceName, "include_global_service_events", "true"), testAccCheckCloudTrailLogValidationEnabled(resourceName, false, &trail), - testAccCheckCloudTrailKmsKeyIdEquals(resourceName, "", &trail), + resource.TestCheckResourceAttr(resourceName, "kms_key_id", ""), ), }, }, @@ -362,8 +362,9 @@ func testAccAWSCloudTrail_logValidation(t *testing.T) { func testAccAWSCloudTrail_kmsKey(t *testing.T) { var trail cloudtrail.Trail cloudTrailRandInt := acctest.RandInt() - keyRegex := regexp.MustCompile(`^arn:aws:([a-zA-Z0-9\-])+:([a-z]{2}-[a-z]+-\d{1})?:(\d{12})?:(.*)$`) + resourceName := "aws_cloudtrail.foobar" + kmsResourceName := "aws_kms_key.foo" resource.Test(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, @@ -377,7 +378,7 @@ func testAccAWSCloudTrail_kmsKey(t *testing.T) { resource.TestCheckResourceAttr(resourceName, "s3_key_prefix", ""), resource.TestCheckResourceAttr(resourceName, "include_global_service_events", "true"), testAccCheckCloudTrailLogValidationEnabled(resourceName, false, &trail), - resource.TestMatchResourceAttr(resourceName, "kms_key_id", keyRegex), + resource.TestCheckResourceAttrPair(resourceName, "kms_key_id", kmsResourceName, "arn"), ), }, { @@ -410,7 +411,7 @@ func testAccAWSCloudTrail_tags(t *testing.T) { resource.TestCheckResourceAttr(resourceName, "tags.Foo", "moo"), resource.TestCheckResourceAttr(resourceName, "tags.Pooh", "hi"), testAccCheckCloudTrailLogValidationEnabled(resourceName, false, &trail), - testAccCheckCloudTrailKmsKeyIdEquals(resourceName, "", &trail), + resource.TestCheckResourceAttr(resourceName, "kms_key_id", ""), ), }, { @@ -428,7 +429,7 @@ func testAccAWSCloudTrail_tags(t *testing.T) { resource.TestCheckResourceAttr(resourceName, "tags.Moo", "boom"), resource.TestCheckResourceAttr(resourceName, "tags.Pooh", "hi"), testAccCheckCloudTrailLogValidationEnabled(resourceName, false, &trail), - testAccCheckCloudTrailKmsKeyIdEquals(resourceName, "", &trail), + resource.TestCheckResourceAttr(resourceName, "kms_key_id", ""), ), }, { @@ -438,7 +439,7 @@ func testAccAWSCloudTrail_tags(t *testing.T) { resource.TestCheckResourceAttr(resourceName, "tags.%", "0"), testAccCheckCloudTrailLoadTags(&trail, &trailTagsModified), testAccCheckCloudTrailLogValidationEnabled(resourceName, false, &trail), - testAccCheckCloudTrailKmsKeyIdEquals(resourceName, "", &trail), + resource.TestCheckResourceAttr(resourceName, "kms_key_id", ""), ), }, }, @@ -481,7 +482,7 @@ func testAccAWSCloudTrail_event_selector(t *testing.T) { CheckDestroy: testAccCheckAWSCloudTrailDestroy, Steps: []resource.TestStep{ { - Config: testAccAWSCloudTrailConfig_eventSelector(cloudTrailRandInt), + Config: testAccAWSCloudTrailConfig_eventSelector(cloudTrailRandInt), // FLAG Check: resource.ComposeTestCheckFunc( resource.TestCheckResourceAttr(resourceName, "event_selector.#", "1"), resource.TestCheckResourceAttr(resourceName, "event_selector.0.data_resource.#", "1"), @@ -604,43 +605,6 @@ func testAccCheckCloudTrailLogValidationEnabled(n string, desired bool, trail *c } } -func testAccCheckCloudTrailKmsKeyIdEquals(n string, desired string, trail *cloudtrail.Trail) resource.TestCheckFunc { - return func(s *terraform.State) error { - rs, ok := s.RootModule().Resources[n] - if !ok { - return fmt.Errorf("Not found: %s", n) - } - - if desired != "" && trail.KmsKeyId == nil { - return fmt.Errorf("No KmsKeyId attribute present in trail: %s, expected %s", - trail, desired) - } - - // work around string pointer - var kmsKeyIdInString string - if trail.KmsKeyId == nil { - kmsKeyIdInString = "" - } else { - kmsKeyIdInString = *trail.KmsKeyId - } - - if kmsKeyIdInString != desired { - return fmt.Errorf("Expected KMS Key ID %q to equal %q", - *trail.KmsKeyId, desired) - } - - kmsKeyId, ok := rs.Primary.Attributes["kms_key_id"] - if desired != "" && !ok { - return fmt.Errorf("No kms_key_id attribute defined for %s", n) - } - if kmsKeyId != desired { - return fmt.Errorf("Expected KMS Key ID %q, saved %q", desired, kmsKeyId) - } - - return nil - } -} - func testAccCheckAWSCloudTrailDestroy(s *terraform.State) error { conn := testAccProvider.Meta().(*AWSClient).cloudtrailconn From 5abfbf68e2a9d9642642b5143f16b7d90ecc660d Mon Sep 17 00:00:00 2001 From: Graham Davison Date: Fri, 15 May 2020 17:36:02 -0700 Subject: [PATCH 426/475] Uses ARN testing check function for Redshift cluster --- aws/resource_aws_redshift_cluster_test.go | 17 ++++++++--------- 1 file changed, 8 insertions(+), 9 deletions(-) diff --git a/aws/resource_aws_redshift_cluster_test.go b/aws/resource_aws_redshift_cluster_test.go index 89945de5c0f..f1c76e2cb6e 100644 --- a/aws/resource_aws_redshift_cluster_test.go +++ b/aws/resource_aws_redshift_cluster_test.go @@ -128,9 +128,10 @@ func TestAccAWSRedshiftCluster_withFinalSnapshot(t *testing.T) { func TestAccAWSRedshiftCluster_kmsKey(t *testing.T) { var v redshift.Cluster + resourceName := "aws_redshift_cluster.default" + kmsResourceName := "aws_kms_key.foo" + ri := acctest.RandInt() - config := testAccAWSRedshiftClusterConfig_kmsKey(ri) - keyRegex := regexp.MustCompile(`^arn:aws:([a-zA-Z0-9\-])+:([a-z]{2}-[a-z]+-\d{1})?:(\d{12})?:(.*)$`) resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, @@ -138,14 +139,12 @@ func TestAccAWSRedshiftCluster_kmsKey(t *testing.T) { CheckDestroy: testAccCheckAWSRedshiftClusterDestroy, Steps: []resource.TestStep{ { - Config: config, + Config: testAccAWSRedshiftClusterConfig_kmsKey(ri), Check: resource.ComposeTestCheckFunc( - testAccCheckAWSRedshiftClusterExists("aws_redshift_cluster.default", &v), - resource.TestCheckResourceAttr( - "aws_redshift_cluster.default", "cluster_type", "single-node"), - resource.TestCheckResourceAttr( - "aws_redshift_cluster.default", "publicly_accessible", "true"), - resource.TestMatchResourceAttr("aws_redshift_cluster.default", "kms_key_id", keyRegex), + testAccCheckAWSRedshiftClusterExists(resourceName, &v), + resource.TestCheckResourceAttr(resourceName, "cluster_type", "single-node"), + resource.TestCheckResourceAttr(resourceName, "publicly_accessible", "true"), + resource.TestCheckResourceAttrPair(resourceName, "kms_key_id", kmsResourceName, "arn"), ), }, { From 7acf8fa25d9dc869a01aa208d3629144f2dd8786 Mon Sep 17 00:00:00 2001 From: Graham Davison Date: Fri, 15 May 2020 17:41:39 -0700 Subject: [PATCH 427/475] Uses ARN testing check function for billing service account --- aws/data_source_aws_billing_service_account_test.go | 8 ++++++-- aws/provider_test.go | 13 +++++++++++++ 2 files changed, 19 insertions(+), 2 deletions(-) diff --git a/aws/data_source_aws_billing_service_account_test.go b/aws/data_source_aws_billing_service_account_test.go index cd67dc9f8d6..6dea1876afc 100644 --- a/aws/data_source_aws_billing_service_account_test.go +++ b/aws/data_source_aws_billing_service_account_test.go @@ -7,6 +7,10 @@ import ( ) func TestAccAWSBillingServiceAccount_basic(t *testing.T) { + dataSourceName := "data.aws_billing_service_account.main" + + billingAccountID := "386209384616" + resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, Providers: testAccProviders, @@ -14,8 +18,8 @@ func TestAccAWSBillingServiceAccount_basic(t *testing.T) { { Config: testAccCheckAwsBillingServiceAccountConfig, Check: resource.ComposeTestCheckFunc( - resource.TestCheckResourceAttr("data.aws_billing_service_account.main", "id", "386209384616"), - resource.TestCheckResourceAttr("data.aws_billing_service_account.main", "arn", "arn:aws:iam::386209384616:root"), + resource.TestCheckResourceAttr(dataSourceName, "id", billingAccountID), + testAccCheckResourceAttrGlobalARNAccountID(dataSourceName, "arn", billingAccountID, "iam", "root"), ), }, }, diff --git a/aws/provider_test.go b/aws/provider_test.go index 23fd6daf776..2d587507578 100644 --- a/aws/provider_test.go +++ b/aws/provider_test.go @@ -242,6 +242,19 @@ func testAccCheckResourceAttrGlobalARNNoAccount(resourceName, attributeName, arn } } +// testAccCheckResourceAttrGlobalARNAccountID ensures the Terraform state exactly matches a formatted ARN without region and with specific account ID +func testAccCheckResourceAttrGlobalARNAccountID(resourceName, attributeName, accountID, arnService, arnResource string) resource.TestCheckFunc { + return func(s *terraform.State) error { + attributeValue := arn.ARN{ + AccountID: accountID, + Partition: testAccGetPartition(), + Resource: arnResource, + Service: arnService, + }.String() + return resource.TestCheckResourceAttr(resourceName, attributeName, attributeValue)(s) + } +} + // testAccMatchResourceAttrGlobalARN ensures the Terraform state regexp matches a formatted ARN without region func testAccMatchResourceAttrGlobalARN(resourceName, attributeName, arnService string, arnResourceRegexp *regexp.Regexp) resource.TestCheckFunc { return func(s *terraform.State) error { From 1d1080daa2436ed49d50be2092ca40b889f0e93f Mon Sep 17 00:00:00 2001 From: Graham Davison Date: Fri, 15 May 2020 17:42:32 -0700 Subject: [PATCH 428/475] Uses Account ID check function for AWS Config aggregator --- aws/resource_aws_config_configuration_aggregator_test.go | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/aws/resource_aws_config_configuration_aggregator_test.go b/aws/resource_aws_config_configuration_aggregator_test.go index 19e71c3ce55..464357f0c87 100644 --- a/aws/resource_aws_config_configuration_aggregator_test.go +++ b/aws/resource_aws_config_configuration_aggregator_test.go @@ -3,7 +3,6 @@ package aws import ( "fmt" "log" - "regexp" "testing" "github.com/aws/aws-sdk-go/aws" @@ -75,7 +74,7 @@ func TestAccAWSConfigConfigurationAggregator_account(t *testing.T) { resource.TestCheckResourceAttr(resourceName, "name", rName), resource.TestCheckResourceAttr(resourceName, "account_aggregation_source.#", "1"), resource.TestCheckResourceAttr(resourceName, "account_aggregation_source.0.account_ids.#", "1"), - resource.TestMatchResourceAttr(resourceName, "account_aggregation_source.0.account_ids.0", regexp.MustCompile(`^\d{12}$`)), + testAccCheckResourceAttrAccountID(resourceName, "account_aggregation_source.0.account_ids.0"), resource.TestCheckResourceAttr(resourceName, "account_aggregation_source.0.regions.#", "1"), resource.TestCheckResourceAttr(resourceName, "account_aggregation_source.0.regions.0", "us-west-2"), ), From 72d2c4186e66d592ce37a15d7187d879f63883a4 Mon Sep 17 00:00:00 2001 From: Graham Davison Date: Fri, 15 May 2020 17:43:16 -0700 Subject: [PATCH 429/475] Uses ARN testing check functions for AWS Config recorder --- ..._aws_config_configuration_recorder_test.go | 30 ++++++++++--------- 1 file changed, 16 insertions(+), 14 deletions(-) diff --git a/aws/resource_aws_config_configuration_recorder_test.go b/aws/resource_aws_config_configuration_recorder_test.go index 43933c26667..dff92a3cd4b 100644 --- a/aws/resource_aws_config_configuration_recorder_test.go +++ b/aws/resource_aws_config_configuration_recorder_test.go @@ -69,6 +69,8 @@ func testAccConfigConfigurationRecorder_basic(t *testing.T) { expectedName := fmt.Sprintf("tf-acc-test-%d", rInt) expectedRoleName := fmt.Sprintf("tf-acc-test-awsconfig-%d", rInt) + resourceName := "aws_config_configuration_recorder.foo" + resource.Test(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, Providers: testAccProviders, @@ -77,11 +79,10 @@ func testAccConfigConfigurationRecorder_basic(t *testing.T) { { Config: testAccConfigConfigurationRecorderConfig_basic(rInt), Check: resource.ComposeTestCheckFunc( - testAccCheckConfigConfigurationRecorderExists("aws_config_configuration_recorder.foo", &cr), - testAccCheckConfigConfigurationRecorderName("aws_config_configuration_recorder.foo", expectedName, &cr), - testAccCheckConfigConfigurationRecorderRoleArn("aws_config_configuration_recorder.foo", - regexp.MustCompile(`arn:aws:iam::[0-9]{12}:role/`+expectedRoleName), &cr), - resource.TestCheckResourceAttr("aws_config_configuration_recorder.foo", "name", expectedName), + testAccCheckConfigConfigurationRecorderExists(resourceName, &cr), + testAccCheckConfigConfigurationRecorderName(resourceName, expectedName, &cr), + testAccCheckResourceAttrGlobalARN(resourceName, "role_arn", "iam", fmt.Sprintf("role/%s", expectedRoleName)), + resource.TestCheckResourceAttr(resourceName, "name", expectedName), ), }, }, @@ -94,6 +95,8 @@ func testAccConfigConfigurationRecorder_allParams(t *testing.T) { expectedName := fmt.Sprintf("tf-acc-test-%d", rInt) expectedRoleName := fmt.Sprintf("tf-acc-test-awsconfig-%d", rInt) + resourceName := "aws_config_configuration_recorder.foo" + resource.Test(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, Providers: testAccProviders, @@ -102,15 +105,14 @@ func testAccConfigConfigurationRecorder_allParams(t *testing.T) { { Config: testAccConfigConfigurationRecorderConfig_allParams(rInt), Check: resource.ComposeTestCheckFunc( - testAccCheckConfigConfigurationRecorderExists("aws_config_configuration_recorder.foo", &cr), - testAccCheckConfigConfigurationRecorderName("aws_config_configuration_recorder.foo", expectedName, &cr), - testAccCheckConfigConfigurationRecorderRoleArn("aws_config_configuration_recorder.foo", - regexp.MustCompile(`arn:aws:iam::[0-9]{12}:role/`+expectedRoleName), &cr), - resource.TestCheckResourceAttr("aws_config_configuration_recorder.foo", "name", expectedName), - resource.TestCheckResourceAttr("aws_config_configuration_recorder.foo", "recording_group.#", "1"), - resource.TestCheckResourceAttr("aws_config_configuration_recorder.foo", "recording_group.0.all_supported", "false"), - resource.TestCheckResourceAttr("aws_config_configuration_recorder.foo", "recording_group.0.include_global_resource_types", "false"), - resource.TestCheckResourceAttr("aws_config_configuration_recorder.foo", "recording_group.0.resource_types.#", "2"), + testAccCheckConfigConfigurationRecorderExists(resourceName, &cr), + testAccCheckConfigConfigurationRecorderName(resourceName, expectedName, &cr), + testAccCheckResourceAttrGlobalARN(resourceName, "role_arn", "iam", fmt.Sprintf("role/%s", expectedRoleName)), + resource.TestCheckResourceAttr(resourceName, "name", expectedName), + resource.TestCheckResourceAttr(resourceName, "recording_group.#", "1"), + resource.TestCheckResourceAttr(resourceName, "recording_group.0.all_supported", "false"), + resource.TestCheckResourceAttr(resourceName, "recording_group.0.include_global_resource_types", "false"), + resource.TestCheckResourceAttr(resourceName, "recording_group.0.resource_types.#", "2"), ), }, }, From 848c596e8a898f204ddd6b9638e66ffa79b6068e Mon Sep 17 00:00:00 2001 From: Graham Davison Date: Thu, 21 May 2020 13:54:07 -0700 Subject: [PATCH 430/475] Uses ARN testing check functions for Cloudtrail service account data source --- ...ta_source_aws_cloudtrail_service_account_test.go | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/aws/data_source_aws_cloudtrail_service_account_test.go b/aws/data_source_aws_cloudtrail_service_account_test.go index ff0b9506f32..dd2c157199b 100644 --- a/aws/data_source_aws_cloudtrail_service_account_test.go +++ b/aws/data_source_aws_cloudtrail_service_account_test.go @@ -1,7 +1,6 @@ package aws import ( - "fmt" "testing" "github.com/hashicorp/terraform-plugin-sdk/helper/resource" @@ -10,6 +9,8 @@ import ( func TestAccAWSCloudTrailServiceAccount_basic(t *testing.T) { expectedAccountID := cloudTrailServiceAccountPerRegionMap[testAccGetRegion()] + dataSourceName := "data.aws_cloudtrail_service_account.main" + resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, Providers: testAccProviders, @@ -17,8 +18,8 @@ func TestAccAWSCloudTrailServiceAccount_basic(t *testing.T) { { Config: testAccCheckAwsCloudTrailServiceAccountConfig, Check: resource.ComposeTestCheckFunc( - resource.TestCheckResourceAttr("data.aws_cloudtrail_service_account.main", "id", expectedAccountID), - resource.TestCheckResourceAttr("data.aws_cloudtrail_service_account.main", "arn", fmt.Sprintf("arn:%s:iam::%s:root", testAccGetPartition(), expectedAccountID)), + resource.TestCheckResourceAttr(dataSourceName, "id", expectedAccountID), + testAccCheckResourceAttrGlobalARNAccountID(dataSourceName, "arn", expectedAccountID, "iam", "root"), ), }, }, @@ -28,6 +29,8 @@ func TestAccAWSCloudTrailServiceAccount_basic(t *testing.T) { func TestAccAWSCloudTrailServiceAccount_Region(t *testing.T) { expectedAccountID := cloudTrailServiceAccountPerRegionMap[testAccGetRegion()] + dataSourceName := "data.aws_cloudtrail_service_account.regional" + resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, Providers: testAccProviders, @@ -35,8 +38,8 @@ func TestAccAWSCloudTrailServiceAccount_Region(t *testing.T) { { Config: testAccCheckAwsCloudTrailServiceAccountConfigRegion, Check: resource.ComposeTestCheckFunc( - resource.TestCheckResourceAttr("data.aws_cloudtrail_service_account.regional", "id", expectedAccountID), - resource.TestCheckResourceAttr("data.aws_cloudtrail_service_account.regional", "arn", fmt.Sprintf("arn:%s:iam::%s:root", testAccGetPartition(), expectedAccountID)), + resource.TestCheckResourceAttr(dataSourceName, "id", expectedAccountID), + testAccCheckResourceAttrGlobalARNAccountID(dataSourceName, "arn", expectedAccountID, "iam", "root"), ), }, }, From bc3ecc73607d720bacdcd8e74674bea8f81fd407 Mon Sep 17 00:00:00 2001 From: Graham Davison Date: Thu, 21 May 2020 14:32:02 -0700 Subject: [PATCH 431/475] Uses ARN testing check functions for ELB service account data source --- ...ata_source_aws_elb_service_account_test.go | 29 +++++++++++++++---- 1 file changed, 24 insertions(+), 5 deletions(-) diff --git a/aws/data_source_aws_elb_service_account_test.go b/aws/data_source_aws_elb_service_account_test.go index 95d69a9d336..bba1292f988 100644 --- a/aws/data_source_aws_elb_service_account_test.go +++ b/aws/data_source_aws_elb_service_account_test.go @@ -7,6 +7,10 @@ import ( ) func TestAccAWSElbServiceAccount_basic(t *testing.T) { + expectedAccountID := elbAccountIdPerRegionMap[testAccGetRegion()] + + dataSourceName := "data.aws_elb_service_account.main" + resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, Providers: testAccProviders, @@ -14,15 +18,28 @@ func TestAccAWSElbServiceAccount_basic(t *testing.T) { { Config: testAccCheckAwsElbServiceAccountConfig, Check: resource.ComposeTestCheckFunc( - resource.TestCheckResourceAttr("data.aws_elb_service_account.main", "id", "797873946194"), - resource.TestCheckResourceAttr("data.aws_elb_service_account.main", "arn", "arn:aws:iam::797873946194:root"), + resource.TestCheckResourceAttr(dataSourceName, "id", expectedAccountID), + testAccCheckResourceAttrGlobalARNAccountID(dataSourceName, "arn", expectedAccountID, "iam", "root"), ), }, + }, + }) +} + +func TestAccAWSElbServiceAccount_Region(t *testing.T) { + expectedAccountID := elbAccountIdPerRegionMap[testAccGetRegion()] + + dataSourceName := "data.aws_elb_service_account.regional" + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + Steps: []resource.TestStep{ { Config: testAccCheckAwsElbServiceAccountExplicitRegionConfig, Check: resource.ComposeTestCheckFunc( - resource.TestCheckResourceAttr("data.aws_elb_service_account.regional", "id", "156460612806"), - resource.TestCheckResourceAttr("data.aws_elb_service_account.regional", "arn", "arn:aws:iam::156460612806:root"), + resource.TestCheckResourceAttr(dataSourceName, "id", expectedAccountID), + testAccCheckResourceAttrGlobalARNAccountID(dataSourceName, "arn", expectedAccountID, "iam", "root"), ), }, }, @@ -34,7 +51,9 @@ data "aws_elb_service_account" "main" { } ` const testAccCheckAwsElbServiceAccountExplicitRegionConfig = ` +data "aws_region" "current" {} + data "aws_elb_service_account" "regional" { - region = "eu-west-1" + region = "${data.aws_region.current.name}" } ` From f2f48dbef5623ea2d249a9275081eb1a04721d45 Mon Sep 17 00:00:00 2001 From: Graham Davison Date: Thu, 21 May 2020 14:39:55 -0700 Subject: [PATCH 432/475] Uses ARN testing check functions for Redshift service account data source --- ...ource_aws_redshift_service_account_test.go | 29 +++++++++++++++---- 1 file changed, 24 insertions(+), 5 deletions(-) diff --git a/aws/data_source_aws_redshift_service_account_test.go b/aws/data_source_aws_redshift_service_account_test.go index 66ebbf47c5d..b48700b4b9c 100644 --- a/aws/data_source_aws_redshift_service_account_test.go +++ b/aws/data_source_aws_redshift_service_account_test.go @@ -7,6 +7,10 @@ import ( ) func TestAccAWSRedshiftServiceAccount_basic(t *testing.T) { + expectedAccountID := redshiftServiceAccountPerRegionMap[testAccGetRegion()] + + dataSourceName := "data.aws_redshift_service_account.main" + resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, Providers: testAccProviders, @@ -14,15 +18,28 @@ func TestAccAWSRedshiftServiceAccount_basic(t *testing.T) { { Config: testAccCheckAwsRedshiftServiceAccountConfig, Check: resource.ComposeTestCheckFunc( - resource.TestCheckResourceAttr("data.aws_redshift_service_account.main", "id", "902366379725"), - resource.TestCheckResourceAttr("data.aws_redshift_service_account.main", "arn", "arn:aws:iam::902366379725:user/logs"), + resource.TestCheckResourceAttr(dataSourceName, "id", expectedAccountID), + testAccCheckResourceAttrGlobalARNAccountID(dataSourceName, "arn", expectedAccountID, "iam", "user/logs"), ), }, + }, + }) +} + +func TestAccAWSRedshiftServiceAccount_Region(t *testing.T) { + expectedAccountID := redshiftServiceAccountPerRegionMap[testAccGetRegion()] + + dataSourceName := "data.aws_redshift_service_account.regional" + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + Steps: []resource.TestStep{ { Config: testAccCheckAwsRedshiftServiceAccountExplicitRegionConfig, Check: resource.ComposeTestCheckFunc( - resource.TestCheckResourceAttr("data.aws_redshift_service_account.regional", "id", "307160386991"), - resource.TestCheckResourceAttr("data.aws_redshift_service_account.regional", "arn", "arn:aws:iam::307160386991:user/logs"), + resource.TestCheckResourceAttr(dataSourceName, "id", expectedAccountID), + testAccCheckResourceAttrGlobalARNAccountID(dataSourceName, "arn", expectedAccountID, "iam", "user/logs"), ), }, }, @@ -34,7 +51,9 @@ data "aws_redshift_service_account" "main" { } ` const testAccCheckAwsRedshiftServiceAccountExplicitRegionConfig = ` +data "aws_region" "current" {} + data "aws_redshift_service_account" "regional" { - region = "eu-west-2" + region = data.aws_region.current.name } ` From 2e49ca8f888294525ab54d402f2eed41d6b382b4 Mon Sep 17 00:00:00 2001 From: Graham Davison Date: Thu, 21 May 2020 14:48:42 -0700 Subject: [PATCH 433/475] Uses Pair check function for Route 53 service discovery --- aws/data_source_aws_route53_zone_test.go | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/aws/data_source_aws_route53_zone_test.go b/aws/data_source_aws_route53_zone_test.go index 4c626cb9257..2cac4bfa7e7 100644 --- a/aws/data_source_aws_route53_zone_test.go +++ b/aws/data_source_aws_route53_zone_test.go @@ -2,7 +2,6 @@ package aws import ( "fmt" - "regexp" "testing" "github.com/hashicorp/terraform-plugin-sdk/helper/acctest" @@ -114,9 +113,9 @@ func TestAccDataSourceAwsRoute53Zone_serviceDiscovery(t *testing.T) { { Config: testAccDataSourceAwsRoute53ZoneConfigServiceDiscovery(rInt), Check: resource.ComposeTestCheckFunc( - resource.TestCheckResourceAttrPair(resourceName, "name", dataSourceName, "name"), + resource.TestCheckResourceAttrPair(dataSourceName, "name", resourceName, "name"), resource.TestCheckResourceAttr(dataSourceName, "linked_service_principal", "servicediscovery.amazonaws.com"), - resource.TestMatchResourceAttr(dataSourceName, "linked_service_description", regexp.MustCompile(`^arn:[^:]+:servicediscovery:[^:]+:[^:]+:namespace/ns-\w+$`)), + resource.TestCheckResourceAttrPair(dataSourceName, "linked_service_description", resourceName, "arn"), ), }, }, From 253cd0325cc1f8d00b806836ff81239589a87c2d Mon Sep 17 00:00:00 2001 From: Graham Davison Date: Thu, 21 May 2020 21:47:36 -0700 Subject: [PATCH 434/475] Uses `resource.TestCheckResourceAttrPair` for most attributes in S3 Bucket Object data source acceptance tests. Simplifies most multi-stage tests --- aws/data_source_aws_s3_bucket_object_test.go | 518 +++++++++---------- 1 file changed, 248 insertions(+), 270 deletions(-) diff --git a/aws/data_source_aws_s3_bucket_object_test.go b/aws/data_source_aws_s3_bucket_object_test.go index 9b942d41784..c18104efb50 100644 --- a/aws/data_source_aws_s3_bucket_object_test.go +++ b/aws/data_source_aws_s3_bucket_object_test.go @@ -13,37 +13,35 @@ import ( "github.com/hashicorp/terraform-plugin-sdk/terraform" ) +const rfc1123RegexPattern = `^[a-zA-Z]{3}, [0-9]+ [a-zA-Z]+ [0-9]{4} [0-9:]+ [A-Z]+$` + func TestAccDataSourceAWSS3BucketObject_basic(t *testing.T) { rInt := acctest.RandInt() - resourceOnlyConf, conf := testAccAWSDataSourceS3ObjectConfig_basic(rInt) var rObj s3.GetObjectOutput var dsObj s3.GetObjectOutput + resourceName := "aws_s3_bucket_object.object" + dataSourceName := "data.aws_s3_bucket_object.obj" + resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, Providers: testAccProviders, PreventPostDestroyRefresh: true, Steps: []resource.TestStep{ { - Config: resourceOnlyConf, - Check: resource.ComposeTestCheckFunc( - testAccCheckAWSS3BucketObjectExists("aws_s3_bucket_object.object", &rObj), - ), - }, - { - Config: conf, + Config: testAccAWSDataSourceS3ObjectConfig_basic(rInt), Check: resource.ComposeTestCheckFunc( - testAccCheckAwsS3ObjectDataSourceExists("data.aws_s3_bucket_object.obj", &dsObj), - resource.TestCheckResourceAttr("data.aws_s3_bucket_object.obj", "content_length", "11"), - resource.TestCheckResourceAttr("data.aws_s3_bucket_object.obj", "content_type", "binary/octet-stream"), - resource.TestCheckResourceAttr("data.aws_s3_bucket_object.obj", "etag", "b10a8db164e0754105b7a99be72e3fe5"), - resource.TestMatchResourceAttr("data.aws_s3_bucket_object.obj", "last_modified", - regexp.MustCompile("^[a-zA-Z]{3}, [0-9]+ [a-zA-Z]+ [0-9]{4} [0-9:]+ [A-Z]+$")), - resource.TestCheckResourceAttr("data.aws_s3_bucket_object.obj", "object_lock_legal_hold_status", ""), - resource.TestCheckResourceAttr("data.aws_s3_bucket_object.obj", "object_lock_mode", ""), - resource.TestCheckResourceAttr("data.aws_s3_bucket_object.obj", "object_lock_retain_until_date", ""), - resource.TestCheckNoResourceAttr("data.aws_s3_bucket_object.obj", "body"), + testAccCheckAWSS3BucketObjectExists(resourceName, &rObj), + testAccCheckAwsS3ObjectDataSourceExists(dataSourceName, &dsObj), + resource.TestCheckResourceAttr(dataSourceName, "content_length", "11"), + resource.TestCheckResourceAttrPair(dataSourceName, "content_type", resourceName, "content_type"), + resource.TestCheckResourceAttrPair(dataSourceName, "etag", resourceName, "etag"), + resource.TestMatchResourceAttr(dataSourceName, "last_modified", regexp.MustCompile(rfc1123RegexPattern)), + resource.TestCheckResourceAttrPair(dataSourceName, "object_lock_legal_hold_status", resourceName, "object_lock_legal_hold_status"), + resource.TestCheckResourceAttrPair(dataSourceName, "object_lock_mode", resourceName, "object_lock_mode"), + resource.TestCheckResourceAttrPair(dataSourceName, "object_lock_retain_until_date", resourceName, "object_lock_retain_until_date"), + resource.TestCheckNoResourceAttr(dataSourceName, "body"), ), }, }, @@ -53,7 +51,8 @@ func TestAccDataSourceAWSS3BucketObject_basic(t *testing.T) { func TestAccDataSourceAWSS3BucketObject_basicViaAccessPoint(t *testing.T) { var dsObj, rObj s3.GetObjectOutput rName := acctest.RandomWithPrefix("tf-acc-test") - datasourceName := "data.aws_s3_bucket_object.test" + + dataSourceName := "data.aws_s3_bucket_object.test" resourceName := "aws_s3_bucket_object.test" accessPointResourceName := "aws_s3_access_point.test" @@ -64,10 +63,11 @@ func TestAccDataSourceAWSS3BucketObject_basicViaAccessPoint(t *testing.T) { { Config: testAccAWSDataSourceS3ObjectConfig_basicViaAccessPoint(rName), Check: resource.ComposeTestCheckFunc( - testAccCheckAwsS3ObjectDataSourceExists(datasourceName, &dsObj), testAccCheckAWSS3BucketObjectExists(resourceName, &rObj), - resource.TestCheckResourceAttrPair(datasourceName, "bucket", accessPointResourceName, "arn"), - resource.TestCheckResourceAttrPair(datasourceName, "key", resourceName, "key"), + testAccCheckAwsS3ObjectDataSourceExists(dataSourceName, &dsObj), + testAccCheckAWSS3BucketObjectExists(resourceName, &rObj), + resource.TestCheckResourceAttrPair(dataSourceName, "bucket", accessPointResourceName, "arn"), + resource.TestCheckResourceAttrPair(dataSourceName, "key", resourceName, "key"), ), }, }, @@ -76,35 +76,31 @@ func TestAccDataSourceAWSS3BucketObject_basicViaAccessPoint(t *testing.T) { func TestAccDataSourceAWSS3BucketObject_readableBody(t *testing.T) { rInt := acctest.RandInt() - resourceOnlyConf, conf := testAccAWSDataSourceS3ObjectConfig_readableBody(rInt) var rObj s3.GetObjectOutput var dsObj s3.GetObjectOutput + resourceName := "aws_s3_bucket_object.object" + dataSourceName := "data.aws_s3_bucket_object.obj" + resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, Providers: testAccProviders, PreventPostDestroyRefresh: true, Steps: []resource.TestStep{ { - Config: resourceOnlyConf, + Config: testAccAWSDataSourceS3ObjectConfig_readableBody(rInt), Check: resource.ComposeTestCheckFunc( - testAccCheckAWSS3BucketObjectExists("aws_s3_bucket_object.object", &rObj), - ), - }, - { - Config: conf, - Check: resource.ComposeTestCheckFunc( - testAccCheckAwsS3ObjectDataSourceExists("data.aws_s3_bucket_object.obj", &dsObj), - resource.TestCheckResourceAttr("data.aws_s3_bucket_object.obj", "content_length", "3"), - resource.TestCheckResourceAttr("data.aws_s3_bucket_object.obj", "content_type", "text/plain"), - resource.TestCheckResourceAttr("data.aws_s3_bucket_object.obj", "etag", "a6105c0a611b41b08f1209506350279e"), - resource.TestMatchResourceAttr("data.aws_s3_bucket_object.obj", "last_modified", - regexp.MustCompile("^[a-zA-Z]{3}, [0-9]+ [a-zA-Z]+ [0-9]{4} [0-9:]+ [A-Z]+$")), - resource.TestCheckResourceAttr("data.aws_s3_bucket_object.obj", "object_lock_legal_hold_status", ""), - resource.TestCheckResourceAttr("data.aws_s3_bucket_object.obj", "object_lock_mode", ""), - resource.TestCheckResourceAttr("data.aws_s3_bucket_object.obj", "object_lock_retain_until_date", ""), - resource.TestCheckResourceAttr("data.aws_s3_bucket_object.obj", "body", "yes"), + testAccCheckAWSS3BucketObjectExists(resourceName, &rObj), + testAccCheckAwsS3ObjectDataSourceExists(dataSourceName, &dsObj), + resource.TestCheckResourceAttr(dataSourceName, "content_length", "3"), + resource.TestCheckResourceAttrPair(dataSourceName, "content_type", resourceName, "content_type"), + resource.TestCheckResourceAttrPair(dataSourceName, "etag", resourceName, "etag"), + resource.TestMatchResourceAttr(dataSourceName, "last_modified", regexp.MustCompile(rfc1123RegexPattern)), + resource.TestCheckResourceAttrPair(dataSourceName, "object_lock_legal_hold_status", resourceName, "object_lock_legal_hold_status"), + resource.TestCheckResourceAttrPair(dataSourceName, "object_lock_mode", resourceName, "object_lock_mode"), + resource.TestCheckResourceAttrPair(dataSourceName, "object_lock_retain_until_date", resourceName, "object_lock_retain_until_date"), + resource.TestCheckResourceAttr(dataSourceName, "body", "yes"), ), }, }, @@ -113,38 +109,33 @@ func TestAccDataSourceAWSS3BucketObject_readableBody(t *testing.T) { func TestAccDataSourceAWSS3BucketObject_kmsEncrypted(t *testing.T) { rInt := acctest.RandInt() - resourceOnlyConf, conf := testAccAWSDataSourceS3ObjectConfig_kmsEncrypted(rInt) var rObj s3.GetObjectOutput var dsObj s3.GetObjectOutput + resourceName := "aws_s3_bucket_object.object" + dataSourceName := "data.aws_s3_bucket_object.obj" + resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, Providers: testAccProviders, PreventPostDestroyRefresh: true, Steps: []resource.TestStep{ { - Config: resourceOnlyConf, + Config: testAccAWSDataSourceS3ObjectConfig_kmsEncrypted(rInt), Check: resource.ComposeTestCheckFunc( - testAccCheckAWSS3BucketObjectExists("aws_s3_bucket_object.object", &rObj), - ), - }, - { - Config: conf, - Check: resource.ComposeTestCheckFunc( - testAccCheckAwsS3ObjectDataSourceExists("data.aws_s3_bucket_object.obj", &dsObj), - resource.TestCheckResourceAttr("data.aws_s3_bucket_object.obj", "content_length", "22"), - resource.TestCheckResourceAttr("data.aws_s3_bucket_object.obj", "content_type", "text/plain"), - resource.TestMatchResourceAttr("data.aws_s3_bucket_object.obj", "etag", regexp.MustCompile("^[a-f0-9]{32}$")), - resource.TestCheckResourceAttr("data.aws_s3_bucket_object.obj", "server_side_encryption", "aws:kms"), - resource.TestMatchResourceAttr("data.aws_s3_bucket_object.obj", "sse_kms_key_id", - regexp.MustCompile(`^arn:aws:kms:[a-z]{2}-[a-z]+-\d{1}:[0-9]{12}:key/[a-z0-9-]{36}$`)), - resource.TestMatchResourceAttr("data.aws_s3_bucket_object.obj", "last_modified", - regexp.MustCompile("^[a-zA-Z]{3}, [0-9]+ [a-zA-Z]+ [0-9]{4} [0-9:]+ [A-Z]+$")), - resource.TestCheckResourceAttr("data.aws_s3_bucket_object.obj", "object_lock_legal_hold_status", ""), - resource.TestCheckResourceAttr("data.aws_s3_bucket_object.obj", "object_lock_mode", ""), - resource.TestCheckResourceAttr("data.aws_s3_bucket_object.obj", "object_lock_retain_until_date", ""), - resource.TestCheckResourceAttr("data.aws_s3_bucket_object.obj", "body", "Keep Calm and Carry On"), + testAccCheckAWSS3BucketObjectExists(resourceName, &rObj), + testAccCheckAwsS3ObjectDataSourceExists(dataSourceName, &dsObj), + resource.TestCheckResourceAttr(dataSourceName, "content_length", "22"), + resource.TestCheckResourceAttrPair(dataSourceName, "content_type", resourceName, "content_type"), + resource.TestCheckResourceAttrPair(dataSourceName, "etag", resourceName, "etag"), + resource.TestCheckResourceAttrPair(dataSourceName, "server_side_encryption", resourceName, "server_side_encryption"), + resource.TestCheckResourceAttrPair(dataSourceName, "sse_kms_key_id", resourceName, "kms_key_id"), + resource.TestMatchResourceAttr(dataSourceName, "last_modified", regexp.MustCompile(rfc1123RegexPattern)), + resource.TestCheckResourceAttrPair(dataSourceName, "object_lock_legal_hold_status", resourceName, "object_lock_legal_hold_status"), + resource.TestCheckResourceAttrPair(dataSourceName, "object_lock_mode", resourceName, "object_lock_mode"), + resource.TestCheckResourceAttrPair(dataSourceName, "object_lock_retain_until_date", resourceName, "object_lock_retain_until_date"), + resource.TestCheckResourceAttr(dataSourceName, "body", "Keep Calm and Carry On"), ), }, }, @@ -153,51 +144,47 @@ func TestAccDataSourceAWSS3BucketObject_kmsEncrypted(t *testing.T) { func TestAccDataSourceAWSS3BucketObject_allParams(t *testing.T) { rInt := acctest.RandInt() - resourceOnlyConf, conf := testAccAWSDataSourceS3ObjectConfig_allParams(rInt) var rObj s3.GetObjectOutput var dsObj s3.GetObjectOutput + resourceName := "aws_s3_bucket_object.object" + dataSourceName := "data.aws_s3_bucket_object.obj" + resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, Providers: testAccProviders, PreventPostDestroyRefresh: true, Steps: []resource.TestStep{ { - Config: resourceOnlyConf, - Check: resource.ComposeTestCheckFunc( - testAccCheckAWSS3BucketObjectExists("aws_s3_bucket_object.object", &rObj), - ), - }, - { - Config: conf, + Config: testAccAWSDataSourceS3ObjectConfig_allParams(rInt), Check: resource.ComposeTestCheckFunc( - testAccCheckAwsS3ObjectDataSourceExists("data.aws_s3_bucket_object.obj", &dsObj), - resource.TestCheckResourceAttr("data.aws_s3_bucket_object.obj", "content_length", "21"), - resource.TestCheckResourceAttr("data.aws_s3_bucket_object.obj", "content_type", "application/unknown"), - resource.TestCheckResourceAttr("data.aws_s3_bucket_object.obj", "etag", "723f7a6ac0c57b445790914668f98640"), - resource.TestMatchResourceAttr("data.aws_s3_bucket_object.obj", "last_modified", - regexp.MustCompile("^[a-zA-Z]{3}, [0-9]+ [a-zA-Z]+ [0-9]{4} [0-9:]+ [A-Z]+$")), - resource.TestMatchResourceAttr("data.aws_s3_bucket_object.obj", "version_id", regexp.MustCompile("^.{32}$")), - resource.TestCheckNoResourceAttr("data.aws_s3_bucket_object.obj", "body"), - resource.TestCheckResourceAttr("data.aws_s3_bucket_object.obj", "cache_control", "no-cache"), - resource.TestCheckResourceAttr("data.aws_s3_bucket_object.obj", "content_disposition", "attachment"), - resource.TestCheckResourceAttr("data.aws_s3_bucket_object.obj", "content_encoding", "identity"), - resource.TestCheckResourceAttr("data.aws_s3_bucket_object.obj", "content_language", "en-GB"), + testAccCheckAWSS3BucketObjectExists(resourceName, &rObj), + testAccCheckAwsS3ObjectDataSourceExists(dataSourceName, &dsObj), + resource.TestCheckResourceAttr(dataSourceName, "content_length", "21"), + resource.TestCheckResourceAttrPair(dataSourceName, "content_type", resourceName, "content_type"), + resource.TestCheckResourceAttrPair(dataSourceName, "etag", resourceName, "etag"), + resource.TestMatchResourceAttr(dataSourceName, "last_modified", regexp.MustCompile(rfc1123RegexPattern)), + resource.TestCheckResourceAttrPair(dataSourceName, "version_id", resourceName, "version_id"), + resource.TestCheckNoResourceAttr(dataSourceName, "body"), + resource.TestCheckResourceAttrPair(dataSourceName, "cache_control", resourceName, "cache_control"), + resource.TestCheckResourceAttrPair(dataSourceName, "content_disposition", resourceName, "content_disposition"), + resource.TestCheckResourceAttrPair(dataSourceName, "content_encoding", resourceName, "content_encoding"), + resource.TestCheckResourceAttrPair(dataSourceName, "content_language", resourceName, "content_language"), // Encryption is off - resource.TestCheckResourceAttr("data.aws_s3_bucket_object.obj", "server_side_encryption", ""), - resource.TestCheckResourceAttr("data.aws_s3_bucket_object.obj", "sse_kms_key_id", ""), + resource.TestCheckResourceAttrPair(dataSourceName, "server_side_encryption", resourceName, "server_side_encryption"), + resource.TestCheckResourceAttr(dataSourceName, "sse_kms_key_id", ""), // Supported, but difficult to reproduce in short testing time - resource.TestCheckResourceAttr("data.aws_s3_bucket_object.obj", "storage_class", "STANDARD"), - resource.TestCheckResourceAttr("data.aws_s3_bucket_object.obj", "expiration", ""), + resource.TestCheckResourceAttrPair(dataSourceName, "storage_class", resourceName, "storage_class"), + resource.TestCheckResourceAttr(dataSourceName, "expiration", ""), // Currently unsupported in aws_s3_bucket_object resource - resource.TestCheckResourceAttr("data.aws_s3_bucket_object.obj", "expires", ""), - resource.TestCheckResourceAttr("data.aws_s3_bucket_object.obj", "website_redirect_location", ""), - resource.TestCheckResourceAttr("data.aws_s3_bucket_object.obj", "metadata.%", "0"), - resource.TestCheckResourceAttr("data.aws_s3_bucket_object.obj", "tags.%", "1"), - resource.TestCheckResourceAttr("data.aws_s3_bucket_object.obj", "object_lock_legal_hold_status", ""), - resource.TestCheckResourceAttr("data.aws_s3_bucket_object.obj", "object_lock_mode", ""), - resource.TestCheckResourceAttr("data.aws_s3_bucket_object.obj", "object_lock_retain_until_date", ""), + resource.TestCheckResourceAttr(dataSourceName, "expires", ""), + resource.TestCheckResourceAttrPair(dataSourceName, "website_redirect_location", resourceName, "website_redirect"), + resource.TestCheckResourceAttr(dataSourceName, "metadata.%", "0"), + resource.TestCheckResourceAttr(dataSourceName, "tags.%", "1"), + resource.TestCheckResourceAttrPair(dataSourceName, "object_lock_legal_hold_status", resourceName, "object_lock_legal_hold_status"), + resource.TestCheckResourceAttrPair(dataSourceName, "object_lock_mode", resourceName, "object_lock_mode"), + resource.TestCheckResourceAttrPair(dataSourceName, "object_lock_retain_until_date", resourceName, "object_lock_retain_until_date"), ), }, }, @@ -206,35 +193,31 @@ func TestAccDataSourceAWSS3BucketObject_allParams(t *testing.T) { func TestAccDataSourceAWSS3BucketObject_ObjectLockLegalHoldOff(t *testing.T) { rInt := acctest.RandInt() - resourceOnlyConf, conf := testAccAWSDataSourceS3ObjectConfig_objectLockLegalHoldOff(rInt) var rObj s3.GetObjectOutput var dsObj s3.GetObjectOutput + resourceName := "aws_s3_bucket_object.object" + dataSourceName := "data.aws_s3_bucket_object.obj" + resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, Providers: testAccProviders, PreventPostDestroyRefresh: true, Steps: []resource.TestStep{ { - Config: resourceOnlyConf, - Check: resource.ComposeTestCheckFunc( - testAccCheckAWSS3BucketObjectExists("aws_s3_bucket_object.object", &rObj), - ), - }, - { - Config: conf, + Config: testAccAWSDataSourceS3ObjectConfig_objectLockLegalHoldOff(rInt), Check: resource.ComposeTestCheckFunc( - testAccCheckAwsS3ObjectDataSourceExists("data.aws_s3_bucket_object.obj", &dsObj), - resource.TestCheckResourceAttr("data.aws_s3_bucket_object.obj", "content_length", "11"), - resource.TestCheckResourceAttr("data.aws_s3_bucket_object.obj", "content_type", "binary/octet-stream"), - resource.TestCheckResourceAttr("data.aws_s3_bucket_object.obj", "etag", "b10a8db164e0754105b7a99be72e3fe5"), - resource.TestMatchResourceAttr("data.aws_s3_bucket_object.obj", "last_modified", - regexp.MustCompile("^[a-zA-Z]{3}, [0-9]+ [a-zA-Z]+ [0-9]{4} [0-9:]+ [A-Z]+$")), - resource.TestCheckResourceAttr("data.aws_s3_bucket_object.obj", "object_lock_legal_hold_status", "OFF"), - resource.TestCheckResourceAttr("data.aws_s3_bucket_object.obj", "object_lock_mode", ""), - resource.TestCheckResourceAttr("data.aws_s3_bucket_object.obj", "object_lock_retain_until_date", ""), - resource.TestCheckNoResourceAttr("data.aws_s3_bucket_object.obj", "body"), + testAccCheckAWSS3BucketObjectExists(resourceName, &rObj), + testAccCheckAwsS3ObjectDataSourceExists(dataSourceName, &dsObj), + resource.TestCheckResourceAttr(dataSourceName, "content_length", "11"), + resource.TestCheckResourceAttrPair(dataSourceName, "content_type", resourceName, "content_type"), + resource.TestCheckResourceAttrPair(dataSourceName, "etag", resourceName, "etag"), + resource.TestMatchResourceAttr(dataSourceName, "last_modified", regexp.MustCompile(rfc1123RegexPattern)), + resource.TestCheckResourceAttrPair(dataSourceName, "object_lock_legal_hold_status", resourceName, "object_lock_legal_hold_status"), + resource.TestCheckResourceAttrPair(dataSourceName, "object_lock_mode", resourceName, "object_lock_mode"), + resource.TestCheckResourceAttrPair(dataSourceName, "object_lock_retain_until_date", resourceName, "object_lock_retain_until_date"), + resource.TestCheckNoResourceAttr(dataSourceName, "body"), ), }, }, @@ -244,35 +227,31 @@ func TestAccDataSourceAWSS3BucketObject_ObjectLockLegalHoldOff(t *testing.T) { func TestAccDataSourceAWSS3BucketObject_ObjectLockLegalHoldOn(t *testing.T) { rInt := acctest.RandInt() retainUntilDate := time.Now().UTC().AddDate(0, 0, 10).Format(time.RFC3339) - resourceOnlyConf, conf := testAccAWSDataSourceS3ObjectConfig_objectLockLegalHoldOn(rInt, retainUntilDate) var rObj s3.GetObjectOutput var dsObj s3.GetObjectOutput + resourceName := "aws_s3_bucket_object.object" + dataSourceName := "data.aws_s3_bucket_object.obj" + resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, Providers: testAccProviders, PreventPostDestroyRefresh: true, Steps: []resource.TestStep{ { - Config: resourceOnlyConf, + Config: testAccAWSDataSourceS3ObjectConfig_objectLockLegalHoldOn(rInt, retainUntilDate), Check: resource.ComposeTestCheckFunc( - testAccCheckAWSS3BucketObjectExists("aws_s3_bucket_object.object", &rObj), - ), - }, - { - Config: conf, - Check: resource.ComposeTestCheckFunc( - testAccCheckAwsS3ObjectDataSourceExists("data.aws_s3_bucket_object.obj", &dsObj), - resource.TestCheckResourceAttr("data.aws_s3_bucket_object.obj", "content_length", "11"), - resource.TestCheckResourceAttr("data.aws_s3_bucket_object.obj", "content_type", "binary/octet-stream"), - resource.TestCheckResourceAttr("data.aws_s3_bucket_object.obj", "etag", "b10a8db164e0754105b7a99be72e3fe5"), - resource.TestMatchResourceAttr("data.aws_s3_bucket_object.obj", "last_modified", - regexp.MustCompile("^[a-zA-Z]{3}, [0-9]+ [a-zA-Z]+ [0-9]{4} [0-9:]+ [A-Z]+$")), - resource.TestCheckResourceAttr("data.aws_s3_bucket_object.obj", "object_lock_legal_hold_status", "ON"), - resource.TestCheckResourceAttr("data.aws_s3_bucket_object.obj", "object_lock_mode", "GOVERNANCE"), - resource.TestCheckResourceAttr("data.aws_s3_bucket_object.obj", "object_lock_retain_until_date", retainUntilDate), - resource.TestCheckNoResourceAttr("data.aws_s3_bucket_object.obj", "body"), + testAccCheckAWSS3BucketObjectExists(resourceName, &rObj), + testAccCheckAwsS3ObjectDataSourceExists(dataSourceName, &dsObj), + resource.TestCheckResourceAttr(dataSourceName, "content_length", "11"), + resource.TestCheckResourceAttrPair(dataSourceName, "content_type", resourceName, "content_type"), + resource.TestCheckResourceAttrPair(dataSourceName, "etag", resourceName, "etag"), + resource.TestMatchResourceAttr(dataSourceName, "last_modified", regexp.MustCompile(rfc1123RegexPattern)), + resource.TestCheckResourceAttrPair(dataSourceName, "object_lock_legal_hold_status", resourceName, "object_lock_legal_hold_status"), + resource.TestCheckResourceAttrPair(dataSourceName, "object_lock_mode", resourceName, "object_lock_mode"), + resource.TestCheckResourceAttrPair(dataSourceName, "object_lock_retain_until_date", resourceName, "object_lock_retain_until_date"), + resource.TestCheckNoResourceAttr(dataSourceName, "body"), ), }, }, @@ -282,10 +261,12 @@ func TestAccDataSourceAWSS3BucketObject_ObjectLockLegalHoldOn(t *testing.T) { func TestAccDataSourceAWSS3BucketObject_LeadingSlash(t *testing.T) { var rObj s3.GetObjectOutput var dsObj1, dsObj2, dsObj3 s3.GetObjectOutput + resourceName := "aws_s3_bucket_object.object" dataSourceName1 := "data.aws_s3_bucket_object.obj1" dataSourceName2 := "data.aws_s3_bucket_object.obj2" dataSourceName3 := "data.aws_s3_bucket_object.obj3" + rInt := acctest.RandInt() resourceOnlyConf, conf := testAccAWSDataSourceS3ObjectConfig_leadingSlash(rInt) @@ -305,24 +286,23 @@ func TestAccDataSourceAWSS3BucketObject_LeadingSlash(t *testing.T) { Check: resource.ComposeTestCheckFunc( testAccCheckAwsS3ObjectDataSourceExists(dataSourceName1, &dsObj1), resource.TestCheckResourceAttr(dataSourceName1, "content_length", "3"), - resource.TestCheckResourceAttr(dataSourceName1, "content_type", "text/plain"), - resource.TestCheckResourceAttr(dataSourceName1, "etag", "a6105c0a611b41b08f1209506350279e"), - resource.TestMatchResourceAttr(dataSourceName1, "last_modified", - regexp.MustCompile("^[a-zA-Z]{3}, [0-9]+ [a-zA-Z]+ [0-9]{4} [0-9:]+ [A-Z]+$")), + resource.TestCheckResourceAttrPair(dataSourceName1, "content_type", resourceName, "content_type"), + resource.TestCheckResourceAttrPair(dataSourceName1, "etag", resourceName, "etag"), + resource.TestMatchResourceAttr(dataSourceName1, "last_modified", regexp.MustCompile(rfc1123RegexPattern)), resource.TestCheckResourceAttr(dataSourceName1, "body", "yes"), + testAccCheckAwsS3ObjectDataSourceExists(dataSourceName2, &dsObj2), resource.TestCheckResourceAttr(dataSourceName2, "content_length", "3"), - resource.TestCheckResourceAttr(dataSourceName2, "content_type", "text/plain"), - resource.TestCheckResourceAttr(dataSourceName2, "etag", "a6105c0a611b41b08f1209506350279e"), - resource.TestMatchResourceAttr(dataSourceName2, "last_modified", - regexp.MustCompile("^[a-zA-Z]{3}, [0-9]+ [a-zA-Z]+ [0-9]{4} [0-9:]+ [A-Z]+$")), + resource.TestCheckResourceAttrPair(dataSourceName2, "content_type", resourceName, "content_type"), + resource.TestCheckResourceAttrPair(dataSourceName2, "etag", resourceName, "etag"), + resource.TestMatchResourceAttr(dataSourceName2, "last_modified", regexp.MustCompile(rfc1123RegexPattern)), resource.TestCheckResourceAttr(dataSourceName2, "body", "yes"), + testAccCheckAwsS3ObjectDataSourceExists(dataSourceName3, &dsObj3), resource.TestCheckResourceAttr(dataSourceName3, "content_length", "3"), - resource.TestCheckResourceAttr(dataSourceName3, "content_type", "text/plain"), - resource.TestCheckResourceAttr(dataSourceName3, "etag", "a6105c0a611b41b08f1209506350279e"), - resource.TestMatchResourceAttr(dataSourceName3, "last_modified", - regexp.MustCompile("^[a-zA-Z]{3}, [0-9]+ [a-zA-Z]+ [0-9]{4} [0-9:]+ [A-Z]+$")), + resource.TestCheckResourceAttrPair(dataSourceName3, "content_type", resourceName, "content_type"), + resource.TestCheckResourceAttrPair(dataSourceName3, "etag", resourceName, "etag"), + resource.TestMatchResourceAttr(dataSourceName3, "last_modified", regexp.MustCompile(rfc1123RegexPattern)), resource.TestCheckResourceAttr(dataSourceName3, "body", "yes"), ), }, @@ -333,11 +313,13 @@ func TestAccDataSourceAWSS3BucketObject_LeadingSlash(t *testing.T) { func TestAccDataSourceAWSS3BucketObject_MultipleSlashes(t *testing.T) { var rObj1, rObj2 s3.GetObjectOutput var dsObj1, dsObj2, dsObj3 s3.GetObjectOutput + resourceName1 := "aws_s3_bucket_object.object1" resourceName2 := "aws_s3_bucket_object.object2" dataSourceName1 := "data.aws_s3_bucket_object.obj1" dataSourceName2 := "data.aws_s3_bucket_object.obj2" dataSourceName3 := "data.aws_s3_bucket_object.obj3" + rInt := acctest.RandInt() resourceOnlyConf, conf := testAccAWSDataSourceS3ObjectConfig_multipleSlashes(rInt) @@ -356,17 +338,20 @@ func TestAccDataSourceAWSS3BucketObject_MultipleSlashes(t *testing.T) { { Config: conf, Check: resource.ComposeTestCheckFunc( + testAccCheckAwsS3ObjectDataSourceExists(dataSourceName1, &dsObj1), resource.TestCheckResourceAttr(dataSourceName1, "content_length", "3"), - resource.TestCheckResourceAttr(dataSourceName1, "content_type", "text/plain"), + resource.TestCheckResourceAttrPair(dataSourceName1, "content_type", resourceName1, "content_type"), resource.TestCheckResourceAttr(dataSourceName1, "body", "yes"), + testAccCheckAwsS3ObjectDataSourceExists(dataSourceName2, &dsObj2), resource.TestCheckResourceAttr(dataSourceName2, "content_length", "3"), - resource.TestCheckResourceAttr(dataSourceName2, "content_type", "text/plain"), + resource.TestCheckResourceAttrPair(dataSourceName2, "content_type", resourceName1, "content_type"), resource.TestCheckResourceAttr(dataSourceName2, "body", "yes"), + testAccCheckAwsS3ObjectDataSourceExists(dataSourceName3, &dsObj3), resource.TestCheckResourceAttr(dataSourceName3, "content_length", "2"), - resource.TestCheckResourceAttr(dataSourceName3, "content_type", "text/plain"), + resource.TestCheckResourceAttrPair(dataSourceName3, "content_type", resourceName2, "content_type"), resource.TestCheckResourceAttr(dataSourceName3, "body", "no"), ), }, @@ -402,26 +387,23 @@ func testAccCheckAwsS3ObjectDataSourceExists(n string, obj *s3.GetObjectOutput) } } -func testAccAWSDataSourceS3ObjectConfig_basic(randInt int) (string, string) { - resources := fmt.Sprintf(` +func testAccAWSDataSourceS3ObjectConfig_basic(randInt int) string { + return fmt.Sprintf(` resource "aws_s3_bucket" "object_bucket" { - bucket = "tf-object-test-bucket-%d" + bucket = "tf-object-test-bucket-%[1]d" } + resource "aws_s3_bucket_object" "object" { - bucket = "${aws_s3_bucket.object_bucket.bucket}" - key = "tf-testing-obj-%d" - content = "Hello World" + bucket = aws_s3_bucket.object_bucket.bucket + key = "tf-testing-obj-%[1]d" + content = "Hello World" } -`, randInt, randInt) - both := fmt.Sprintf(`%s data "aws_s3_bucket_object" "obj" { - bucket = "tf-object-test-bucket-%d" - key = "tf-testing-obj-%d" + bucket = aws_s3_bucket.object_bucket.bucket + key = aws_s3_bucket_object.object.key } -`, resources, randInt, randInt) - - return resources, both +`, randInt) } func testAccAWSDataSourceS3ObjectConfig_basicViaAccessPoint(rName string) string { @@ -431,114 +413,105 @@ resource "aws_s3_bucket" "test" { } resource "aws_s3_access_point" "test" { - bucket = "${aws_s3_bucket.test.bucket}" + bucket = aws_s3_bucket.test.bucket name = %[1]q } resource "aws_s3_bucket_object" "test" { - bucket = "${aws_s3_bucket.test.bucket}" + bucket = aws_s3_bucket.test.bucket key = %[1]q content = "Hello World" } data "aws_s3_bucket_object" "test" { - bucket = "${aws_s3_access_point.test.arn}" - key = "${aws_s3_bucket_object.test.key}" + bucket = aws_s3_access_point.test.arn + key = aws_s3_bucket_object.test.key } `, rName) } -func testAccAWSDataSourceS3ObjectConfig_readableBody(randInt int) (string, string) { - resources := fmt.Sprintf(` +func testAccAWSDataSourceS3ObjectConfig_readableBody(randInt int) string { + return fmt.Sprintf(` resource "aws_s3_bucket" "object_bucket" { - bucket = "tf-object-test-bucket-%d" + bucket = "tf-object-test-bucket-%[1]d" } + resource "aws_s3_bucket_object" "object" { - bucket = "${aws_s3_bucket.object_bucket.bucket}" - key = "tf-testing-obj-%d-readable" - content = "yes" - content_type = "text/plain" + bucket = "${aws_s3_bucket.object_bucket.bucket}" + key = "tf-testing-obj-%[1]d-readable" + content = "yes" + content_type = "text/plain" } -`, randInt, randInt) - both := fmt.Sprintf(`%s data "aws_s3_bucket_object" "obj" { - bucket = "tf-object-test-bucket-%d" - key = "tf-testing-obj-%d-readable" + bucket = aws_s3_bucket.object_bucket.bucket + key = aws_s3_bucket_object.object.key } -`, resources, randInt, randInt) - - return resources, both +`, randInt) } -func testAccAWSDataSourceS3ObjectConfig_kmsEncrypted(randInt int) (string, string) { - resources := fmt.Sprintf(` +func testAccAWSDataSourceS3ObjectConfig_kmsEncrypted(randInt int) string { + return fmt.Sprintf(` resource "aws_s3_bucket" "object_bucket" { - bucket = "tf-object-test-bucket-%d" + bucket = "tf-object-test-bucket-%[1]d" } + resource "aws_kms_key" "example" { description = "TF Acceptance Test KMS key" deletion_window_in_days = 7 } + resource "aws_s3_bucket_object" "object" { - bucket = "${aws_s3_bucket.object_bucket.bucket}" - key = "tf-testing-obj-%d-encrypted" - content = "Keep Calm and Carry On" - content_type = "text/plain" - kms_key_id = "${aws_kms_key.example.arn}" + bucket = aws_s3_bucket.object_bucket.bucket + key = "tf-testing-obj-%[1]d-encrypted" + content = "Keep Calm and Carry On" + content_type = "text/plain" + kms_key_id = aws_kms_key.example.arn } -`, randInt, randInt) - both := fmt.Sprintf(`%s data "aws_s3_bucket_object" "obj" { - bucket = "tf-object-test-bucket-%d" - key = "tf-testing-obj-%d-encrypted" + bucket = aws_s3_bucket.object_bucket.bucket + key = aws_s3_bucket_object.object.key } -`, resources, randInt, randInt) - - return resources, both +`, randInt) } -func testAccAWSDataSourceS3ObjectConfig_allParams(randInt int) (string, string) { - resources := fmt.Sprintf(` +func testAccAWSDataSourceS3ObjectConfig_allParams(randInt int) string { + return fmt.Sprintf(` resource "aws_s3_bucket" "object_bucket" { - bucket = "tf-object-test-bucket-%d" - versioning { - enabled = true - } + bucket = "tf-object-test-bucket-%[1]d" + versioning { + enabled = true + } } resource "aws_s3_bucket_object" "object" { - bucket = "${aws_s3_bucket.object_bucket.bucket}" - key = "tf-testing-obj-%d-all-params" - content = < Date: Fri, 22 May 2020 10:46:00 -0700 Subject: [PATCH 435/475] Removes ARN checks and replaces them with AttrPair checks. Removes unneeded custom checks and other cleanups. --- ...esource_aws_api_gateway_authorizer_test.go | 222 +++++------------- 1 file changed, 53 insertions(+), 169 deletions(-) diff --git a/aws/resource_aws_api_gateway_authorizer_test.go b/aws/resource_aws_api_gateway_authorizer_test.go index d4e0b6732d9..fc15c8ca4ce 100644 --- a/aws/resource_aws_api_gateway_authorizer_test.go +++ b/aws/resource_aws_api_gateway_authorizer_test.go @@ -3,6 +3,7 @@ package aws import ( "fmt" "regexp" + "strconv" "testing" "github.com/aws/aws-sdk-go/aws" @@ -18,11 +19,10 @@ func TestAccAWSAPIGatewayAuthorizer_basic(t *testing.T) { apiGatewayName := acctest.RandomWithPrefix("tf-acctest-apigw") authorizerName := acctest.RandomWithPrefix("tf-acctest-igw-authorizer") lambdaName := acctest.RandomWithPrefix("tf-acctest-igw-auth-lambda") - resourceName := "aws_api_gateway_authorizer.acctest" - expectedAuthUri := regexp.MustCompile("arn:aws:apigateway:[a-z0-9-]+:lambda:path/2015-03-31/functions/" + - "arn:aws:lambda:[a-z0-9-]+:[0-9]{12}:function:" + lambdaName + "/invocations") - expectedCreds := regexp.MustCompile("arn:aws:iam::[0-9]{12}:role/" + apiGatewayName + "_auth_invocation_role") + resourceName := "aws_api_gateway_authorizer.acctest" + lambdaResourceName := "aws_lambda_function.authorizer" + roleResourceName := "aws_iam_role.invocation_role" resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, @@ -33,19 +33,12 @@ func TestAccAWSAPIGatewayAuthorizer_basic(t *testing.T) { Config: testAccAWSAPIGatewayAuthorizerConfig_lambda(apiGatewayName, authorizerName, lambdaName), Check: resource.ComposeTestCheckFunc( testAccCheckAWSAPIGatewayAuthorizerExists(resourceName, &conf), - testAccCheckAWSAPIGatewayAuthorizerAuthorizerUri(&conf, expectedAuthUri), - resource.TestMatchResourceAttr(resourceName, "authorizer_uri", expectedAuthUri), - testAccCheckAWSAPIGatewayAuthorizerIdentitySource(&conf, "method.request.header.Authorization"), + resource.TestCheckResourceAttrPair(resourceName, "authorizer_uri", lambdaResourceName, "invoke_arn"), resource.TestCheckResourceAttr(resourceName, "identity_source", "method.request.header.Authorization"), - testAccCheckAWSAPIGatewayAuthorizerName(&conf, authorizerName), resource.TestCheckResourceAttr(resourceName, "name", authorizerName), - testAccCheckAWSAPIGatewayAuthorizerType(&conf, "TOKEN"), resource.TestCheckResourceAttr(resourceName, "type", "TOKEN"), - testAccCheckAWSAPIGatewayAuthorizerAuthorizerCredentials(&conf, expectedCreds), - resource.TestMatchResourceAttr(resourceName, "authorizer_credentials", expectedCreds), - testAccCheckAWSAPIGatewayAuthorizerAuthorizerResultTtlInSeconds(&conf, aws.Int64(defaultAuthorizerTTL)), - resource.TestCheckResourceAttr(resourceName, "authorizer_result_ttl_in_seconds", "300"), - testAccCheckAWSAPIGatewayAuthorizerIdentityValidationExpression(&conf, nil), + resource.TestCheckResourceAttrPair(resourceName, "authorizer_credentials", roleResourceName, "arn"), + resource.TestCheckResourceAttr(resourceName, "authorizer_result_ttl_in_seconds", strconv.Itoa(defaultAuthorizerTTL)), resource.TestCheckResourceAttr(resourceName, "identity_validation_expression", ""), ), }, @@ -59,19 +52,12 @@ func TestAccAWSAPIGatewayAuthorizer_basic(t *testing.T) { Config: testAccAWSAPIGatewayAuthorizerConfig_lambdaUpdate(apiGatewayName, authorizerName, lambdaName), Check: resource.ComposeTestCheckFunc( testAccCheckAWSAPIGatewayAuthorizerExists(resourceName, &conf), - testAccCheckAWSAPIGatewayAuthorizerAuthorizerUri(&conf, expectedAuthUri), - resource.TestMatchResourceAttr(resourceName, "authorizer_uri", expectedAuthUri), - testAccCheckAWSAPIGatewayAuthorizerIdentitySource(&conf, "method.request.header.Authorization"), + resource.TestCheckResourceAttrPair(resourceName, "authorizer_uri", lambdaResourceName, "invoke_arn"), resource.TestCheckResourceAttr(resourceName, "identity_source", "method.request.header.Authorization"), - testAccCheckAWSAPIGatewayAuthorizerName(&conf, authorizerName+"_modified"), resource.TestCheckResourceAttr(resourceName, "name", authorizerName+"_modified"), - testAccCheckAWSAPIGatewayAuthorizerType(&conf, "TOKEN"), resource.TestCheckResourceAttr(resourceName, "type", "TOKEN"), - testAccCheckAWSAPIGatewayAuthorizerAuthorizerCredentials(&conf, expectedCreds), - resource.TestMatchResourceAttr(resourceName, "authorizer_credentials", expectedCreds), - testAccCheckAWSAPIGatewayAuthorizerAuthorizerResultTtlInSeconds(&conf, aws.Int64(360)), - resource.TestCheckResourceAttr(resourceName, "authorizer_result_ttl_in_seconds", "360"), - testAccCheckAWSAPIGatewayAuthorizerIdentityValidationExpression(&conf, aws.String(".*")), + resource.TestCheckResourceAttrPair(resourceName, "authorizer_credentials", roleResourceName, "arn"), + resource.TestCheckResourceAttr(resourceName, "authorizer_result_ttl_in_seconds", strconv.Itoa(360)), resource.TestCheckResourceAttr(resourceName, "identity_validation_expression", ".*"), ), }, @@ -83,6 +69,7 @@ func TestAccAWSAPIGatewayAuthorizer_cognito(t *testing.T) { apiGatewayName := acctest.RandomWithPrefix("tf-acctest-apigw") authorizerName := acctest.RandomWithPrefix("tf-acctest-igw-authorizer") cognitoName := acctest.RandomWithPrefix("tf-acctest-cognito-user-pool") + resourceName := "aws_api_gateway_authorizer.acctest" resource.ParallelTest(t, resource.TestCase{ @@ -94,6 +81,7 @@ func TestAccAWSAPIGatewayAuthorizer_cognito(t *testing.T) { Config: testAccAWSAPIGatewayAuthorizerConfig_cognito(apiGatewayName, authorizerName, cognitoName), Check: resource.ComposeTestCheckFunc( resource.TestCheckResourceAttr(resourceName, "name", authorizerName+"-cognito"), + resource.TestCheckResourceAttr(resourceName, "type", "COGNITO_USER_POOLS"), resource.TestCheckResourceAttr(resourceName, "provider_arns.#", "2"), ), }, @@ -107,6 +95,7 @@ func TestAccAWSAPIGatewayAuthorizer_cognito(t *testing.T) { Config: testAccAWSAPIGatewayAuthorizerConfig_cognitoUpdate(apiGatewayName, authorizerName, cognitoName), Check: resource.ComposeTestCheckFunc( resource.TestCheckResourceAttr(resourceName, "name", authorizerName+"-cognito-update"), + resource.TestCheckResourceAttr(resourceName, "type", "COGNITO_USER_POOLS"), resource.TestCheckResourceAttr(resourceName, "provider_arns.#", "3"), ), }, @@ -119,11 +108,10 @@ func TestAccAWSAPIGatewayAuthorizer_switchAuthType(t *testing.T) { authorizerName := acctest.RandomWithPrefix("tf-acctest-igw-authorizer") lambdaName := acctest.RandomWithPrefix("tf-acctest-igw-auth-lambda") cognitoName := acctest.RandomWithPrefix("tf-acctest-cognito-user-pool") - resourceName := "aws_api_gateway_authorizer.acctest" - expectedAuthUri := regexp.MustCompile("arn:aws:apigateway:[a-z0-9-]+:lambda:path/2015-03-31/functions/" + - "arn:aws:lambda:[a-z0-9-]+:[0-9]{12}:function:" + lambdaName + "/invocations") - expectedCreds := regexp.MustCompile("arn:aws:iam::[0-9]{12}:role/" + apiGatewayName + "_auth_invocation_role") + resourceName := "aws_api_gateway_authorizer.acctest" + lambdaResourceName := "aws_lambda_function.authorizer" + roleResourceName := "aws_iam_role.invocation_role" resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, @@ -135,8 +123,8 @@ func TestAccAWSAPIGatewayAuthorizer_switchAuthType(t *testing.T) { Check: resource.ComposeTestCheckFunc( resource.TestCheckResourceAttr(resourceName, "name", authorizerName), resource.TestCheckResourceAttr(resourceName, "type", "TOKEN"), - resource.TestMatchResourceAttr(resourceName, "authorizer_uri", expectedAuthUri), - resource.TestMatchResourceAttr(resourceName, "authorizer_credentials", expectedCreds), + resource.TestCheckResourceAttrPair(resourceName, "authorizer_uri", lambdaResourceName, "invoke_arn"), + resource.TestCheckResourceAttrPair(resourceName, "authorizer_credentials", roleResourceName, "arn"), ), }, { @@ -158,8 +146,8 @@ func TestAccAWSAPIGatewayAuthorizer_switchAuthType(t *testing.T) { Check: resource.ComposeTestCheckFunc( resource.TestCheckResourceAttr(resourceName, "name", authorizerName+"_modified"), resource.TestCheckResourceAttr(resourceName, "type", "TOKEN"), - resource.TestMatchResourceAttr(resourceName, "authorizer_uri", expectedAuthUri), - resource.TestMatchResourceAttr(resourceName, "authorizer_credentials", expectedCreds), + resource.TestCheckResourceAttrPair(resourceName, "authorizer_uri", lambdaResourceName, "invoke_arn"), + resource.TestCheckResourceAttrPair(resourceName, "authorizer_credentials", roleResourceName, "arn"), ), }, }, @@ -182,8 +170,7 @@ func TestAccAWSAPIGatewayAuthorizer_switchAuthorizerTTL(t *testing.T) { Config: testAccAWSAPIGatewayAuthorizerConfig_lambda(apiGatewayName, authorizerName, lambdaName), Check: resource.ComposeTestCheckFunc( testAccCheckAWSAPIGatewayAuthorizerExists(resourceName, &conf), - testAccCheckAWSAPIGatewayAuthorizerAuthorizerResultTtlInSeconds(&conf, aws.Int64(defaultAuthorizerTTL)), - resource.TestCheckResourceAttr(resourceName, "authorizer_result_ttl_in_seconds", "300"), + resource.TestCheckResourceAttr(resourceName, "authorizer_result_ttl_in_seconds", strconv.Itoa(defaultAuthorizerTTL)), ), }, { @@ -196,24 +183,21 @@ func TestAccAWSAPIGatewayAuthorizer_switchAuthorizerTTL(t *testing.T) { Config: testAccAWSAPIGatewayAuthorizerConfig_lambdaUpdate(apiGatewayName, authorizerName, lambdaName), Check: resource.ComposeTestCheckFunc( testAccCheckAWSAPIGatewayAuthorizerExists(resourceName, &conf), - testAccCheckAWSAPIGatewayAuthorizerAuthorizerResultTtlInSeconds(&conf, aws.Int64(360)), - resource.TestCheckResourceAttr(resourceName, "authorizer_result_ttl_in_seconds", "360"), + resource.TestCheckResourceAttr(resourceName, "authorizer_result_ttl_in_seconds", strconv.Itoa(360)), ), }, { Config: testAccAWSAPIGatewayAuthorizerConfig_lambdaNoCache(apiGatewayName, authorizerName, lambdaName), Check: resource.ComposeTestCheckFunc( testAccCheckAWSAPIGatewayAuthorizerExists(resourceName, &conf), - resource.TestCheckResourceAttr(resourceName, "authorizer_result_ttl_in_seconds", "0"), - testAccCheckAWSAPIGatewayAuthorizerAuthorizerResultTtlInSeconds(&conf, aws.Int64(0)), + resource.TestCheckResourceAttr(resourceName, "authorizer_result_ttl_in_seconds", strconv.Itoa(0)), ), }, { Config: testAccAWSAPIGatewayAuthorizerConfig_lambda(apiGatewayName, authorizerName, lambdaName), Check: resource.ComposeTestCheckFunc( testAccCheckAWSAPIGatewayAuthorizerExists(resourceName, &conf), - testAccCheckAWSAPIGatewayAuthorizerAuthorizerResultTtlInSeconds(&conf, aws.Int64(defaultAuthorizerTTL)), - resource.TestCheckResourceAttr(resourceName, "authorizer_result_ttl_in_seconds", "300"), + resource.TestCheckResourceAttr(resourceName, "authorizer_result_ttl_in_seconds", strconv.Itoa(defaultAuthorizerTTL)), ), }, }, @@ -295,106 +279,6 @@ func testAccCheckAWSAPIGatewayAuthorizerDisappears(resourceName string) resource } } -func testAccCheckAWSAPIGatewayAuthorizerAuthorizerUri(conf *apigateway.Authorizer, expectedUri *regexp.Regexp) resource.TestCheckFunc { - return func(s *terraform.State) error { - if conf.AuthorizerUri == nil { - return fmt.Errorf("Empty AuthorizerUri, expected: %q", expectedUri) - } - - if !expectedUri.MatchString(*conf.AuthorizerUri) { - return fmt.Errorf("AuthorizerUri didn't match. Expected: %q, Given: %q", expectedUri, *conf.AuthorizerUri) - } - return nil - } -} - -func testAccCheckAWSAPIGatewayAuthorizerIdentitySource(conf *apigateway.Authorizer, expectedSource string) resource.TestCheckFunc { - return func(s *terraform.State) error { - if conf.IdentitySource == nil { - return fmt.Errorf("Empty IdentitySource, expected: %q", expectedSource) - } - if *conf.IdentitySource != expectedSource { - return fmt.Errorf("IdentitySource didn't match. Expected: %q, Given: %q", expectedSource, *conf.IdentitySource) - } - return nil - } -} - -func testAccCheckAWSAPIGatewayAuthorizerName(conf *apigateway.Authorizer, expectedName string) resource.TestCheckFunc { - return func(s *terraform.State) error { - if conf.Name == nil { - return fmt.Errorf("Empty Name, expected: %q", expectedName) - } - if *conf.Name != expectedName { - return fmt.Errorf("Name didn't match. Expected: %q, Given: %q", expectedName, *conf.Name) - } - return nil - } -} - -func testAccCheckAWSAPIGatewayAuthorizerType(conf *apigateway.Authorizer, expectedType string) resource.TestCheckFunc { - return func(s *terraform.State) error { - if conf.Type == nil { - return fmt.Errorf("Empty Type, expected: %q", expectedType) - } - if *conf.Type != expectedType { - return fmt.Errorf("Type didn't match. Expected: %q, Given: %q", expectedType, *conf.Type) - } - return nil - } -} - -func testAccCheckAWSAPIGatewayAuthorizerAuthorizerCredentials(conf *apigateway.Authorizer, expectedCreds *regexp.Regexp) resource.TestCheckFunc { - return func(s *terraform.State) error { - if conf.AuthorizerCredentials == nil { - return fmt.Errorf("Empty AuthorizerCredentials, expected: %q", expectedCreds) - } - if !expectedCreds.MatchString(*conf.AuthorizerCredentials) { - return fmt.Errorf("AuthorizerCredentials didn't match. Expected: %q, Given: %q", - expectedCreds, *conf.AuthorizerCredentials) - } - return nil - } -} - -func testAccCheckAWSAPIGatewayAuthorizerAuthorizerResultTtlInSeconds(conf *apigateway.Authorizer, expectedTtl *int64) resource.TestCheckFunc { - return func(s *terraform.State) error { - if expectedTtl == conf.AuthorizerResultTtlInSeconds { - return nil - } - if expectedTtl == nil && conf.AuthorizerResultTtlInSeconds != nil { - return fmt.Errorf("Expected empty AuthorizerResultTtlInSeconds, given: %d", *conf.AuthorizerResultTtlInSeconds) - } - if conf.AuthorizerResultTtlInSeconds == nil { - return fmt.Errorf("Empty AuthorizerResultTtlInSeconds, expected: %d", expectedTtl) - } - if *conf.AuthorizerResultTtlInSeconds != *expectedTtl { - return fmt.Errorf("AuthorizerResultTtlInSeconds didn't match. Expected: %d, Given: %d", - *expectedTtl, *conf.AuthorizerResultTtlInSeconds) - } - return nil - } -} - -func testAccCheckAWSAPIGatewayAuthorizerIdentityValidationExpression(conf *apigateway.Authorizer, expectedExpression *string) resource.TestCheckFunc { - return func(s *terraform.State) error { - if expectedExpression == conf.IdentityValidationExpression { - return nil - } - if expectedExpression == nil && conf.IdentityValidationExpression != nil { - return fmt.Errorf("Expected empty IdentityValidationExpression, given: %q", *conf.IdentityValidationExpression) - } - if conf.IdentityValidationExpression == nil { - return fmt.Errorf("Empty IdentityValidationExpression, expected: %q", *expectedExpression) - } - if *conf.IdentityValidationExpression != *expectedExpression { - return fmt.Errorf("IdentityValidationExpression didn't match. Expected: %q, Given: %q", - *expectedExpression, *conf.IdentityValidationExpression) - } - return nil - } -} - func testAccCheckAWSAPIGatewayAuthorizerExists(n string, res *apigateway.Authorizer) resource.TestCheckFunc { return func(s *terraform.State) error { rs, ok := s.RootModule().Resources[n] @@ -495,7 +379,7 @@ EOF resource "aws_iam_role_policy" "invocation_policy" { name = "default" - role = "${aws_iam_role.invocation_role.id}" + role = aws_iam_role.invocation_role.id policy = < Date: Fri, 22 May 2020 13:29:41 -0700 Subject: [PATCH 436/475] Removes explicit ARN checks. Other cleanups. --- aws/resource_aws_codebuild_project_test.go | 372 +++++++++++---------- 1 file changed, 187 insertions(+), 185 deletions(-) diff --git a/aws/resource_aws_codebuild_project_test.go b/aws/resource_aws_codebuild_project_test.go index 2a3db7c98ec..3ad5b58d9ca 100644 --- a/aws/resource_aws_codebuild_project_test.go +++ b/aws/resource_aws_codebuild_project_test.go @@ -42,7 +42,9 @@ func testAccAWSCodeBuildGitHubSourceLocationFromEnv() string { func TestAccAWSCodeBuildProject_basic(t *testing.T) { var project codebuild.Project rName := acctest.RandomWithPrefix("tf-acc-test") + resourceName := "aws_codebuild_project.test" + roleResourceName := "aws_iam_role.test" resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSCodeBuild(t) }, @@ -59,19 +61,19 @@ func TestAccAWSCodeBuildProject_basic(t *testing.T) { resource.TestCheckResourceAttr(resourceName, "build_timeout", "60"), resource.TestCheckResourceAttr(resourceName, "queued_timeout", "480"), resource.TestCheckResourceAttr(resourceName, "cache.#", "1"), - resource.TestCheckResourceAttr(resourceName, "cache.0.type", "NO_CACHE"), + resource.TestCheckResourceAttr(resourceName, "cache.0.type", codebuild.CacheTypeNoCache), resource.TestCheckResourceAttr(resourceName, "description", ""), - resource.TestMatchResourceAttr(resourceName, "encryption_key", regexp.MustCompile(`^arn:[^:]+:kms:[^:]+:[^:]+:alias/aws/s3$`)), + testAccCheckResourceAttrRegionalARN(resourceName, "encryption_key", "kms", "alias/aws/s3"), resource.TestCheckResourceAttr(resourceName, "environment.#", "1"), - resource.TestCheckResourceAttr(resourceName, "environment.0.compute_type", "BUILD_GENERAL1_SMALL"), + resource.TestCheckResourceAttr(resourceName, "environment.0.compute_type", codebuild.ComputeTypeBuildGeneral1Small), resource.TestCheckResourceAttr(resourceName, "environment.0.environment_variable.#", "0"), resource.TestCheckResourceAttr(resourceName, "environment.0.image", "2"), resource.TestCheckResourceAttr(resourceName, "environment.0.privileged_mode", "false"), - resource.TestCheckResourceAttr(resourceName, "environment.0.type", "LINUX_CONTAINER"), - resource.TestCheckResourceAttr(resourceName, "environment.0.image_pull_credentials_type", "CODEBUILD"), - resource.TestCheckResourceAttr(resourceName, "logs_config.0.cloudwatch_logs.0.status", "ENABLED"), - resource.TestCheckResourceAttr(resourceName, "logs_config.0.s3_logs.0.status", "DISABLED"), - resource.TestMatchResourceAttr(resourceName, "service_role", regexp.MustCompile(`^arn:[^:]+:iam::[^:]+:role/tf-acc-test-[0-9]+$`)), + resource.TestCheckResourceAttr(resourceName, "environment.0.type", codebuild.EnvironmentTypeLinuxContainer), + resource.TestCheckResourceAttr(resourceName, "environment.0.image_pull_credentials_type", codebuild.ImagePullCredentialsTypeCodebuild), + resource.TestCheckResourceAttr(resourceName, "logs_config.0.cloudwatch_logs.0.status", codebuild.LogsConfigStatusTypeEnabled), + resource.TestCheckResourceAttr(resourceName, "logs_config.0.s3_logs.0.status", codebuild.LogsConfigStatusTypeDisabled), + resource.TestCheckResourceAttrPair(resourceName, "service_role", roleResourceName, "arn"), resource.TestCheckResourceAttr(resourceName, "source.#", "1"), resource.TestCheckResourceAttr(resourceName, "source.0.auth.#", "0"), resource.TestCheckResourceAttr(resourceName, "source.0.git_clone_depth", "0"), @@ -200,11 +202,11 @@ func TestAccAWSCodeBuildProject_Cache(t *testing.T) { ExpectError: regexp.MustCompile(`cache location is required when cache type is "S3"`), }, { - Config: testAccAWSCodeBuildProjectConfig_Cache(rName, "", "NO_CACHE"), + Config: testAccAWSCodeBuildProjectConfig_Cache(rName, "", codebuild.CacheTypeNoCache), Check: resource.ComposeTestCheckFunc( testAccCheckAWSCodeBuildProjectExists(resourceName, &project), resource.TestCheckResourceAttr(resourceName, "cache.#", "1"), - resource.TestCheckResourceAttr(resourceName, "cache.0.type", "NO_CACHE"), + resource.TestCheckResourceAttr(resourceName, "cache.0.type", codebuild.CacheTypeNoCache), ), }, { @@ -217,7 +219,7 @@ func TestAccAWSCodeBuildProject_Cache(t *testing.T) { Check: resource.ComposeTestCheckFunc( testAccCheckAWSCodeBuildProjectExists(resourceName, &project), resource.TestCheckResourceAttr(resourceName, "cache.#", "1"), - resource.TestCheckResourceAttr(resourceName, "cache.0.type", "NO_CACHE"), + resource.TestCheckResourceAttr(resourceName, "cache.0.type", codebuild.CacheTypeNoCache), ), }, { @@ -243,7 +245,7 @@ func TestAccAWSCodeBuildProject_Cache(t *testing.T) { Check: resource.ComposeTestCheckFunc( testAccCheckAWSCodeBuildProjectExists(resourceName, &project), resource.TestCheckResourceAttr(resourceName, "cache.#", "1"), - resource.TestCheckResourceAttr(resourceName, "cache.0.type", "NO_CACHE"), + resource.TestCheckResourceAttr(resourceName, "cache.0.type", codebuild.CacheTypeNoCache), ), }, { @@ -398,11 +400,11 @@ func TestAccAWSCodeBuildProject_Environment_EnvironmentVariable_Type(t *testing. CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy, Steps: []resource.TestStep{ { - Config: testAccAWSCodeBuildProjectConfig_Environment_EnvironmentVariable_Type(rName, "PLAINTEXT"), + Config: testAccAWSCodeBuildProjectConfig_Environment_EnvironmentVariable_Type(rName, codebuild.EnvironmentVariableTypePlaintext), Check: resource.ComposeTestCheckFunc( testAccCheckAWSCodeBuildProjectExists(resourceName, &project), - resource.TestCheckResourceAttr(resourceName, "environment.0.environment_variable.0.type", "PLAINTEXT"), - resource.TestCheckResourceAttr(resourceName, "environment.0.environment_variable.1.type", "PLAINTEXT"), + resource.TestCheckResourceAttr(resourceName, "environment.0.environment_variable.0.type", codebuild.EnvironmentVariableTypePlaintext), + resource.TestCheckResourceAttr(resourceName, "environment.0.environment_variable.1.type", codebuild.EnvironmentVariableTypePlaintext), ), }, { @@ -411,19 +413,19 @@ func TestAccAWSCodeBuildProject_Environment_EnvironmentVariable_Type(t *testing. ImportStateVerify: true, }, { - Config: testAccAWSCodeBuildProjectConfig_Environment_EnvironmentVariable_Type(rName, "PARAMETER_STORE"), + Config: testAccAWSCodeBuildProjectConfig_Environment_EnvironmentVariable_Type(rName, codebuild.EnvironmentVariableTypeParameterStore), Check: resource.ComposeTestCheckFunc( testAccCheckAWSCodeBuildProjectExists(resourceName, &project), - resource.TestCheckResourceAttr(resourceName, "environment.0.environment_variable.0.type", "PLAINTEXT"), - resource.TestCheckResourceAttr(resourceName, "environment.0.environment_variable.1.type", "PARAMETER_STORE"), + resource.TestCheckResourceAttr(resourceName, "environment.0.environment_variable.0.type", codebuild.EnvironmentVariableTypePlaintext), + resource.TestCheckResourceAttr(resourceName, "environment.0.environment_variable.1.type", codebuild.EnvironmentVariableTypeParameterStore), ), }, { - Config: testAccAWSCodeBuildProjectConfig_Environment_EnvironmentVariable_Type(rName, "SECRETS_MANAGER"), + Config: testAccAWSCodeBuildProjectConfig_Environment_EnvironmentVariable_Type(rName, codebuild.EnvironmentVariableTypeSecretsManager), Check: resource.ComposeTestCheckFunc( testAccCheckAWSCodeBuildProjectExists(resourceName, &project), - resource.TestCheckResourceAttr(resourceName, "environment.0.environment_variable.0.type", "PLAINTEXT"), - resource.TestCheckResourceAttr(resourceName, "environment.0.environment_variable.1.type", "SECRETS_MANAGER"), + resource.TestCheckResourceAttr(resourceName, "environment.0.environment_variable.0.type", codebuild.EnvironmentVariableTypePlaintext), + resource.TestCheckResourceAttr(resourceName, "environment.0.environment_variable.1.type", codebuild.EnvironmentVariableTypeSecretsManager), ), }, }, @@ -516,28 +518,28 @@ func TestAccAWSCodeBuildProject_LogsConfig_CloudWatchLogs(t *testing.T) { CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy, Steps: []resource.TestStep{ { - Config: testAccAWSCodeBuildProjectConfig_LogsConfig_CloudWatchLogs(rName, "ENABLED", "group-name", ""), + Config: testAccAWSCodeBuildProjectConfig_LogsConfig_CloudWatchLogs(rName, codebuild.LogsConfigStatusTypeEnabled, "group-name", ""), Check: resource.ComposeTestCheckFunc( testAccCheckAWSCodeBuildProjectExists(resourceName, &project), - resource.TestCheckResourceAttr(resourceName, "logs_config.0.cloudwatch_logs.0.status", "ENABLED"), + resource.TestCheckResourceAttr(resourceName, "logs_config.0.cloudwatch_logs.0.status", codebuild.LogsConfigStatusTypeEnabled), resource.TestCheckResourceAttr(resourceName, "logs_config.0.cloudwatch_logs.0.group_name", "group-name"), resource.TestCheckResourceAttr(resourceName, "logs_config.0.cloudwatch_logs.0.stream_name", ""), ), }, { - Config: testAccAWSCodeBuildProjectConfig_LogsConfig_CloudWatchLogs(rName, "ENABLED", "group-name", "stream-name"), + Config: testAccAWSCodeBuildProjectConfig_LogsConfig_CloudWatchLogs(rName, codebuild.LogsConfigStatusTypeEnabled, "group-name", "stream-name"), Check: resource.ComposeTestCheckFunc( testAccCheckAWSCodeBuildProjectExists(resourceName, &project), - resource.TestCheckResourceAttr(resourceName, "logs_config.0.cloudwatch_logs.0.status", "ENABLED"), + resource.TestCheckResourceAttr(resourceName, "logs_config.0.cloudwatch_logs.0.status", codebuild.LogsConfigStatusTypeEnabled), resource.TestCheckResourceAttr(resourceName, "logs_config.0.cloudwatch_logs.0.group_name", "group-name"), resource.TestCheckResourceAttr(resourceName, "logs_config.0.cloudwatch_logs.0.stream_name", "stream-name"), ), }, { - Config: testAccAWSCodeBuildProjectConfig_LogsConfig_CloudWatchLogs(rName, "DISABLED", "", ""), + Config: testAccAWSCodeBuildProjectConfig_LogsConfig_CloudWatchLogs(rName, codebuild.LogsConfigStatusTypeDisabled, "", ""), Check: resource.ComposeTestCheckFunc( testAccCheckAWSCodeBuildProjectExists(resourceName, &project), - resource.TestCheckResourceAttr(resourceName, "logs_config.0.cloudwatch_logs.0.status", "DISABLED"), + resource.TestCheckResourceAttr(resourceName, "logs_config.0.cloudwatch_logs.0.status", codebuild.LogsConfigStatusTypeDisabled), ), }, { @@ -561,28 +563,28 @@ func TestAccAWSCodeBuildProject_LogsConfig_S3Logs(t *testing.T) { CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy, Steps: []resource.TestStep{ { - Config: testAccAWSCodeBuildProjectConfig_LogsConfig_S3Logs(rName, bName, "ENABLED", bName+"/build-log", false), + Config: testAccAWSCodeBuildProjectConfig_LogsConfig_S3Logs(rName, bName, codebuild.LogsConfigStatusTypeEnabled, bName+"/build-log", false), Check: resource.ComposeTestCheckFunc( testAccCheckAWSCodeBuildProjectExists(resourceName, &project), - resource.TestCheckResourceAttr(resourceName, "logs_config.0.s3_logs.0.status", "ENABLED"), + resource.TestCheckResourceAttr(resourceName, "logs_config.0.s3_logs.0.status", codebuild.LogsConfigStatusTypeEnabled), resource.TestMatchResourceAttr(resourceName, "logs_config.0.s3_logs.0.location", regexp.MustCompile(`tf-acc-test-bucket-[0-9]+/build-log$`)), resource.TestCheckResourceAttr(resourceName, "logs_config.0.s3_logs.0.encryption_disabled", "false"), ), }, { - Config: testAccAWSCodeBuildProjectConfig_LogsConfig_S3Logs(rName, bName, "ENABLED", bName+"/build-log", true), + Config: testAccAWSCodeBuildProjectConfig_LogsConfig_S3Logs(rName, bName, codebuild.LogsConfigStatusTypeEnabled, bName+"/build-log", true), Check: resource.ComposeTestCheckFunc( testAccCheckAWSCodeBuildProjectExists(resourceName, &project), - resource.TestCheckResourceAttr(resourceName, "logs_config.0.s3_logs.0.status", "ENABLED"), + resource.TestCheckResourceAttr(resourceName, "logs_config.0.s3_logs.0.status", codebuild.LogsConfigStatusTypeEnabled), resource.TestMatchResourceAttr(resourceName, "logs_config.0.s3_logs.0.location", regexp.MustCompile(`tf-acc-test-bucket-[0-9]+/build-log$`)), resource.TestCheckResourceAttr(resourceName, "logs_config.0.s3_logs.0.encryption_disabled", "true"), ), }, { - Config: testAccAWSCodeBuildProjectConfig_LogsConfig_S3Logs(rName, bName, "DISABLED", "", false), + Config: testAccAWSCodeBuildProjectConfig_LogsConfig_S3Logs(rName, bName, codebuild.LogsConfigStatusTypeDisabled, "", false), Check: resource.ComposeTestCheckFunc( testAccCheckAWSCodeBuildProjectExists(resourceName, &project), - resource.TestCheckResourceAttr(resourceName, "logs_config.0.s3_logs.0.status", "DISABLED"), + resource.TestCheckResourceAttr(resourceName, "logs_config.0.s3_logs.0.status", codebuild.LogsConfigStatusTypeDisabled), ), }, { @@ -1275,12 +1277,12 @@ func TestAccAWSCodeBuildProject_WindowsContainer(t *testing.T) { Check: resource.ComposeTestCheckFunc( testAccCheckAWSCodeBuildProjectExists(resourceName, &project), resource.TestCheckResourceAttr(resourceName, "environment.#", "1"), - resource.TestCheckResourceAttr(resourceName, "environment.0.compute_type", "BUILD_GENERAL1_MEDIUM"), + resource.TestCheckResourceAttr(resourceName, "environment.0.compute_type", codebuild.ComputeTypeBuildGeneral1Medium), resource.TestCheckResourceAttr(resourceName, "environment.0.environment_variable.#", "0"), resource.TestCheckResourceAttr(resourceName, "environment.0.image", "2"), resource.TestCheckResourceAttr(resourceName, "environment.0.privileged_mode", "false"), - resource.TestCheckResourceAttr(resourceName, "environment.0.image_pull_credentials_type", "CODEBUILD"), - resource.TestCheckResourceAttr(resourceName, "environment.0.type", "WINDOWS_CONTAINER"), + resource.TestCheckResourceAttr(resourceName, "environment.0.image_pull_credentials_type", codebuild.ImagePullCredentialsTypeCodebuild), + resource.TestCheckResourceAttr(resourceName, "environment.0.type", codebuild.EnvironmentTypeWindowsContainer), ), }, { @@ -2236,7 +2238,7 @@ EOF } resource "aws_iam_role_policy" "test" { - role = "${aws_iam_role.test.name}" + role = aws_iam_role.test.name policy = < Date: Tue, 26 May 2020 15:18:45 -0700 Subject: [PATCH 437/475] Removes unused function --- ...ce_aws_config_configuration_recorder_test.go | 17 ----------------- 1 file changed, 17 deletions(-) diff --git a/aws/resource_aws_config_configuration_recorder_test.go b/aws/resource_aws_config_configuration_recorder_test.go index dff92a3cd4b..d724e815bad 100644 --- a/aws/resource_aws_config_configuration_recorder_test.go +++ b/aws/resource_aws_config_configuration_recorder_test.go @@ -3,7 +3,6 @@ package aws import ( "fmt" "log" - "regexp" "testing" "github.com/aws/aws-sdk-go/aws" @@ -157,22 +156,6 @@ func testAccCheckConfigConfigurationRecorderName(n string, desired string, obj * } } -func testAccCheckConfigConfigurationRecorderRoleArn(n string, desired *regexp.Regexp, obj *configservice.ConfigurationRecorder) resource.TestCheckFunc { - return func(s *terraform.State) error { - _, ok := s.RootModule().Resources[n] - if !ok { - return fmt.Errorf("Not found: %s", n) - } - - if !desired.MatchString(*obj.RoleARN) { - return fmt.Errorf("Expected configuration recorder %q role ARN to match %q, given: %q", - n, desired.String(), *obj.RoleARN) - } - - return nil - } -} - func testAccCheckConfigConfigurationRecorderExists(n string, obj *configservice.ConfigurationRecorder) resource.TestCheckFunc { return func(s *terraform.State) error { rs, ok := s.RootModule().Resources[n] From fcc7273e7bf11bbe568f5894c08a96fc772c770a Mon Sep 17 00:00:00 2001 From: Graham Davison Date: Mon, 1 Jun 2020 12:58:43 -0700 Subject: [PATCH 438/475] Removes stray comment --- aws/resource_aws_cloudtrail_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/aws/resource_aws_cloudtrail_test.go b/aws/resource_aws_cloudtrail_test.go index e7c436d201b..6dd9f58c338 100644 --- a/aws/resource_aws_cloudtrail_test.go +++ b/aws/resource_aws_cloudtrail_test.go @@ -482,7 +482,7 @@ func testAccAWSCloudTrail_event_selector(t *testing.T) { CheckDestroy: testAccCheckAWSCloudTrailDestroy, Steps: []resource.TestStep{ { - Config: testAccAWSCloudTrailConfig_eventSelector(cloudTrailRandInt), // FLAG + Config: testAccAWSCloudTrailConfig_eventSelector(cloudTrailRandInt), Check: resource.ComposeTestCheckFunc( resource.TestCheckResourceAttr(resourceName, "event_selector.#", "1"), resource.TestCheckResourceAttr(resourceName, "event_selector.0.data_resource.#", "1"), From 86f59a5878c2b5f20b97cd43af249708607f8e22 Mon Sep 17 00:00:00 2001 From: Graham Davison Date: Mon, 1 Jun 2020 15:18:48 -0700 Subject: [PATCH 439/475] Update CHANGELOG for #12654 --- CHANGELOG.md | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index ec20602596c..55c8241fdf7 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,11 @@ ## 2.65.0 (Unreleased) +ENHANCEMENTS: + +* resource/aws_directory_servicedirectory: add `availability_zones` attribute to `vpc_settings` block [GH-12654] +* resource/aws_directory_servicedirectory: add `availability_zones` attribute to `connect_settings` block [GH-12654] +* resource/aws_directory_servicedirectory: add plan time validation to `customer_dns_ips` in `connect_settings` block [GH-12654] + BUG FIXES: * resource/aws_ses_configuration_set: Prevent `Provider produced inconsistent result after apply` errors during creation or import [GH-12024] From 8b1f575df22a824e98b23c97a8d24f3e16296f52 Mon Sep 17 00:00:00 2001 From: Kit Ewbank Date: Tue, 2 Jun 2020 15:11:30 -0400 Subject: [PATCH 440/475] Documentation tweak after review. --- website/docs/r/apigatewayv2_stage.html.markdown | 1 + 1 file changed, 1 insertion(+) diff --git a/website/docs/r/apigatewayv2_stage.html.markdown b/website/docs/r/apigatewayv2_stage.html.markdown index b870f9dbabc..dd53e434666 100644 --- a/website/docs/r/apigatewayv2_stage.html.markdown +++ b/website/docs/r/apigatewayv2_stage.html.markdown @@ -75,6 +75,7 @@ In addition to all arguments above, the following attributes are exported: * `execution_arn` - The ARN prefix to be used in an [`aws_lambda_permission`](/docs/providers/aws/r/lambda_permission.html)'s `source_arn` attribute or in an [`aws_iam_policy`](/docs/providers/aws/r/iam_policy.html) to authorize access to the [`@connections` API](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-how-to-call-websocket-api-connections.html). See the [Amazon API Gateway Developer Guide](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-control-access-iam.html) for details. +Set only for WebSocket APIs. * `invoke_url` - The URL to invoke the API pointing to the stage, e.g. `wss://z4675bid1j.execute-api.eu-west-2.amazonaws.com/example-stage`, or `https://z4675bid1j.execute-api.eu-west-2.amazonaws.com/` From 767142f484f04f6028de82965881b0d0aaaf78e2 Mon Sep 17 00:00:00 2001 From: Robert Beckman Date: Tue, 2 Jun 2020 15:14:20 -0700 Subject: [PATCH 441/475] Update self_service_permissions block --- website/docs/r/workspaces_directory.html.markdown | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/website/docs/r/workspaces_directory.html.markdown b/website/docs/r/workspaces_directory.html.markdown index b84efde9de6..ab155751598 100644 --- a/website/docs/r/workspaces_directory.html.markdown +++ b/website/docs/r/workspaces_directory.html.markdown @@ -42,7 +42,7 @@ resource "aws_directory_service_directory" "main" { resource "aws_workspaces_directory" "main" { directory_id = "${aws_directory_service_directory.main.id}" - self_service_permissions = { + self_service_permissions { increase_volume_size = true rebuild_workspace = true } From 1d41c1aca6db64917db5aeffd64e9939e6157c72 Mon Sep 17 00:00:00 2001 From: Angie Pinilla Date: Tue, 2 Jun 2020 19:01:29 -0400 Subject: [PATCH 442/475] set ebs block device attributes in addition to the root --- aws/resource_aws_instance.go | 15 +++++-- aws/resource_aws_instance_test.go | 70 +++++++++++++++++++++++++++++++ 2 files changed, 81 insertions(+), 4 deletions(-) diff --git a/aws/resource_aws_instance.go b/aws/resource_aws_instance.go index c9f46112d96..323dd090dea 100644 --- a/aws/resource_aws_instance.go +++ b/aws/resource_aws_instance.go @@ -1544,12 +1544,18 @@ func readBlockDevicesFromInstance(instance *ec2.Instance, conn *ec2.EC2) (map[st if blockDeviceIsRoot(instanceBd, instance) { blockDevices["root"] = bd - } else { + } + + // Represent the ebs block device as it's own object (cloned from bd) + if aws.StringValue(instance.RootDeviceType) == "ebs" { + ebs := make(map[string]interface{}) + for k, v := range bd { + ebs[k] = v + } if vol.SnapshotId != nil { - bd["snapshot_id"] = aws.StringValue(vol.SnapshotId) + ebs["snapshot_id"] = aws.StringValue(vol.SnapshotId) } - - blockDevices["ebs"] = append(blockDevices["ebs"].([]map[string]interface{}), bd) + blockDevices["ebs"] = append(blockDevices["ebs"].([]map[string]interface{}), ebs) } } @@ -1560,6 +1566,7 @@ func blockDeviceIsRoot(bd *ec2.InstanceBlockDeviceMapping, instance *ec2.Instanc return bd.DeviceName != nil && instance.RootDeviceName != nil && *bd.DeviceName == *instance.RootDeviceName + } func fetchRootDeviceName(ami string, conn *ec2.EC2) (*string, error) { diff --git a/aws/resource_aws_instance_test.go b/aws/resource_aws_instance_test.go index 8112fb11024..44d3c3888b5 100644 --- a/aws/resource_aws_instance_test.go +++ b/aws/resource_aws_instance_test.go @@ -1798,6 +1798,42 @@ func TestAccAWSInstance_EbsRootDevice_MultipleBlockDevices_ModifyDeleteOnTermina }) } +// Test to validate fix for GH-ISSUE #1318 (dynamic ebs_block_devices forcing replacement after state refresh) +func TestAccAWSInstance_EbsRootDevice_MultipleDynamicEBSBlockDevices(t *testing.T) { + var instance ec2.Instance + + resourceName := "aws_instance.test" + dataSourceName := "data.aws_ami.test" + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckInstanceDestroy, + DisableBinaryDriver: true, + Steps: []resource.TestStep{ + { + Config: testAccAwsEc2InstanceConfigDynamicEBSBlockDevices, + Check: resource.ComposeTestCheckFunc( + testAccCheckInstanceExists(resourceName, &instance), + resource.TestCheckResourceAttrPair(resourceName, "ebs_block_device.%", dataSourceName, "block_device_mappings.%"), + resource.TestCheckResourceAttr(resourceName, "ebs_block_device.2432380901.delete_on_termination", "true"), + resource.TestCheckResourceAttrPair(resourceName, "ebs_block_device.2432380901.device_name", dataSourceName, "block_device_mappings.340275815.device_name"), + resource.TestCheckResourceAttrPair(resourceName, "ebs_block_device.2432380901.encrypted", dataSourceName, "block_device_mappings.340275815.ebs.encrypted"), + resource.TestCheckResourceAttr(resourceName, "ebs_block_device.2432380901.iops", "100"), + resource.TestCheckResourceAttrPair(resourceName, "ebs_block_device.2432380901.snapshot_id", dataSourceName, "block_device_mappings.340275815.ebs.snapshot_id"), + resource.TestCheckResourceAttrPair(resourceName, "ebs_block_device.2432380901.volume_size", dataSourceName, "block_device_mappings.340275815.ebs.volume_size"), + resource.TestCheckResourceAttrPair(resourceName, "ebs_block_device.2432380901.volume_type", dataSourceName, "block_device_mappings.340275815.ebs.volume_type"), + ), + }, + { + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + }, + }, + }) +} + func TestAccAWSInstance_primaryNetworkInterface(t *testing.T) { var instance ec2.Instance var eni ec2.NetworkInterface @@ -4737,3 +4773,37 @@ data "aws_ec2_instance_type_offering" "available" { } `, strings.Join(preferredInstanceTypes, "\", \"")) } + +const testAccAwsEc2InstanceConfigDynamicEBSBlockDevices = ` +data "aws_ami" "test" { + most_recent = true + owners = ["amazon"] + + filter { + name = "name" + values = ["amzn-ami-hvm-*-x86_64-gp2"] + } +} + +data "aws_vpc" "test" { + default = true +} + +resource "aws_instance" "test" { + ami = data.aws_ami.test.id + instance_type = "t2.micro" + + dynamic "ebs_block_device" { + # for verifying attributes of a predictable number of ebs_block_devices, set to only 1 mapping + for_each = [tolist(data.aws_ami.test.block_device_mappings)[0]] + iterator = device + content { + device_name = device.value["device_name"] + iops = "100" + snapshot_id = device.value["ebs"]["snapshot_id"] + volume_size = device.value["ebs"]["volume_size"] + volume_type = device.value["ebs"]["volume_type"] + } + } +} +` From 350aedc9228ced3b041f2482b9eada4077ce313b Mon Sep 17 00:00:00 2001 From: John Paulo Rodriguez Date: Wed, 3 Jun 2020 09:15:38 +0800 Subject: [PATCH 443/475] Update api_gateway_authorizer.html.markdown Attribute reference added --- website/docs/r/api_gateway_authorizer.html.markdown | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/website/docs/r/api_gateway_authorizer.html.markdown b/website/docs/r/api_gateway_authorizer.html.markdown index 114b254f21f..ad8d869deb1 100644 --- a/website/docs/r/api_gateway_authorizer.html.markdown +++ b/website/docs/r/api_gateway_authorizer.html.markdown @@ -120,6 +120,12 @@ The following arguments are supported: * `provider_arns` - (Optional, required for type `COGNITO_USER_POOLS`) A list of the Amazon Cognito user pool ARNs. Each element is of this format: `arn:aws:cognito-idp:{region}:{account_id}:userpool/{user_pool_id}`. +## Attribute Reference + +In addition to all arguments above, the following attributes are exported: + +* `id` - The Authorizer identifier. + ## Import AWS API Gateway Authorizer can be imported using the `REST-API-ID/AUTHORIZER-ID`, e.g. From 1467811cbc6864eabb5608f8f9929ae7273d3eb9 Mon Sep 17 00:00:00 2001 From: Graham Davison Date: Tue, 2 Jun 2020 22:18:41 -0700 Subject: [PATCH 444/475] Fixes some acceptance test errors introduced by code review. Style clean up and updated some ARN checks to TestCheckResourceAttrPair() --- aws/resource_aws_lb_listener_rule_test.go | 1125 +++++++++++---------- 1 file changed, 584 insertions(+), 541 deletions(-) diff --git a/aws/resource_aws_lb_listener_rule_test.go b/aws/resource_aws_lb_listener_rule_test.go index c45095d3915..f575a138c22 100644 --- a/aws/resource_aws_lb_listener_rule_test.go +++ b/aws/resource_aws_lb_listener_rule_test.go @@ -56,12 +56,15 @@ func TestLBListenerARNFromRuleARN(t *testing.T) { func TestAccAWSLBListenerRule_basic(t *testing.T) { var conf elbv2.Rule - lbName := fmt.Sprintf("testrule-basic-%s", acctest.RandStringFromCharSet(13, acctest.CharSetAlphaNum)) - targetGroupName := fmt.Sprintf("testtargetgroup-%s", acctest.RandStringFromCharSet(10, acctest.CharSetAlphaNum)) + lbName := fmt.Sprintf("testrule-basic-%s", acctest.RandString(13)) + targetGroupName := fmt.Sprintf("testtargetgroup-%s", acctest.RandString(10)) + + resourceName := "aws_lb_listener_rule.static" + frontEndListenerResourceName := "aws_lb_listener.front_end" + targetGroupResourceName := "aws_lb_target_group.test" resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, - IDRefreshName: "aws_lb_listener_rule.static", Providers: testAccProviders, CheckDestroy: testAccCheckAWSLBListenerRuleDestroy, DisableBinaryDriver: true, @@ -69,28 +72,28 @@ func TestAccAWSLBListenerRule_basic(t *testing.T) { { Config: testAccAWSLBListenerRuleConfig_basic(lbName, targetGroupName), Check: resource.ComposeAggregateTestCheckFunc( - testAccCheckAWSLBListenerRuleExists("aws_lb_listener_rule.static", &conf), - testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.static", "arn", "elasticloadbalancing", regexp.MustCompile("listener-rule/.+$")), - testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.static", "listener_arn", "elasticloadbalancing", regexp.MustCompile("listener/.+$")), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "priority", "100"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "action.#", "1"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "action.0.order", "1"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "action.0.type", "forward"), - testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.static", "action.0.target_group_arn", "elasticloadbalancing", regexp.MustCompile("targetgroup/.+$")), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "action.0.redirect.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "action.0.fixed_response.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "action.0.authenticate_cognito.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "action.0.authenticate_oidc.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.#", "1"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.447032695.field", "path-pattern"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.447032695.host_header.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.447032695.http_header.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.447032695.http_request_method.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.447032695.path_pattern.#", "1"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.447032695.query_string.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.447032695.source_ip.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.447032695.values.#", "1"), - resource.TestCheckResourceAttrSet("aws_lb_listener_rule.static", "condition.447032695.values.0"), + testAccCheckAWSLBListenerRuleExists(resourceName, &conf), + testAccMatchResourceAttrRegionalARN(resourceName, "arn", "elasticloadbalancing", regexp.MustCompile(fmt.Sprintf(`listener-rule/app/%s/.+$`, lbName))), + resource.TestCheckResourceAttrPair(resourceName, "listener_arn", frontEndListenerResourceName, "arn"), + resource.TestCheckResourceAttr(resourceName, "priority", "100"), + resource.TestCheckResourceAttr(resourceName, "action.#", "1"), + resource.TestCheckResourceAttr(resourceName, "action.0.order", "1"), + resource.TestCheckResourceAttr(resourceName, "action.0.type", "forward"), + resource.TestCheckResourceAttrPair(resourceName, "action.0.target_group_arn", targetGroupResourceName, "arn"), + resource.TestCheckResourceAttr(resourceName, "action.0.redirect.#", "0"), + resource.TestCheckResourceAttr(resourceName, "action.0.fixed_response.#", "0"), + resource.TestCheckResourceAttr(resourceName, "action.0.authenticate_cognito.#", "0"), + resource.TestCheckResourceAttr(resourceName, "action.0.authenticate_oidc.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.#", "1"), + resource.TestCheckResourceAttr(resourceName, "condition.447032695.field", "path-pattern"), + resource.TestCheckResourceAttr(resourceName, "condition.447032695.host_header.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.447032695.http_header.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.447032695.http_request_method.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.447032695.path_pattern.#", "1"), + resource.TestCheckResourceAttr(resourceName, "condition.447032695.query_string.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.447032695.source_ip.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.447032695.values.#", "1"), + resource.TestCheckResourceAttr(resourceName, "condition.447032695.values.0", "/static/*"), ), }, }, @@ -99,23 +102,25 @@ func TestAccAWSLBListenerRule_basic(t *testing.T) { func TestAccAWSLBListenerRule_forwardWeighted(t *testing.T) { var conf elbv2.Rule + lbName := fmt.Sprintf("testrule-weighted-%s", acctest.RandString(13)) + targetGroupName1 := fmt.Sprintf("testtargetgroup-%s", acctest.RandString(10)) + targetGroupName2 := fmt.Sprintf("testtargetgroup-%s", acctest.RandString(10)) + resourceName := "aws_lb_listener_rule.weighted" - lbName := acctest.RandomWithPrefix("testrule-weighted") - targetGroupName1 := acctest.RandomWithPrefix("testtargetgroup") - targetGroupName2 := acctest.RandomWithPrefix("testtargetgroup") + frontEndListenerResourceName := "aws_lb_listener.front_end" + targetGroup1ResourceName := "aws_lb_target_group.test1" resource.ParallelTest(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t) }, - IDRefreshName: resourceName, - Providers: testAccProviders, - CheckDestroy: testAccCheckAWSLBListenerRuleDestroy, + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSLBListenerRuleDestroy, Steps: []resource.TestStep{ { Config: testAccAWSLBListenerRuleConfig_forwardWeighted(lbName, targetGroupName1, targetGroupName2), Check: resource.ComposeAggregateTestCheckFunc( testAccCheckAWSLBListenerRuleExists(resourceName, &conf), - testAccMatchResourceAttrRegionalARN(resourceName, "arn", "elasticloadbalancing", regexp.MustCompile("listener-rule/.+$")), - testAccMatchResourceAttrRegionalARN(resourceName, "listener_arn", "elasticloadbalancing", regexp.MustCompile("listener/.+$")), + testAccMatchResourceAttrRegionalARN(resourceName, "arn", "elasticloadbalancing", regexp.MustCompile(fmt.Sprintf(`listener-rule/app/%s/.+$`, lbName))), + resource.TestCheckResourceAttrPair(resourceName, "listener_arn", frontEndListenerResourceName, "arn"), resource.TestCheckResourceAttr(resourceName, "priority", "100"), resource.TestCheckResourceAttr(resourceName, "action.#", "1"), resource.TestCheckResourceAttr(resourceName, "action.0.order", "1"), @@ -135,8 +140,8 @@ func TestAccAWSLBListenerRule_forwardWeighted(t *testing.T) { Config: testAccAWSLBListenerRuleConfig_changeForwardWeightedStickiness(lbName, targetGroupName1, targetGroupName2), Check: resource.ComposeAggregateTestCheckFunc( testAccCheckAWSLBListenerRuleExists(resourceName, &conf), - testAccMatchResourceAttrRegionalARN(resourceName, "arn", "elasticloadbalancing", regexp.MustCompile("listener-rule/.+$")), - testAccMatchResourceAttrRegionalARN(resourceName, "listener_arn", "elasticloadbalancing", regexp.MustCompile("listener/.+$")), + testAccMatchResourceAttrRegionalARN(resourceName, "arn", "elasticloadbalancing", regexp.MustCompile(fmt.Sprintf(`listener-rule/app/%s/.+$`, lbName))), + resource.TestCheckResourceAttrPair(resourceName, "listener_arn", frontEndListenerResourceName, "arn"), resource.TestCheckResourceAttr(resourceName, "priority", "100"), resource.TestCheckResourceAttr(resourceName, "action.#", "1"), resource.TestCheckResourceAttr(resourceName, "action.0.order", "1"), @@ -156,14 +161,13 @@ func TestAccAWSLBListenerRule_forwardWeighted(t *testing.T) { Config: testAccAWSLBListenerRuleConfig_changeForwardWeightedToBasic(lbName, targetGroupName1, targetGroupName2), Check: resource.ComposeAggregateTestCheckFunc( testAccCheckAWSLBListenerRuleExists(resourceName, &conf), - testAccMatchResourceAttrRegionalARN(resourceName, "arn", "elasticloadbalancing", regexp.MustCompile("listener-rule/.+$")), - testAccMatchResourceAttrRegionalARN(resourceName, "listener_arn", "elasticloadbalancing", regexp.MustCompile("listener/.+$")), + testAccMatchResourceAttrRegionalARN(resourceName, "arn", "elasticloadbalancing", regexp.MustCompile(fmt.Sprintf(`listener-rule/app/%s/.+$`, lbName))), + resource.TestCheckResourceAttrPair(resourceName, "listener_arn", frontEndListenerResourceName, "arn"), resource.TestCheckResourceAttr(resourceName, "priority", "100"), resource.TestCheckResourceAttr(resourceName, "action.#", "1"), resource.TestCheckResourceAttr(resourceName, "action.0.order", "1"), resource.TestCheckResourceAttr(resourceName, "action.0.type", "forward"), - testAccMatchResourceAttrRegionalARN(resourceName, "action.0.target_group_arn", "elasticloadbalancing", regexp.MustCompile("targetgroup/.+$")), - resource.TestCheckResourceAttrPair(resourceName, "action.0.target_group_arn", "aws_lb_target_group.test1", "arn"), + resource.TestCheckResourceAttrPair(resourceName, "action.0.target_group_arn", targetGroup1ResourceName, "arn"), resource.TestCheckResourceAttr(resourceName, "action.0.redirect.#", "0"), resource.TestCheckResourceAttr(resourceName, "action.0.fixed_response.#", "0"), resource.TestCheckResourceAttr(resourceName, "action.0.authenticate_cognito.#", "0"), @@ -177,12 +181,15 @@ func TestAccAWSLBListenerRule_forwardWeighted(t *testing.T) { func TestAccAWSLBListenerRuleBackwardsCompatibility(t *testing.T) { var conf elbv2.Rule - lbName := fmt.Sprintf("testrule-basic-%s", acctest.RandStringFromCharSet(13, acctest.CharSetAlphaNum)) - targetGroupName := fmt.Sprintf("testtargetgroup-%s", acctest.RandStringFromCharSet(10, acctest.CharSetAlphaNum)) + lbName := fmt.Sprintf("testrule-basic-%s", acctest.RandString(13)) + targetGroupName := fmt.Sprintf("testtargetgroup-%s", acctest.RandString(10)) + + resourceName := "aws_alb_listener_rule.static" + frontEndListenerResourceName := "aws_alb_listener.front_end" + targetGroupResourceName := "aws_alb_target_group.test" resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, - IDRefreshName: "aws_alb_listener_rule.static", Providers: testAccProviders, CheckDestroy: testAccCheckAWSLBListenerRuleDestroy, DisableBinaryDriver: true, @@ -190,29 +197,28 @@ func TestAccAWSLBListenerRuleBackwardsCompatibility(t *testing.T) { { Config: testAccAWSLBListenerRuleConfigBackwardsCompatibility(lbName, targetGroupName), Check: resource.ComposeAggregateTestCheckFunc( - testAccCheckAWSLBListenerRuleExists("aws_alb_listener_rule.static", &conf), - testAccMatchResourceAttrRegionalARN("aws_alb_listener_rule.static", "arn", "elasticloadbalancing", regexp.MustCompile("listener-rule/.+$")), - testAccMatchResourceAttrRegionalARN("aws_alb_listener_rule.static", "listener_arn", "elasticloadbalancing", regexp.MustCompile("listener/.+$")), - resource.TestCheckResourceAttr("aws_alb_listener_rule.static", "priority", "100"), - resource.TestCheckResourceAttr("aws_alb_listener_rule.static", "action.#", "1"), - resource.TestCheckResourceAttr("aws_alb_listener_rule.static", "action.0.order", "1"), - resource.TestCheckResourceAttr("aws_alb_listener_rule.static", "action.0.type", "forward"), - testAccMatchResourceAttrRegionalARN("aws_alb_listener_rule.static", "action.0.target_group_arn", "elasticloadbalancing", regexp.MustCompile("targetgroup/.+$")), - resource.TestCheckResourceAttrPair("aws_lb_listener_rule.static", "action.0.target_group_arn", "aws_alb_target_group.test", "arn"), - resource.TestCheckResourceAttr("aws_alb_listener_rule.static", "action.0.redirect.#", "0"), - resource.TestCheckResourceAttr("aws_alb_listener_rule.static", "action.0.fixed_response.#", "0"), - resource.TestCheckResourceAttr("aws_alb_listener_rule.static", "action.0.authenticate_cognito.#", "0"), - resource.TestCheckResourceAttr("aws_alb_listener_rule.static", "action.0.authenticate_oidc.#", "0"), - resource.TestCheckResourceAttr("aws_alb_listener_rule.static", "condition.#", "1"), - resource.TestCheckResourceAttr("aws_alb_listener_rule.static", "condition.447032695.field", "path-pattern"), - resource.TestCheckResourceAttr("aws_alb_listener_rule.static", "condition.447032695.host_header.#", "0"), - resource.TestCheckResourceAttr("aws_alb_listener_rule.static", "condition.447032695.http_header.#", "0"), - resource.TestCheckResourceAttr("aws_alb_listener_rule.static", "condition.447032695.http_request_method.#", "0"), - resource.TestCheckResourceAttr("aws_alb_listener_rule.static", "condition.447032695.path_pattern.#", "1"), - resource.TestCheckResourceAttr("aws_alb_listener_rule.static", "condition.447032695.query_string.#", "0"), - resource.TestCheckResourceAttr("aws_alb_listener_rule.static", "condition.447032695.source_ip.#", "0"), - resource.TestCheckResourceAttr("aws_alb_listener_rule.static", "condition.447032695.values.#", "1"), - resource.TestCheckResourceAttrSet("aws_alb_listener_rule.static", "condition.447032695.values.0"), + testAccCheckAWSLBListenerRuleExists(resourceName, &conf), + testAccMatchResourceAttrRegionalARN(resourceName, "arn", "elasticloadbalancing", regexp.MustCompile(fmt.Sprintf(`listener-rule/app/%s/.+$`, lbName))), + resource.TestCheckResourceAttrPair(resourceName, "listener_arn", frontEndListenerResourceName, "arn"), + resource.TestCheckResourceAttr(resourceName, "priority", "100"), + resource.TestCheckResourceAttr(resourceName, "action.#", "1"), + resource.TestCheckResourceAttr(resourceName, "action.0.order", "1"), + resource.TestCheckResourceAttr(resourceName, "action.0.type", "forward"), + resource.TestCheckResourceAttrPair(resourceName, "action.0.target_group_arn", targetGroupResourceName, "arn"), + resource.TestCheckResourceAttr(resourceName, "action.0.redirect.#", "0"), + resource.TestCheckResourceAttr(resourceName, "action.0.fixed_response.#", "0"), + resource.TestCheckResourceAttr(resourceName, "action.0.authenticate_cognito.#", "0"), + resource.TestCheckResourceAttr(resourceName, "action.0.authenticate_oidc.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.#", "1"), + resource.TestCheckResourceAttr(resourceName, "condition.447032695.field", "path-pattern"), + resource.TestCheckResourceAttr(resourceName, "condition.447032695.host_header.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.447032695.http_header.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.447032695.http_request_method.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.447032695.path_pattern.#", "1"), + resource.TestCheckResourceAttr(resourceName, "condition.447032695.query_string.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.447032695.source_ip.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.447032695.values.#", "1"), + resource.TestCheckResourceAttr(resourceName, "condition.447032695.values.0", "/static/*"), ), }, }, @@ -221,36 +227,38 @@ func TestAccAWSLBListenerRuleBackwardsCompatibility(t *testing.T) { func TestAccAWSLBListenerRule_redirect(t *testing.T) { var conf elbv2.Rule - lbName := fmt.Sprintf("testrule-redirect-%s", acctest.RandStringFromCharSet(14, acctest.CharSetAlphaNum)) + lbName := fmt.Sprintf("testrule-redirect-%s", acctest.RandString(14)) + + resourceName := "aws_lb_listener_rule.static" + frontEndListenerResourceName := "aws_lb_listener.front_end" resource.ParallelTest(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t) }, - IDRefreshName: "aws_lb_listener_rule.static", - Providers: testAccProviders, - CheckDestroy: testAccCheckAWSLBListenerRuleDestroy, + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSLBListenerRuleDestroy, Steps: []resource.TestStep{ { Config: testAccAWSLBListenerRuleConfig_redirect(lbName), Check: resource.ComposeAggregateTestCheckFunc( - testAccCheckAWSLBListenerRuleExists("aws_lb_listener_rule.static", &conf), - testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.static", "arn", "elasticloadbalancing", regexp.MustCompile("listener-rule/.+$")), - testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.static", "listener_arn", "elasticloadbalancing", regexp.MustCompile("listener/.+$")), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "priority", "100"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "action.#", "1"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "action.0.order", "1"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "action.0.type", "redirect"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "action.0.target_group_arn", ""), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "action.0.redirect.#", "1"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "action.0.redirect.0.host", "#{host}"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "action.0.redirect.0.path", "/#{path}"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "action.0.redirect.0.port", "443"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "action.0.redirect.0.protocol", "HTTPS"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "action.0.redirect.0.query", "#{query}"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "action.0.redirect.0.status_code", "HTTP_301"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "action.0.fixed_response.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "action.0.authenticate_cognito.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "action.0.authenticate_oidc.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.#", "1"), + testAccCheckAWSLBListenerRuleExists(resourceName, &conf), + testAccMatchResourceAttrRegionalARN(resourceName, "arn", "elasticloadbalancing", regexp.MustCompile(fmt.Sprintf(`listener-rule/app/%s/.+$`, lbName))), + resource.TestCheckResourceAttrPair(resourceName, "listener_arn", frontEndListenerResourceName, "arn"), + resource.TestCheckResourceAttr(resourceName, "priority", "100"), + resource.TestCheckResourceAttr(resourceName, "action.#", "1"), + resource.TestCheckResourceAttr(resourceName, "action.0.order", "1"), + resource.TestCheckResourceAttr(resourceName, "action.0.type", "redirect"), + resource.TestCheckResourceAttr(resourceName, "action.0.target_group_arn", ""), + resource.TestCheckResourceAttr(resourceName, "action.0.redirect.#", "1"), + resource.TestCheckResourceAttr(resourceName, "action.0.redirect.0.host", "#{host}"), + resource.TestCheckResourceAttr(resourceName, "action.0.redirect.0.path", "/#{path}"), + resource.TestCheckResourceAttr(resourceName, "action.0.redirect.0.port", "443"), + resource.TestCheckResourceAttr(resourceName, "action.0.redirect.0.protocol", "HTTPS"), + resource.TestCheckResourceAttr(resourceName, "action.0.redirect.0.query", "#{query}"), + resource.TestCheckResourceAttr(resourceName, "action.0.redirect.0.status_code", "HTTP_301"), + resource.TestCheckResourceAttr(resourceName, "action.0.fixed_response.#", "0"), + resource.TestCheckResourceAttr(resourceName, "action.0.authenticate_cognito.#", "0"), + resource.TestCheckResourceAttr(resourceName, "action.0.authenticate_oidc.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.#", "1"), ), }, }, @@ -259,33 +267,35 @@ func TestAccAWSLBListenerRule_redirect(t *testing.T) { func TestAccAWSLBListenerRule_fixedResponse(t *testing.T) { var conf elbv2.Rule - lbName := fmt.Sprintf("testrule-fixedresponse-%s", acctest.RandStringFromCharSet(9, acctest.CharSetAlphaNum)) + lbName := fmt.Sprintf("testrule-fixedresponse-%s", acctest.RandString(9)) + + resourceName := "aws_lb_listener_rule.static" + frontEndListenerResourceName := "aws_lb_listener.front_end" resource.ParallelTest(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t) }, - IDRefreshName: "aws_lb_listener_rule.static", - Providers: testAccProviders, - CheckDestroy: testAccCheckAWSLBListenerRuleDestroy, + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSLBListenerRuleDestroy, Steps: []resource.TestStep{ { Config: testAccAWSLBListenerRuleConfig_fixedResponse(lbName, "Fixed response content"), Check: resource.ComposeAggregateTestCheckFunc( - testAccCheckAWSLBListenerRuleExists("aws_lb_listener_rule.static", &conf), - testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.static", "arn", "elasticloadbalancing", regexp.MustCompile("listener-rule/.+$")), - testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.static", "listener_arn", "elasticloadbalancing", regexp.MustCompile("listener/.+$")), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "priority", "100"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "action.#", "1"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "action.0.order", "1"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "action.0.type", "fixed-response"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "action.0.target_group_arn", ""), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "action.0.redirect.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "action.0.fixed_response.#", "1"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "action.0.fixed_response.0.content_type", "text/plain"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "action.0.fixed_response.0.message_body", "Fixed response content"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "action.0.fixed_response.0.status_code", "200"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "action.0.authenticate_cognito.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "action.0.authenticate_oidc.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.#", "1"), + testAccCheckAWSLBListenerRuleExists(resourceName, &conf), + testAccMatchResourceAttrRegionalARN(resourceName, "arn", "elasticloadbalancing", regexp.MustCompile(fmt.Sprintf(`listener-rule/app/%s/.+$`, lbName))), + resource.TestCheckResourceAttrPair(resourceName, "listener_arn", frontEndListenerResourceName, "arn"), + resource.TestCheckResourceAttr(resourceName, "priority", "100"), + resource.TestCheckResourceAttr(resourceName, "action.#", "1"), + resource.TestCheckResourceAttr(resourceName, "action.0.order", "1"), + resource.TestCheckResourceAttr(resourceName, "action.0.type", "fixed-response"), + resource.TestCheckResourceAttr(resourceName, "action.0.target_group_arn", ""), + resource.TestCheckResourceAttr(resourceName, "action.0.redirect.#", "0"), + resource.TestCheckResourceAttr(resourceName, "action.0.fixed_response.#", "1"), + resource.TestCheckResourceAttr(resourceName, "action.0.fixed_response.0.content_type", "text/plain"), + resource.TestCheckResourceAttr(resourceName, "action.0.fixed_response.0.message_body", "Fixed response content"), + resource.TestCheckResourceAttr(resourceName, "action.0.fixed_response.0.status_code", "200"), + resource.TestCheckResourceAttr(resourceName, "action.0.authenticate_cognito.#", "0"), + resource.TestCheckResourceAttr(resourceName, "action.0.authenticate_oidc.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.#", "1"), ), }, }, @@ -295,26 +305,27 @@ func TestAccAWSLBListenerRule_fixedResponse(t *testing.T) { // Updating Action breaks Condition change logic GH-11323 and GH-11362 func TestAccAWSLBListenerRule_updateFixedResponse(t *testing.T) { var rule elbv2.Rule - lbName := fmt.Sprintf("testrule-basic-%s", acctest.RandStringFromCharSet(13, acctest.CharSetAlphaNum)) + lbName := fmt.Sprintf("testrule-basic-%s", acctest.RandString(13)) + + resourceName := "aws_lb_listener_rule.static" resource.ParallelTest(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t) }, - IDRefreshName: "aws_lb_listener_rule.static", - Providers: testAccProviders, - CheckDestroy: testAccCheckAWSLBListenerRuleDestroy, + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSLBListenerRuleDestroy, Steps: []resource.TestStep{ { Config: testAccAWSLBListenerRuleConfig_fixedResponse(lbName, "Fixed Response 1"), Check: resource.ComposeTestCheckFunc( - testAccCheckAWSLBListenerRuleExists("aws_lb_listener_rule.static", &rule), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "action.0.fixed_response.0.message_body", "Fixed Response 1"), + testAccCheckAWSLBListenerRuleExists(resourceName, &rule), + resource.TestCheckResourceAttr(resourceName, "action.0.fixed_response.0.message_body", "Fixed Response 1"), ), }, { Config: testAccAWSLBListenerRuleConfig_fixedResponse(lbName, "Fixed Response 2"), Check: resource.ComposeTestCheckFunc( - testAccCheckAWSLBListenerRuleExists("aws_lb_listener_rule.static", &rule), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "action.0.fixed_response.0.message_body", "Fixed Response 2"), + testAccCheckAWSLBListenerRuleExists(resourceName, &rule), + resource.TestCheckResourceAttr(resourceName, "action.0.fixed_response.0.message_body", "Fixed Response 2"), ), }, }, @@ -323,27 +334,28 @@ func TestAccAWSLBListenerRule_updateFixedResponse(t *testing.T) { func TestAccAWSLBListenerRule_updateRulePriority(t *testing.T) { var rule elbv2.Rule - lbName := fmt.Sprintf("testrule-basic-%s", acctest.RandStringFromCharSet(13, acctest.CharSetAlphaNum)) - targetGroupName := fmt.Sprintf("testtargetgroup-%s", acctest.RandStringFromCharSet(10, acctest.CharSetAlphaNum)) + lbName := fmt.Sprintf("testrule-basic-%s", acctest.RandString(13)) + targetGroupName := fmt.Sprintf("testtargetgroup-%s", acctest.RandString(10)) + + resourceName := "aws_lb_listener_rule.static" resource.ParallelTest(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t) }, - IDRefreshName: "aws_lb_listener_rule.static", - Providers: testAccProviders, - CheckDestroy: testAccCheckAWSLBListenerRuleDestroy, + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSLBListenerRuleDestroy, Steps: []resource.TestStep{ { Config: testAccAWSLBListenerRuleConfig_basic(lbName, targetGroupName), Check: resource.ComposeTestCheckFunc( - testAccCheckAWSLBListenerRuleExists("aws_lb_listener_rule.static", &rule), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "priority", "100"), + testAccCheckAWSLBListenerRuleExists(resourceName, &rule), + resource.TestCheckResourceAttr(resourceName, "priority", "100"), ), }, { Config: testAccAWSLBListenerRuleConfig_updateRulePriority(lbName, targetGroupName), Check: resource.ComposeTestCheckFunc( - testAccCheckAWSLBListenerRuleExists("aws_lb_listener_rule.static", &rule), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "priority", "101"), + testAccCheckAWSLBListenerRuleExists(resourceName, &rule), + resource.TestCheckResourceAttr(resourceName, "priority", "101"), ), }, }, @@ -352,25 +364,26 @@ func TestAccAWSLBListenerRule_updateRulePriority(t *testing.T) { func TestAccAWSLBListenerRule_changeListenerRuleArnForcesNew(t *testing.T) { var before, after elbv2.Rule - lbName := fmt.Sprintf("testrule-basic-%s", acctest.RandStringFromCharSet(13, acctest.CharSetAlphaNum)) - targetGroupName := fmt.Sprintf("testtargetgroup-%s", acctest.RandStringFromCharSet(10, acctest.CharSetAlphaNum)) + lbName := fmt.Sprintf("testrule-basic-%s", acctest.RandString(13)) + targetGroupName := fmt.Sprintf("testtargetgroup-%s", acctest.RandString(10)) + + resourceName := "aws_lb_listener_rule.static" resource.ParallelTest(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t) }, - IDRefreshName: "aws_lb_listener_rule.static", - Providers: testAccProviders, - CheckDestroy: testAccCheckAWSLBListenerRuleDestroy, + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSLBListenerRuleDestroy, Steps: []resource.TestStep{ { Config: testAccAWSLBListenerRuleConfig_basic(lbName, targetGroupName), Check: resource.ComposeTestCheckFunc( - testAccCheckAWSLBListenerRuleExists("aws_lb_listener_rule.static", &before), + testAccCheckAWSLBListenerRuleExists(resourceName, &before), ), }, { Config: testAccAWSLBListenerRuleConfig_changeRuleArn(lbName, targetGroupName), Check: resource.ComposeTestCheckFunc( - testAccCheckAWSLBListenerRuleExists("aws_lb_listener_rule.static", &after), + testAccCheckAWSLBListenerRuleExists(resourceName, &after), testAccCheckAWSLbListenerRuleRecreated(t, &before, &after), ), }, @@ -379,8 +392,8 @@ func TestAccAWSLBListenerRule_changeListenerRuleArnForcesNew(t *testing.T) { } func TestAccAWSLBListenerRule_multipleConditionThrowsError(t *testing.T) { - lbName := fmt.Sprintf("testrule-basic-%s", acctest.RandStringFromCharSet(13, acctest.CharSetAlphaNum)) - targetGroupName := fmt.Sprintf("testtargetgroup-%s", acctest.RandStringFromCharSet(10, acctest.CharSetAlphaNum)) + lbName := fmt.Sprintf("testrule-basic-%s", acctest.RandString(13)) + targetGroupName := fmt.Sprintf("testtargetgroup-%s", acctest.RandString(10)) resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, @@ -397,14 +410,13 @@ func TestAccAWSLBListenerRule_multipleConditionThrowsError(t *testing.T) { func TestAccAWSLBListenerRule_priority(t *testing.T) { var rule elbv2.Rule - lbName := fmt.Sprintf("testrule-basic-%s", acctest.RandStringFromCharSet(13, acctest.CharSetAlphaNum)) - targetGroupName := fmt.Sprintf("testtargetgroup-%s", acctest.RandStringFromCharSet(10, acctest.CharSetAlphaNum)) + lbName := fmt.Sprintf("testrule-basic-%s", acctest.RandString(13)) + targetGroupName := fmt.Sprintf("testtargetgroup-%s", acctest.RandString(10)) resource.ParallelTest(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t) }, - IDRefreshName: "aws_lb_listener_rule.first", - Providers: testAccProviders, - CheckDestroy: testAccCheckAWSLBListenerRuleDestroy, + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSLBListenerRuleDestroy, Steps: []resource.TestStep{ { Config: testAccAWSLBListenerRuleConfig_priorityFirst(lbName, targetGroupName), @@ -473,34 +485,39 @@ func TestAccAWSLBListenerRule_cognito(t *testing.T) { var conf elbv2.Rule key := tlsRsaPrivateKeyPem(2048) certificate := tlsRsaX509SelfSignedCertificatePem(key, "example.com") - rName := acctest.RandomWithPrefix("tf-acc-test") + lbName := acctest.RandomWithPrefix("tf-acc-test") + + resourceName := "aws_lb_listener_rule.cognito" + frontEndListenerResourceName := "aws_lb_listener.front_end" + targetGroupResourceName := "aws_lb_target_group.test" + cognitoPoolResourceName := "aws_cognito_user_pool.test" + cognitoPoolClientResourceName := "aws_cognito_user_pool_client.test" + cognitoPoolDomainResourceName := "aws_cognito_user_pool_domain.test" resource.ParallelTest(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t) }, - IDRefreshName: "aws_lb_listener_rule.cognito", - Providers: testAccProviders, - CheckDestroy: testAccCheckAWSLBListenerRuleDestroy, + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSLBListenerRuleDestroy, Steps: []resource.TestStep{ { - Config: testAccAWSLBListenerRuleConfig_cognito(rName, key, certificate), + Config: testAccAWSLBListenerRuleConfig_cognito(lbName, key, certificate), Check: resource.ComposeAggregateTestCheckFunc( - testAccCheckAWSLBListenerRuleExists("aws_lb_listener_rule.cognito", &conf), - testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.cognito", "arn", "elasticloadbalancing", regexp.MustCompile("listener-rule/.+$")), - testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.cognito", "listener_arn", "elasticloadbalancing", regexp.MustCompile("listener/.+$")), - resource.TestCheckResourceAttr("aws_lb_listener_rule.cognito", "priority", "100"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.cognito", "action.#", "2"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.cognito", "action.0.order", "1"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.cognito", "action.0.type", "authenticate-cognito"), - resource.TestCheckResourceAttrSet("aws_lb_listener_rule.cognito", "action.0.authenticate_cognito.0.user_pool_arn"), - resource.TestCheckResourceAttrSet("aws_lb_listener_rule.cognito", "action.0.authenticate_cognito.0.user_pool_client_id"), - resource.TestCheckResourceAttrSet("aws_lb_listener_rule.cognito", "action.0.authenticate_cognito.0.user_pool_domain"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.cognito", "action.0.authenticate_cognito.0.authentication_request_extra_params.%", "1"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.cognito", "action.0.authenticate_cognito.0.authentication_request_extra_params.param", "test"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.cognito", "action.1.order", "2"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.cognito", "action.1.type", "forward"), - testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.cognito", "action.1.target_group_arn", "elasticloadbalancing", regexp.MustCompile("targetgroup/.+$")), - resource.TestCheckResourceAttrPair("aws_lb_listener_rule.cognito", "action.1.target_group_arn", "aws_lb_target_group.test", "arn"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.cognito", "condition.#", "1"), + testAccCheckAWSLBListenerRuleExists(resourceName, &conf), + testAccMatchResourceAttrRegionalARN(resourceName, "arn", "elasticloadbalancing", regexp.MustCompile(fmt.Sprintf(`listener-rule/app/%s/.+$`, lbName))), + resource.TestCheckResourceAttrPair(resourceName, "listener_arn", frontEndListenerResourceName, "arn"), + resource.TestCheckResourceAttr(resourceName, "priority", "100"), + resource.TestCheckResourceAttr(resourceName, "action.#", "2"), + resource.TestCheckResourceAttr(resourceName, "action.0.order", "1"), + resource.TestCheckResourceAttr(resourceName, "action.0.type", "authenticate-cognito"), + resource.TestCheckResourceAttrPair(resourceName, "action.0.authenticate_cognito.0.user_pool_arn", cognitoPoolResourceName, "arn"), + resource.TestCheckResourceAttrPair(resourceName, "action.0.authenticate_cognito.0.user_pool_client_id", cognitoPoolClientResourceName, "id"), + resource.TestCheckResourceAttrPair(resourceName, "action.0.authenticate_cognito.0.user_pool_domain", cognitoPoolDomainResourceName, "domain"), + resource.TestCheckResourceAttr(resourceName, "action.0.authenticate_cognito.0.authentication_request_extra_params.%", "1"), + resource.TestCheckResourceAttr(resourceName, "action.0.authenticate_cognito.0.authentication_request_extra_params.param", "test"), + resource.TestCheckResourceAttr(resourceName, "action.1.order", "2"), + resource.TestCheckResourceAttr(resourceName, "action.1.type", "forward"), + resource.TestCheckResourceAttrPair(resourceName, "action.1.target_group_arn", targetGroupResourceName, "arn"), + resource.TestCheckResourceAttr(resourceName, "condition.#", "1"), ), }, }, @@ -511,37 +528,39 @@ func TestAccAWSLBListenerRule_oidc(t *testing.T) { var conf elbv2.Rule key := tlsRsaPrivateKeyPem(2048) certificate := tlsRsaX509SelfSignedCertificatePem(key, "example.com") - rName := acctest.RandomWithPrefix("tf-acc-test") + lbName := acctest.RandomWithPrefix("tf-acc-test") + + resourceName := "aws_lb_listener_rule.oidc" + frontEndListenerResourceName := "aws_lb_listener.front_end" + targetGroupResourceName := "aws_lb_target_group.test" resource.ParallelTest(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t) }, - IDRefreshName: "aws_lb_listener_rule.oidc", - Providers: testAccProviders, - CheckDestroy: testAccCheckAWSLBListenerRuleDestroy, + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSLBListenerRuleDestroy, Steps: []resource.TestStep{ { - Config: testAccAWSLBListenerRuleConfig_oidc(rName, key, certificate), + Config: testAccAWSLBListenerRuleConfig_oidc(lbName, key, certificate), Check: resource.ComposeAggregateTestCheckFunc( - testAccCheckAWSLBListenerRuleExists("aws_lb_listener_rule.oidc", &conf), - testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.oidc", "arn", "elasticloadbalancing", regexp.MustCompile("listener-rule/.+$")), - testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.oidc", "listener_arn", "elasticloadbalancing", regexp.MustCompile("listener/.+$")), - resource.TestCheckResourceAttr("aws_lb_listener_rule.oidc", "priority", "100"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.oidc", "action.#", "2"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.oidc", "action.0.order", "1"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.oidc", "action.0.type", "authenticate-oidc"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.oidc", "action.0.authenticate_oidc.0.authorization_endpoint", "https://example.com/authorization_endpoint"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.oidc", "action.0.authenticate_oidc.0.client_id", "s6BhdRkqt3"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.oidc", "action.0.authenticate_oidc.0.client_secret", "7Fjfp0ZBr1KtDRbnfVdmIw"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.oidc", "action.0.authenticate_oidc.0.issuer", "https://example.com"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.oidc", "action.0.authenticate_oidc.0.token_endpoint", "https://example.com/token_endpoint"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.oidc", "action.0.authenticate_oidc.0.user_info_endpoint", "https://example.com/user_info_endpoint"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.oidc", "action.0.authenticate_oidc.0.authentication_request_extra_params.%", "1"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.oidc", "action.0.authenticate_oidc.0.authentication_request_extra_params.param", "test"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.oidc", "action.1.order", "2"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.oidc", "action.1.type", "forward"), - testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.oidc", "action.1.target_group_arn", "elasticloadbalancing", regexp.MustCompile("targetgroup/.+$")), - resource.TestCheckResourceAttrPair("aws_lb_listener_rule.oidc", "action.1.target_group_arn", "aws_lb_target_group.test", "arn"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.oidc", "condition.#", "1"), + testAccCheckAWSLBListenerRuleExists(resourceName, &conf), + testAccMatchResourceAttrRegionalARN(resourceName, "arn", "elasticloadbalancing", regexp.MustCompile(fmt.Sprintf(`listener-rule/app/%s/.+$`, lbName))), + resource.TestCheckResourceAttrPair(resourceName, "listener_arn", frontEndListenerResourceName, "arn"), + resource.TestCheckResourceAttr(resourceName, "priority", "100"), + resource.TestCheckResourceAttr(resourceName, "action.#", "2"), + resource.TestCheckResourceAttr(resourceName, "action.0.order", "1"), + resource.TestCheckResourceAttr(resourceName, "action.0.type", "authenticate-oidc"), + resource.TestCheckResourceAttr(resourceName, "action.0.authenticate_oidc.0.authorization_endpoint", "https://example.com/authorization_endpoint"), + resource.TestCheckResourceAttr(resourceName, "action.0.authenticate_oidc.0.client_id", "s6BhdRkqt3"), + resource.TestCheckResourceAttr(resourceName, "action.0.authenticate_oidc.0.client_secret", "7Fjfp0ZBr1KtDRbnfVdmIw"), + resource.TestCheckResourceAttr(resourceName, "action.0.authenticate_oidc.0.issuer", "https://example.com"), + resource.TestCheckResourceAttr(resourceName, "action.0.authenticate_oidc.0.token_endpoint", "https://example.com/token_endpoint"), + resource.TestCheckResourceAttr(resourceName, "action.0.authenticate_oidc.0.user_info_endpoint", "https://example.com/user_info_endpoint"), + resource.TestCheckResourceAttr(resourceName, "action.0.authenticate_oidc.0.authentication_request_extra_params.%", "1"), + resource.TestCheckResourceAttr(resourceName, "action.0.authenticate_oidc.0.authentication_request_extra_params.param", "test"), + resource.TestCheckResourceAttr(resourceName, "action.1.order", "2"), + resource.TestCheckResourceAttr(resourceName, "action.1.type", "forward"), + resource.TestCheckResourceAttrPair(resourceName, "action.1.target_group_arn", targetGroupResourceName, "arn"), + resource.TestCheckResourceAttr(resourceName, "condition.#", "1"), ), }, }, @@ -653,11 +672,13 @@ func TestAccAWSLBListenerRule_conditionAttributesCount(t *testing.T) { func TestAccAWSLBListenerRule_conditionHostHeader(t *testing.T) { var conf elbv2.Rule - lbName := fmt.Sprintf("testrule-hostHeader-%s", acctest.RandStringFromCharSet(12, acctest.CharSetAlphaNum)) + lbName := fmt.Sprintf("testrule-hostHeader-%s", acctest.RandString(12)) + + resourceName := "aws_lb_listener_rule.static" + frontEndListenerResourceName := "aws_lb_listener.front_end" resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, - IDRefreshName: "aws_lb_listener_rule.static", Providers: testAccProviders, CheckDestroy: testAccCheckAWSLBListenerRuleDestroy, DisableBinaryDriver: true, @@ -665,25 +686,25 @@ func TestAccAWSLBListenerRule_conditionHostHeader(t *testing.T) { { Config: testAccAWSLBListenerRuleConfig_conditionHostHeader(lbName), Check: resource.ComposeAggregateTestCheckFunc( - testAccCheckAWSLBListenerRuleExists("aws_lb_listener_rule.static", &conf), - testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.static", "arn", "elasticloadbalancing", regexp.MustCompile("listener-rule/.+$")), - testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.static", "listener_arn", "elasticloadbalancing", regexp.MustCompile("listener/.+$")), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "priority", "100"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "action.#", "1"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.#", "1"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.1089289132.field", "host-header"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.1089289132.host_header.#", "1"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.1089289132.host_header.0.values.#", "2"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.1089289132.host_header.0.values.3069857465", "example.com"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.1089289132.host_header.0.values.785793723", "www.example.com"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.1089289132.http_header.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.1089289132.http_request_method.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.1089289132.path_pattern.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.1089289132.query_string.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.1089289132.source_ip.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.1089289132.values.#", "2"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.1089289132.values.0", "example.com"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.1089289132.values.1", "www.example.com"), + testAccCheckAWSLBListenerRuleExists(resourceName, &conf), + testAccMatchResourceAttrRegionalARN(resourceName, "arn", "elasticloadbalancing", regexp.MustCompile(fmt.Sprintf(`listener-rule/app/%s/.+$`, lbName))), + resource.TestCheckResourceAttrPair(resourceName, "listener_arn", frontEndListenerResourceName, "arn"), + resource.TestCheckResourceAttr(resourceName, "priority", "100"), + resource.TestCheckResourceAttr(resourceName, "action.#", "1"), + resource.TestCheckResourceAttr(resourceName, "condition.#", "1"), + resource.TestCheckResourceAttr(resourceName, "condition.1089289132.field", "host-header"), + resource.TestCheckResourceAttr(resourceName, "condition.1089289132.host_header.#", "1"), + resource.TestCheckResourceAttr(resourceName, "condition.1089289132.host_header.0.values.#", "2"), + resource.TestCheckResourceAttr(resourceName, "condition.1089289132.host_header.0.values.3069857465", "example.com"), + resource.TestCheckResourceAttr(resourceName, "condition.1089289132.host_header.0.values.785793723", "www.example.com"), + resource.TestCheckResourceAttr(resourceName, "condition.1089289132.http_header.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.1089289132.http_request_method.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.1089289132.path_pattern.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.1089289132.query_string.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.1089289132.source_ip.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.1089289132.values.#", "2"), + resource.TestCheckResourceAttr(resourceName, "condition.1089289132.values.0", "example.com"), + resource.TestCheckResourceAttr(resourceName, "condition.1089289132.values.1", "www.example.com"), ), }, }, @@ -692,11 +713,13 @@ func TestAccAWSLBListenerRule_conditionHostHeader(t *testing.T) { func TestAccAWSLBListenerRule_conditionHostHeader_deprecated(t *testing.T) { var conf elbv2.Rule - lbName := fmt.Sprintf("testrule-hostHeader-%s", acctest.RandStringFromCharSet(12, acctest.CharSetAlphaNum)) + lbName := fmt.Sprintf("testrule-hostHeader-%s", acctest.RandString(12)) + + resourceName := "aws_lb_listener_rule.static" + frontEndListenerResourceName := "aws_lb_listener.front_end" resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, - IDRefreshName: "aws_lb_listener_rule.static", Providers: testAccProviders, CheckDestroy: testAccCheckAWSLBListenerRuleDestroy, DisableBinaryDriver: true, @@ -704,23 +727,23 @@ func TestAccAWSLBListenerRule_conditionHostHeader_deprecated(t *testing.T) { { Config: testAccAWSLBListenerRuleConfig_conditionHostHeader_deprecated(lbName), Check: resource.ComposeAggregateTestCheckFunc( - testAccCheckAWSLBListenerRuleExists("aws_lb_listener_rule.static", &conf), - testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.static", "arn", "elasticloadbalancing", regexp.MustCompile("listener-rule/.+$")), - testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.static", "listener_arn", "elasticloadbalancing", regexp.MustCompile("listener/.+$")), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "priority", "100"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "action.#", "1"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.#", "1"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.887624213.field", "host-header"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.887624213.host_header.#", "1"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.887624213.host_header.0.values.#", "1"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.887624213.host_header.0.values.3069857465", "example.com"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.887624213.http_header.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.887624213.http_request_method.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.887624213.path_pattern.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.887624213.query_string.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.887624213.source_ip.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.887624213.values.#", "1"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.887624213.values.0", "example.com"), + testAccCheckAWSLBListenerRuleExists(resourceName, &conf), + testAccMatchResourceAttrRegionalARN(resourceName, "arn", "elasticloadbalancing", regexp.MustCompile(fmt.Sprintf(`listener-rule/app/%s/.+$`, lbName))), + resource.TestCheckResourceAttrPair(resourceName, "listener_arn", frontEndListenerResourceName, "arn"), + resource.TestCheckResourceAttr(resourceName, "priority", "100"), + resource.TestCheckResourceAttr(resourceName, "action.#", "1"), + resource.TestCheckResourceAttr(resourceName, "condition.#", "1"), + resource.TestCheckResourceAttr(resourceName, "condition.887624213.field", "host-header"), + resource.TestCheckResourceAttr(resourceName, "condition.887624213.host_header.#", "1"), + resource.TestCheckResourceAttr(resourceName, "condition.887624213.host_header.0.values.#", "1"), + resource.TestCheckResourceAttr(resourceName, "condition.887624213.host_header.0.values.3069857465", "example.com"), + resource.TestCheckResourceAttr(resourceName, "condition.887624213.http_header.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.887624213.http_request_method.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.887624213.path_pattern.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.887624213.query_string.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.887624213.source_ip.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.887624213.values.#", "1"), + resource.TestCheckResourceAttr(resourceName, "condition.887624213.values.0", "example.com"), ), }, }, @@ -729,11 +752,13 @@ func TestAccAWSLBListenerRule_conditionHostHeader_deprecated(t *testing.T) { func TestAccAWSLBListenerRule_conditionHttpHeader(t *testing.T) { var conf elbv2.Rule - lbName := fmt.Sprintf("testrule-httpHeader-%s", acctest.RandStringFromCharSet(12, acctest.CharSetAlphaNum)) + lbName := fmt.Sprintf("testrule-httpHeader-%s", acctest.RandString(12)) + + resourceName := "aws_lb_listener_rule.static" + frontEndListenerResourceName := "aws_lb_listener.front_end" resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, - IDRefreshName: "aws_lb_listener_rule.static", Providers: testAccProviders, CheckDestroy: testAccCheckAWSLBListenerRuleDestroy, DisableBinaryDriver: true, @@ -741,35 +766,35 @@ func TestAccAWSLBListenerRule_conditionHttpHeader(t *testing.T) { { Config: testAccAWSLBListenerRuleConfig_conditionHttpHeader(lbName), Check: resource.ComposeAggregateTestCheckFunc( - testAccCheckAWSLBListenerRuleExists("aws_lb_listener_rule.static", &conf), - testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.static", "arn", "elasticloadbalancing", regexp.MustCompile("listener-rule/.+$")), - testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.static", "listener_arn", "elasticloadbalancing", regexp.MustCompile("listener/.+$")), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "priority", "100"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "action.#", "1"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.#", "2"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.168627567.field", "http-header"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.168627567.host_header.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.168627567.http_header.#", "1"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.168627567.http_header.0.http_header_name", "X-Forwarded-For"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.168627567.http_header.0.values.#", "2"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.168627567.http_header.0.values.2895841407", "10.0.0.*"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.168627567.http_header.0.values.35666611", "192.168.1.*"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.168627567.http_request_method.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.168627567.path_pattern.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.168627567.query_string.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.168627567.source_ip.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.168627567.values.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.4090220723.field", "http-header"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.4090220723.host_header.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.4090220723.http_header.#", "1"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.4090220723.http_header.0.http_header_name", "Zz9~|_^.-+*'&%$#!0aA"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.4090220723.http_header.0.values.#", "1"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.4090220723.http_header.0.values.1801271041", "RFC7230 Validity"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.4090220723.http_request_method.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.4090220723.path_pattern.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.4090220723.query_string.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.4090220723.source_ip.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.4090220723.values.#", "0"), + testAccCheckAWSLBListenerRuleExists(resourceName, &conf), + testAccMatchResourceAttrRegionalARN(resourceName, "arn", "elasticloadbalancing", regexp.MustCompile(fmt.Sprintf(`listener-rule/app/%s/.+$`, lbName))), + resource.TestCheckResourceAttrPair(resourceName, "listener_arn", frontEndListenerResourceName, "arn"), + resource.TestCheckResourceAttr(resourceName, "priority", "100"), + resource.TestCheckResourceAttr(resourceName, "action.#", "1"), + resource.TestCheckResourceAttr(resourceName, "condition.#", "2"), + resource.TestCheckResourceAttr(resourceName, "condition.168627567.field", "http-header"), + resource.TestCheckResourceAttr(resourceName, "condition.168627567.host_header.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.168627567.http_header.#", "1"), + resource.TestCheckResourceAttr(resourceName, "condition.168627567.http_header.0.http_header_name", "X-Forwarded-For"), + resource.TestCheckResourceAttr(resourceName, "condition.168627567.http_header.0.values.#", "2"), + resource.TestCheckResourceAttr(resourceName, "condition.168627567.http_header.0.values.2895841407", "10.0.0.*"), + resource.TestCheckResourceAttr(resourceName, "condition.168627567.http_header.0.values.35666611", "192.168.1.*"), + resource.TestCheckResourceAttr(resourceName, "condition.168627567.http_request_method.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.168627567.path_pattern.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.168627567.query_string.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.168627567.source_ip.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.168627567.values.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.4090220723.field", "http-header"), + resource.TestCheckResourceAttr(resourceName, "condition.4090220723.host_header.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.4090220723.http_header.#", "1"), + resource.TestCheckResourceAttr(resourceName, "condition.4090220723.http_header.0.http_header_name", "Zz9~|_^.-+*'&%$#!0aA"), + resource.TestCheckResourceAttr(resourceName, "condition.4090220723.http_header.0.values.#", "1"), + resource.TestCheckResourceAttr(resourceName, "condition.4090220723.http_header.0.values.1801271041", "RFC7230 Validity"), + resource.TestCheckResourceAttr(resourceName, "condition.4090220723.http_request_method.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.4090220723.path_pattern.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.4090220723.query_string.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.4090220723.source_ip.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.4090220723.values.#", "0"), ), }, }, @@ -792,11 +817,13 @@ func TestAccAWSLBListenerRule_conditionHttpHeader_invalid(t *testing.T) { func TestAccAWSLBListenerRule_conditionHttpRequestMethod(t *testing.T) { var conf elbv2.Rule - lbName := fmt.Sprintf("testrule-httpRequest-%s", acctest.RandStringFromCharSet(11, acctest.CharSetAlphaNum)) + lbName := fmt.Sprintf("testrule-httpRequest-%s", acctest.RandString(11)) + + resourceName := "aws_lb_listener_rule.static" + frontEndListenerResourceName := "aws_lb_listener.front_end" resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, - IDRefreshName: "aws_lb_listener_rule.static", Providers: testAccProviders, CheckDestroy: testAccCheckAWSLBListenerRuleDestroy, DisableBinaryDriver: true, @@ -804,23 +831,23 @@ func TestAccAWSLBListenerRule_conditionHttpRequestMethod(t *testing.T) { { Config: testAccAWSLBListenerRuleConfig_conditionHttpRequestMethod(lbName), Check: resource.ComposeAggregateTestCheckFunc( - testAccCheckAWSLBListenerRuleExists("aws_lb_listener_rule.static", &conf), - testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.static", "arn", "elasticloadbalancing", regexp.MustCompile("listener-rule/.+$")), - testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.static", "listener_arn", "elasticloadbalancing", regexp.MustCompile("listener/.+$")), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "priority", "100"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "action.#", "1"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.#", "1"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.2223521492.field", "http-request-method"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.2223521492.host_header.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.2223521492.http_header.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.2223521492.http_request_method.#", "1"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.2223521492.http_request_method.0.values.#", "2"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.2223521492.http_request_method.0.values.1805413626", "GET"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.2223521492.http_request_method.0.values.1814004025", "POST"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.2223521492.path_pattern.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.2223521492.query_string.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.2223521492.source_ip.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.2223521492.values.#", "0"), + testAccCheckAWSLBListenerRuleExists(resourceName, &conf), + testAccMatchResourceAttrRegionalARN(resourceName, "arn", "elasticloadbalancing", regexp.MustCompile(fmt.Sprintf(`listener-rule/app/%s/.+$`, lbName))), + resource.TestCheckResourceAttrPair(resourceName, "listener_arn", frontEndListenerResourceName, "arn"), + resource.TestCheckResourceAttr(resourceName, "priority", "100"), + resource.TestCheckResourceAttr(resourceName, "action.#", "1"), + resource.TestCheckResourceAttr(resourceName, "condition.#", "1"), + resource.TestCheckResourceAttr(resourceName, "condition.2223521492.field", "http-request-method"), + resource.TestCheckResourceAttr(resourceName, "condition.2223521492.host_header.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.2223521492.http_header.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.2223521492.http_request_method.#", "1"), + resource.TestCheckResourceAttr(resourceName, "condition.2223521492.http_request_method.0.values.#", "2"), + resource.TestCheckResourceAttr(resourceName, "condition.2223521492.http_request_method.0.values.1805413626", "GET"), + resource.TestCheckResourceAttr(resourceName, "condition.2223521492.http_request_method.0.values.1814004025", "POST"), + resource.TestCheckResourceAttr(resourceName, "condition.2223521492.path_pattern.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.2223521492.query_string.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.2223521492.source_ip.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.2223521492.values.#", "0"), ), }, }, @@ -829,11 +856,13 @@ func TestAccAWSLBListenerRule_conditionHttpRequestMethod(t *testing.T) { func TestAccAWSLBListenerRule_conditionPathPattern(t *testing.T) { var conf elbv2.Rule - lbName := fmt.Sprintf("testrule-pathPattern-%s", acctest.RandStringFromCharSet(11, acctest.CharSetAlphaNum)) + lbName := fmt.Sprintf("testrule-pathPattern-%s", acctest.RandString(11)) + + resourceName := "aws_lb_listener_rule.static" + frontEndListenerResourceName := "aws_lb_listener.front_end" resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, - IDRefreshName: "aws_lb_listener_rule.static", Providers: testAccProviders, CheckDestroy: testAccCheckAWSLBListenerRuleDestroy, DisableBinaryDriver: true, @@ -841,25 +870,25 @@ func TestAccAWSLBListenerRule_conditionPathPattern(t *testing.T) { { Config: testAccAWSLBListenerRuleConfig_conditionPathPattern(lbName), Check: resource.ComposeAggregateTestCheckFunc( - testAccCheckAWSLBListenerRuleExists("aws_lb_listener_rule.static", &conf), - testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.static", "arn", "elasticloadbalancing", regexp.MustCompile("listener-rule/.+$")), - testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.static", "listener_arn", "elasticloadbalancing", regexp.MustCompile("listener/.+$")), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "priority", "100"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "action.#", "1"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.#", "1"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.2177156802.field", "path-pattern"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.2177156802.host_header.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.2177156802.http_header.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.2177156802.http_request_method.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.2177156802.path_pattern.#", "1"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.2177156802.path_pattern.0.values.#", "2"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.2177156802.path_pattern.0.values.1764929539", "/cgi-bin/*"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.2177156802.path_pattern.0.values.1973895062", "/public/*"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.2177156802.query_string.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.2177156802.source_ip.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.2177156802.values.#", "2"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.2177156802.values.0", "/cgi-bin/*"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.2177156802.values.1", "/public/*"), + testAccCheckAWSLBListenerRuleExists(resourceName, &conf), + testAccMatchResourceAttrRegionalARN(resourceName, "arn", "elasticloadbalancing", regexp.MustCompile(fmt.Sprintf(`listener-rule/app/%s/.+$`, lbName))), + resource.TestCheckResourceAttrPair(resourceName, "listener_arn", frontEndListenerResourceName, "arn"), + resource.TestCheckResourceAttr(resourceName, "priority", "100"), + resource.TestCheckResourceAttr(resourceName, "action.#", "1"), + resource.TestCheckResourceAttr(resourceName, "condition.#", "1"), + resource.TestCheckResourceAttr(resourceName, "condition.2177156802.field", "path-pattern"), + resource.TestCheckResourceAttr(resourceName, "condition.2177156802.host_header.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.2177156802.http_header.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.2177156802.http_request_method.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.2177156802.path_pattern.#", "1"), + resource.TestCheckResourceAttr(resourceName, "condition.2177156802.path_pattern.0.values.#", "2"), + resource.TestCheckResourceAttr(resourceName, "condition.2177156802.path_pattern.0.values.1764929539", "/cgi-bin/*"), + resource.TestCheckResourceAttr(resourceName, "condition.2177156802.path_pattern.0.values.1973895062", "/public/*"), + resource.TestCheckResourceAttr(resourceName, "condition.2177156802.query_string.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.2177156802.source_ip.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.2177156802.values.#", "2"), + resource.TestCheckResourceAttr(resourceName, "condition.2177156802.values.0", "/cgi-bin/*"), + resource.TestCheckResourceAttr(resourceName, "condition.2177156802.values.1", "/public/*"), ), }, }, @@ -868,11 +897,13 @@ func TestAccAWSLBListenerRule_conditionPathPattern(t *testing.T) { func TestAccAWSLBListenerRule_conditionPathPattern_deprecated(t *testing.T) { var conf elbv2.Rule - lbName := fmt.Sprintf("testrule-pathPattern-%s", acctest.RandStringFromCharSet(11, acctest.CharSetAlphaNum)) + lbName := fmt.Sprintf("testrule-pathPattern-%s", acctest.RandString(11)) + + resourceName := "aws_lb_listener_rule.static" + frontEndListenerResourceName := "aws_lb_listener.front_end" resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, - IDRefreshName: "aws_lb_listener_rule.static", Providers: testAccProviders, CheckDestroy: testAccCheckAWSLBListenerRuleDestroy, DisableBinaryDriver: true, @@ -880,23 +911,23 @@ func TestAccAWSLBListenerRule_conditionPathPattern_deprecated(t *testing.T) { { Config: testAccAWSLBListenerRuleConfig_conditionPathPattern_deprecated(lbName), Check: resource.ComposeAggregateTestCheckFunc( - testAccCheckAWSLBListenerRuleExists("aws_lb_listener_rule.static", &conf), - testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.static", "arn", "elasticloadbalancing", regexp.MustCompile("listener-rule/.+$")), - testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.static", "listener_arn", "elasticloadbalancing", regexp.MustCompile("listener/.+$")), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "priority", "100"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "action.#", "1"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.#", "1"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.837782343.field", "path-pattern"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.837782343.host_header.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.837782343.http_header.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.837782343.http_request_method.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.837782343.path_pattern.#", "1"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.837782343.path_pattern.0.values.#", "1"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.837782343.path_pattern.0.values.1973895062", "/public/*"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.837782343.query_string.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.837782343.source_ip.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.837782343.values.#", "1"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.837782343.values.0", "/public/*"), + testAccCheckAWSLBListenerRuleExists(resourceName, &conf), + testAccMatchResourceAttrRegionalARN(resourceName, "arn", "elasticloadbalancing", regexp.MustCompile(fmt.Sprintf(`listener-rule/app/%s/.+$`, lbName))), + resource.TestCheckResourceAttrPair(resourceName, "listener_arn", frontEndListenerResourceName, "arn"), + resource.TestCheckResourceAttr(resourceName, "priority", "100"), + resource.TestCheckResourceAttr(resourceName, "action.#", "1"), + resource.TestCheckResourceAttr(resourceName, "condition.#", "1"), + resource.TestCheckResourceAttr(resourceName, "condition.837782343.field", "path-pattern"), + resource.TestCheckResourceAttr(resourceName, "condition.837782343.host_header.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.837782343.http_header.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.837782343.http_request_method.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.837782343.path_pattern.#", "1"), + resource.TestCheckResourceAttr(resourceName, "condition.837782343.path_pattern.0.values.#", "1"), + resource.TestCheckResourceAttr(resourceName, "condition.837782343.path_pattern.0.values.1973895062", "/public/*"), + resource.TestCheckResourceAttr(resourceName, "condition.837782343.query_string.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.837782343.source_ip.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.837782343.values.#", "1"), + resource.TestCheckResourceAttr(resourceName, "condition.837782343.values.0", "/public/*"), ), }, }, @@ -905,11 +936,13 @@ func TestAccAWSLBListenerRule_conditionPathPattern_deprecated(t *testing.T) { func TestAccAWSLBListenerRule_conditionUpdatePathPattern_deprecated(t *testing.T) { var conf elbv2.Rule - lbName := fmt.Sprintf("testrule-pathPattern-%s", acctest.RandStringFromCharSet(11, acctest.CharSetAlphaNum)) + lbName := fmt.Sprintf("testrule-pathPattern-%s", acctest.RandString(11)) + + resourceName := "aws_lb_listener_rule.static" + frontEndListenerResourceName := "aws_lb_listener.front_end" resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, - IDRefreshName: "aws_lb_listener_rule.static", Providers: testAccProviders, CheckDestroy: testAccCheckAWSLBListenerRuleDestroy, DisableBinaryDriver: true, @@ -917,44 +950,44 @@ func TestAccAWSLBListenerRule_conditionUpdatePathPattern_deprecated(t *testing.T { Config: testAccAWSLBListenerRuleConfig_conditionPathPattern_deprecated(lbName), Check: resource.ComposeAggregateTestCheckFunc( - testAccCheckAWSLBListenerRuleExists("aws_lb_listener_rule.static", &conf), - testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.static", "arn", "elasticloadbalancing", regexp.MustCompile("listener-rule/.+$")), - testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.static", "listener_arn", "elasticloadbalancing", regexp.MustCompile("listener/.+$")), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.837782343.field", "path-pattern"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.837782343.path_pattern.0.values.1973895062", "/public/*"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.837782343.values.0", "/public/*"), + testAccCheckAWSLBListenerRuleExists(resourceName, &conf), + testAccMatchResourceAttrRegionalARN(resourceName, "arn", "elasticloadbalancing", regexp.MustCompile(fmt.Sprintf(`listener-rule/app/%s/.+$`, lbName))), + resource.TestCheckResourceAttrPair(resourceName, "listener_arn", frontEndListenerResourceName, "arn"), + resource.TestCheckResourceAttr(resourceName, "condition.837782343.field", "path-pattern"), + resource.TestCheckResourceAttr(resourceName, "condition.837782343.path_pattern.0.values.1973895062", "/public/*"), + resource.TestCheckResourceAttr(resourceName, "condition.837782343.values.0", "/public/*"), ), }, { Config: testAccAWSLBListenerRuleConfig_conditionPathPattern_deprecatedUpdated(lbName), Check: resource.ComposeAggregateTestCheckFunc( - testAccCheckAWSLBListenerRuleExists("aws_lb_listener_rule.static", &conf), - testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.static", "arn", "elasticloadbalancing", regexp.MustCompile("listener-rule/.+$")), - testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.static", "listener_arn", "elasticloadbalancing", regexp.MustCompile("listener/.+$")), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.3300407761.path_pattern.0.values.1764929539", "/cgi-bin/*"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.3300407761.values.0", "/cgi-bin/*"), + testAccCheckAWSLBListenerRuleExists(resourceName, &conf), + testAccMatchResourceAttrRegionalARN(resourceName, "arn", "elasticloadbalancing", regexp.MustCompile(fmt.Sprintf(`listener-rule/app/%s/.+$`, lbName))), + resource.TestCheckResourceAttrPair(resourceName, "listener_arn", frontEndListenerResourceName, "arn"), + resource.TestCheckResourceAttr(resourceName, "condition.3300407761.path_pattern.0.values.1764929539", "/cgi-bin/*"), + resource.TestCheckResourceAttr(resourceName, "condition.3300407761.values.0", "/cgi-bin/*"), ), }, { Config: testAccAWSLBListenerRuleConfig_conditionPathPattern_migrated(lbName), Check: resource.ComposeAggregateTestCheckFunc( - testAccCheckAWSLBListenerRuleExists("aws_lb_listener_rule.static", &conf), - testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.static", "arn", "elasticloadbalancing", regexp.MustCompile("listener-rule/.+$")), - testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.static", "listener_arn", "elasticloadbalancing", regexp.MustCompile("listener/.+$")), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.3300407761.path_pattern.0.values.1764929539", "/cgi-bin/*"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.3300407761.values.0", "/cgi-bin/*"), + testAccCheckAWSLBListenerRuleExists(resourceName, &conf), + testAccMatchResourceAttrRegionalARN(resourceName, "arn", "elasticloadbalancing", regexp.MustCompile(fmt.Sprintf(`listener-rule/app/%s/.+$`, lbName))), + resource.TestCheckResourceAttrPair(resourceName, "listener_arn", frontEndListenerResourceName, "arn"), + resource.TestCheckResourceAttr(resourceName, "condition.3300407761.path_pattern.0.values.1764929539", "/cgi-bin/*"), + resource.TestCheckResourceAttr(resourceName, "condition.3300407761.values.0", "/cgi-bin/*"), ), }, { Config: testAccAWSLBListenerRuleConfig_conditionPathPattern(lbName), Check: resource.ComposeAggregateTestCheckFunc( - testAccCheckAWSLBListenerRuleExists("aws_lb_listener_rule.static", &conf), - testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.static", "arn", "elasticloadbalancing", regexp.MustCompile("listener-rule/.+$")), - testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.static", "listener_arn", "elasticloadbalancing", regexp.MustCompile("listener/.+$")), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.2177156802.path_pattern.0.values.1764929539", "/cgi-bin/*"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.2177156802.path_pattern.0.values.1973895062", "/public/*"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.2177156802.values.0", "/cgi-bin/*"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.2177156802.values.1", "/public/*"), + testAccCheckAWSLBListenerRuleExists(resourceName, &conf), + testAccMatchResourceAttrRegionalARN(resourceName, "arn", "elasticloadbalancing", regexp.MustCompile(fmt.Sprintf(`listener-rule/app/%s/.+$`, lbName))), + resource.TestCheckResourceAttrPair(resourceName, "listener_arn", frontEndListenerResourceName, "arn"), + resource.TestCheckResourceAttr(resourceName, "condition.2177156802.path_pattern.0.values.1764929539", "/cgi-bin/*"), + resource.TestCheckResourceAttr(resourceName, "condition.2177156802.path_pattern.0.values.1973895062", "/public/*"), + resource.TestCheckResourceAttr(resourceName, "condition.2177156802.values.0", "/cgi-bin/*"), + resource.TestCheckResourceAttr(resourceName, "condition.2177156802.values.1", "/public/*"), ), }, }, @@ -963,11 +996,13 @@ func TestAccAWSLBListenerRule_conditionUpdatePathPattern_deprecated(t *testing.T func TestAccAWSLBListenerRule_conditionQueryString(t *testing.T) { var conf elbv2.Rule - lbName := fmt.Sprintf("testrule-queryString-%s", acctest.RandStringFromCharSet(11, acctest.CharSetAlphaNum)) + lbName := fmt.Sprintf("testrule-queryString-%s", acctest.RandString(11)) + + resourceName := "aws_lb_listener_rule.static" + frontEndListenerResourceName := "aws_lb_listener.front_end" resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, - IDRefreshName: "aws_lb_listener_rule.static", Providers: testAccProviders, CheckDestroy: testAccCheckAWSLBListenerRuleDestroy, DisableBinaryDriver: true, @@ -975,36 +1010,36 @@ func TestAccAWSLBListenerRule_conditionQueryString(t *testing.T) { { Config: testAccAWSLBListenerRuleConfig_conditionQueryString(lbName), Check: resource.ComposeAggregateTestCheckFunc( - testAccCheckAWSLBListenerRuleExists("aws_lb_listener_rule.static", &conf), - testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.static", "arn", "elasticloadbalancing", regexp.MustCompile("listener-rule/.+$")), - testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.static", "listener_arn", "elasticloadbalancing", regexp.MustCompile("listener/.+$")), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "priority", "100"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "action.#", "1"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.#", "2"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.1697057359.field", "query-string"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.1697057359.host_header.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.1697057359.http_header.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.1697057359.http_request_method.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.1697057359.path_pattern.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.1697057359.query_string.#", "2"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.1697057359.query_string.167408634.key", ""), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.1697057359.query_string.167408634.value", "surprise"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.1697057359.query_string.4042884147.key", ""), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.1697057359.query_string.4042884147.value", "blank"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.1697057359.source_ip.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.1697057359.values.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.863121889.field", "query-string"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.863121889.host_header.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.863121889.http_header.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.863121889.http_request_method.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.863121889.path_pattern.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.863121889.query_string.#", "2"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.863121889.query_string.1123504603.key", "foo"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.863121889.query_string.1123504603.value", "baz"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.863121889.query_string.1278007785.key", "foo"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.863121889.query_string.1278007785.value", "bar"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.863121889.source_ip.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.863121889.values.#", "0"), + testAccCheckAWSLBListenerRuleExists(resourceName, &conf), + testAccMatchResourceAttrRegionalARN(resourceName, "arn", "elasticloadbalancing", regexp.MustCompile(fmt.Sprintf(`listener-rule/app/%s/.+$`, lbName))), + resource.TestCheckResourceAttrPair(resourceName, "listener_arn", frontEndListenerResourceName, "arn"), + resource.TestCheckResourceAttr(resourceName, "priority", "100"), + resource.TestCheckResourceAttr(resourceName, "action.#", "1"), + resource.TestCheckResourceAttr(resourceName, "condition.#", "2"), + resource.TestCheckResourceAttr(resourceName, "condition.1697057359.field", "query-string"), + resource.TestCheckResourceAttr(resourceName, "condition.1697057359.host_header.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.1697057359.http_header.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.1697057359.http_request_method.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.1697057359.path_pattern.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.1697057359.query_string.#", "2"), + resource.TestCheckResourceAttr(resourceName, "condition.1697057359.query_string.167408634.key", ""), + resource.TestCheckResourceAttr(resourceName, "condition.1697057359.query_string.167408634.value", "surprise"), + resource.TestCheckResourceAttr(resourceName, "condition.1697057359.query_string.4042884147.key", ""), + resource.TestCheckResourceAttr(resourceName, "condition.1697057359.query_string.4042884147.value", "blank"), + resource.TestCheckResourceAttr(resourceName, "condition.1697057359.source_ip.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.1697057359.values.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.863121889.field", "query-string"), + resource.TestCheckResourceAttr(resourceName, "condition.863121889.host_header.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.863121889.http_header.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.863121889.http_request_method.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.863121889.path_pattern.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.863121889.query_string.#", "2"), + resource.TestCheckResourceAttr(resourceName, "condition.863121889.query_string.1123504603.key", "foo"), + resource.TestCheckResourceAttr(resourceName, "condition.863121889.query_string.1123504603.value", "baz"), + resource.TestCheckResourceAttr(resourceName, "condition.863121889.query_string.1278007785.key", "foo"), + resource.TestCheckResourceAttr(resourceName, "condition.863121889.query_string.1278007785.value", "bar"), + resource.TestCheckResourceAttr(resourceName, "condition.863121889.source_ip.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.863121889.values.#", "0"), ), }, }, @@ -1013,11 +1048,13 @@ func TestAccAWSLBListenerRule_conditionQueryString(t *testing.T) { func TestAccAWSLBListenerRule_conditionSourceIp(t *testing.T) { var conf elbv2.Rule - lbName := fmt.Sprintf("testrule-sourceIp-%s", acctest.RandStringFromCharSet(14, acctest.CharSetAlphaNum)) + lbName := fmt.Sprintf("testrule-sourceIp-%s", acctest.RandString(14)) + + resourceName := "aws_lb_listener_rule.static" + frontEndListenerResourceName := "aws_lb_listener.front_end" resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, - IDRefreshName: "aws_lb_listener_rule.static", Providers: testAccProviders, CheckDestroy: testAccCheckAWSLBListenerRuleDestroy, DisableBinaryDriver: true, @@ -1025,23 +1062,23 @@ func TestAccAWSLBListenerRule_conditionSourceIp(t *testing.T) { { Config: testAccAWSLBListenerRuleConfig_conditionSourceIp(lbName), Check: resource.ComposeAggregateTestCheckFunc( - testAccCheckAWSLBListenerRuleExists("aws_lb_listener_rule.static", &conf), - testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.static", "arn", "elasticloadbalancing", regexp.MustCompile("listener-rule/.+$")), - testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.static", "listener_arn", "elasticloadbalancing", regexp.MustCompile("listener/.+$")), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "priority", "100"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "action.#", "1"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.#", "1"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.3009583077.field", "source-ip"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.3009583077.host_header.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.3009583077.http_header.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.3009583077.http_request_method.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.3009583077.path_pattern.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.3009583077.query_string.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.3009583077.source_ip.#", "1"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.3009583077.source_ip.0.values.#", "2"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.3009583077.source_ip.0.values.1567875353", "dead:cafe::/64"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.3009583077.source_ip.0.values.3901788224", "192.168.0.0/16"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.3009583077.values.#", "0"), + testAccCheckAWSLBListenerRuleExists(resourceName, &conf), + testAccMatchResourceAttrRegionalARN(resourceName, "arn", "elasticloadbalancing", regexp.MustCompile(fmt.Sprintf(`listener-rule/app/%s/.+$`, lbName))), + resource.TestCheckResourceAttrPair(resourceName, "listener_arn", frontEndListenerResourceName, "arn"), + resource.TestCheckResourceAttr(resourceName, "priority", "100"), + resource.TestCheckResourceAttr(resourceName, "action.#", "1"), + resource.TestCheckResourceAttr(resourceName, "condition.#", "1"), + resource.TestCheckResourceAttr(resourceName, "condition.3009583077.field", "source-ip"), + resource.TestCheckResourceAttr(resourceName, "condition.3009583077.host_header.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.3009583077.http_header.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.3009583077.http_request_method.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.3009583077.path_pattern.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.3009583077.query_string.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.3009583077.source_ip.#", "1"), + resource.TestCheckResourceAttr(resourceName, "condition.3009583077.source_ip.0.values.#", "2"), + resource.TestCheckResourceAttr(resourceName, "condition.3009583077.source_ip.0.values.1567875353", "dead:cafe::/64"), + resource.TestCheckResourceAttr(resourceName, "condition.3009583077.source_ip.0.values.3901788224", "192.168.0.0/16"), + resource.TestCheckResourceAttr(resourceName, "condition.3009583077.values.#", "0"), ), }, }, @@ -1050,11 +1087,13 @@ func TestAccAWSLBListenerRule_conditionSourceIp(t *testing.T) { func TestAccAWSLBListenerRule_conditionUpdateMixed(t *testing.T) { var conf elbv2.Rule - lbName := fmt.Sprintf("testrule-mixed-%s", acctest.RandStringFromCharSet(17, acctest.CharSetAlphaNum)) + lbName := fmt.Sprintf("testrule-mixed-%s", acctest.RandString(17)) + + resourceName := "aws_lb_listener_rule.static" + frontEndListenerResourceName := "aws_lb_listener.front_end" resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, - IDRefreshName: "aws_lb_listener_rule.static", Providers: testAccProviders, CheckDestroy: testAccCheckAWSLBListenerRuleDestroy, DisableBinaryDriver: true, @@ -1062,55 +1101,55 @@ func TestAccAWSLBListenerRule_conditionUpdateMixed(t *testing.T) { { Config: testAccAWSLBListenerRuleConfig_conditionMixed(lbName), Check: resource.ComposeAggregateTestCheckFunc( - testAccCheckAWSLBListenerRuleExists("aws_lb_listener_rule.static", &conf), - testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.static", "arn", "elasticloadbalancing", regexp.MustCompile("listener-rule/.+$")), - testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.static", "listener_arn", "elasticloadbalancing", regexp.MustCompile("listener/.+$")), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "action.#", "1"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.#", "2"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.837782343.field", "path-pattern"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.837782343.path_pattern.#", "1"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.837782343.path_pattern.0.values.#", "1"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.837782343.path_pattern.0.values.1973895062", "/public/*"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.837782343.values.0", "/public/*"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.2986919393.field", "source-ip"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.2986919393.source_ip.0.values.#", "1"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.2986919393.source_ip.0.values.3901788224", "192.168.0.0/16"), + testAccCheckAWSLBListenerRuleExists(resourceName, &conf), + testAccMatchResourceAttrRegionalARN(resourceName, "arn", "elasticloadbalancing", regexp.MustCompile(fmt.Sprintf(`listener-rule/app/%s/.+$`, lbName))), + resource.TestCheckResourceAttrPair(resourceName, "listener_arn", frontEndListenerResourceName, "arn"), + resource.TestCheckResourceAttr(resourceName, "action.#", "1"), + resource.TestCheckResourceAttr(resourceName, "condition.#", "2"), + resource.TestCheckResourceAttr(resourceName, "condition.837782343.field", "path-pattern"), + resource.TestCheckResourceAttr(resourceName, "condition.837782343.path_pattern.#", "1"), + resource.TestCheckResourceAttr(resourceName, "condition.837782343.path_pattern.0.values.#", "1"), + resource.TestCheckResourceAttr(resourceName, "condition.837782343.path_pattern.0.values.1973895062", "/public/*"), + resource.TestCheckResourceAttr(resourceName, "condition.837782343.values.0", "/public/*"), + resource.TestCheckResourceAttr(resourceName, "condition.2986919393.field", "source-ip"), + resource.TestCheckResourceAttr(resourceName, "condition.2986919393.source_ip.0.values.#", "1"), + resource.TestCheckResourceAttr(resourceName, "condition.2986919393.source_ip.0.values.3901788224", "192.168.0.0/16"), ), }, { Config: testAccAWSLBListenerRuleConfig_conditionMixed_updated(lbName), Check: resource.ComposeAggregateTestCheckFunc( - testAccCheckAWSLBListenerRuleExists("aws_lb_listener_rule.static", &conf), - testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.static", "arn", "elasticloadbalancing", regexp.MustCompile("listener-rule/.+$")), - testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.static", "listener_arn", "elasticloadbalancing", regexp.MustCompile("listener/.+$")), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "action.#", "1"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.#", "2"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.837782343.field", "path-pattern"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.837782343.path_pattern.#", "1"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.837782343.path_pattern.0.values.#", "1"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.837782343.path_pattern.0.values.1973895062", "/public/*"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.837782343.values.0", "/public/*"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.2685063104.field", "source-ip"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.2685063104.source_ip.0.values.#", "1"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.2685063104.source_ip.0.values.1567875353", "dead:cafe::/64"), + testAccCheckAWSLBListenerRuleExists(resourceName, &conf), + testAccMatchResourceAttrRegionalARN(resourceName, "arn", "elasticloadbalancing", regexp.MustCompile(fmt.Sprintf(`listener-rule/app/%s/.+$`, lbName))), + resource.TestCheckResourceAttrPair(resourceName, "listener_arn", frontEndListenerResourceName, "arn"), + resource.TestCheckResourceAttr(resourceName, "action.#", "1"), + resource.TestCheckResourceAttr(resourceName, "condition.#", "2"), + resource.TestCheckResourceAttr(resourceName, "condition.837782343.field", "path-pattern"), + resource.TestCheckResourceAttr(resourceName, "condition.837782343.path_pattern.#", "1"), + resource.TestCheckResourceAttr(resourceName, "condition.837782343.path_pattern.0.values.#", "1"), + resource.TestCheckResourceAttr(resourceName, "condition.837782343.path_pattern.0.values.1973895062", "/public/*"), + resource.TestCheckResourceAttr(resourceName, "condition.837782343.values.0", "/public/*"), + resource.TestCheckResourceAttr(resourceName, "condition.2685063104.field", "source-ip"), + resource.TestCheckResourceAttr(resourceName, "condition.2685063104.source_ip.0.values.#", "1"), + resource.TestCheckResourceAttr(resourceName, "condition.2685063104.source_ip.0.values.1567875353", "dead:cafe::/64"), ), }, { Config: testAccAWSLBListenerRuleConfig_conditionMixed_updated2(lbName), Check: resource.ComposeAggregateTestCheckFunc( - testAccCheckAWSLBListenerRuleExists("aws_lb_listener_rule.static", &conf), - testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.static", "arn", "elasticloadbalancing", regexp.MustCompile("listener-rule/.+$")), - testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.static", "listener_arn", "elasticloadbalancing", regexp.MustCompile("listener/.+$")), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "action.#", "1"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.#", "2"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.3300407761.field", "path-pattern"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.3300407761.path_pattern.#", "1"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.3300407761.path_pattern.0.values.#", "1"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.3300407761.path_pattern.0.values.1764929539", "/cgi-bin/*"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.3300407761.values.0", "/cgi-bin/*"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.2685063104.field", "source-ip"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.2685063104.source_ip.0.values.#", "1"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.2685063104.source_ip.0.values.1567875353", "dead:cafe::/64"), + testAccCheckAWSLBListenerRuleExists(resourceName, &conf), + testAccMatchResourceAttrRegionalARN(resourceName, "arn", "elasticloadbalancing", regexp.MustCompile(fmt.Sprintf(`listener-rule/app/%s/.+$`, lbName))), + resource.TestCheckResourceAttrPair(resourceName, "listener_arn", frontEndListenerResourceName, "arn"), + resource.TestCheckResourceAttr(resourceName, "action.#", "1"), + resource.TestCheckResourceAttr(resourceName, "condition.#", "2"), + resource.TestCheckResourceAttr(resourceName, "condition.3300407761.field", "path-pattern"), + resource.TestCheckResourceAttr(resourceName, "condition.3300407761.path_pattern.#", "1"), + resource.TestCheckResourceAttr(resourceName, "condition.3300407761.path_pattern.0.values.#", "1"), + resource.TestCheckResourceAttr(resourceName, "condition.3300407761.path_pattern.0.values.1764929539", "/cgi-bin/*"), + resource.TestCheckResourceAttr(resourceName, "condition.3300407761.values.0", "/cgi-bin/*"), + resource.TestCheckResourceAttr(resourceName, "condition.2685063104.field", "source-ip"), + resource.TestCheckResourceAttr(resourceName, "condition.2685063104.source_ip.0.values.#", "1"), + resource.TestCheckResourceAttr(resourceName, "condition.2685063104.source_ip.0.values.1567875353", "dead:cafe::/64"), ), }, }, @@ -1119,11 +1158,13 @@ func TestAccAWSLBListenerRule_conditionUpdateMixed(t *testing.T) { func TestAccAWSLBListenerRule_conditionMultiple(t *testing.T) { var conf elbv2.Rule - lbName := fmt.Sprintf("testrule-condMulti-%s", acctest.RandStringFromCharSet(13, acctest.CharSetAlphaNum)) + lbName := fmt.Sprintf("testrule-condMulti-%s", acctest.RandString(13)) + + resourceName := "aws_lb_listener_rule.static" + frontEndListenerResourceName := "aws_lb_listener.front_end" resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, - IDRefreshName: "aws_lb_listener_rule.static", Providers: testAccProviders, CheckDestroy: testAccCheckAWSLBListenerRuleDestroy, DisableBinaryDriver: true, @@ -1131,65 +1172,65 @@ func TestAccAWSLBListenerRule_conditionMultiple(t *testing.T) { { Config: testAccAWSLBListenerRuleConfig_conditionMultiple(lbName), Check: resource.ComposeAggregateTestCheckFunc( - testAccCheckAWSLBListenerRuleExists("aws_lb_listener_rule.static", &conf), - testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.static", "arn", "elasticloadbalancing", regexp.MustCompile("listener-rule/.+$")), - testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.static", "listener_arn", "elasticloadbalancing", regexp.MustCompile("listener/.+$")), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "priority", "100"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "action.#", "1"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.#", "5"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.139999317.field", "http-header"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.139999317.host_header.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.139999317.http_header.#", "1"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.139999317.http_header.0.http_header_name", "X-Forwarded-For"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.139999317.http_header.0.values.#", "1"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.139999317.http_header.0.values.35666611", "192.168.1.*"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.139999317.http_request_method.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.139999317.path_pattern.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.139999317.query_string.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.139999317.source_ip.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.139999317.values.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.2986919393.field", "source-ip"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.2986919393.host_header.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.2986919393.http_header.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.2986919393.http_request_method.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.2986919393.path_pattern.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.2986919393.query_string.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.2986919393.source_ip.#", "1"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.2986919393.source_ip.0.values.#", "1"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.2986919393.source_ip.0.values.3901788224", "192.168.0.0/16"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.2986919393.values.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.4038921246.field", "http-request-method"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.4038921246.host_header.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.4038921246.http_header.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.4038921246.http_request_method.#", "1"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.4038921246.http_request_method.0.values.#", "1"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.4038921246.http_request_method.0.values.1805413626", "GET"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.4038921246.path_pattern.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.4038921246.query_string.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.4038921246.source_ip.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.4038921246.values.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.837782343.field", "path-pattern"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.837782343.host_header.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.837782343.http_header.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.837782343.http_request_method.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.837782343.path_pattern.#", "1"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.837782343.path_pattern.0.values.#", "1"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.837782343.path_pattern.0.values.1973895062", "/public/*"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.837782343.query_string.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.837782343.source_ip.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.837782343.values.#", "1"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.837782343.values.0", "/public/*"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.887624213.field", "host-header"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.887624213.host_header.#", "1"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.887624213.host_header.0.values.#", "1"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.887624213.host_header.0.values.3069857465", "example.com"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.887624213.http_header.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.887624213.http_request_method.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.887624213.path_pattern.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.887624213.query_string.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.887624213.source_ip.#", "0"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.887624213.values.#", "1"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.887624213.values.0", "example.com"), + testAccCheckAWSLBListenerRuleExists(resourceName, &conf), + testAccMatchResourceAttrRegionalARN(resourceName, "arn", "elasticloadbalancing", regexp.MustCompile(fmt.Sprintf(`listener-rule/app/%s/.+$`, lbName))), + resource.TestCheckResourceAttrPair(resourceName, "listener_arn", frontEndListenerResourceName, "arn"), + resource.TestCheckResourceAttr(resourceName, "priority", "100"), + resource.TestCheckResourceAttr(resourceName, "action.#", "1"), + resource.TestCheckResourceAttr(resourceName, "condition.#", "5"), + resource.TestCheckResourceAttr(resourceName, "condition.139999317.field", "http-header"), + resource.TestCheckResourceAttr(resourceName, "condition.139999317.host_header.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.139999317.http_header.#", "1"), + resource.TestCheckResourceAttr(resourceName, "condition.139999317.http_header.0.http_header_name", "X-Forwarded-For"), + resource.TestCheckResourceAttr(resourceName, "condition.139999317.http_header.0.values.#", "1"), + resource.TestCheckResourceAttr(resourceName, "condition.139999317.http_header.0.values.35666611", "192.168.1.*"), + resource.TestCheckResourceAttr(resourceName, "condition.139999317.http_request_method.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.139999317.path_pattern.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.139999317.query_string.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.139999317.source_ip.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.139999317.values.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.2986919393.field", "source-ip"), + resource.TestCheckResourceAttr(resourceName, "condition.2986919393.host_header.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.2986919393.http_header.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.2986919393.http_request_method.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.2986919393.path_pattern.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.2986919393.query_string.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.2986919393.source_ip.#", "1"), + resource.TestCheckResourceAttr(resourceName, "condition.2986919393.source_ip.0.values.#", "1"), + resource.TestCheckResourceAttr(resourceName, "condition.2986919393.source_ip.0.values.3901788224", "192.168.0.0/16"), + resource.TestCheckResourceAttr(resourceName, "condition.2986919393.values.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.4038921246.field", "http-request-method"), + resource.TestCheckResourceAttr(resourceName, "condition.4038921246.host_header.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.4038921246.http_header.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.4038921246.http_request_method.#", "1"), + resource.TestCheckResourceAttr(resourceName, "condition.4038921246.http_request_method.0.values.#", "1"), + resource.TestCheckResourceAttr(resourceName, "condition.4038921246.http_request_method.0.values.1805413626", "GET"), + resource.TestCheckResourceAttr(resourceName, "condition.4038921246.path_pattern.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.4038921246.query_string.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.4038921246.source_ip.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.4038921246.values.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.837782343.field", "path-pattern"), + resource.TestCheckResourceAttr(resourceName, "condition.837782343.host_header.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.837782343.http_header.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.837782343.http_request_method.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.837782343.path_pattern.#", "1"), + resource.TestCheckResourceAttr(resourceName, "condition.837782343.path_pattern.0.values.#", "1"), + resource.TestCheckResourceAttr(resourceName, "condition.837782343.path_pattern.0.values.1973895062", "/public/*"), + resource.TestCheckResourceAttr(resourceName, "condition.837782343.query_string.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.837782343.source_ip.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.837782343.values.#", "1"), + resource.TestCheckResourceAttr(resourceName, "condition.837782343.values.0", "/public/*"), + resource.TestCheckResourceAttr(resourceName, "condition.887624213.field", "host-header"), + resource.TestCheckResourceAttr(resourceName, "condition.887624213.host_header.#", "1"), + resource.TestCheckResourceAttr(resourceName, "condition.887624213.host_header.0.values.#", "1"), + resource.TestCheckResourceAttr(resourceName, "condition.887624213.host_header.0.values.3069857465", "example.com"), + resource.TestCheckResourceAttr(resourceName, "condition.887624213.http_header.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.887624213.http_request_method.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.887624213.path_pattern.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.887624213.query_string.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.887624213.source_ip.#", "0"), + resource.TestCheckResourceAttr(resourceName, "condition.887624213.values.#", "1"), + resource.TestCheckResourceAttr(resourceName, "condition.887624213.values.0", "example.com"), ), }, }, @@ -1198,11 +1239,13 @@ func TestAccAWSLBListenerRule_conditionMultiple(t *testing.T) { func TestAccAWSLBListenerRule_conditionUpdateMultiple(t *testing.T) { var conf elbv2.Rule - lbName := fmt.Sprintf("testrule-condMulti-%s", acctest.RandStringFromCharSet(13, acctest.CharSetAlphaNum)) + lbName := fmt.Sprintf("testrule-condMulti-%s", acctest.RandString(13)) + + resourceName := "aws_lb_listener_rule.static" + frontEndListenerResourceName := "aws_lb_listener.front_end" resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, - IDRefreshName: "aws_lb_listener_rule.static", Providers: testAccProviders, CheckDestroy: testAccCheckAWSLBListenerRuleDestroy, DisableBinaryDriver: true, @@ -1210,47 +1253,47 @@ func TestAccAWSLBListenerRule_conditionUpdateMultiple(t *testing.T) { { Config: testAccAWSLBListenerRuleConfig_conditionMultiple(lbName), Check: resource.ComposeAggregateTestCheckFunc( - testAccCheckAWSLBListenerRuleExists("aws_lb_listener_rule.static", &conf), - testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.static", "arn", "elasticloadbalancing", regexp.MustCompile("listener-rule/.+$")), - testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.static", "listener_arn", "elasticloadbalancing", regexp.MustCompile("listener/.+$")), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "action.#", "1"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.#", "5"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.139999317.field", "http-header"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.139999317.http_header.0.http_header_name", "X-Forwarded-For"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.139999317.http_header.0.values.35666611", "192.168.1.*"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.2986919393.field", "source-ip"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.2986919393.source_ip.0.values.3901788224", "192.168.0.0/16"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.4038921246.field", "http-request-method"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.4038921246.http_request_method.0.values.1805413626", "GET"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.837782343.field", "path-pattern"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.837782343.path_pattern.0.values.1973895062", "/public/*"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.837782343.values.0", "/public/*"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.887624213.field", "host-header"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.887624213.host_header.0.values.3069857465", "example.com"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.887624213.values.0", "example.com"), + testAccCheckAWSLBListenerRuleExists(resourceName, &conf), + testAccMatchResourceAttrRegionalARN(resourceName, "arn", "elasticloadbalancing", regexp.MustCompile(fmt.Sprintf(`listener-rule/app/%s/.+$`, lbName))), + resource.TestCheckResourceAttrPair(resourceName, "listener_arn", frontEndListenerResourceName, "arn"), + resource.TestCheckResourceAttr(resourceName, "action.#", "1"), + resource.TestCheckResourceAttr(resourceName, "condition.#", "5"), + resource.TestCheckResourceAttr(resourceName, "condition.139999317.field", "http-header"), + resource.TestCheckResourceAttr(resourceName, "condition.139999317.http_header.0.http_header_name", "X-Forwarded-For"), + resource.TestCheckResourceAttr(resourceName, "condition.139999317.http_header.0.values.35666611", "192.168.1.*"), + resource.TestCheckResourceAttr(resourceName, "condition.2986919393.field", "source-ip"), + resource.TestCheckResourceAttr(resourceName, "condition.2986919393.source_ip.0.values.3901788224", "192.168.0.0/16"), + resource.TestCheckResourceAttr(resourceName, "condition.4038921246.field", "http-request-method"), + resource.TestCheckResourceAttr(resourceName, "condition.4038921246.http_request_method.0.values.1805413626", "GET"), + resource.TestCheckResourceAttr(resourceName, "condition.837782343.field", "path-pattern"), + resource.TestCheckResourceAttr(resourceName, "condition.837782343.path_pattern.0.values.1973895062", "/public/*"), + resource.TestCheckResourceAttr(resourceName, "condition.837782343.values.0", "/public/*"), + resource.TestCheckResourceAttr(resourceName, "condition.887624213.field", "host-header"), + resource.TestCheckResourceAttr(resourceName, "condition.887624213.host_header.0.values.3069857465", "example.com"), + resource.TestCheckResourceAttr(resourceName, "condition.887624213.values.0", "example.com"), ), }, { Config: testAccAWSLBListenerRuleConfig_conditionMultiple_updated(lbName), Check: resource.ComposeAggregateTestCheckFunc( - testAccCheckAWSLBListenerRuleExists("aws_lb_listener_rule.static", &conf), - testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.static", "arn", "elasticloadbalancing", regexp.MustCompile("listener-rule/.+$")), - testAccMatchResourceAttrRegionalARN("aws_lb_listener_rule.static", "listener_arn", "elasticloadbalancing", regexp.MustCompile("listener/.+$")), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "action.#", "1"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.#", "5"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.451778491.field", "http-header"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.451778491.http_header.0.http_header_name", "X-Forwarded-For"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.451778491.http_header.0.values.6718698", "192.168.2.*"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.2188908858.field", "source-ip"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.2188908858.source_ip.0.values.766747311", "192.168.0.0/24"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.736971867.field", "http-request-method"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.736971867.http_request_method.0.values.1814004025", "POST"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.941005625.field", "path-pattern"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.941005625.path_pattern.0.values.188114058", "/public/2/*"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.941005625.values.0", "/public/2/*"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.923495315.field", "host-header"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.923495315.host_header.0.values.854267206", "foobar.com"), - resource.TestCheckResourceAttr("aws_lb_listener_rule.static", "condition.923495315.values.0", "foobar.com"), + testAccCheckAWSLBListenerRuleExists(resourceName, &conf), + testAccMatchResourceAttrRegionalARN(resourceName, "arn", "elasticloadbalancing", regexp.MustCompile(fmt.Sprintf(`listener-rule/app/%s/.+$`, lbName))), + resource.TestCheckResourceAttrPair(resourceName, "listener_arn", frontEndListenerResourceName, "arn"), + resource.TestCheckResourceAttr(resourceName, "action.#", "1"), + resource.TestCheckResourceAttr(resourceName, "condition.#", "5"), + resource.TestCheckResourceAttr(resourceName, "condition.451778491.field", "http-header"), + resource.TestCheckResourceAttr(resourceName, "condition.451778491.http_header.0.http_header_name", "X-Forwarded-For"), + resource.TestCheckResourceAttr(resourceName, "condition.451778491.http_header.0.values.6718698", "192.168.2.*"), + resource.TestCheckResourceAttr(resourceName, "condition.2188908858.field", "source-ip"), + resource.TestCheckResourceAttr(resourceName, "condition.2188908858.source_ip.0.values.766747311", "192.168.0.0/24"), + resource.TestCheckResourceAttr(resourceName, "condition.736971867.field", "http-request-method"), + resource.TestCheckResourceAttr(resourceName, "condition.736971867.http_request_method.0.values.1814004025", "POST"), + resource.TestCheckResourceAttr(resourceName, "condition.941005625.field", "path-pattern"), + resource.TestCheckResourceAttr(resourceName, "condition.941005625.path_pattern.0.values.188114058", "/public/2/*"), + resource.TestCheckResourceAttr(resourceName, "condition.941005625.values.0", "/public/2/*"), + resource.TestCheckResourceAttr(resourceName, "condition.923495315.field", "host-header"), + resource.TestCheckResourceAttr(resourceName, "condition.923495315.host_header.0.values.854267206", "foobar.com"), + resource.TestCheckResourceAttr(resourceName, "condition.923495315.values.0", "foobar.com"), ), }, }, From b3ef64863aee37b2e865cf5bb0f1745456d2a3b2 Mon Sep 17 00:00:00 2001 From: Angie Pinilla Date: Wed, 3 Jun 2020 01:46:04 -0400 Subject: [PATCH 445/475] set ebs block if root is only volume in instance --- aws/resource_aws_instance.go | 104 ++++++++++++++++-------------- aws/resource_aws_instance_test.go | 57 +++++++--------- 2 files changed, 79 insertions(+), 82 deletions(-) diff --git a/aws/resource_aws_instance.go b/aws/resource_aws_instance.go index 323dd090dea..1a7469d4ba1 100644 --- a/aws/resource_aws_instance.go +++ b/aws/resource_aws_instance.go @@ -655,21 +655,21 @@ func resourceAwsInstanceCreate(d *schema.ResourceData, meta interface{}) error { } instance := runResp.Instances[0] - log.Printf("[INFO] Instance ID: %s", *instance.InstanceId) + log.Printf("[INFO] Instance ID: %s", aws.StringValue(instance.InstanceId)) // Store the resulting ID so we can look this up later - d.SetId(*instance.InstanceId) + d.SetId(aws.StringValue(instance.InstanceId)) // Wait for the instance to become running so we can get some attributes // that aren't available until later. log.Printf( "[DEBUG] Waiting for instance (%s) to become running", - *instance.InstanceId) + aws.StringValue(instance.InstanceId)) stateConf := &resource.StateChangeConf{ Pending: []string{"pending"}, Target: []string{"running"}, - Refresh: InstanceStateRefreshFunc(conn, *instance.InstanceId, []string{"terminated", "shutting-down"}), + Refresh: InstanceStateRefreshFunc(conn, aws.StringValue(instance.InstanceId), []string{"terminated", "shutting-down"}), Timeout: d.Timeout(schema.TimeoutCreate), Delay: 10 * time.Second, MinTimeout: 3 * time.Second, @@ -679,7 +679,7 @@ func resourceAwsInstanceCreate(d *schema.ResourceData, meta interface{}) error { if err != nil { return fmt.Errorf( "Error waiting for instance (%s) to become ready: %s", - *instance.InstanceId, err) + aws.StringValue(instance.InstanceId), err) } instance = instanceRaw.(*ec2.Instance) @@ -688,12 +688,12 @@ func resourceAwsInstanceCreate(d *schema.ResourceData, meta interface{}) error { if instance.PublicIpAddress != nil { d.SetConnInfo(map[string]string{ "type": "ssh", - "host": *instance.PublicIpAddress, + "host": aws.StringValue(instance.PublicIpAddress), }) } else if instance.PrivateIpAddress != nil { d.SetConnInfo(map[string]string{ "type": "ssh", - "host": *instance.PrivateIpAddress, + "host": aws.StringValue(instance.PrivateIpAddress), }) } @@ -726,7 +726,7 @@ func resourceAwsInstanceRead(d *schema.ResourceData, meta interface{}) error { if instance.State != nil { // If the instance is terminated, then it is gone - if *instance.State.Name == "terminated" { + if aws.StringValue(instance.State.Name) == "terminated" { d.SetId("") return nil } @@ -789,16 +789,16 @@ func resourceAwsInstanceRead(d *schema.ResourceData, meta interface{}) error { var networkInterfaces []map[string]interface{} for _, iNi := range instance.NetworkInterfaces { ni := make(map[string]interface{}) - if *iNi.Attachment.DeviceIndex == 0 { + if aws.Int64Value(iNi.Attachment.DeviceIndex) == 0 { primaryNetworkInterface = *iNi } // If the attached network device is inside our configuration, refresh state with values found. // Otherwise, assume the network device was attached via an outside resource. for _, index := range configuredDeviceIndexes { - if index == int(*iNi.Attachment.DeviceIndex) { - ni["device_index"] = *iNi.Attachment.DeviceIndex - ni["network_interface_id"] = *iNi.NetworkInterfaceId - ni["delete_on_termination"] = *iNi.Attachment.DeleteOnTermination + if index == int(aws.Int64Value(iNi.Attachment.DeviceIndex)) { + ni["device_index"] = aws.Int64Value(iNi.Attachment.DeviceIndex) + ni["network_interface_id"] = aws.StringValue(iNi.NetworkInterfaceId) + ni["delete_on_termination"] = aws.BoolValue(iNi.Attachment.DeleteOnTermination) } } // Don't add empty network interfaces to schema @@ -828,7 +828,7 @@ func resourceAwsInstanceRead(d *schema.ResourceData, meta interface{}) error { d.Set("associate_public_ip_address", primaryNetworkInterface.Association != nil) for _, address := range primaryNetworkInterface.Ipv6Addresses { - ipv6Addresses = append(ipv6Addresses, *address.Ipv6Address) + ipv6Addresses = append(ipv6Addresses, aws.StringValue(address.Ipv6Address)) } } else { @@ -843,12 +843,12 @@ func resourceAwsInstanceRead(d *schema.ResourceData, meta interface{}) error { } d.Set("ebs_optimized", instance.EbsOptimized) - if instance.SubnetId != nil && *instance.SubnetId != "" { + if instance.SubnetId != nil && aws.StringValue(instance.SubnetId) != "" { d.Set("source_dest_check", instance.SourceDestCheck) } if instance.Monitoring != nil && instance.Monitoring.State != nil { - monitoringState := *instance.Monitoring.State + monitoringState := aws.StringValue(instance.Monitoring.State) d.Set("monitoring", monitoringState == "enabled" || monitoringState == "pending") } @@ -915,7 +915,7 @@ func resourceAwsInstanceRead(d *schema.ResourceData, meta interface{}) error { if b64 { d.Set("user_data_base64", attr.UserData.Value) } else { - d.Set("user_data", userDataHashSum(*attr.UserData.Value)) + d.Set("user_data", userDataHashSum(aws.StringValue(attr.UserData.Value))) } } } @@ -937,7 +937,7 @@ func resourceAwsInstanceRead(d *schema.ResourceData, meta interface{}) error { } if d.Get("get_password_data").(bool) { - passwordData, err := getAwsEc2InstancePasswordData(*instance.InstanceId, conn) + passwordData, err := getAwsEc2InstancePasswordData(aws.StringValue(instance.InstanceId), conn) if err != nil { return err } @@ -1110,7 +1110,7 @@ func resourceAwsInstanceUpdate(d *schema.ResourceData, meta interface{}) error { } var primaryInterface ec2.InstanceNetworkInterface for _, ni := range instance.NetworkInterfaces { - if *ni.Attachment.DeviceIndex == 0 { + if aws.Int64Value(ni.Attachment.DeviceIndex) == 0 { primaryInterface = *ni } } @@ -1411,10 +1411,10 @@ func VolumeStateRefreshFunc(conn *ec2.EC2, volumeID, failState string) resource. func stringifyStateReason(sr *ec2.StateReason) string { if sr.Message != nil { - return *sr.Message + return aws.StringValue(sr.Message) } if sr.Code != nil { - return *sr.Code + return aws.StringValue(sr.Code) } return sr.String() @@ -1492,7 +1492,7 @@ func readBlockDevicesFromInstance(instance *ec2.Instance, conn *ec2.EC2) (map[st instanceBlockDevices := make(map[string]*ec2.InstanceBlockDeviceMapping) for _, bd := range instance.BlockDeviceMappings { if bd.Ebs != nil { - instanceBlockDevices[*bd.Ebs.VolumeId] = bd + instanceBlockDevices[aws.StringValue(bd.Ebs.VolumeId)] = bd } } @@ -1515,7 +1515,7 @@ func readBlockDevicesFromInstance(instance *ec2.Instance, conn *ec2.EC2) (map[st } for _, vol := range volResp.Volumes { - instanceBd := instanceBlockDevices[*vol.VolumeId] + instanceBd := instanceBlockDevices[aws.StringValue(vol.VolumeId)] bd := make(map[string]interface{}) bd["volume_id"] = aws.StringValue(vol.VolumeId) @@ -1544,19 +1544,24 @@ func readBlockDevicesFromInstance(instance *ec2.Instance, conn *ec2.EC2) (map[st if blockDeviceIsRoot(instanceBd, instance) { blockDevices["root"] = bd - } - - // Represent the ebs block device as it's own object (cloned from bd) - if aws.StringValue(instance.RootDeviceType) == "ebs" { - ebs := make(map[string]interface{}) - for k, v := range bd { - ebs[k] = v - } + } else { if vol.SnapshotId != nil { - ebs["snapshot_id"] = aws.StringValue(vol.SnapshotId) + bd["snapshot_id"] = aws.StringValue(vol.SnapshotId) } - blockDevices["ebs"] = append(blockDevices["ebs"].([]map[string]interface{}), ebs) + + blockDevices["ebs"] = append(blockDevices["ebs"].([]map[string]interface{}), bd) + } + } + // If the root device is the only block device mapping in the instance, + // explicitly set the ebs_block_device as a clone of the root device + // with the snapshot_id populated iff available + if blockDevices["root"] != nil && len(blockDevices["ebs"].([]map[string]interface{})) == 0 { + ebs := make(map[string]interface{}) + for k, v := range blockDevices["root"].(map[string]interface{}) { + ebs[k] = v } + ebs["snapshot_id"] = volResp.Volumes[0].SnapshotId + blockDevices["ebs"] = append(blockDevices["ebs"].([]map[string]interface{}), ebs) } return blockDevices, nil @@ -1565,8 +1570,7 @@ func readBlockDevicesFromInstance(instance *ec2.Instance, conn *ec2.EC2) (map[st func blockDeviceIsRoot(bd *ec2.InstanceBlockDeviceMapping, instance *ec2.Instance) bool { return bd.DeviceName != nil && instance.RootDeviceName != nil && - *bd.DeviceName == *instance.RootDeviceName - + aws.StringValue(bd.DeviceName) == aws.StringValue(instance.RootDeviceName) } func fetchRootDeviceName(ami string, conn *ec2.EC2) (*string, error) { @@ -1591,7 +1595,7 @@ func fetchRootDeviceName(ami string, conn *ec2.EC2) (*string, error) { rootDeviceName := image.RootDeviceName // Instance store backed AMIs do not provide a root device name. - if *image.RootDeviceType == ec2.DeviceTypeInstanceStore { + if aws.StringValue(image.RootDeviceType) == ec2.DeviceTypeInstanceStore { return nil, nil } @@ -1785,14 +1789,14 @@ func readBlockDeviceMappingsFromConfig(d *schema.ResourceData, conn *ec2.EC2) ([ ebs.VolumeType = aws.String(v) } - if v, ok := bd["iops"].(int); ok && v > 0 && *ebs.VolumeType == "io1" { + if v, ok := bd["iops"].(int); ok && v > 0 && aws.StringValue(ebs.VolumeType) == "io1" { // Only set the iops attribute if the volume type is io1. Setting otherwise // can trigger a refresh/plan loop based on the computed value that is given // from AWS, and prevent us from specifying 0 as a valid iops. // See https://github.com/hashicorp/terraform/pull/4146 // See https://github.com/hashicorp/terraform/issues/7765 ebs.Iops = aws.Int64(int64(v)) - } else if v, ok := bd["iops"].(int); ok && v > 0 && *ebs.VolumeType != "io1" { + } else if v, ok := bd["iops"].(int); ok && v > 0 && aws.StringValue(ebs.VolumeType) != "io1" { // Message user about incompatibility log.Print("[WARN] IOPs is only valid on IO1 storage type for EBS Volumes") } @@ -1842,22 +1846,22 @@ func readVolumeTags(conn *ec2.EC2, instanceId string) ([]*ec2.Tag, error) { // config determine which one to use in Plan and Apply. func readSecurityGroups(d *schema.ResourceData, instance *ec2.Instance, conn *ec2.EC2) error { // An instance with a subnet is in a VPC; an instance without a subnet is in EC2-Classic. - hasSubnet := instance.SubnetId != nil && *instance.SubnetId != "" + hasSubnet := instance.SubnetId != nil && aws.StringValue(instance.SubnetId) != "" useID, useName := hasSubnet, !hasSubnet // If the instance is in a VPC, find out if that VPC is Default to determine // whether to store names. - if instance.VpcId != nil && *instance.VpcId != "" { + if instance.VpcId != nil && aws.StringValue(instance.VpcId) != "" { out, err := conn.DescribeVpcs(&ec2.DescribeVpcsInput{ VpcIds: []*string{instance.VpcId}, }) if err != nil { - log.Printf("[WARN] Unable to describe VPC %q: %s", *instance.VpcId, err) + log.Printf("[WARN] Unable to describe VPC %q: %s", aws.StringValue(instance.VpcId), err) } else if len(out.Vpcs) == 0 { // This may happen in Eucalyptus Cloud log.Printf("[WARN] Unable to retrieve VPCs") } else { - isInDefaultVpc := *out.Vpcs[0].IsDefault + isInDefaultVpc := aws.BoolValue(out.Vpcs[0].IsDefault) useName = isInDefaultVpc } } @@ -1866,7 +1870,7 @@ func readSecurityGroups(d *schema.ResourceData, instance *ec2.Instance, conn *ec if useID { sgs := make([]string, 0, len(instance.SecurityGroups)) for _, sg := range instance.SecurityGroups { - sgs = append(sgs, *sg.GroupId) + sgs = append(sgs, aws.StringValue(sg.GroupId)) } log.Printf("[DEBUG] Setting Security Group IDs: %#v", sgs) if err := d.Set("vpc_security_group_ids", sgs); err != nil { @@ -1880,7 +1884,7 @@ func readSecurityGroups(d *schema.ResourceData, instance *ec2.Instance, conn *ec if useName { sgs := make([]string, 0, len(instance.SecurityGroups)) for _, sg := range instance.SecurityGroups { - sgs = append(sgs, *sg.GroupName) + sgs = append(sgs, aws.StringValue(sg.GroupName)) } log.Printf("[DEBUG] Setting Security Group Names: %#v", sgs) if err := d.Set("security_groups", sgs); err != nil { @@ -1910,11 +1914,11 @@ func getAwsEc2InstancePasswordData(instanceID string, conn *ec2.EC2) (string, er return resource.NonRetryableError(err) } - if resp.PasswordData == nil || *resp.PasswordData == "" { + if resp.PasswordData == nil || aws.StringValue(resp.PasswordData) == "" { return resource.RetryableError(fmt.Errorf("Password data is blank for instance ID: %s", instanceID)) } - passwordData = strings.TrimSpace(*resp.PasswordData) + passwordData = strings.TrimSpace(aws.StringValue(resp.PasswordData)) log.Printf("[INFO] Password data read for instance %s", instanceID) return nil @@ -1924,10 +1928,10 @@ func getAwsEc2InstancePasswordData(instanceID string, conn *ec2.EC2) (string, er if err != nil { return "", fmt.Errorf("Error getting password data: %s", err) } - if resp.PasswordData == nil || *resp.PasswordData == "" { + if resp.PasswordData == nil || aws.StringValue(resp.PasswordData) == "" { return "", fmt.Errorf("Password data is blank for instance ID: %s", instanceID) } - passwordData = strings.TrimSpace(*resp.PasswordData) + passwordData = strings.TrimSpace(aws.StringValue(resp.PasswordData)) } if err != nil { return "", err @@ -2089,7 +2093,7 @@ func buildAwsInstanceOpts( opts.PrivateIPAddress = aws.String(v.(string)) } if opts.SubnetID != nil && - *opts.SubnetID != "" { + aws.StringValue(opts.SubnetID) != "" { opts.SecurityGroupIDs = groups } else { opts.SecurityGroups = groups @@ -2194,7 +2198,7 @@ func iamInstanceProfileArnToName(ip *ec2.IamInstanceProfile) string { if ip == nil || ip.Arn == nil { return "" } - parts := strings.Split(*ip.Arn, "/") + parts := strings.Split(aws.StringValue(ip.Arn), "/") return parts[len(parts)-1] } diff --git a/aws/resource_aws_instance_test.go b/aws/resource_aws_instance_test.go index 44d3c3888b5..f86d14b7e48 100644 --- a/aws/resource_aws_instance_test.go +++ b/aws/resource_aws_instance_test.go @@ -1803,7 +1803,6 @@ func TestAccAWSInstance_EbsRootDevice_MultipleDynamicEBSBlockDevices(t *testing. var instance ec2.Instance resourceName := "aws_instance.test" - dataSourceName := "data.aws_ami.test" resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, @@ -1815,14 +1814,25 @@ func TestAccAWSInstance_EbsRootDevice_MultipleDynamicEBSBlockDevices(t *testing. Config: testAccAwsEc2InstanceConfigDynamicEBSBlockDevices, Check: resource.ComposeTestCheckFunc( testAccCheckInstanceExists(resourceName, &instance), - resource.TestCheckResourceAttrPair(resourceName, "ebs_block_device.%", dataSourceName, "block_device_mappings.%"), - resource.TestCheckResourceAttr(resourceName, "ebs_block_device.2432380901.delete_on_termination", "true"), - resource.TestCheckResourceAttrPair(resourceName, "ebs_block_device.2432380901.device_name", dataSourceName, "block_device_mappings.340275815.device_name"), - resource.TestCheckResourceAttrPair(resourceName, "ebs_block_device.2432380901.encrypted", dataSourceName, "block_device_mappings.340275815.ebs.encrypted"), - resource.TestCheckResourceAttr(resourceName, "ebs_block_device.2432380901.iops", "100"), - resource.TestCheckResourceAttrPair(resourceName, "ebs_block_device.2432380901.snapshot_id", dataSourceName, "block_device_mappings.340275815.ebs.snapshot_id"), - resource.TestCheckResourceAttrPair(resourceName, "ebs_block_device.2432380901.volume_size", dataSourceName, "block_device_mappings.340275815.ebs.volume_size"), - resource.TestCheckResourceAttrPair(resourceName, "ebs_block_device.2432380901.volume_type", dataSourceName, "block_device_mappings.340275815.ebs.volume_type"), + resource.TestCheckResourceAttr(resourceName, "ebs_block_device.#", "3"), + resource.TestCheckResourceAttr(resourceName, "ebs_block_device.2554893574.delete_on_termination", "true"), + resource.TestCheckResourceAttr(resourceName, "ebs_block_device.2554893574.device_name", "/dev/sdc"), + resource.TestCheckResourceAttr(resourceName, "ebs_block_device.2554893574.encrypted", "false"), + resource.TestCheckResourceAttr(resourceName, "ebs_block_device.2554893574.iops", "100"), + resource.TestCheckResourceAttr(resourceName, "ebs_block_device.2554893574.volume_size", "10"), + resource.TestCheckResourceAttr(resourceName, "ebs_block_device.2554893574.volume_type", "gp2"), + resource.TestCheckResourceAttr(resourceName, "ebs_block_device.2576023345.delete_on_termination", "true"), + resource.TestCheckResourceAttr(resourceName, "ebs_block_device.2576023345.device_name", "/dev/sdb"), + resource.TestCheckResourceAttr(resourceName, "ebs_block_device.2576023345.encrypted", "false"), + resource.TestCheckResourceAttr(resourceName, "ebs_block_device.2576023345.iops", "100"), + resource.TestCheckResourceAttr(resourceName, "ebs_block_device.2576023345.volume_size", "10"), + resource.TestCheckResourceAttr(resourceName, "ebs_block_device.2576023345.volume_type", "gp2"), + resource.TestCheckResourceAttr(resourceName, "ebs_block_device.2613854568.delete_on_termination", "true"), + resource.TestCheckResourceAttr(resourceName, "ebs_block_device.2613854568.device_name", "/dev/sda"), + resource.TestCheckResourceAttr(resourceName, "ebs_block_device.2613854568.encrypted", "false"), + resource.TestCheckResourceAttr(resourceName, "ebs_block_device.2613854568.iops", "100"), + resource.TestCheckResourceAttr(resourceName, "ebs_block_device.2613854568.volume_size", "10"), + resource.TestCheckResourceAttr(resourceName, "ebs_block_device.2613854568.volume_type", "gp2"), ), }, { @@ -4775,34 +4785,17 @@ data "aws_ec2_instance_type_offering" "available" { } const testAccAwsEc2InstanceConfigDynamicEBSBlockDevices = ` -data "aws_ami" "test" { - most_recent = true - owners = ["amazon"] - - filter { - name = "name" - values = ["amzn-ami-hvm-*-x86_64-gp2"] - } -} - -data "aws_vpc" "test" { - default = true -} - resource "aws_instance" "test" { - ami = data.aws_ami.test.id - instance_type = "t2.micro" + ami = "ami-55a7ea65" + instance_type = "m3.medium" dynamic "ebs_block_device" { - # for verifying attributes of a predictable number of ebs_block_devices, set to only 1 mapping - for_each = [tolist(data.aws_ami.test.block_device_mappings)[0]] + for_each = ["a", "b", "c"] iterator = device content { - device_name = device.value["device_name"] - iops = "100" - snapshot_id = device.value["ebs"]["snapshot_id"] - volume_size = device.value["ebs"]["volume_size"] - volume_type = device.value["ebs"]["volume_type"] + device_name = format("/dev/sd%s", device.value) + volume_size = "10" + volume_type = "gp2" } } } From 1b9b6456dd9f2c4e9a96f473cc380ae40cf28f02 Mon Sep 17 00:00:00 2001 From: Angie Pinilla Date: Wed, 3 Jun 2020 11:08:37 -0400 Subject: [PATCH 446/475] update ebs logic after read method --- aws/resource_aws_instance.go | 28 +++++++++++++++++++--------- 1 file changed, 19 insertions(+), 9 deletions(-) diff --git a/aws/resource_aws_instance.go b/aws/resource_aws_instance.go index 1a7469d4ba1..1c575470a81 100644 --- a/aws/resource_aws_instance.go +++ b/aws/resource_aws_instance.go @@ -1426,6 +1426,20 @@ func readBlockDevices(d *schema.ResourceData, instance *ec2.Instance, conn *ec2. return err } + // This handles cases where the root device block is of type "EBS" + // and #readBlockDevicesFromInstance only returns 1 reference to a block-device + // stored in ibds["root"] + if _, ok := d.GetOk("ebs_block_device"); ok { + if len(ibds["ebs"].([]map[string]interface{})) == 0 { + ebs := make(map[string]interface{}) + for k, v := range ibds["root"].(map[string]interface{}) { + ebs[k] = v + } + ebs["snapshot_id"] = ibds["snapshot_id"] + ibds["ebs"] = append(ibds["ebs"].([]map[string]interface{}), ebs) + } + } + if err := d.Set("ebs_block_device", ibds["ebs"]); err != nil { return err } @@ -1552,16 +1566,12 @@ func readBlockDevicesFromInstance(instance *ec2.Instance, conn *ec2.EC2) (map[st blockDevices["ebs"] = append(blockDevices["ebs"].([]map[string]interface{}), bd) } } - // If the root device is the only block device mapping in the instance, - // explicitly set the ebs_block_device as a clone of the root device - // with the snapshot_id populated iff available + // If we determine the root device is the only block device mapping + // in the instance (including ephemerals) after returning from this function, + // we'll need to set the ebs_block_device as a clone of the root device + // with the snapshot_id populated; thus, we store the ID for safe-keeping if blockDevices["root"] != nil && len(blockDevices["ebs"].([]map[string]interface{})) == 0 { - ebs := make(map[string]interface{}) - for k, v := range blockDevices["root"].(map[string]interface{}) { - ebs[k] = v - } - ebs["snapshot_id"] = volResp.Volumes[0].SnapshotId - blockDevices["ebs"] = append(blockDevices["ebs"].([]map[string]interface{}), ebs) + blockDevices["snapshot_id"] = volResp.Volumes[0].SnapshotId } return blockDevices, nil From cd53fe93198e4916874f428bae8ac6c2ebae0999 Mon Sep 17 00:00:00 2001 From: angie pinilla Date: Wed, 3 Jun 2020 11:28:19 -0400 Subject: [PATCH 447/475] Update CHANGELOG for #12904 --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 55c8241fdf7..2d80be318e6 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -8,6 +8,7 @@ ENHANCEMENTS: BUG FIXES: +* resource/aws_apigatewayv2_stage: Prevent perpetual plan differences with `default_route_settings.logging_level` argument for HTTP APIs [GH-12904] * resource/aws_ses_configuration_set: Prevent `Provider produced inconsistent result after apply` errors during creation or import [GH-12024] ## 2.64.0 (May 28, 2020) From 9279c9882a2252ff986ba875bcf71681b3602705 Mon Sep 17 00:00:00 2001 From: Angie Pinilla Date: Wed, 3 Jun 2020 12:39:54 -0400 Subject: [PATCH 448/475] use AWS SDK constants where possible --- aws/resource_aws_instance.go | 28 ++++++++++++++-------------- 1 file changed, 14 insertions(+), 14 deletions(-) diff --git a/aws/resource_aws_instance.go b/aws/resource_aws_instance.go index 1c575470a81..021b0da2ab3 100644 --- a/aws/resource_aws_instance.go +++ b/aws/resource_aws_instance.go @@ -667,9 +667,9 @@ func resourceAwsInstanceCreate(d *schema.ResourceData, meta interface{}) error { aws.StringValue(instance.InstanceId)) stateConf := &resource.StateChangeConf{ - Pending: []string{"pending"}, - Target: []string{"running"}, - Refresh: InstanceStateRefreshFunc(conn, aws.StringValue(instance.InstanceId), []string{"terminated", "shutting-down"}), + Pending: []string{ec2.InstanceStateNamePending}, + Target: []string{ec2.InstanceStateNameRunning}, + Refresh: InstanceStateRefreshFunc(conn, aws.StringValue(instance.InstanceId), []string{ec2.InstanceStateNameTerminated, ec2.InstanceStateNameShuttingDown}), Timeout: d.Timeout(schema.TimeoutCreate), Delay: 10 * time.Second, MinTimeout: 3 * time.Second, @@ -709,7 +709,7 @@ func resourceAwsInstanceRead(d *schema.ResourceData, meta interface{}) error { if err != nil { // If the instance was not found, return nil so that we can show // that the instance is gone. - if ec2err, ok := err.(awserr.Error); ok && ec2err.Code() == "InvalidInstanceID.NotFound" { + if isAWSErr(err, ec2.UnsuccessfulInstanceCreditSpecificationErrorCodeInvalidInstanceIdNotFound, "") { d.SetId("") return nil } @@ -726,7 +726,7 @@ func resourceAwsInstanceRead(d *schema.ResourceData, meta interface{}) error { if instance.State != nil { // If the instance is terminated, then it is gone - if aws.StringValue(instance.State.Name) == "terminated" { + if aws.StringValue(instance.State.Name) == ec2.InstanceStateNameTerminated { d.SetId("") return nil } @@ -849,7 +849,7 @@ func resourceAwsInstanceRead(d *schema.ResourceData, meta interface{}) error { if instance.Monitoring != nil && instance.Monitoring.State != nil { monitoringState := aws.StringValue(instance.Monitoring.State) - d.Set("monitoring", monitoringState == "enabled" || monitoringState == "pending") + d.Set("monitoring", monitoringState == ec2.MonitoringStateEnabled || monitoringState == ec2.MonitoringStatePending) } if err := d.Set("tags", keyvaluetags.Ec2KeyValueTags(instance.Tags).IgnoreAws().IgnoreConfig(ignoreTagsConfig).Map()); err != nil { @@ -1163,9 +1163,9 @@ func resourceAwsInstanceUpdate(d *schema.ResourceData, meta interface{}) error { } stateConf := &resource.StateChangeConf{ - Pending: []string{"pending", "stopped"}, + Pending: []string{ec2.InstanceStateNamePending, ec2.InstanceStateNameStopped}, Target: []string{"running"}, - Refresh: InstanceStateRefreshFunc(conn, d.Id(), []string{"terminated"}), + Refresh: InstanceStateRefreshFunc(conn, d.Id(), []string{ec2.InstanceStateNameTerminated}), Timeout: d.Timeout(schema.TimeoutUpdate), Delay: 10 * time.Second, MinTimeout: 3 * time.Second, @@ -1356,7 +1356,7 @@ func InstanceStateRefreshFunc(conn *ec2.EC2, instanceID string, failStates []str return func() (interface{}, string, error) { instance, err := resourceAwsInstanceFindByID(conn, instanceID) if err != nil { - if !isAWSErr(err, "InvalidInstanceID.NotFound", "") { + if !isAWSErr(err, ec2.UnsuccessfulInstanceCreditSpecificationErrorCodeInvalidInstanceIdNotFound, "") { log.Printf("Error on InstanceStateRefresh: %s", err) return nil, "", err } @@ -2153,7 +2153,7 @@ func awsTerminateInstance(conn *ec2.EC2, id string, timeout time.Duration) error InstanceIds: []*string{aws.String(id)}, } if _, err := conn.TerminateInstances(req); err != nil { - if ec2err, ok := err.(awserr.Error); ok && ec2err.Code() == "InvalidInstanceID.NotFound" { + if isAWSErr(err, ec2.UnsuccessfulInstanceCreditSpecificationErrorCodeInvalidInstanceIdNotFound, "") { return nil } return err @@ -2166,8 +2166,8 @@ func waitForInstanceStopping(conn *ec2.EC2, id string, timeout time.Duration) er log.Printf("[DEBUG] Waiting for instance (%s) to become stopped", id) stateConf := &resource.StateChangeConf{ - Pending: []string{"pending", "running", "shutting-down", "stopped", "stopping"}, - Target: []string{"stopped"}, + Pending: []string{ec2.InstanceStateNamePending, ec2.InstanceStateNameRunning, ec2.InstanceStateNameShuttingDown, ec2.InstanceStateNameStopped, ec2.InstanceStateNameStopping}, + Target: []string{ec2.InstanceStateNameStopped}, Refresh: InstanceStateRefreshFunc(conn, id, []string{}), Timeout: timeout, Delay: 10 * time.Second, @@ -2187,8 +2187,8 @@ func waitForInstanceDeletion(conn *ec2.EC2, id string, timeout time.Duration) er log.Printf("[DEBUG] Waiting for instance (%s) to become terminated", id) stateConf := &resource.StateChangeConf{ - Pending: []string{"pending", "running", "shutting-down", "stopped", "stopping"}, - Target: []string{"terminated"}, + Pending: []string{ec2.InstanceStateNamePending, ec2.InstanceStateNameRunning, ec2.InstanceStateNameShuttingDown, ec2.InstanceStateNameStopped, ec2.InstanceStateNameStopping}, + Target: []string{ec2.InstanceStateNameTerminated}, Refresh: InstanceStateRefreshFunc(conn, id, []string{}), Timeout: timeout, Delay: 10 * time.Second, From 06983a0d33a917fbe91a633b60616d062b63bd28 Mon Sep 17 00:00:00 2001 From: Angie Pinilla Date: Wed, 3 Jun 2020 16:27:03 -0400 Subject: [PATCH 449/475] apply review comments regarding constants and boolean checks --- aws/resource_aws_instance.go | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/aws/resource_aws_instance.go b/aws/resource_aws_instance.go index 021b0da2ab3..1b98a955352 100644 --- a/aws/resource_aws_instance.go +++ b/aws/resource_aws_instance.go @@ -709,7 +709,7 @@ func resourceAwsInstanceRead(d *schema.ResourceData, meta interface{}) error { if err != nil { // If the instance was not found, return nil so that we can show // that the instance is gone. - if isAWSErr(err, ec2.UnsuccessfulInstanceCreditSpecificationErrorCodeInvalidInstanceIdNotFound, "") { + if ec2err, ok := err.(awserr.Error); ok && ec2err.Code() == "InvalidInstanceID.NotFound" { d.SetId("") return nil } @@ -843,7 +843,7 @@ func resourceAwsInstanceRead(d *schema.ResourceData, meta interface{}) error { } d.Set("ebs_optimized", instance.EbsOptimized) - if instance.SubnetId != nil && aws.StringValue(instance.SubnetId) != "" { + if aws.StringValue(instance.SubnetId) != "" { d.Set("source_dest_check", instance.SourceDestCheck) } @@ -1356,7 +1356,7 @@ func InstanceStateRefreshFunc(conn *ec2.EC2, instanceID string, failStates []str return func() (interface{}, string, error) { instance, err := resourceAwsInstanceFindByID(conn, instanceID) if err != nil { - if !isAWSErr(err, ec2.UnsuccessfulInstanceCreditSpecificationErrorCodeInvalidInstanceIdNotFound, "") { + if !isAWSErr(err, "InvalidInstanceID.NotFound", "") { log.Printf("Error on InstanceStateRefresh: %s", err) return nil, "", err } @@ -1799,14 +1799,14 @@ func readBlockDeviceMappingsFromConfig(d *schema.ResourceData, conn *ec2.EC2) ([ ebs.VolumeType = aws.String(v) } - if v, ok := bd["iops"].(int); ok && v > 0 && aws.StringValue(ebs.VolumeType) == "io1" { + if v, ok := bd["iops"].(int); ok && v > 0 && aws.StringValue(ebs.VolumeType) == ec2.VolumeTypeIo1 { // Only set the iops attribute if the volume type is io1. Setting otherwise // can trigger a refresh/plan loop based on the computed value that is given // from AWS, and prevent us from specifying 0 as a valid iops. // See https://github.com/hashicorp/terraform/pull/4146 // See https://github.com/hashicorp/terraform/issues/7765 ebs.Iops = aws.Int64(int64(v)) - } else if v, ok := bd["iops"].(int); ok && v > 0 && aws.StringValue(ebs.VolumeType) != "io1" { + } else if v, ok := bd["iops"].(int); ok && v > 0 && aws.StringValue(ebs.VolumeType) != ec2.VolumeTypeIo1 { // Message user about incompatibility log.Print("[WARN] IOPs is only valid on IO1 storage type for EBS Volumes") } @@ -1856,12 +1856,12 @@ func readVolumeTags(conn *ec2.EC2, instanceId string) ([]*ec2.Tag, error) { // config determine which one to use in Plan and Apply. func readSecurityGroups(d *schema.ResourceData, instance *ec2.Instance, conn *ec2.EC2) error { // An instance with a subnet is in a VPC; an instance without a subnet is in EC2-Classic. - hasSubnet := instance.SubnetId != nil && aws.StringValue(instance.SubnetId) != "" + hasSubnet := aws.StringValue(instance.SubnetId) != "" useID, useName := hasSubnet, !hasSubnet // If the instance is in a VPC, find out if that VPC is Default to determine // whether to store names. - if instance.VpcId != nil && aws.StringValue(instance.VpcId) != "" { + if aws.StringValue(instance.VpcId) != "" { out, err := conn.DescribeVpcs(&ec2.DescribeVpcsInput{ VpcIds: []*string{instance.VpcId}, }) From 479fb2551ab0a9906329cd1481c6118dc4fb973e Mon Sep 17 00:00:00 2001 From: DrFaust92 Date: Thu, 4 Jun 2020 00:32:15 +0300 Subject: [PATCH 450/475] add arn attribute + plan time validations for: `client_cidr_block`, `server_certificate_arn` and `root_certificate_chain_arn` minor test refactors --- aws/resource_aws_ec2_client_vpn_endpoint.go | 34 +++++++-- ...source_aws_ec2_client_vpn_endpoint_test.go | 76 +++++++++---------- .../r/ec2_client_vpn_endpoint.html.markdown | 1 + 3 files changed, 62 insertions(+), 49 deletions(-) diff --git a/aws/resource_aws_ec2_client_vpn_endpoint.go b/aws/resource_aws_ec2_client_vpn_endpoint.go index dae8f29ffd3..bc34139e0fc 100644 --- a/aws/resource_aws_ec2_client_vpn_endpoint.go +++ b/aws/resource_aws_ec2_client_vpn_endpoint.go @@ -5,6 +5,7 @@ import ( "log" "github.com/aws/aws-sdk-go/aws" + "github.com/aws/aws-sdk-go/aws/arn" "github.com/aws/aws-sdk-go/service/ec2" "github.com/hashicorp/terraform-plugin-sdk/helper/schema" "github.com/hashicorp/terraform-plugin-sdk/helper/validation" @@ -27,9 +28,10 @@ func resourceAwsEc2ClientVpnEndpoint() *schema.Resource { Optional: true, }, "client_cidr_block": { - Type: schema.TypeString, - Required: true, - ForceNew: true, + Type: schema.TypeString, + Required: true, + ForceNew: true, + ValidateFunc: validation.IsCIDR, }, "dns_servers": { Type: schema.TypeSet, @@ -37,8 +39,9 @@ func resourceAwsEc2ClientVpnEndpoint() *schema.Resource { Elem: &schema.Schema{Type: schema.TypeString}, }, "server_certificate_arn": { - Type: schema.TypeString, - Required: true, + Type: schema.TypeString, + Required: true, + ValidateFunc: validateArn, }, "split_tunnel": { Type: schema.TypeBool, @@ -76,9 +79,10 @@ func resourceAwsEc2ClientVpnEndpoint() *schema.Resource { ForceNew: true, }, "root_certificate_chain_arn": { - Type: schema.TypeString, - Optional: true, - ForceNew: true, + Type: schema.TypeString, + Optional: true, + ForceNew: true, + ValidateFunc: validateArn, }, }, }, @@ -113,6 +117,10 @@ func resourceAwsEc2ClientVpnEndpoint() *schema.Resource { Computed: true, }, "tags": tagsSchema(), + "arn": { + Type: schema.TypeString, + Computed: true, + }, }, } } @@ -239,6 +247,16 @@ func resourceAwsEc2ClientVpnEndpointRead(d *schema.ResourceData, meta interface{ return fmt.Errorf("error setting tags: %s", err) } + arn := arn.ARN{ + Partition: meta.(*AWSClient).partition, + Service: "ec2", + Region: meta.(*AWSClient).region, + AccountID: meta.(*AWSClient).accountid, + Resource: fmt.Sprintf("client-vpn-endpoint/%s", d.Id()), + }.String() + + d.Set("arn", arn) + return nil } diff --git a/aws/resource_aws_ec2_client_vpn_endpoint_test.go b/aws/resource_aws_ec2_client_vpn_endpoint_test.go index b712a45cc40..fd80deda7dd 100644 --- a/aws/resource_aws_ec2_client_vpn_endpoint_test.go +++ b/aws/resource_aws_ec2_client_vpn_endpoint_test.go @@ -3,6 +3,7 @@ package aws import ( "fmt" "log" + "regexp" "testing" "github.com/aws/aws-sdk-go/aws" @@ -74,6 +75,7 @@ func testSweepEc2ClientVpnEndpoints(region string) error { func TestAccAwsEc2ClientVpnEndpoint_basic(t *testing.T) { rStr := acctest.RandString(5) + resourceName := "aws_ec2_client_vpn_endpoint.test" resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, @@ -83,15 +85,16 @@ func TestAccAwsEc2ClientVpnEndpoint_basic(t *testing.T) { { Config: testAccEc2ClientVpnEndpointConfig(rStr), Check: resource.ComposeTestCheckFunc( - testAccCheckAwsEc2ClientVpnEndpointExists("aws_ec2_client_vpn_endpoint.test"), - resource.TestCheckResourceAttr("aws_ec2_client_vpn_endpoint.test", "authentication_options.#", "1"), - resource.TestCheckResourceAttr("aws_ec2_client_vpn_endpoint.test", "authentication_options.0.type", "certificate-authentication"), - resource.TestCheckResourceAttr("aws_ec2_client_vpn_endpoint.test", "status", ec2.ClientVpnEndpointStatusCodePendingAssociate), + testAccCheckAwsEc2ClientVpnEndpointExists(resourceName), + testAccMatchResourceAttrRegionalARN(resourceName, "arn", "ec2", regexp.MustCompile(`client-vpn-endpoint/cvpn-endpoint-.+`)), + resource.TestCheckResourceAttr(resourceName, "authentication_options.#", "1"), + resource.TestCheckResourceAttr(resourceName, "authentication_options.0.type", "certificate-authentication"), + resource.TestCheckResourceAttr(resourceName, "status", ec2.ClientVpnEndpointStatusCodePendingAssociate), ), }, { - ResourceName: "aws_ec2_client_vpn_endpoint.test", + ResourceName: resourceName, ImportState: true, ImportStateVerify: true, }, @@ -101,6 +104,7 @@ func TestAccAwsEc2ClientVpnEndpoint_basic(t *testing.T) { func TestAccAwsEc2ClientVpnEndpoint_disappears(t *testing.T) { rStr := acctest.RandString(5) + resourceName := "aws_ec2_client_vpn_endpoint.test" resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, @@ -110,8 +114,8 @@ func TestAccAwsEc2ClientVpnEndpoint_disappears(t *testing.T) { { Config: testAccEc2ClientVpnEndpointConfig(rStr), Check: resource.ComposeTestCheckFunc( - testAccCheckAwsEc2ClientVpnEndpointExists("aws_ec2_client_vpn_endpoint.test"), - testAccCheckAwsEc2ClientVpnEndpointDisappears("aws_ec2_client_vpn_endpoint.test"), + testAccCheckAwsEc2ClientVpnEndpointExists(resourceName), + testAccCheckResourceDisappears(testAccProvider, resourceAwsEc2ClientVpnEndpoint(), resourceName), ), ExpectNonEmptyPlan: true, }, @@ -121,6 +125,7 @@ func TestAccAwsEc2ClientVpnEndpoint_disappears(t *testing.T) { func TestAccAwsEc2ClientVpnEndpoint_msAD(t *testing.T) { rStr := acctest.RandString(5) + resourceName := "aws_ec2_client_vpn_endpoint.test" resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, @@ -130,14 +135,14 @@ func TestAccAwsEc2ClientVpnEndpoint_msAD(t *testing.T) { { Config: testAccEc2ClientVpnEndpointConfigWithMicrosoftAD(rStr), Check: resource.ComposeTestCheckFunc( - testAccCheckAwsEc2ClientVpnEndpointExists("aws_ec2_client_vpn_endpoint.test"), - resource.TestCheckResourceAttr("aws_ec2_client_vpn_endpoint.test", "authentication_options.#", "1"), - resource.TestCheckResourceAttr("aws_ec2_client_vpn_endpoint.test", "authentication_options.0.type", "directory-service-authentication"), + testAccCheckAwsEc2ClientVpnEndpointExists(resourceName), + resource.TestCheckResourceAttr(resourceName, "authentication_options.#", "1"), + resource.TestCheckResourceAttr(resourceName, "authentication_options.0.type", "directory-service-authentication"), ), }, { - ResourceName: "aws_ec2_client_vpn_endpoint.test", + ResourceName: resourceName, ImportState: true, ImportStateVerify: true, }, @@ -147,6 +152,7 @@ func TestAccAwsEc2ClientVpnEndpoint_msAD(t *testing.T) { func TestAccAwsEc2ClientVpnEndpoint_mutualAuthAndMsAD(t *testing.T) { rStr := acctest.RandString(5) + resourceName := "aws_ec2_client_vpn_endpoint.test" resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, @@ -156,15 +162,15 @@ func TestAccAwsEc2ClientVpnEndpoint_mutualAuthAndMsAD(t *testing.T) { { Config: testAccEc2ClientVpnEndpointConfigWithMutualAuthAndMicrosoftAD(rStr), Check: resource.ComposeTestCheckFunc( - testAccCheckAwsEc2ClientVpnEndpointExists("aws_ec2_client_vpn_endpoint.test"), - resource.TestCheckResourceAttr("aws_ec2_client_vpn_endpoint.test", "authentication_options.#", "2"), - resource.TestCheckResourceAttr("aws_ec2_client_vpn_endpoint.test", "authentication_options.0.type", "directory-service-authentication"), - resource.TestCheckResourceAttr("aws_ec2_client_vpn_endpoint.test", "authentication_options.1.type", "certificate-authentication"), + testAccCheckAwsEc2ClientVpnEndpointExists(resourceName), + resource.TestCheckResourceAttr(resourceName, "authentication_options.#", "2"), + resource.TestCheckResourceAttr(resourceName, "authentication_options.0.type", "directory-service-authentication"), + resource.TestCheckResourceAttr(resourceName, "authentication_options.1.type", "certificate-authentication"), ), }, { - ResourceName: "aws_ec2_client_vpn_endpoint.test", + ResourceName: resourceName, ImportState: true, ImportStateVerify: true, }, @@ -174,6 +180,7 @@ func TestAccAwsEc2ClientVpnEndpoint_mutualAuthAndMsAD(t *testing.T) { func TestAccAwsEc2ClientVpnEndpoint_withLogGroup(t *testing.T) { rStr := acctest.RandString(5) + resourceName := "aws_ec2_client_vpn_endpoint.test" resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, @@ -183,19 +190,19 @@ func TestAccAwsEc2ClientVpnEndpoint_withLogGroup(t *testing.T) { { Config: testAccEc2ClientVpnEndpointConfig(rStr), Check: resource.ComposeTestCheckFunc( - testAccCheckAwsEc2ClientVpnEndpointExists("aws_ec2_client_vpn_endpoint.test"), + testAccCheckAwsEc2ClientVpnEndpointExists(resourceName), ), }, { Config: testAccEc2ClientVpnEndpointConfigWithLogGroup(rStr), Check: resource.ComposeTestCheckFunc( - testAccCheckAwsEc2ClientVpnEndpointExists("aws_ec2_client_vpn_endpoint.test"), + testAccCheckAwsEc2ClientVpnEndpointExists(resourceName), ), }, { - ResourceName: "aws_ec2_client_vpn_endpoint.test", + ResourceName: resourceName, ImportState: true, ImportStateVerify: true, }, @@ -205,6 +212,7 @@ func TestAccAwsEc2ClientVpnEndpoint_withLogGroup(t *testing.T) { func TestAccAwsEc2ClientVpnEndpoint_withDNSServers(t *testing.T) { rStr := acctest.RandString(5) + resourceName := "aws_ec2_client_vpn_endpoint.test" resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, @@ -214,19 +222,19 @@ func TestAccAwsEc2ClientVpnEndpoint_withDNSServers(t *testing.T) { { Config: testAccEc2ClientVpnEndpointConfig(rStr), Check: resource.ComposeTestCheckFunc( - testAccCheckAwsEc2ClientVpnEndpointExists("aws_ec2_client_vpn_endpoint.test"), + testAccCheckAwsEc2ClientVpnEndpointExists(resourceName), ), }, { Config: testAccEc2ClientVpnEndpointConfigWithDNSServers(rStr), Check: resource.ComposeTestCheckFunc( - testAccCheckAwsEc2ClientVpnEndpointExists("aws_ec2_client_vpn_endpoint.test"), + testAccCheckAwsEc2ClientVpnEndpointExists(resourceName), ), }, { - ResourceName: "aws_ec2_client_vpn_endpoint.test", + ResourceName: resourceName, ImportState: true, ImportStateVerify: true, }, @@ -251,6 +259,11 @@ func TestAccAwsEc2ClientVpnEndpoint_tags(t *testing.T) { resource.TestCheckResourceAttr(resourceName, "tags.Usage", "original"), ), }, + { + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + }, { Config: testAccEc2ClientVpnEndpointConfig_tagsChanged(rStr), Check: resource.ComposeTestCheckFunc( @@ -324,25 +337,6 @@ func testAccCheckAwsEc2ClientVpnEndpointDestroy(s *terraform.State) error { return nil } -func testAccCheckAwsEc2ClientVpnEndpointDisappears(name string) resource.TestCheckFunc { - return func(s *terraform.State) error { - rs, ok := s.RootModule().Resources[name] - if !ok { - return fmt.Errorf("Not found: %s", name) - } - - conn := testAccProvider.Meta().(*AWSClient).ec2conn - - input := &ec2.DeleteClientVpnEndpointInput{ - ClientVpnEndpointId: aws.String(rs.Primary.ID), - } - - _, err := conn.DeleteClientVpnEndpoint(input) - - return err - } -} - func testAccCheckAwsEc2ClientVpnEndpointExists(name string) resource.TestCheckFunc { return func(s *terraform.State) error { _, ok := s.RootModule().Resources[name] diff --git a/website/docs/r/ec2_client_vpn_endpoint.html.markdown b/website/docs/r/ec2_client_vpn_endpoint.html.markdown index 2823edeb472..c3e89b0830a 100644 --- a/website/docs/r/ec2_client_vpn_endpoint.html.markdown +++ b/website/docs/r/ec2_client_vpn_endpoint.html.markdown @@ -67,6 +67,7 @@ One of the following arguments must be supplied: In addition to all arguments above, the following attributes are exported: * `id` - The ID of the Client VPN endpoint. +* `arn` - The ARN of the Client VPN endpoint. * `dns_name` - The DNS name to be used by clients when establishing their VPN session. * `status` - The current state of the Client VPN endpoint. From 792a597026e5876be4fe708e647d7c5d7cd3aad8 Mon Sep 17 00:00:00 2001 From: angie pinilla Date: Wed, 3 Jun 2020 17:51:56 -0400 Subject: [PATCH 451/475] Update CHANGELOG for #13589 --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 2d80be318e6..42743452078 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -9,6 +9,7 @@ ENHANCEMENTS: BUG FIXES: * resource/aws_apigatewayv2_stage: Prevent perpetual plan differences with `default_route_settings.logging_level` argument for HTTP APIs [GH-12904] +* resource/aws_instance: Prevent perpetual plan differences, forcing replacement, with `ebs_block_device` configuration blocks [GH-13589] * resource/aws_ses_configuration_set: Prevent `Provider produced inconsistent result after apply` errors during creation or import [GH-12024] ## 2.64.0 (May 28, 2020) From 24a6202122ea0292613004c8fcf24b5f9a4f31b9 Mon Sep 17 00:00:00 2001 From: DrFaust92 Date: Mon, 27 Apr 2020 16:26:44 +0300 Subject: [PATCH 452/475] use enums --- aws/resource_aws_instance.go | 70 +++++++++++++++++++++++------------- 1 file changed, 45 insertions(+), 25 deletions(-) diff --git a/aws/resource_aws_instance.go b/aws/resource_aws_instance.go index 1b98a955352..ae55d3f2952 100644 --- a/aws/resource_aws_instance.go +++ b/aws/resource_aws_instance.go @@ -13,7 +13,6 @@ import ( "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/arn" - "github.com/aws/aws-sdk-go/aws/awserr" "github.com/aws/aws-sdk-go/service/ec2" "github.com/hashicorp/terraform-plugin-sdk/helper/hashcode" "github.com/hashicorp/terraform-plugin-sdk/helper/resource" @@ -105,10 +104,11 @@ func resourceAwsInstance() *schema.Resource { }, "private_ip": { - Type: schema.TypeString, - Optional: true, - ForceNew: true, - Computed: true, + Type: schema.TypeString, + Optional: true, + ForceNew: true, + Computed: true, + ValidateFunc: validation.IsIPv4Address, }, "source_dest_check": { @@ -288,7 +288,8 @@ func resourceAwsInstance() *schema.Resource { Computed: true, ForceNew: true, Elem: &schema.Schema{ - Type: schema.TypeString, + Type: schema.TypeString, + ValidateFunc: validation.IsIPv6Address, }, }, @@ -297,6 +298,11 @@ func resourceAwsInstance() *schema.Resource { Optional: true, Computed: true, ForceNew: true, + ValidateFunc: validation.StringInSlice([]string{ + ec2.TenancyDedicated, + ec2.TenancyDefault, + ec2.TenancyHost, + }, false), }, "host_id": { Type: schema.TypeString, @@ -382,6 +388,13 @@ func resourceAwsInstance() *schema.Resource { Optional: true, Computed: true, ForceNew: true, + ValidateFunc: validation.StringInSlice([]string{ + ec2.VolumeTypeStandard, + ec2.VolumeTypeIo1, + ec2.VolumeTypeGp2, + ec2.VolumeTypeSc1, + ec2.VolumeTypeSt1, + }, false), }, "volume_id": { @@ -486,6 +499,13 @@ func resourceAwsInstance() *schema.Resource { Type: schema.TypeString, Optional: true, Computed: true, + ValidateFunc: validation.StringInSlice([]string{ + ec2.VolumeTypeStandard, + ec2.VolumeTypeIo1, + ec2.VolumeTypeGp2, + ec2.VolumeTypeSc1, + ec2.VolumeTypeSt1, + }, false), }, "volume_id": { @@ -645,7 +665,7 @@ func resourceAwsInstanceCreate(d *schema.ResourceData, meta interface{}) error { // where a user uses group ids in security_groups for the Default VPC. // See https://github.com/hashicorp/terraform/issues/3798 if isAWSErr(err, "InvalidParameterValue", "groupId is invalid") { - return fmt.Errorf("Error launching instance, possible mismatch of Security Group IDs and Names. See AWS Instance docs here: %s.\n\n\tAWS Error: %s", "https://terraform.io/docs/providers/aws/r/instance.html", err.(awserr.Error).Message()) + return fmt.Errorf("Error launching instance, possible mismatch of Security Group IDs and Names. See AWS Instance docs here: %s.\n\n\tAWS Error: %w", "https://terraform.io/docs/providers/aws/r/instance.html", err) } if err != nil { return fmt.Errorf("Error launching source instance: %s", err) @@ -667,9 +687,11 @@ func resourceAwsInstanceCreate(d *schema.ResourceData, meta interface{}) error { aws.StringValue(instance.InstanceId)) stateConf := &resource.StateChangeConf{ - Pending: []string{ec2.InstanceStateNamePending}, - Target: []string{ec2.InstanceStateNameRunning}, - Refresh: InstanceStateRefreshFunc(conn, aws.StringValue(instance.InstanceId), []string{ec2.InstanceStateNameTerminated, ec2.InstanceStateNameShuttingDown}), + Pending: []string{ec2.InstanceStateNamePending}, + Target: []string{ec2.InstanceStateNameRunning}, + Refresh: InstanceStateRefreshFunc(conn, aws.StringValue(instance.InstanceId), []string{ + ec2.InstanceStateNameTerminated, + ec2.InstanceStateNameShuttingDown}), Timeout: d.Timeout(schema.TimeoutCreate), Delay: 10 * time.Second, MinTimeout: 3 * time.Second, @@ -709,7 +731,7 @@ func resourceAwsInstanceRead(d *schema.ResourceData, meta interface{}) error { if err != nil { // If the instance was not found, return nil so that we can show // that the instance is gone. - if ec2err, ok := err.(awserr.Error); ok && ec2err.Code() == "InvalidInstanceID.NotFound" { + if isAWSErr(err, "InvalidInstanceID.NotFound", "") { d.SetId("") return nil } @@ -1075,14 +1097,10 @@ func resourceAwsInstanceUpdate(d *schema.ResourceData, meta interface{}) error { }, }) if err != nil { - if ec2err, ok := err.(awserr.Error); ok { - // Tolerate InvalidParameterCombination error in Classic, otherwise - // return the error - if ec2err.Code() != "InvalidParameterCombination" { - return err - } - log.Printf("[WARN] Attempted to modify SourceDestCheck on non VPC instance: %s", ec2err.Message()) + if isAWSErr(err, "InvalidParameterCombination", "") { + return err } + log.Printf("[WARN] Attempted to modify SourceDestCheck on non VPC instance: %s", err) } } } @@ -1164,7 +1182,7 @@ func resourceAwsInstanceUpdate(d *schema.ResourceData, meta interface{}) error { stateConf := &resource.StateChangeConf{ Pending: []string{ec2.InstanceStateNamePending, ec2.InstanceStateNameStopped}, - Target: []string{"running"}, + Target: []string{ec2.InstanceStateNameRunning}, Refresh: InstanceStateRefreshFunc(conn, d.Id(), []string{ec2.InstanceStateNameTerminated}), Timeout: d.Timeout(schema.TimeoutUpdate), Delay: 10 * time.Second, @@ -1297,9 +1315,9 @@ func resourceAwsInstanceUpdate(d *schema.ResourceData, meta interface{}) error { // Optimization can take hours. e.g. a full 1 TiB drive takes approximately 6 hours to optimize, // according to https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/monitoring-volume-modifications.html stateConf := &resource.StateChangeConf{ - Pending: []string{"modifying"}, - Target: []string{"completed", "optimizing"}, - Refresh: VolumeStateRefreshFunc(conn, volumeID, "failed"), + Pending: []string{ec2.VolumeModificationStateModifying}, + Target: []string{ec2.VolumeModificationStateCompleted, ec2.VolumeModificationStateOptimizing}, + Refresh: VolumeStateRefreshFunc(conn, volumeID, ec2.VolumeModificationStateFailed), Timeout: d.Timeout(schema.TimeoutUpdate), Delay: 30 * time.Second, MinTimeout: 30 * time.Second, @@ -2153,7 +2171,7 @@ func awsTerminateInstance(conn *ec2.EC2, id string, timeout time.Duration) error InstanceIds: []*string{aws.String(id)}, } if _, err := conn.TerminateInstances(req); err != nil { - if isAWSErr(err, ec2.UnsuccessfulInstanceCreditSpecificationErrorCodeInvalidInstanceIdNotFound, "") { + if isAWSErr(err, "InvalidInstanceID.NotFound", "") { return nil } return err @@ -2166,7 +2184,8 @@ func waitForInstanceStopping(conn *ec2.EC2, id string, timeout time.Duration) er log.Printf("[DEBUG] Waiting for instance (%s) to become stopped", id) stateConf := &resource.StateChangeConf{ - Pending: []string{ec2.InstanceStateNamePending, ec2.InstanceStateNameRunning, ec2.InstanceStateNameShuttingDown, ec2.InstanceStateNameStopped, ec2.InstanceStateNameStopping}, + Pending: []string{ec2.InstanceStateNamePending, ec2.InstanceStateNameRunning, + ec2.InstanceStateNameShuttingDown, ec2.InstanceStateNameStopped, ec2.InstanceStateNameStopping}, Target: []string{ec2.InstanceStateNameStopped}, Refresh: InstanceStateRefreshFunc(conn, id, []string{}), Timeout: timeout, @@ -2187,7 +2206,8 @@ func waitForInstanceDeletion(conn *ec2.EC2, id string, timeout time.Duration) er log.Printf("[DEBUG] Waiting for instance (%s) to become terminated", id) stateConf := &resource.StateChangeConf{ - Pending: []string{ec2.InstanceStateNamePending, ec2.InstanceStateNameRunning, ec2.InstanceStateNameShuttingDown, ec2.InstanceStateNameStopped, ec2.InstanceStateNameStopping}, + Pending: []string{ec2.InstanceStateNamePending, ec2.InstanceStateNameRunning, + ec2.InstanceStateNameShuttingDown, ec2.InstanceStateNameStopped, ec2.InstanceStateNameStopping}, Target: []string{ec2.InstanceStateNameTerminated}, Refresh: InstanceStateRefreshFunc(conn, id, []string{}), Timeout: timeout, From f2b037d09c27021a650562051e142faae5cd7da5 Mon Sep 17 00:00:00 2001 From: DrFaust92 Date: Mon, 27 Apr 2020 18:47:05 +0300 Subject: [PATCH 453/475] delete TestInstanceTenancySchema unit test (?) --- aws/resource_aws_instance_test.go | 16 ---------------- 1 file changed, 16 deletions(-) diff --git a/aws/resource_aws_instance_test.go b/aws/resource_aws_instance_test.go index f86d14b7e48..684492a9d56 100644 --- a/aws/resource_aws_instance_test.go +++ b/aws/resource_aws_instance_test.go @@ -2987,22 +2987,6 @@ func testAccCheckStopInstance(instance *ec2.Instance) resource.TestCheckFunc { } } -func TestInstanceTenancySchema(t *testing.T) { - actualSchema := resourceAwsInstance().Schema["tenancy"] - expectedSchema := &schema.Schema{ - Type: schema.TypeString, - Optional: true, - Computed: true, - ForceNew: true, - } - if !reflect.DeepEqual(actualSchema, expectedSchema) { - t.Fatalf( - "Got:\n\n%#v\n\nExpected:\n\n%#v\n", - actualSchema, - expectedSchema) - } -} - func TestInstanceHostIDSchema(t *testing.T) { actualSchema := resourceAwsInstance().Schema["host_id"] expectedSchema := &schema.Schema{ From ae099d5536dcbff365515a0897ba254c14e1abfd Mon Sep 17 00:00:00 2001 From: Ilia Lazebnik Date: Thu, 4 Jun 2020 01:22:24 +0300 Subject: [PATCH 454/475] Update resource_aws_instance.go --- aws/resource_aws_instance.go | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/aws/resource_aws_instance.go b/aws/resource_aws_instance.go index ae55d3f2952..12992d36658 100644 --- a/aws/resource_aws_instance.go +++ b/aws/resource_aws_instance.go @@ -690,8 +690,7 @@ func resourceAwsInstanceCreate(d *schema.ResourceData, meta interface{}) error { Pending: []string{ec2.InstanceStateNamePending}, Target: []string{ec2.InstanceStateNameRunning}, Refresh: InstanceStateRefreshFunc(conn, aws.StringValue(instance.InstanceId), []string{ - ec2.InstanceStateNameTerminated, - ec2.InstanceStateNameShuttingDown}), + ec2.InstanceStateNameTerminated,ec2.InstanceStateNameShuttingDown}), Timeout: d.Timeout(schema.TimeoutCreate), Delay: 10 * time.Second, MinTimeout: 3 * time.Second, From 6b49db749f532ebc5a7d3a6f622dbd8e575f608e Mon Sep 17 00:00:00 2001 From: Ilia Lazebnik Date: Thu, 4 Jun 2020 01:23:01 +0300 Subject: [PATCH 455/475] Update resource_aws_instance.go --- aws/resource_aws_instance.go | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/aws/resource_aws_instance.go b/aws/resource_aws_instance.go index 12992d36658..b6f17141f60 100644 --- a/aws/resource_aws_instance.go +++ b/aws/resource_aws_instance.go @@ -689,8 +689,7 @@ func resourceAwsInstanceCreate(d *schema.ResourceData, meta interface{}) error { stateConf := &resource.StateChangeConf{ Pending: []string{ec2.InstanceStateNamePending}, Target: []string{ec2.InstanceStateNameRunning}, - Refresh: InstanceStateRefreshFunc(conn, aws.StringValue(instance.InstanceId), []string{ - ec2.InstanceStateNameTerminated,ec2.InstanceStateNameShuttingDown}), + Refresh: InstanceStateRefreshFunc(conn, aws.StringValue(instance.InstanceId), []string{ec2.InstanceStateNameTerminated, ec2.InstanceStateNameShuttingDown}), Timeout: d.Timeout(schema.TimeoutCreate), Delay: 10 * time.Second, MinTimeout: 3 * time.Second, From ce79a025ffbf3d2522baa2596d455086953e1a99 Mon Sep 17 00:00:00 2001 From: Brian Flad Date: Wed, 3 Jun 2020 19:20:32 -0400 Subject: [PATCH 456/475] tests/provider: Small sweeper fixes (#13553) * tests/resource/aws_cloudtrail: Skip sweep of Macie Classic trail Otherwise: ``` --- FAIL: TestAccAWSMacieS3BucketAssociation_basic (3.10s) TestAccAWSMacieS3BucketAssociation_basic: resource_aws_macie_s3_bucket_association_test.go:156: unexpected PreCheck error: InvalidInputException: The request was rejected. The CloudTrail AWSMacieTrail-DO-NOT-EDIT does not exist for this AWS account 123456789012 in this AWS region. ``` * tests/resource/aws_iam_role: Ensure default EMR_AutoScaling_DefaultRole role remains Reference: https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-iam-role-automatic-scaling.html Acceptance test configurations use this naming scheme with an underscore and random integer suffix. Keep the default role, otherwise our Terraform configurations ensuring its existence repeatedly trigger recreation: ``` An execution plan has been generated and is shown below. Resource actions are indicated with the following symbols: + create Terraform will perform the following actions: # aws_iam_role.EMR_AutoScaling_DefaultRole will be created + resource "aws_iam_role" "EMR_AutoScaling_DefaultRole" { ... ``` --- aws/resource_aws_cloudtrail_test.go | 5 +++++ aws/resource_aws_iam_role_test.go | 2 +- 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/aws/resource_aws_cloudtrail_test.go b/aws/resource_aws_cloudtrail_test.go index 6dd9f58c338..a642e27e7e8 100644 --- a/aws/resource_aws_cloudtrail_test.go +++ b/aws/resource_aws_cloudtrail_test.go @@ -38,6 +38,11 @@ func testSweepCloudTrails(region string) error { for _, trail := range page.Trails { name := aws.StringValue(trail.Name) + if name == "AWSMacieTrail-DO-NOT-EDIT" { + log.Printf("[INFO] Skipping AWSMacieTrail-DO-NOT-EDIT for Macie Classic, which is not automatically recreated by the service") + continue + } + output, err := conn.DescribeTrails(&cloudtrail.DescribeTrailsInput{ TrailNameList: aws.StringSlice([]string{name}), }) diff --git a/aws/resource_aws_iam_role_test.go b/aws/resource_aws_iam_role_test.go index ab53ef0ae1b..345b1d8f9a3 100644 --- a/aws/resource_aws_iam_role_test.go +++ b/aws/resource_aws_iam_role_test.go @@ -53,7 +53,7 @@ func testSweepIamRoles(region string) error { prefixes := []string{ "ecs_instance_role", "ecs_tf", - "EMR_AutoScaling_DefaultRole", + "EMR_AutoScaling_DefaultRole_", "iam_emr", "terraform-", "test", From 86bdada85e9a75d30180247da54d81c357efc2c0 Mon Sep 17 00:00:00 2001 From: Brian Flad Date: Wed, 3 Jun 2020 19:21:31 -0400 Subject: [PATCH 457/475] tests/provider: Bump GitHub Actions versions and minor adjustments to examples handling (#13534) Reference: https://github.blog/changelog/2020-05-27-github-actions-v2-cache-actions/ Reference: https://github.com/actions/checkout/pull/258 --- .github/workflows/changelog.yml | 2 +- .github/workflows/examples.yml | 10 +++----- .github/workflows/terraform_provider.yml | 32 ++++++++++++------------ 3 files changed, 20 insertions(+), 24 deletions(-) diff --git a/.github/workflows/changelog.yml b/.github/workflows/changelog.yml index cfc332edf63..8fe5ae26cfd 100644 --- a/.github/workflows/changelog.yml +++ b/.github/workflows/changelog.yml @@ -37,7 +37,7 @@ jobs: - uses: actions/setup-go@v2 with: go-version: ${{ env.GO_VERSION }} - - uses: actions/cache@v1 + - uses: actions/cache@v2 continue-on-error: true timeout-minutes: 2 with: diff --git a/.github/workflows/examples.yml b/.github/workflows/examples.yml index 19b9bbe379c..d27bca365fa 100644 --- a/.github/workflows/examples.yml +++ b/.github/workflows/examples.yml @@ -23,15 +23,11 @@ jobs: - uses: actions/checkout@v2 with: fetch-depth: 0 - - name: git fetch tags - run: git fetch --depth=1 origin +refs/tags/*:refs/tags/* - - uses: actions/cache@v1 + - uses: actions/cache@v2 with: path: ~/go/pkg/mod - key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }} - restore-keys: | - ${{ runner.os }}-go- - - uses: actions/setup-go@v1 + key: ${{ runner.os }}-go-pkg-mod-${{ hashFiles('go.sum') }} + - uses: actions/setup-go@v2 with: go-version: ${{ matrix.go_version }} - name: go build diff --git a/.github/workflows/terraform_provider.yml b/.github/workflows/terraform_provider.yml index 8454776fd5a..f78b3634495 100644 --- a/.github/workflows/terraform_provider.yml +++ b/.github/workflows/terraform_provider.yml @@ -35,7 +35,7 @@ jobs: - uses: actions/setup-go@v2 with: go-version: ${{ env.GO_VERSION }} - - uses: actions/cache@v1 + - uses: actions/cache@v2 continue-on-error: true id: cache-go-pkg-mod timeout-minutes: 2 @@ -51,7 +51,7 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v2 - - uses: actions/cache@v1 + - uses: actions/cache@v2 continue-on-error: true id: cache-terraform-plugin-dir timeout-minutes: 2 @@ -67,12 +67,12 @@ jobs: run: | echo "::set-env name=GOCACHE::$(go env GOCACHE)" - if: steps.cache-terraform-plugin-dir.outputs.cache-hit != 'true' || steps.cache-terraform-plugin-dir.outcome == 'failure' - uses: actions/cache@v1 + uses: actions/cache@v2 with: path: ${{ env.GOCACHE }} key: ${{ runner.os }}-GOCACHE-${{ hashFiles('go.sum') }}-${{ hashFiles('aws/**') }} - if: steps.cache-terraform-plugin-dir.outputs.cache-hit != 'true' || steps.cache-terraform-plugin-dir.outcome == 'failure' - uses: actions/cache@v1 + uses: actions/cache@v2 with: path: ~/go/pkg/mod key: ${{ runner.os }}-go-pkg-mod-${{ hashFiles('go.sum') }} @@ -86,7 +86,7 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v2 - - uses: actions/cache@v1 + - uses: actions/cache@v2 continue-on-error: true id: cache-terraform-providers-schema timeout-minutes: 2 @@ -94,7 +94,7 @@ jobs: path: terraform-providers-schema key: ${{ runner.os }}-terraform-providers-schema-${{ hashFiles('go.sum') }}-${{ hashFiles('aws/**') }} - if: steps.cache-terraform-providers-schema.outputs.cache-hit != 'true' || steps.cache-terraform-providers-schema.outcome == 'failure' - uses: actions/cache@v1 + uses: actions/cache@v2 timeout-minutes: 2 with: path: terraform-plugin-dir @@ -127,13 +127,13 @@ jobs: - name: go env run: | echo "::set-env name=GOCACHE::$(go env GOCACHE)" - - uses: actions/cache@v1 + - uses: actions/cache@v2 continue-on-error: true timeout-minutes: 2 with: path: ${{ env.GOCACHE }} key: ${{ runner.os }}-GOCACHE-${{ hashFiles('go.sum') }}-${{ hashFiles('aws/**') }} - - uses: actions/cache@v1 + - uses: actions/cache@v2 continue-on-error: true timeout-minutes: 2 with: @@ -155,13 +155,13 @@ jobs: - name: go env run: | echo "::set-env name=GOCACHE::$(go env GOCACHE)" - - uses: actions/cache@v1 + - uses: actions/cache@v2 continue-on-error: true timeout-minutes: 2 with: path: ${{ env.GOCACHE }} key: ${{ runner.os }}-GOCACHE-${{ hashFiles('go.sum') }}-${{ hashFiles('aws/**') }} - - uses: actions/cache@v1 + - uses: actions/cache@v2 continue-on-error: true timeout-minutes: 2 with: @@ -185,13 +185,13 @@ jobs: - name: go env run: | echo "::set-env name=GOCACHE::$(go env GOCACHE)" - - uses: actions/cache@v1 + - uses: actions/cache@v2 continue-on-error: true timeout-minutes: 2 with: path: ${{ env.GOCACHE }} key: ${{ runner.os }}-GOCACHE-${{ hashFiles('go.sum') }}-${{ hashFiles('aws/**') }} - - uses: actions/cache@v1 + - uses: actions/cache@v2 continue-on-error: true timeout-minutes: 2 with: @@ -210,13 +210,13 @@ jobs: - name: go env run: | echo "::set-env name=GOCACHE::$(go env GOCACHE)" - - uses: actions/cache@v1 + - uses: actions/cache@v2 continue-on-error: true timeout-minutes: 2 with: path: ${{ env.GOCACHE }} key: ${{ runner.os }}-GOCACHE-${{ hashFiles('go.sum') }}-${{ hashFiles('aws/**') }} - - uses: actions/cache@v1 + - uses: actions/cache@v2 continue-on-error: true timeout-minutes: 2 with: @@ -233,14 +233,14 @@ jobs: - uses: actions/setup-go@v2 with: go-version: ${{ env.GO_VERSION }} - - uses: actions/cache@v1 + - uses: actions/cache@v2 continue-on-error: true timeout-minutes: 2 with: path: ~/go/pkg/mod key: ${{ runner.os }}-go-pkg-mod-${{ hashFiles('go.sum') }} - run: go install github.com/bflad/tfproviderdocs - - uses: actions/cache@v1 + - uses: actions/cache@v2 timeout-minutes: 2 with: path: terraform-providers-schema From 46d77cf08be3bfc560605b8a17ab2628a5db7ddf Mon Sep 17 00:00:00 2001 From: Brian Flad Date: Wed, 3 Jun 2020 19:23:51 -0400 Subject: [PATCH 458/475] resource/aws_dynamodb_table: Perform individual replica creations/deletions (#13523) * resource/aws_dynamodb_table: Perform individual replica creations/deletions Reference: https://github.com/terraform-providers/terraform-provider-aws/issues/13132 Also includes slight changes to the acceptance testing recommendations for cross-region testing since we now are introducing the framework to test a third region. If approved, will followup this change with refactoring of the existing testing to use the newer functions. Previously: ``` --- FAIL: TestAccAWSDynamoDbTable_Replica_Multiple (41.02s) TestAccAWSDynamoDbTable_Replica_Multiple: testing.go:684: Step 0 error: errors during apply: Error: error creating DynamoDB Table (TerraformTestTable--8440396559818741779) replicas: error creating DynamoDB Table (TerraformTestTable--8440396559818741779) replicas: ValidationException: Update table operation with more than one create or delete replica actions not allowed status code: 400, request id: 5MA0CQ5LJAVOKM671RT7QTKRTJVV4KQNSO5AEMVJF66Q9ASUAAJG on /var/folders/w8/05f3x02n27x72g0mc2jy6_180000gp/T/tf-test945359260/main.tf line 20: (source code not available) ``` Output from acceptance testing: ``` --- PASS: TestAccAWSDynamoDbTable_attributeUpdate (756.09s) --- PASS: TestAccAWSDynamoDbTable_attributeUpdateValidation (17.31s) --- PASS: TestAccAWSDynamoDbTable_basic (82.00s) --- PASS: TestAccAWSDynamoDbTable_BillingMode_GSI_PayPerRequestToProvisioned (135.99s) --- PASS: TestAccAWSDynamoDbTable_BillingMode_GSI_ProvisionedToPayPerRequest (1296.50s) --- PASS: TestAccAWSDynamoDbTable_BillingMode_PayPerRequestToProvisioned (134.93s) --- PASS: TestAccAWSDynamoDbTable_BillingMode_ProvisionedToPayPerRequest (934.09s) --- PASS: TestAccAWSDynamoDbTable_disappears (59.40s) --- PASS: TestAccAWSDynamoDbTable_disappears_PayPerRequestWithGSI (140.30s) --- PASS: TestAccAWSDynamoDbTable_enablePitr (152.34s) --- PASS: TestAccAWSDynamoDbTable_encryption (249.98s) --- PASS: TestAccAWSDynamoDbTable_extended (443.38s) --- PASS: TestAccAWSDynamoDbTable_gsiUpdateCapacity (144.47s) --- PASS: TestAccAWSDynamoDbTable_gsiUpdateNonKeyAttributes (443.69s) --- PASS: TestAccAWSDynamoDbTable_gsiUpdateOtherAttributes (757.61s) --- PASS: TestAccAWSDynamoDbTable_Replica_Multiple (1193.16s) --- PASS: TestAccAWSDynamoDbTable_Replica_Single (1077.60s) --- PASS: TestAccAWSDynamoDbTable_streamSpecification (148.25s) --- PASS: TestAccAWSDynamoDbTable_streamSpecificationValidation (12.21s) --- PASS: TestAccAWSDynamoDbTable_tags (88.24s) --- PASS: TestAccAWSDynamoDbTable_Ttl_Disabled (116.66s) --- PASS: TestAccAWSDynamoDbTable_Ttl_Enabled (81.82s) ``` * tests/provider: Consolidate logic into testAccMultipleRegionPreCheck --- aws/provider_test.go | 72 +++++++ aws/resource_aws_dynamodb_table.go | 130 +++++------- aws/resource_aws_dynamodb_table_test.go | 199 ++++++++++++------ .../running-and-writing-acceptance-tests.md | 18 +- 4 files changed, 273 insertions(+), 146 deletions(-) diff --git a/aws/provider_test.go b/aws/provider_test.go index 2d587507578..464fce84a60 100644 --- a/aws/provider_test.go +++ b/aws/provider_test.go @@ -395,6 +395,14 @@ func testAccGetAlternateRegion() string { return v } +func testAccGetThirdRegion() string { + v := os.Getenv("AWS_THIRD_REGION") + if v == "" { + return "us-east-2" + } + return v +} + func testAccGetPartition() string { if partition, ok := endpoints.PartitionForRegion(endpoints.DefaultPartitions(), testAccGetRegion()); ok { return partition.ID() @@ -416,6 +424,13 @@ func testAccGetAlternateRegionPartition() string { return "aws" } +func testAccGetThirdRegionPartition() string { + if partition, ok := endpoints.PartitionForRegion(endpoints.DefaultPartitions(), testAccGetThirdRegion()); ok { + return partition.ID() + } + return "aws" +} + func testAccAlternateAccountPreCheck(t *testing.T) { if os.Getenv("AWS_ALTERNATE_PROFILE") == "" && os.Getenv("AWS_ALTERNATE_ACCESS_KEY_ID") == "" { t.Fatal("AWS_ALTERNATE_ACCESS_KEY_ID or AWS_ALTERNATE_PROFILE must be set for acceptance tests") @@ -426,6 +441,7 @@ func testAccAlternateAccountPreCheck(t *testing.T) { } } +// Deprecated: Use testAccMultipleRegionPreCheck instead func testAccAlternateRegionPreCheck(t *testing.T) { if testAccGetRegion() == testAccGetAlternateRegion() { t.Fatal("AWS_DEFAULT_REGION and AWS_ALTERNATE_REGION must be set to different values for acceptance tests") @@ -464,6 +480,37 @@ func testAccPartitionHasServicePreCheck(serviceId string, t *testing.T) { } } +func testAccMultipleRegionPreCheck(t *testing.T, regions int) { + if testAccGetRegion() == testAccGetAlternateRegion() { + t.Fatal("AWS_DEFAULT_REGION and AWS_ALTERNATE_REGION must be set to different values for acceptance tests") + } + + if testAccGetPartition() != testAccGetAlternateRegionPartition() { + t.Fatalf("AWS_ALTERNATE_REGION partition (%s) does not match AWS_DEFAULT_REGION partition (%s)", testAccGetAlternateRegionPartition(), testAccGetPartition()) + } + + if regions >= 3 { + if testAccGetRegion() == testAccGetThirdRegion() { + t.Fatal("AWS_DEFAULT_REGION and AWS_THIRD_REGION must be set to different values for acceptance tests") + } + + if testAccGetAlternateRegion() == testAccGetThirdRegion() { + t.Fatal("AWS_ALTERNATE_REGION and AWS_THIRD_REGION must be set to different values for acceptance tests") + } + + if testAccGetPartition() != testAccGetThirdRegionPartition() { + t.Fatalf("AWS_THIRD_REGION partition (%s) does not match AWS_DEFAULT_REGION partition (%s)", testAccGetThirdRegionPartition(), testAccGetPartition()) + } + } + + if partition, ok := endpoints.PartitionForRegion(endpoints.DefaultPartitions(), testAccGetRegion()); ok { + if len(partition.Regions()) < regions { + t.Skipf("skipping tests; partition includes %d regions, %d expected", len(partition.Regions()), regions) + } + } +} + +// Deprecated: Use testAccMultipleRegionPreCheck instead. func testAccMultipleRegionsPreCheck(t *testing.T) { if partition, ok := endpoints.PartitionForRegion(endpoints.DefaultPartitions(), testAccGetRegion()); ok { if len(partition.Regions()) < 2 { @@ -549,6 +596,7 @@ provider "aws" { `, os.Getenv("AWS_ALTERNATE_ACCESS_KEY_ID"), os.Getenv("AWS_ALTERNATE_PROFILE"), testAccGetAlternateRegion(), os.Getenv("AWS_ALTERNATE_SECRET_ACCESS_KEY")) } +// Deprecated: Use testAccMultipleRegionProviderConfig instead func testAccAlternateRegionProviderConfig() string { //lintignore:AT004 return fmt.Sprintf(` @@ -559,6 +607,30 @@ provider "aws" { `, testAccGetAlternateRegion()) } +func testAccMultipleRegionProviderConfig(regions int) string { + var config strings.Builder + + //lintignore:AT004 + fmt.Fprintf(&config, ` +provider "aws" { + alias = "alternate" + region = %[1]q +} +`, testAccGetAlternateRegion()) + + if regions >= 3 { + //lintignore:AT004 + fmt.Fprintf(&config, ` +provider "aws" { + alias = "third" + region = %[1]q +} +`, testAccGetThirdRegion()) + } + + return config.String() +} + func testAccProviderConfigIgnoreTagsKeyPrefixes1(keyPrefix1 string) string { //lintignore:AT004 return fmt.Sprintf(` diff --git a/aws/resource_aws_dynamodb_table.go b/aws/resource_aws_dynamodb_table.go index 8e52f9621ef..c2a65e2bb82 100644 --- a/aws/resource_aws_dynamodb_table.go +++ b/aws/resource_aws_dynamodb_table.go @@ -760,9 +760,6 @@ func deleteAwsDynamoDbTable(tableName string, conn *dynamodb.DynamoDB) error { } func deleteDynamoDbReplicas(tableName string, tfList []interface{}, timeout time.Duration, conn *dynamodb.DynamoDB) error { - var ops []*dynamodb.ReplicationGroupUpdate - var regionNames []string - for _, tfMapRaw := range tfList { tfMap, ok := tfMapRaw.(map[string]interface{}) @@ -780,47 +777,43 @@ func deleteDynamoDbReplicas(tableName string, tfList []interface{}, timeout time continue } - ops = append(ops, &dynamodb.ReplicationGroupUpdate{ - Delete: &dynamodb.DeleteReplicationGroupMemberAction{ - RegionName: aws.String(regionName), + input := &dynamodb.UpdateTableInput{ + TableName: aws.String(tableName), + ReplicaUpdates: []*dynamodb.ReplicationGroupUpdate{ + { + Delete: &dynamodb.DeleteReplicationGroupMemberAction{ + RegionName: aws.String(regionName), + }, + }, }, - }) - regionNames = append(regionNames, regionName) - } - - if len(ops) == 0 { - return nil - } + } - input := &dynamodb.UpdateTableInput{ - TableName: aws.String(tableName), - ReplicaUpdates: ops, - } + err := resource.Retry(20*time.Minute, func() *resource.RetryError { + _, err := conn.UpdateTable(input) + if err != nil { + if isAWSErr(err, "ThrottlingException", "") { + return resource.RetryableError(err) + } + if isAWSErr(err, dynamodb.ErrCodeLimitExceededException, "can be created, updated, or deleted simultaneously") { + return resource.RetryableError(err) + } + if isAWSErr(err, dynamodb.ErrCodeResourceInUseException, "") { + return resource.RetryableError(err) + } - err := resource.Retry(20*time.Minute, func() *resource.RetryError { - _, err := conn.UpdateTable(input) - if err != nil { - if isAWSErr(err, "ThrottlingException", "") { - return resource.RetryableError(err) - } - if isAWSErr(err, dynamodb.ErrCodeLimitExceededException, "can be created, updated, or deleted simultaneously") { - return resource.RetryableError(err) + return resource.NonRetryableError(err) } + return nil + }) - return resource.NonRetryableError(err) + if isResourceTimeoutError(err) { + _, err = conn.UpdateTable(input) } - return nil - }) - - if isResourceTimeoutError(err) { - _, err = conn.UpdateTable(input) - } - if err != nil { - return fmt.Errorf("error deleting DynamoDB Table (%s) replicas: %s", tableName, err) - } + if err != nil { + return fmt.Errorf("error deleting DynamoDB Table (%s) replica (%s): %s", tableName, regionName, err) + } - for _, regionName := range regionNames { if err := waitForDynamoDbReplicaDeleteToBeCompleted(tableName, regionName, timeout, conn); err != nil { return fmt.Errorf("error waiting for DynamoDB Table (%s) replica (%s) deletion: %s", tableName, regionName, err) } @@ -947,9 +940,6 @@ func waitForDynamoDbReplicaDeleteToBeCompleted(tableName string, region string, } func createDynamoDbReplicas(tableName string, tfList []interface{}, timeout time.Duration, conn *dynamodb.DynamoDB) error { - var ops []*dynamodb.ReplicationGroupUpdate - var regionNames []string - for _, tfMapRaw := range tfList { tfMap, ok := tfMapRaw.(map[string]interface{}) @@ -967,47 +957,43 @@ func createDynamoDbReplicas(tableName string, tfList []interface{}, timeout time continue } - ops = append(ops, &dynamodb.ReplicationGroupUpdate{ - Create: &dynamodb.CreateReplicationGroupMemberAction{ - RegionName: aws.String(regionName), + input := &dynamodb.UpdateTableInput{ + TableName: aws.String(tableName), + ReplicaUpdates: []*dynamodb.ReplicationGroupUpdate{ + { + Create: &dynamodb.CreateReplicationGroupMemberAction{ + RegionName: aws.String(regionName), + }, + }, }, - }) - regionNames = append(regionNames, regionName) - } - - if len(ops) == 0 { - return nil - } + } - input := &dynamodb.UpdateTableInput{ - TableName: aws.String(tableName), - ReplicaUpdates: ops, - } + err := resource.Retry(20*time.Minute, func() *resource.RetryError { + _, err := conn.UpdateTable(input) + if err != nil { + if isAWSErr(err, "ThrottlingException", "") { + return resource.RetryableError(err) + } + if isAWSErr(err, dynamodb.ErrCodeLimitExceededException, "can be created, updated, or deleted simultaneously") { + return resource.RetryableError(err) + } + if isAWSErr(err, dynamodb.ErrCodeResourceInUseException, "") { + return resource.RetryableError(err) + } - err := resource.Retry(20*time.Minute, func() *resource.RetryError { - _, err := conn.UpdateTable(input) - if err != nil { - if isAWSErr(err, "ThrottlingException", "") { - return resource.RetryableError(err) - } - if isAWSErr(err, dynamodb.ErrCodeLimitExceededException, "can be created, updated, or deleted simultaneously") { - return resource.RetryableError(err) + return resource.NonRetryableError(err) } + return nil + }) - return resource.NonRetryableError(err) + if isResourceTimeoutError(err) { + _, err = conn.UpdateTable(input) } - return nil - }) - - if isResourceTimeoutError(err) { - _, err = conn.UpdateTable(input) - } - if err != nil { - return fmt.Errorf("error creating DynamoDB Table (%s) replicas: %s", tableName, err) - } + if err != nil { + return fmt.Errorf("error creating DynamoDB Table (%s) replica (%s): %s", tableName, regionName, err) + } - for _, regionName := range regionNames { if err := waitForDynamoDbReplicaUpdateToBeCompleted(tableName, regionName, timeout, conn); err != nil { return fmt.Errorf("error waiting for DynamoDB Table (%s) replica (%s) creation: %s", tableName, regionName, err) } diff --git a/aws/resource_aws_dynamodb_table_test.go b/aws/resource_aws_dynamodb_table_test.go index 77e0694e276..dd3060b22e5 100644 --- a/aws/resource_aws_dynamodb_table_test.go +++ b/aws/resource_aws_dynamodb_table_test.go @@ -1387,7 +1387,52 @@ func testAccCheckAWSDynamoDbTableDisappears(table *dynamodb.DescribeTableOutput) } } -func TestAccAWSDynamoDbTable_Replica(t *testing.T) { +func TestAccAWSDynamoDbTable_Replica_Multiple(t *testing.T) { + var table dynamodb.DescribeTableOutput + var providers []*schema.Provider + resourceName := "aws_dynamodb_table.test" + tableName := acctest.RandomWithPrefix("TerraformTestTable-") + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { + testAccPreCheck(t) + testAccMultipleRegionPreCheck(t, 3) + }, + ProviderFactories: testAccProviderFactories(&providers), + CheckDestroy: testAccCheckAWSDynamoDbTableDestroy, + Steps: []resource.TestStep{ + { + Config: testAccAWSDynamoDbTableConfigReplica2(tableName), + Check: resource.ComposeTestCheckFunc( + testAccCheckInitialAWSDynamoDbTableExists(resourceName, &table), + resource.TestCheckResourceAttr(resourceName, "replica.#", "2"), + ), + }, + { + Config: testAccAWSDynamoDbTableConfigReplica2(tableName), + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + }, + { + Config: testAccAWSDynamoDbTableConfigReplica0(tableName), + Check: resource.ComposeTestCheckFunc( + testAccCheckInitialAWSDynamoDbTableExists(resourceName, &table), + resource.TestCheckResourceAttr(resourceName, "replica.#", "0"), + ), + }, + { + Config: testAccAWSDynamoDbTableConfigReplica2(tableName), + Check: resource.ComposeTestCheckFunc( + testAccCheckInitialAWSDynamoDbTableExists(resourceName, &table), + resource.TestCheckResourceAttr(resourceName, "replica.#", "2"), + ), + }, + }, + }) +} + +func TestAccAWSDynamoDbTable_Replica_Single(t *testing.T) { var conf dynamodb.DescribeTableOutput var providers []*schema.Provider resourceName := "aws_dynamodb_table.test" @@ -1396,50 +1441,35 @@ func TestAccAWSDynamoDbTable_Replica(t *testing.T) { resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) - testAccMultipleRegionsPreCheck(t) - testAccAlternateRegionPreCheck(t) + testAccMultipleRegionPreCheck(t, 2) }, - ProviderFactories: testAccProviderFactories(&providers), - CheckDestroy: testAccCheckAWSDynamoDbTableDestroy, - DisableBinaryDriver: true, + ProviderFactories: testAccProviderFactories(&providers), + CheckDestroy: testAccCheckAWSDynamoDbTableDestroy, Steps: []resource.TestStep{ { - Config: testAccAWSDynamoDbReplicaUpdates(tableName), + Config: testAccAWSDynamoDbTableConfigReplica1(tableName), Check: resource.ComposeTestCheckFunc( testAccCheckInitialAWSDynamoDbTableExists(resourceName, &conf), - resource.TestCheckResourceAttr(resourceName, "name", tableName), - resource.TestCheckResourceAttr(resourceName, "hash_key", "TestTableHashKey"), - resource.TestCheckResourceAttr(resourceName, "attribute.2990477658.name", "TestTableHashKey"), - resource.TestCheckResourceAttr(resourceName, "attribute.2990477658.type", "S"), resource.TestCheckResourceAttr(resourceName, "replica.#", "1"), ), }, { - Config: testAccAWSDynamoDbReplicaUpdates(tableName), + Config: testAccAWSDynamoDbTableConfigReplica1(tableName), ResourceName: resourceName, ImportState: true, ImportStateVerify: true, }, { - Config: testAccAWSDynamoDbReplicaDeletes(tableName), + Config: testAccAWSDynamoDbTableConfigReplica0(tableName), Check: resource.ComposeTestCheckFunc( testAccCheckInitialAWSDynamoDbTableExists(resourceName, &conf), - resource.TestCheckResourceAttr(resourceName, "name", tableName), - resource.TestCheckResourceAttr(resourceName, "hash_key", "TestTableHashKey"), - resource.TestCheckResourceAttr(resourceName, "attribute.2990477658.name", "TestTableHashKey"), - resource.TestCheckResourceAttr(resourceName, "attribute.2990477658.type", "S"), - resource.TestCheckResourceAttr(resourceName, "hash_key", "TestTableHashKey"), resource.TestCheckResourceAttr(resourceName, "replica.#", "0"), ), }, { - Config: testAccAWSDynamoDbReplicaUpdates(tableName), + Config: testAccAWSDynamoDbTableConfigReplica1(tableName), Check: resource.ComposeTestCheckFunc( testAccCheckInitialAWSDynamoDbTableExists(resourceName, &conf), - resource.TestCheckResourceAttr(resourceName, "name", tableName), - resource.TestCheckResourceAttr(resourceName, "hash_key", "TestTableHashKey"), - resource.TestCheckResourceAttr(resourceName, "attribute.2990477658.name", "TestTableHashKey"), - resource.TestCheckResourceAttr(resourceName, "attribute.2990477658.type", "S"), resource.TestCheckResourceAttr(resourceName, "replica.#", "1"), ), }, @@ -1447,48 +1477,6 @@ func TestAccAWSDynamoDbTable_Replica(t *testing.T) { }) } -func testAccAWSDynamoDbReplicaUpdates(rName string) string { - return testAccAlternateRegionProviderConfig() + fmt.Sprintf(` -data "aws_region" "alternate" { - provider = "aws.alternate" -} - -resource "aws_dynamodb_table" "test" { - name = %[1]q - hash_key = "TestTableHashKey" - billing_mode = "PAY_PER_REQUEST" - stream_enabled = true - stream_view_type = "NEW_AND_OLD_IMAGES" - - attribute { - name = "TestTableHashKey" - type = "S" - } - - replica { - region_name = %[2]q - } -} -`, rName, testAccGetAlternateRegion()) -} - -func testAccAWSDynamoDbReplicaDeletes(rName string) string { - return testAccAlternateRegionProviderConfig() + fmt.Sprintf(` -resource "aws_dynamodb_table" "test" { - name = "%s" - hash_key = "TestTableHashKey" - billing_mode = "PAY_PER_REQUEST" - stream_enabled = true - stream_view_type = "NEW_AND_OLD_IMAGES" - - attribute { - name = "TestTableHashKey" - type = "S" - } -} -`, rName) -} - func dynamoDbGetGSIIndex(gsiList *[]*dynamodb.GlobalSecondaryIndexDescription, target string) int { for idx, gsiObject := range *gsiList { if *gsiObject.IndexName == target { @@ -2190,3 +2178,84 @@ resource "aws_dynamodb_table" "test" { } `, rName, attrName1, attrType1, attrName2, attrType2, hashKey, rangeKey) } + +func testAccAWSDynamoDbTableConfigReplica0(rName string) string { + return composeConfig( + testAccMultipleRegionProviderConfig(3), // Prevent "Provider configuration not present" errors + fmt.Sprintf(` +resource "aws_dynamodb_table" "test" { + name = %[1]q + hash_key = "TestTableHashKey" + billing_mode = "PAY_PER_REQUEST" + stream_enabled = true + stream_view_type = "NEW_AND_OLD_IMAGES" + + attribute { + name = "TestTableHashKey" + type = "S" + } +} +`, rName)) +} + +func testAccAWSDynamoDbTableConfigReplica1(rName string) string { + return composeConfig( + testAccMultipleRegionProviderConfig(3), // Prevent "Provider configuration not present" errors + fmt.Sprintf(` +data "aws_region" "alternate" { + provider = "aws.alternate" +} + +resource "aws_dynamodb_table" "test" { + name = %[1]q + hash_key = "TestTableHashKey" + billing_mode = "PAY_PER_REQUEST" + stream_enabled = true + stream_view_type = "NEW_AND_OLD_IMAGES" + + attribute { + name = "TestTableHashKey" + type = "S" + } + + replica { + region_name = data.aws_region.alternate.name + } +} +`, rName)) +} + +func testAccAWSDynamoDbTableConfigReplica2(rName string) string { + return composeConfig( + testAccMultipleRegionProviderConfig(3), + fmt.Sprintf(` +data "aws_region" "alternate" { + provider = "aws.alternate" +} + +data "aws_region" "third" { + provider = "aws.third" +} + +resource "aws_dynamodb_table" "test" { + name = %[1]q + hash_key = "TestTableHashKey" + billing_mode = "PAY_PER_REQUEST" + stream_enabled = true + stream_view_type = "NEW_AND_OLD_IMAGES" + + attribute { + name = "TestTableHashKey" + type = "S" + } + + replica { + region_name = data.aws_region.alternate.name + } + + replica { + region_name = data.aws_region.third.name + } +} +`, rName)) +} diff --git a/docs/contributing/running-and-writing-acceptance-tests.md b/docs/contributing/running-and-writing-acceptance-tests.md index fbb2caccc52..e4bc11c407f 100644 --- a/docs/contributing/running-and-writing-acceptance-tests.md +++ b/docs/contributing/running-and-writing-acceptance-tests.md @@ -130,12 +130,13 @@ export AWS_ALTERNATE_SECRET_ACCESS_KEY=... ### Running Cross-Region Tests -Certain testing requires multiple AWS regions. Additional setup is not typically required because the testing defaults the alternate AWS region to `us-east-1`. +Certain testing requires multiple AWS regions. Additional setup is not typically required because the testing defaults the second AWS region to `us-east-1` and the third AWS region to `us-east-2`. -Running these acceptance tests is the same as before, but if you wish to override the alternate region: +Running these acceptance tests is the same as before, but if you wish to override the second and third regions: ```sh export AWS_ALTERNATE_REGION=... +export AWS_THIRD_REGION=... ``` ## Writing an Acceptance Test @@ -693,12 +694,12 @@ Searching for usage of `testAccAlternateAccountPreCheck` in the codebase will yi #### Cross-Region Acceptance Tests -When testing requires AWS infrastructure in a second AWS region, the below changes to the normal setup will allow the management or reference of resources and data sources across regions: +When testing requires AWS infrastructure in a second or third AWS region, the below changes to the normal setup will allow the management or reference of resources and data sources across regions: -- In the `PreCheck` function, include `testAccMultipleRegionsPreCheck(t)` and `testAccAlternateRegionPreCheck(t)` to ensure a standardized set of information is required for cross-region testing configuration. If the infrastructure in the second AWS region is also in a second AWS account also include `testAccAlternateAccountPreCheck(t)` +- In the `PreCheck` function, include `testAccMultipleRegionPreCheck(t, ###)` to ensure a standardized set of information is required for cross-region testing configuration. If the infrastructure in the second AWS region is also in a second AWS account also include `testAccAlternateAccountPreCheck(t)` - Declare a `providers` variable at the top of the test function: `var providers []*schema.Provider` - Switch usage of `Providers: testAccProviders` to `ProviderFactories: testAccProviderFactories(&providers)` -- Add `testAccAlternateRegionProviderConfig()` to the test configuration and use `provider = "aws.alternate"` for cross-region resources. The resource that is the focus of the acceptance test should _not_ use the provider alias to simplify the testing setup. If the infrastructure in the second AWS region is also in a second AWS account use `testAccAlternateAccountAlternateRegionProviderConfig()` instead +- Add `testAccMultipleRegionProviderConfig(###)` to the test configuration and use `provider = "aws.alternate"` (and/or `provider = "aws.third"`) for cross-region resources. The resource that is the focus of the acceptance test should _not_ use the provider alias to simplify the testing setup. If the infrastructure in the second AWS region is also in a second AWS account use `testAccAlternateAccountAlternateRegionProviderConfig()` instead - For any `TestStep` that includes `ImportState: true`, add the `Config` that matches the previous `TestStep` `Config` An example acceptance test implementation can be seen below: @@ -711,8 +712,7 @@ func TestAccAwsExample_basic(t *testing.T) { resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) - testAccMultipleRegionsPreCheck(t) - testAccAlternateRegionPreCheck(t) + testAccMultipleRegionPreCheck(t, 2) }, ProviderFactories: testAccProviderFactories(&providers), CheckDestroy: testAccCheckAwsExampleDestroy, @@ -735,7 +735,7 @@ func TestAccAwsExample_basic(t *testing.T) { } func testAccAwsExampleConfig() string { - return testAccAlternateRegionProviderConfig() + fmt.Sprintf(` + return testAccMultipleRegionProviderConfig(2) + fmt.Sprintf(` # Cross region resources should be handled by the cross region provider. # The standardized provider alias is aws.alternate as seen below. resource "aws_cross_region_example" "test" { @@ -753,7 +753,7 @@ resource "aws_example" "test" { } ``` -Searching for usage of `testAccAlternateRegionPreCheck` in the codebase will yield real world examples of this setup in action. +Searching for usage of `testAccMultipleRegionPreCheck` in the codebase will yield real world examples of this setup in action. ### Data Source Acceptance Testing From f7fe6b878d62e6bbedb1c19f9cd02c28f6018e74 Mon Sep 17 00:00:00 2001 From: Brian Flad Date: Wed, 3 Jun 2020 19:24:52 -0400 Subject: [PATCH 459/475] Update CHANGELOG for #13523 --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 42743452078..ea90a5f320f 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -9,6 +9,7 @@ ENHANCEMENTS: BUG FIXES: * resource/aws_apigatewayv2_stage: Prevent perpetual plan differences with `default_route_settings.logging_level` argument for HTTP APIs [GH-12904] +* resource/aws_dynamodb_table: Prevent multiple replica creation/deletion errors [GH-13523] * resource/aws_instance: Prevent perpetual plan differences, forcing replacement, with `ebs_block_device` configuration blocks [GH-13589] * resource/aws_ses_configuration_set: Prevent `Provider produced inconsistent result after apply` errors during creation or import [GH-12024] From 47a7974e2458920595eaa56ca29c43d66a03ae11 Mon Sep 17 00:00:00 2001 From: angie pinilla Date: Wed, 3 Jun 2020 20:29:39 -0400 Subject: [PATCH 460/475] Update CHANGELOG for #13539 --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index ea90a5f320f..8138a5542f1 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -9,6 +9,7 @@ ENHANCEMENTS: BUG FIXES: * resource/aws_apigatewayv2_stage: Prevent perpetual plan differences with `default_route_settings.logging_level` argument for HTTP APIs [GH-12904] +* resource/aws_appmesh_route: Allow configuration of `spec` `http_route` `action` `weighted_target` `weight` argument to be 0 [GH-13539] * resource/aws_dynamodb_table: Prevent multiple replica creation/deletion errors [GH-13523] * resource/aws_instance: Prevent perpetual plan differences, forcing replacement, with `ebs_block_device` configuration blocks [GH-13589] * resource/aws_ses_configuration_set: Prevent `Provider produced inconsistent result after apply` errors during creation or import [GH-12024] From 1b116ac4387f34b60adb6b06048bb1e8bd768b43 Mon Sep 17 00:00:00 2001 From: DrFaust92 Date: Thu, 4 Jun 2020 09:38:48 +0300 Subject: [PATCH 461/475] fmt + fix error handle for `InvalidParameterCombination` --- aws/resource_aws_instance.go | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/aws/resource_aws_instance.go b/aws/resource_aws_instance.go index b6f17141f60..0eb77749a08 100644 --- a/aws/resource_aws_instance.go +++ b/aws/resource_aws_instance.go @@ -687,9 +687,9 @@ func resourceAwsInstanceCreate(d *schema.ResourceData, meta interface{}) error { aws.StringValue(instance.InstanceId)) stateConf := &resource.StateChangeConf{ - Pending: []string{ec2.InstanceStateNamePending}, - Target: []string{ec2.InstanceStateNameRunning}, - Refresh: InstanceStateRefreshFunc(conn, aws.StringValue(instance.InstanceId), []string{ec2.InstanceStateNameTerminated, ec2.InstanceStateNameShuttingDown}), + Pending: []string{ec2.InstanceStateNamePending}, + Target: []string{ec2.InstanceStateNameRunning}, + Refresh: InstanceStateRefreshFunc(conn, aws.StringValue(instance.InstanceId), []string{ec2.InstanceStateNameTerminated, ec2.InstanceStateNameShuttingDown}), Timeout: d.Timeout(schema.TimeoutCreate), Delay: 10 * time.Second, MinTimeout: 3 * time.Second, @@ -1095,7 +1095,7 @@ func resourceAwsInstanceUpdate(d *schema.ResourceData, meta interface{}) error { }, }) if err != nil { - if isAWSErr(err, "InvalidParameterCombination", "") { + if !isAWSErr(err, "InvalidParameterCombination", "") { return err } log.Printf("[WARN] Attempted to modify SourceDestCheck on non VPC instance: %s", err) From f23f08e6025c0eb05f479f61f1b00e4c7a64d3d5 Mon Sep 17 00:00:00 2001 From: DrFaust92 Date: Thu, 4 Jun 2020 18:29:30 +0300 Subject: [PATCH 462/475] docs --- website/docs/index.html.markdown | 1 + 1 file changed, 1 insertion(+) diff --git a/website/docs/index.html.markdown b/website/docs/index.html.markdown index 8f5b0b928bd..9e15dd3fdef 100644 --- a/website/docs/index.html.markdown +++ b/website/docs/index.html.markdown @@ -246,6 +246,7 @@ for more information about connecting to alternate AWS endpoints or AWS compatib - [`aws_dx_public_virtual_interface` resource](/docs/providers/aws/r/dx_public_virtual_interface.html) - [`aws_dx_transit_virtual_interface` resource](/docs/providers/aws/r/dx_transit_virtual_interface.html) - [`aws_ebs_volume` data source](/docs/providers/aws/d/ebs_volume.html) + - [`aws_ec2_client_vpn_endpoint` resource](/docs/providers/aws/r/ec2_client_vpn_endpoint.html) - [`aws_ecs_capacity_provider` resource (import)](/docs/providers/aws/r/ecs_capacity_provider.html) - [`aws_ecs_cluster` resource (import)](/docs/providers/aws/r/ecs_cluster.html) - [`aws_ecs_service` resource (import)](/docs/providers/aws/r/ecs_service.html) From e7b5edf9bd6c6e7094c3da0e64a4ab3ae4c08885 Mon Sep 17 00:00:00 2001 From: Ilia Lazebnik Date: Thu, 4 Jun 2020 18:30:31 +0300 Subject: [PATCH 463/475] Update resource_aws_instance.go --- aws/resource_aws_instance.go | 2 ++ 1 file changed, 2 insertions(+) diff --git a/aws/resource_aws_instance.go b/aws/resource_aws_instance.go index 0eb77749a08..3efde490f95 100644 --- a/aws/resource_aws_instance.go +++ b/aws/resource_aws_instance.go @@ -1095,6 +1095,8 @@ func resourceAwsInstanceUpdate(d *schema.ResourceData, meta interface{}) error { }, }) if err != nil { + // Tolerate InvalidParameterCombination error in Classic, otherwise + // return the error if !isAWSErr(err, "InvalidParameterCombination", "") { return err } From 47461b45e8a624be36209994a2015741b4790083 Mon Sep 17 00:00:00 2001 From: Ilia Lazebnik Date: Thu, 4 Jun 2020 18:57:21 +0300 Subject: [PATCH 464/475] Update resource_aws_instance.go --- aws/resource_aws_instance.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/aws/resource_aws_instance.go b/aws/resource_aws_instance.go index 3efde490f95..73d7b085ebd 100644 --- a/aws/resource_aws_instance.go +++ b/aws/resource_aws_instance.go @@ -1096,7 +1096,7 @@ func resourceAwsInstanceUpdate(d *schema.ResourceData, meta interface{}) error { }) if err != nil { // Tolerate InvalidParameterCombination error in Classic, otherwise - // return the error + // return the error if !isAWSErr(err, "InvalidParameterCombination", "") { return err } From 53e6f8c5a321a6b640d701d3dd9aad450499291d Mon Sep 17 00:00:00 2001 From: Brian Flad Date: Thu, 4 Jun 2020 13:42:51 -0400 Subject: [PATCH 465/475] resource/aws_acm_certificate: Various small improvements and fixes (#13513) Reference: https://github.com/terraform-providers/terraform-provider-aws/issues/3855 Reference: https://github.com/terraform-providers/terraform-provider-aws/issues/6082 Reference: https://github.com/terraform-providers/terraform-provider-aws/issues/8755 Reference: https://github.com/terraform-providers/terraform-provider-aws/issues/12075 Reference: https://github.com/terraform-providers/terraform-provider-aws/issues/13053 Notable changes: ``` ENHANCEMENTS: * resource/aws_acm_certificate: Add `status` attribute BUG FIXES: * resource/aws_acm_certificate: Detect `AMAZON_ISSUED` type `validation_method` value directly from API response instead of custom logic * resource/aws_acm_certificate: Increase deletion retries from 10 minutes to 20 minutes (better support API Gateway Custom Domain deletion) ``` Other changes: - Documents `subject_alternative_names` argument removal procedures - Improves potentially confusing error message during asynchronous ACM validation assignment Output from acceptance testing: ``` --- PASS: TestAccAWSAcmCertificate_imported_IpAddress (36.64s) --- PASS: TestAccAWSAcmCertificate_root_TrailingPeriod (37.74s) --- PASS: TestAccAWSAcmCertificate_wildcard (38.86s) --- PASS: TestAccAWSAcmCertificate_wildcardAndRootSan (39.08s) --- PASS: TestAccAWSAcmCertificate_emailValidation (39.11s) --- PASS: TestAccAWSAcmCertificate_dnsValidation (39.35s) --- PASS: TestAccAWSAcmCertificate_rootAndWildcardSan (39.62s) --- PASS: TestAccAWSAcmCertificate_disableCTLogging (41.62s) --- PASS: TestAccAWSAcmCertificate_san_single (41.93s) --- PASS: TestAccAWSAcmCertificate_san_TrailingPeriod (42.00s) --- PASS: TestAccAWSAcmCertificate_san_multiple (42.05s) --- PASS: TestAccAWSAcmCertificate_root (42.07s) --- PASS: TestAccAWSAcmCertificate_privateCert (47.46s) --- PASS: TestAccAWSAcmCertificate_imported_DomainName (54.51s) --- PASS: TestAccAWSAcmCertificate_tags (85.67s) ``` --- aws/resource_aws_acm_certificate.go | 44 +++++++++++++------- aws/resource_aws_acm_certificate_test.go | 15 +++++++ website/docs/r/acm_certificate.html.markdown | 5 ++- 3 files changed, 48 insertions(+), 16 deletions(-) diff --git a/aws/resource_aws_acm_certificate.go b/aws/resource_aws_acm_certificate.go index d020554e541..a4fd78a2f23 100644 --- a/aws/resource_aws_acm_certificate.go +++ b/aws/resource_aws_acm_certificate.go @@ -15,6 +15,16 @@ import ( "github.com/terraform-providers/terraform-provider-aws/aws/internal/keyvaluetags" ) +const ( + // Maximum amount of time for ACM Certificate cross-service reference propagation. + // Removal of ACM Certificates from API Gateway Custom Domains can take >15 minutes. + AcmCertificateCrossServicePropagationTimeout = 20 * time.Minute + + // Maximum amount of time for ACM Certificate asynchronous DNS validation record assignment. + // This timeout is unrelated to any creation or validation of those assigned DNS records. + AcmCertificateDnsValidationAssignmentTimeout = 5 * time.Minute +) + func resourceAwsAcmCertificate() *schema.Resource { return &schema.Resource{ Create: resourceAwsAcmCertificateCreate, @@ -143,6 +153,10 @@ func resourceAwsAcmCertificate() *schema.Resource { }, }, }, + "status": { + Type: schema.TypeString, + Computed: true, + }, "tags": tagsSchema(), }, } @@ -227,7 +241,7 @@ func resourceAwsAcmCertificateRead(d *schema.ResourceData, meta interface{}) err CertificateArn: aws.String(d.Id()), } - return resource.Retry(time.Duration(5)*time.Minute, func() *resource.RetryError { + return resource.Retry(AcmCertificateDnsValidationAssignmentTimeout, func() *resource.RetryError { resp, err := acmconn.DescribeCertificate(params) if err != nil { @@ -259,12 +273,14 @@ func resourceAwsAcmCertificateRead(d *schema.ResourceData, meta interface{}) err return resource.NonRetryableError(err) } - d.Set("validation_method", resourceAwsAcmCertificateGuessValidationMethod(domainValidationOptions, emailValidationOptions)) + d.Set("validation_method", resourceAwsAcmCertificateValidationMethod(resp.Certificate)) if err := d.Set("options", flattenAcmCertificateOptions(resp.Certificate.Options)); err != nil { return resource.NonRetryableError(fmt.Errorf("error setting certificate options: %s", err)) } + d.Set("status", resp.Certificate.Status) + tags, err := keyvaluetags.AcmListTags(acmconn, d.Id()) if err != nil { @@ -278,16 +294,16 @@ func resourceAwsAcmCertificateRead(d *schema.ResourceData, meta interface{}) err return nil }) } -func resourceAwsAcmCertificateGuessValidationMethod(domainValidationOptions []map[string]interface{}, emailValidationOptions []string) string { - // The DescribeCertificate Response doesn't have information on what validation method was used - // so we need to guess from the validation options we see... - if len(domainValidationOptions) > 0 { - return acm.ValidationMethodDns - } else if len(emailValidationOptions) > 0 { - return acm.ValidationMethodEmail - } else { - return "NONE" +func resourceAwsAcmCertificateValidationMethod(certificate *acm.CertificateDetail) string { + if aws.StringValue(certificate.Type) == acm.CertificateTypeAmazonIssued { + for _, domainValidation := range certificate.DomainValidationOptions { + if domainValidation.ValidationMethod != nil { + return aws.StringValue(domainValidation.ValidationMethod) + } + } } + + return "NONE" } func resourceAwsAcmCertificateUpdate(d *schema.ResourceData, meta interface{}) error { @@ -345,8 +361,8 @@ func convertValidationOptions(certificate *acm.CertificateDetail) ([]map[string] emailValidationResult = append(emailValidationResult, *validationEmail) } } else if o.ValidationStatus == nil || aws.StringValue(o.ValidationStatus) == acm.DomainStatusPendingValidation { - log.Printf("[DEBUG] No validation options need to retry: %#v", o) - return nil, nil, fmt.Errorf("No validation options need to retry: %#v", o) + log.Printf("[DEBUG] Asynchronous ACM service domain validation assignment not complete, need to retry: %#v", o) + return nil, nil, fmt.Errorf("asynchronous ACM service domain validation assignment not complete, need to retry: %#v", o) } } case acm.CertificateTypePrivate: @@ -369,7 +385,7 @@ func resourceAwsAcmCertificateDelete(d *schema.ResourceData, meta interface{}) e CertificateArn: aws.String(d.Id()), } - err := resource.Retry(10*time.Minute, func() *resource.RetryError { + err := resource.Retry(AcmCertificateCrossServicePropagationTimeout, func() *resource.RetryError { _, err := acmconn.DeleteCertificate(params) if err != nil { if isAWSErr(err, acm.ErrCodeResourceInUseException, "") { diff --git a/aws/resource_aws_acm_certificate_test.go b/aws/resource_aws_acm_certificate_test.go index 35e75fa4007..2f07b8861a5 100644 --- a/aws/resource_aws_acm_certificate_test.go +++ b/aws/resource_aws_acm_certificate_test.go @@ -131,6 +131,7 @@ func TestAccAWSAcmCertificate_emailValidation(t *testing.T) { testAccMatchResourceAttrRegionalARN(resourceName, "arn", "acm", regexp.MustCompile("certificate/.+$")), resource.TestCheckResourceAttr(resourceName, "domain_name", domain), resource.TestCheckResourceAttr(resourceName, "domain_validation_options.#", "0"), + resource.TestCheckResourceAttr(resourceName, "status", acm.CertificateStatusPendingValidation), resource.TestCheckResourceAttr(resourceName, "subject_alternative_names.#", "0"), resource.TestMatchResourceAttr(resourceName, "validation_emails.0", regexp.MustCompile(`^[^@]+@.+$`)), resource.TestCheckResourceAttr(resourceName, "validation_method", acm.ValidationMethodEmail), @@ -166,6 +167,7 @@ func TestAccAWSAcmCertificate_dnsValidation(t *testing.T) { resource.TestCheckResourceAttrSet(resourceName, "domain_validation_options.0.resource_record_name"), resource.TestCheckResourceAttr(resourceName, "domain_validation_options.0.resource_record_type", "CNAME"), resource.TestCheckResourceAttrSet(resourceName, "domain_validation_options.0.resource_record_value"), + resource.TestCheckResourceAttr(resourceName, "status", acm.CertificateStatusPendingValidation), resource.TestCheckResourceAttr(resourceName, "subject_alternative_names.#", "0"), resource.TestCheckResourceAttr(resourceName, "validation_emails.#", "0"), resource.TestCheckResourceAttr(resourceName, "validation_method", acm.ValidationMethodDns), @@ -199,6 +201,7 @@ func TestAccAWSAcmCertificate_root(t *testing.T) { resource.TestCheckResourceAttrSet(resourceName, "domain_validation_options.0.resource_record_name"), resource.TestCheckResourceAttr(resourceName, "domain_validation_options.0.resource_record_type", "CNAME"), resource.TestCheckResourceAttrSet(resourceName, "domain_validation_options.0.resource_record_value"), + resource.TestCheckResourceAttr(resourceName, "status", acm.CertificateStatusPendingValidation), resource.TestCheckResourceAttr(resourceName, "subject_alternative_names.#", "0"), resource.TestCheckResourceAttr(resourceName, "validation_emails.#", "0"), resource.TestCheckResourceAttr(resourceName, "validation_method", acm.ValidationMethodDns), @@ -229,6 +232,7 @@ func TestAccAWSAcmCertificate_privateCert(t *testing.T) { testAccMatchResourceAttrRegionalARN(resourceName, "arn", "acm", regexp.MustCompile("certificate/.+$")), resource.TestCheckResourceAttr(resourceName, "domain_name", fmt.Sprintf("%s.terraformtesting.com", rName)), resource.TestCheckResourceAttr(resourceName, "domain_validation_options.#", "0"), + resource.TestCheckResourceAttr(resourceName, "status", acm.CertificateStatusFailed), // FailureReason: PCA_INVALID_STATE (PCA State: PENDING_CERTIFICATE) resource.TestCheckResourceAttr(resourceName, "subject_alternative_names.#", "0"), resource.TestCheckResourceAttr(resourceName, "validation_emails.#", "0"), resource.TestCheckResourceAttr(resourceName, "validation_method", "NONE"), @@ -264,6 +268,7 @@ func TestAccAWSAcmCertificate_root_TrailingPeriod(t *testing.T) { resource.TestCheckResourceAttrSet(resourceName, "domain_validation_options.0.resource_record_name"), resource.TestCheckResourceAttr(resourceName, "domain_validation_options.0.resource_record_type", "CNAME"), resource.TestCheckResourceAttrSet(resourceName, "domain_validation_options.0.resource_record_value"), + resource.TestCheckResourceAttr(resourceName, "status", acm.CertificateStatusPendingValidation), resource.TestCheckResourceAttr(resourceName, "subject_alternative_names.#", "0"), resource.TestCheckResourceAttr(resourceName, "validation_emails.#", "0"), resource.TestCheckResourceAttr(resourceName, "validation_method", acm.ValidationMethodDns), @@ -302,6 +307,7 @@ func TestAccAWSAcmCertificate_rootAndWildcardSan(t *testing.T) { resource.TestCheckResourceAttrSet(resourceName, "domain_validation_options.1.resource_record_name"), resource.TestCheckResourceAttr(resourceName, "domain_validation_options.1.resource_record_type", "CNAME"), resource.TestCheckResourceAttrSet(resourceName, "domain_validation_options.1.resource_record_value"), + resource.TestCheckResourceAttr(resourceName, "status", acm.CertificateStatusPendingValidation), resource.TestCheckResourceAttr(resourceName, "subject_alternative_names.#", "1"), resource.TestCheckResourceAttr(resourceName, "subject_alternative_names.0", wildcardDomain), resource.TestCheckResourceAttr(resourceName, "validation_emails.#", "0"), @@ -342,6 +348,7 @@ func TestAccAWSAcmCertificate_san_single(t *testing.T) { resource.TestCheckResourceAttrSet(resourceName, "domain_validation_options.1.resource_record_name"), resource.TestCheckResourceAttr(resourceName, "domain_validation_options.1.resource_record_type", "CNAME"), resource.TestCheckResourceAttrSet(resourceName, "domain_validation_options.1.resource_record_value"), + resource.TestCheckResourceAttr(resourceName, "status", acm.CertificateStatusPendingValidation), resource.TestCheckResourceAttr(resourceName, "subject_alternative_names.#", "1"), resource.TestCheckResourceAttr(resourceName, "subject_alternative_names.0", sanDomain), resource.TestCheckResourceAttr(resourceName, "validation_emails.#", "0"), @@ -387,6 +394,7 @@ func TestAccAWSAcmCertificate_san_multiple(t *testing.T) { resource.TestCheckResourceAttrSet(resourceName, "domain_validation_options.2.resource_record_name"), resource.TestCheckResourceAttr(resourceName, "domain_validation_options.2.resource_record_type", "CNAME"), resource.TestCheckResourceAttrSet(resourceName, "domain_validation_options.2.resource_record_value"), + resource.TestCheckResourceAttr(resourceName, "status", acm.CertificateStatusPendingValidation), resource.TestCheckResourceAttr(resourceName, "subject_alternative_names.#", "2"), resource.TestCheckResourceAttr(resourceName, "subject_alternative_names.0", sanDomain1), resource.TestCheckResourceAttr(resourceName, "subject_alternative_names.1", sanDomain2), @@ -428,6 +436,7 @@ func TestAccAWSAcmCertificate_san_TrailingPeriod(t *testing.T) { resource.TestCheckResourceAttrSet(resourceName, "domain_validation_options.1.resource_record_name"), resource.TestCheckResourceAttr(resourceName, "domain_validation_options.1.resource_record_type", "CNAME"), resource.TestCheckResourceAttrSet(resourceName, "domain_validation_options.1.resource_record_value"), + resource.TestCheckResourceAttr(resourceName, "status", acm.CertificateStatusPendingValidation), resource.TestCheckResourceAttr(resourceName, "subject_alternative_names.#", "1"), resource.TestCheckResourceAttr(resourceName, "subject_alternative_names.0", strings.TrimSuffix(sanDomain, ".")), resource.TestCheckResourceAttr(resourceName, "validation_emails.#", "0"), @@ -463,6 +472,7 @@ func TestAccAWSAcmCertificate_wildcard(t *testing.T) { resource.TestCheckResourceAttrSet(resourceName, "domain_validation_options.0.resource_record_name"), resource.TestCheckResourceAttr(resourceName, "domain_validation_options.0.resource_record_type", "CNAME"), resource.TestCheckResourceAttrSet(resourceName, "domain_validation_options.0.resource_record_value"), + resource.TestCheckResourceAttr(resourceName, "status", acm.CertificateStatusPendingValidation), resource.TestCheckResourceAttr(resourceName, "subject_alternative_names.#", "0"), resource.TestCheckResourceAttr(resourceName, "validation_emails.#", "0"), resource.TestCheckResourceAttr(resourceName, "validation_method", acm.ValidationMethodDns), @@ -501,6 +511,7 @@ func TestAccAWSAcmCertificate_wildcardAndRootSan(t *testing.T) { resource.TestCheckResourceAttrSet(resourceName, "domain_validation_options.1.resource_record_name"), resource.TestCheckResourceAttr(resourceName, "domain_validation_options.1.resource_record_type", "CNAME"), resource.TestCheckResourceAttrSet(resourceName, "domain_validation_options.1.resource_record_value"), + resource.TestCheckResourceAttr(resourceName, "status", acm.CertificateStatusPendingValidation), resource.TestCheckResourceAttr(resourceName, "subject_alternative_names.#", "1"), resource.TestCheckResourceAttr(resourceName, "subject_alternative_names.0", rootDomain), resource.TestCheckResourceAttr(resourceName, "validation_emails.#", "0"), @@ -536,6 +547,7 @@ func TestAccAWSAcmCertificate_disableCTLogging(t *testing.T) { resource.TestCheckResourceAttr(resourceName, "domain_validation_options.0.resource_record_type", "CNAME"), resource.TestCheckResourceAttrSet(resourceName, "domain_validation_options.0.resource_record_value"), resource.TestCheckResourceAttr(resourceName, "subject_alternative_names.#", "0"), + resource.TestCheckResourceAttr(resourceName, "status", acm.CertificateStatusPendingValidation), resource.TestCheckResourceAttr(resourceName, "validation_emails.#", "0"), resource.TestCheckResourceAttr(resourceName, "validation_method", acm.ValidationMethodDns), resource.TestCheckResourceAttr(resourceName, "options.#", "1"), @@ -611,6 +623,7 @@ func TestAccAWSAcmCertificate_imported_DomainName(t *testing.T) { { Config: testAccAcmCertificateConfigPrivateKey("example.com"), Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr(resourceName, "status", acm.CertificateStatusIssued), resource.TestCheckResourceAttr(resourceName, "tags.%", "0"), resource.TestCheckResourceAttr(resourceName, "domain_name", "example.com"), ), @@ -618,6 +631,7 @@ func TestAccAWSAcmCertificate_imported_DomainName(t *testing.T) { { Config: testAccAcmCertificateConfigPrivateKey("example.org"), Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr(resourceName, "status", acm.CertificateStatusIssued), resource.TestCheckResourceAttr(resourceName, "tags.%", "0"), resource.TestCheckResourceAttr(resourceName, "domain_name", "example.org"), ), @@ -646,6 +660,7 @@ func TestAccAWSAcmCertificate_imported_IpAddress(t *testing.T) { // Reference: h Config: testAccAcmCertificateConfigPrivateKey("1.2.3.4"), Check: resource.ComposeTestCheckFunc( resource.TestCheckResourceAttr(resourceName, "domain_name", ""), + resource.TestCheckResourceAttr(resourceName, "status", acm.CertificateStatusIssued), resource.TestCheckResourceAttr(resourceName, "subject_alternative_names.#", "0"), ), }, diff --git a/website/docs/r/acm_certificate.html.markdown b/website/docs/r/acm_certificate.html.markdown index 3c188c714b9..3734d4f94e4 100644 --- a/website/docs/r/acm_certificate.html.markdown +++ b/website/docs/r/acm_certificate.html.markdown @@ -82,7 +82,7 @@ The following arguments are supported: * Creating an amazon issued certificate * `domain_name` - (Required) A domain name for which the certificate should be issued - * `subject_alternative_names` - (Optional) A list of domains that should be SANs in the issued certificate + * `subject_alternative_names` - (Optional) A list of domains that should be SANs in the issued certificate. To remove all elements of a previously configured list, set this value equal to an empty list (`[]`) or use the [`terraform taint` command](https://www.terraform.io/docs/commands/taint.html) to trigger recreation. * `validation_method` - (Required) Which method to use for validation. `DNS` or `EMAIL` are valid, `NONE` can be used for certificates that were imported into ACM and then into Terraform. * `options` - (Optional) Configuration block used to set certificate options. Detailed below. * Importing an existing certificate @@ -92,7 +92,7 @@ The following arguments are supported: * Creating a private CA issued certificate * `domain_name` - (Required) A domain name for which the certificate should be issued * `certificate_authority_arn` - (Required) ARN of an ACMPCA - * `subject_alternative_names` - (Optional) A list of domains that should be SANs in the issued certificate + * `subject_alternative_names` - (Optional) A list of domains that should be SANs in the issued certificate. To remove all elements of a previously configured list, set this value equal to an empty list (`[]`) or use the [`terraform taint` command](https://www.terraform.io/docs/commands/taint.html) to trigger recreation. * `tags` - (Optional) A map of tags to assign to the resource. ## options Configuration Block @@ -109,6 +109,7 @@ In addition to all arguments above, the following attributes are exported: * `arn` - The ARN of the certificate * `domain_name` - The domain name for which the certificate is issued * `domain_validation_options` - A list of attributes to feed into other resources to complete certificate validation. Can have more than one element, e.g. if SANs are defined. Only set if `DNS`-validation was used. +* `status` - Status of the certificate. * `validation_emails` - A list of addresses that received a validation E-Mail. Only set if `EMAIL`-validation was used. Domain validation objects export the following attributes: From 71e4b26faee1b798301660f5c4f1a136b6f8a3f7 Mon Sep 17 00:00:00 2001 From: Brian Flad Date: Thu, 4 Jun 2020 13:44:24 -0400 Subject: [PATCH 466/475] Update CHANGELOG for #13513 --- CHANGELOG.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 8138a5542f1..e38c5d2309a 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,12 +2,15 @@ ENHANCEMENTS: +* resource/aws_acm_certificate: Add `status` attribute [GH-13513] * resource/aws_directory_servicedirectory: add `availability_zones` attribute to `vpc_settings` block [GH-12654] * resource/aws_directory_servicedirectory: add `availability_zones` attribute to `connect_settings` block [GH-12654] * resource/aws_directory_servicedirectory: add plan time validation to `customer_dns_ips` in `connect_settings` block [GH-12654] BUG FIXES: +* resource/aws_acm_certificate: Detect `AMAZON_ISSUED` type `validation_method` value directly from API response instead of custom logic [GH-13513] +* resource/aws_acm_certificate: Increase deletion retries from 10 minutes to 20 minutes (better support API Gateway Custom Domain deletion) [GH-13513] * resource/aws_apigatewayv2_stage: Prevent perpetual plan differences with `default_route_settings.logging_level` argument for HTTP APIs [GH-12904] * resource/aws_appmesh_route: Allow configuration of `spec` `http_route` `action` `weighted_target` `weight` argument to be 0 [GH-13539] * resource/aws_dynamodb_table: Prevent multiple replica creation/deletion errors [GH-13523] From 13b7a836a763c50d47f8f866b3645f00d98f1464 Mon Sep 17 00:00:00 2001 From: angie pinilla Date: Thu, 4 Jun 2020 14:11:38 -0400 Subject: [PATCH 467/475] Update CHANGELOG for #13536 --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index e38c5d2309a..9b7b23c1ef5 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -15,6 +15,7 @@ BUG FIXES: * resource/aws_appmesh_route: Allow configuration of `spec` `http_route` `action` `weighted_target` `weight` argument to be 0 [GH-13539] * resource/aws_dynamodb_table: Prevent multiple replica creation/deletion errors [GH-13523] * resource/aws_instance: Prevent perpetual plan differences, forcing replacement, with `ebs_block_device` configuration blocks [GH-13589] +* resource/aws_kinesis_firehose_delivery_stream: Correctly set `kinesis_source_configuration` during import to prevent resource recreation * resource/aws_ses_configuration_set: Prevent `Provider produced inconsistent result after apply` errors during creation or import [GH-12024] ## 2.64.0 (May 28, 2020) From d7e87eeefe8621ea130d029aa015d622886654ca Mon Sep 17 00:00:00 2001 From: angie pinilla Date: Thu, 4 Jun 2020 14:12:42 -0400 Subject: [PATCH 468/475] Update CHANGELOG for #13536 Add GH link to PR --- CHANGELOG.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 9b7b23c1ef5..63556cb47c3 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -15,7 +15,7 @@ BUG FIXES: * resource/aws_appmesh_route: Allow configuration of `spec` `http_route` `action` `weighted_target` `weight` argument to be 0 [GH-13539] * resource/aws_dynamodb_table: Prevent multiple replica creation/deletion errors [GH-13523] * resource/aws_instance: Prevent perpetual plan differences, forcing replacement, with `ebs_block_device` configuration blocks [GH-13589] -* resource/aws_kinesis_firehose_delivery_stream: Correctly set `kinesis_source_configuration` during import to prevent resource recreation +* resource/aws_kinesis_firehose_delivery_stream: Correctly set `kinesis_source_configuration` during import to prevent resource recreation [GH-13536] * resource/aws_ses_configuration_set: Prevent `Provider produced inconsistent result after apply` errors during creation or import [GH-12024] ## 2.64.0 (May 28, 2020) From 6fc7c3bdf83e715de7bb21cb133311f2fb31865a Mon Sep 17 00:00:00 2001 From: angie pinilla Date: Thu, 4 Jun 2020 14:23:04 -0400 Subject: [PATCH 469/475] Update CHANGELOG for #13033 --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 63556cb47c3..9fc9ea0bf8b 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -6,6 +6,7 @@ ENHANCEMENTS: * resource/aws_directory_servicedirectory: add `availability_zones` attribute to `vpc_settings` block [GH-12654] * resource/aws_directory_servicedirectory: add `availability_zones` attribute to `connect_settings` block [GH-12654] * resource/aws_directory_servicedirectory: add plan time validation to `customer_dns_ips` in `connect_settings` block [GH-12654] +* resource/aws_instance: add plan time validation to `private_ip`, `ipv6_addresses`, `tenancy`, and `volume_type` in `ebs_block_device` and `root_block_device` blocks [GH-13033] BUG FIXES: From 92856b55208425ab007188f7cd278b582466b324 Mon Sep 17 00:00:00 2001 From: angie pinilla Date: Thu, 4 Jun 2020 14:33:02 -0400 Subject: [PATCH 470/475] Update CHANGELOG for #13601 and reword log for #13033 --- CHANGELOG.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 9fc9ea0bf8b..1cf92e3ea95 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -6,7 +6,8 @@ ENHANCEMENTS: * resource/aws_directory_servicedirectory: add `availability_zones` attribute to `vpc_settings` block [GH-12654] * resource/aws_directory_servicedirectory: add `availability_zones` attribute to `connect_settings` block [GH-12654] * resource/aws_directory_servicedirectory: add plan time validation to `customer_dns_ips` in `connect_settings` block [GH-12654] -* resource/aws_instance: add plan time validation to `private_ip`, `ipv6_addresses`, `tenancy`, and `volume_type` in `ebs_block_device` and `root_block_device` blocks [GH-13033] +* resource/aws_ec2_client_vpn_endpoint: add `arn` attribute and plan time validation to `root_certificate_chain_arn` (in `authentication_options` block), `client_cidr_block`, and `server_certificate_arn` [GH-13601] +* resource/aws_instance: add plan time validation to `volume_type`(in `ebs_block_device` and `root_block_device` blocks), `private_ip`, `ipv6_addresses`, and `tenancy` [GH-13033] BUG FIXES: From 51a3c3c09a95381f9a2d6226e5123b663e1df32c Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 4 Jun 2020 15:56:12 -0400 Subject: [PATCH 471/475] Update module hashicorp/terraform-plugin-sdk to v1.13.1 (#13604) * Update module hashicorp/terraform-plugin-sdk to v1.13.1 * deps: Update go.sum for github.com/hashicorp/terraform-plugin-sdk@v1.13.1 Co-authored-by: Renovate Bot Co-authored-by: Brian Flad --- go.mod | 2 +- go.sum | 4 ++-- .../terraform-plugin-sdk/helper/schema/resource_data.go | 3 --- .../hashicorp/terraform-plugin-sdk/helper/schema/serialize.go | 2 ++ vendor/github.com/hashicorp/terraform-plugin-sdk/meta/meta.go | 2 +- vendor/modules.txt | 2 +- 6 files changed, 7 insertions(+), 8 deletions(-) diff --git a/go.mod b/go.mod index a6f0a85b5de..1aadb5f25ac 100644 --- a/go.mod +++ b/go.mod @@ -13,7 +13,7 @@ require ( github.com/hashicorp/go-cleanhttp v0.5.1 github.com/hashicorp/go-multierror v1.0.0 github.com/hashicorp/go-version v1.2.0 - github.com/hashicorp/terraform-plugin-sdk v1.13.0 + github.com/hashicorp/terraform-plugin-sdk v1.13.1 github.com/hashicorp/vault v0.10.4 github.com/jen20/awspolicyequivalence v1.1.0 github.com/katbyte/terrafmt v0.2.1-0.20200303174203-e6a3e82cb21b diff --git a/go.sum b/go.sum index ee2aecf6890..8f08832955b 100644 --- a/go.sum +++ b/go.sum @@ -266,8 +266,8 @@ github.com/hashicorp/terraform-json v0.5.0 h1:7TV3/F3y7QVSuN4r9BEXqnWqrAyeOtON8f github.com/hashicorp/terraform-json v0.5.0/go.mod h1:eAbqb4w0pSlRmdvl8fOyHAi/+8jnkVYN28gJkSJrLhU= github.com/hashicorp/terraform-plugin-sdk v1.7.0 h1:B//oq0ZORG+EkVrIJy0uPGSonvmXqxSzXe8+GhknoW0= github.com/hashicorp/terraform-plugin-sdk v1.7.0/go.mod h1:OjgQmey5VxnPej/buEhe+YqKm0KNvV3QqU4hkqHqPCY= -github.com/hashicorp/terraform-plugin-sdk v1.13.0 h1:8v2/ZNiI12OHxEn8pzJ3noCHyRc0biKbKj+iFv5ZWKw= -github.com/hashicorp/terraform-plugin-sdk v1.13.0/go.mod h1:HiWIPD/T9HixIhQUwaSoDQxo4BLFdmiBi/Qz5gjB8Q0= +github.com/hashicorp/terraform-plugin-sdk v1.13.1 h1:kWq+V+4BMFKtzIuO8wb/k4SRGB/VVF8g468VSFmAnKM= +github.com/hashicorp/terraform-plugin-sdk v1.13.1/go.mod h1:HiWIPD/T9HixIhQUwaSoDQxo4BLFdmiBi/Qz5gjB8Q0= github.com/hashicorp/terraform-plugin-test v1.2.0 h1:AWFdqyfnOj04sxTdaAF57QqvW7XXrT8PseUHkbKsE8I= github.com/hashicorp/terraform-plugin-test v1.2.0/go.mod h1:QIJHYz8j+xJtdtLrFTlzQVC0ocr3rf/OjIpgZLK56Hs= github.com/hashicorp/terraform-plugin-test v1.3.0 h1:hU5LoxrOn9qvOo+LTKN6mSav2J+dAMprbdxJPEQvp4U= diff --git a/vendor/github.com/hashicorp/terraform-plugin-sdk/helper/schema/resource_data.go b/vendor/github.com/hashicorp/terraform-plugin-sdk/helper/schema/resource_data.go index a8a6e223602..b855801d91d 100644 --- a/vendor/github.com/hashicorp/terraform-plugin-sdk/helper/schema/resource_data.go +++ b/vendor/github.com/hashicorp/terraform-plugin-sdk/helper/schema/resource_data.go @@ -157,9 +157,6 @@ func (d *ResourceData) HasChange(key string) bool { // When partial state mode is enabled, then only key prefixes specified // by SetPartial will be in the final state. This allows providers to return // partial states for partially applied resources (when errors occur). -// -// Deprecated: Partial state has very limited benefit given Terraform refreshes -// before operations by default. func (d *ResourceData) Partial(on bool) { d.partial = on if on { diff --git a/vendor/github.com/hashicorp/terraform-plugin-sdk/helper/schema/serialize.go b/vendor/github.com/hashicorp/terraform-plugin-sdk/helper/schema/serialize.go index fe6d7504c74..945b0b7ed35 100644 --- a/vendor/github.com/hashicorp/terraform-plugin-sdk/helper/schema/serialize.go +++ b/vendor/github.com/hashicorp/terraform-plugin-sdk/helper/schema/serialize.go @@ -51,6 +51,8 @@ func SerializeValueForHash(buf *bytes.Buffer, val interface{}, schema *Schema) { buf.WriteRune(':') switch innerVal := innerVal.(type) { + case bool: + buf.WriteString(strconv.FormatBool(innerVal)) case int: buf.WriteString(strconv.Itoa(innerVal)) case float64: diff --git a/vendor/github.com/hashicorp/terraform-plugin-sdk/meta/meta.go b/vendor/github.com/hashicorp/terraform-plugin-sdk/meta/meta.go index f4a2182124f..af843b3d251 100644 --- a/vendor/github.com/hashicorp/terraform-plugin-sdk/meta/meta.go +++ b/vendor/github.com/hashicorp/terraform-plugin-sdk/meta/meta.go @@ -11,7 +11,7 @@ import ( ) // The main version number that is being run at the moment. -var SDKVersion = "1.13.0" +var SDKVersion = "1.13.1" // A pre-release marker for the version. If this is "" (empty string) // then it means that it is a final release. Otherwise, this is a pre-release diff --git a/vendor/modules.txt b/vendor/modules.txt index aa8b0aa25c4..62dc29b95fe 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -529,7 +529,7 @@ github.com/hashicorp/logutils github.com/hashicorp/terraform-config-inspect/tfconfig # github.com/hashicorp/terraform-json v0.5.0 github.com/hashicorp/terraform-json -# github.com/hashicorp/terraform-plugin-sdk v1.13.0 +# github.com/hashicorp/terraform-plugin-sdk v1.13.1 github.com/hashicorp/terraform-plugin-sdk/acctest github.com/hashicorp/terraform-plugin-sdk/helper/acctest github.com/hashicorp/terraform-plugin-sdk/helper/customdiff From 59798d3082ee65fb703e2d42496f50e2c242313e Mon Sep 17 00:00:00 2001 From: Brian Flad Date: Thu, 4 Jun 2020 15:59:04 -0400 Subject: [PATCH 472/475] Update CHANGELOG for #13604 --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 1cf92e3ea95..d3efb1b8cd9 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -15,6 +15,7 @@ BUG FIXES: * resource/aws_acm_certificate: Increase deletion retries from 10 minutes to 20 minutes (better support API Gateway Custom Domain deletion) [GH-13513] * resource/aws_apigatewayv2_stage: Prevent perpetual plan differences with `default_route_settings.logging_level` argument for HTTP APIs [GH-12904] * resource/aws_appmesh_route: Allow configuration of `spec` `http_route` `action` `weighted_target` `weight` argument to be 0 [GH-13539] +* resource/aws_autoscaling_group: Prevent crash with `tags` argument containing boolean values in Terraform 0.11 and earlier [GH-13604] * resource/aws_dynamodb_table: Prevent multiple replica creation/deletion errors [GH-13523] * resource/aws_instance: Prevent perpetual plan differences, forcing replacement, with `ebs_block_device` configuration blocks [GH-13589] * resource/aws_kinesis_firehose_delivery_stream: Correctly set `kinesis_source_configuration` during import to prevent resource recreation [GH-13536] From 75b6f1f88bcee840541397243eea2b9e7f6453c2 Mon Sep 17 00:00:00 2001 From: Graham Davison Date: Thu, 4 Jun 2020 13:30:03 -0700 Subject: [PATCH 473/475] Update CHANGELOG for #12574 --- CHANGELOG.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index d3efb1b8cd9..7270ace7037 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -8,6 +8,8 @@ ENHANCEMENTS: * resource/aws_directory_servicedirectory: add plan time validation to `customer_dns_ips` in `connect_settings` block [GH-12654] * resource/aws_ec2_client_vpn_endpoint: add `arn` attribute and plan time validation to `root_certificate_chain_arn` (in `authentication_options` block), `client_cidr_block`, and `server_certificate_arn` [GH-13601] * resource/aws_instance: add plan time validation to `volume_type`(in `ebs_block_device` and `root_block_device` blocks), `private_ip`, `ipv6_addresses`, and `tenancy` [GH-13033] +* resource/aws_lb_listener_rule: Add support for multiple, weighted target groups in `forward` rules [GH-12574] +* resource/aws_lb_listener: Add support for multiple, weighted target groups in default actions [GH-12574] BUG FIXES: From 1a1ddc5bae2513c9e8f9da63eb0c2292c8e76afd Mon Sep 17 00:00:00 2001 From: Graham Davison Date: Thu, 4 Jun 2020 16:11:55 -0700 Subject: [PATCH 474/475] Update CHANGELOG for #13178 --- CHANGELOG.md | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 7270ace7037..b8b8ad5dde6 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -3,13 +3,14 @@ ENHANCEMENTS: * resource/aws_acm_certificate: Add `status` attribute [GH-13513] -* resource/aws_directory_servicedirectory: add `availability_zones` attribute to `vpc_settings` block [GH-12654] -* resource/aws_directory_servicedirectory: add `availability_zones` attribute to `connect_settings` block [GH-12654] -* resource/aws_directory_servicedirectory: add plan time validation to `customer_dns_ips` in `connect_settings` block [GH-12654] -* resource/aws_ec2_client_vpn_endpoint: add `arn` attribute and plan time validation to `root_certificate_chain_arn` (in `authentication_options` block), `client_cidr_block`, and `server_certificate_arn` [GH-13601] -* resource/aws_instance: add plan time validation to `volume_type`(in `ebs_block_device` and `root_block_device` blocks), `private_ip`, `ipv6_addresses`, and `tenancy` [GH-13033] +* resource/aws_directory_servicedirectory: Add `availability_zones` attribute to `vpc_settings` block [GH-12654] +* resource/aws_directory_servicedirectory: Add `availability_zones` attribute to `connect_settings` block [GH-12654] +* resource/aws_directory_servicedirectory: Add plan time validation to `customer_dns_ips` in `connect_settings` block [GH-12654] +* resource/aws_ec2_client_vpn_endpoint: Add `arn` attribute and plan time validation to `root_certificate_chain_arn` (in `authentication_options` block), `client_cidr_block`, and `server_certificate_arn` [GH-13601] +* resource/aws_instance: Add plan time validation to `volume_type`(in `ebs_block_device` and `root_block_device` blocks), `private_ip`, `ipv6_addresses`, and `tenancy` [GH-13033] * resource/aws_lb_listener_rule: Add support for multiple, weighted target groups in `forward` rules [GH-12574] * resource/aws_lb_listener: Add support for multiple, weighted target groups in default actions [GH-12574] +* resource/aws_workspaces_ip_group: Add plan-time validation for `rules.source` [GH-13178] BUG FIXES: @@ -22,6 +23,7 @@ BUG FIXES: * resource/aws_instance: Prevent perpetual plan differences, forcing replacement, with `ebs_block_device` configuration blocks [GH-13589] * resource/aws_kinesis_firehose_delivery_stream: Correctly set `kinesis_source_configuration` during import to prevent resource recreation [GH-13536] * resource/aws_ses_configuration_set: Prevent `Provider produced inconsistent result after apply` errors during creation or import [GH-12024] +* resource/aws_workspaces_ip_group: Remove resource from state if deleted outside of Terraform [GH-13178] ## 2.64.0 (May 28, 2020) From 3853d337c01ad97d66828f5c1b4638b4f6f3f14f Mon Sep 17 00:00:00 2001 From: tf-release-bot Date: Thu, 4 Jun 2020 23:42:59 +0000 Subject: [PATCH 475/475] v2.65.0 --- CHANGELOG.md | 40 ++++++++++++++++++++-------------------- 1 file changed, 20 insertions(+), 20 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index b8b8ad5dde6..aa82cdf2e94 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,29 +1,29 @@ -## 2.65.0 (Unreleased) +## 2.65.0 (June 04, 2020) ENHANCEMENTS: -* resource/aws_acm_certificate: Add `status` attribute [GH-13513] -* resource/aws_directory_servicedirectory: Add `availability_zones` attribute to `vpc_settings` block [GH-12654] -* resource/aws_directory_servicedirectory: Add `availability_zones` attribute to `connect_settings` block [GH-12654] -* resource/aws_directory_servicedirectory: Add plan time validation to `customer_dns_ips` in `connect_settings` block [GH-12654] -* resource/aws_ec2_client_vpn_endpoint: Add `arn` attribute and plan time validation to `root_certificate_chain_arn` (in `authentication_options` block), `client_cidr_block`, and `server_certificate_arn` [GH-13601] -* resource/aws_instance: Add plan time validation to `volume_type`(in `ebs_block_device` and `root_block_device` blocks), `private_ip`, `ipv6_addresses`, and `tenancy` [GH-13033] -* resource/aws_lb_listener_rule: Add support for multiple, weighted target groups in `forward` rules [GH-12574] -* resource/aws_lb_listener: Add support for multiple, weighted target groups in default actions [GH-12574] -* resource/aws_workspaces_ip_group: Add plan-time validation for `rules.source` [GH-13178] +* resource/aws_acm_certificate: Add `status` attribute ([#13513](https://github.com/terraform-providers/terraform-provider-aws/issues/13513)) +* resource/aws_directory_servicedirectory: Add `availability_zones` attribute to `vpc_settings` block ([#12654](https://github.com/terraform-providers/terraform-provider-aws/issues/12654)) +* resource/aws_directory_servicedirectory: Add `availability_zones` attribute to `connect_settings` block ([#12654](https://github.com/terraform-providers/terraform-provider-aws/issues/12654)) +* resource/aws_directory_servicedirectory: Add plan time validation to `customer_dns_ips` in `connect_settings` block ([#12654](https://github.com/terraform-providers/terraform-provider-aws/issues/12654)) +* resource/aws_ec2_client_vpn_endpoint: Add `arn` attribute and plan time validation to `root_certificate_chain_arn` (in `authentication_options` block), `client_cidr_block`, and `server_certificate_arn` [[#13601](https://github.com/terraform-providers/terraform-provider-aws/issues/13601)] +* resource/aws_instance: Add plan time validation to `volume_type`(in `ebs_block_device` and `root_block_device` blocks), `private_ip`, `ipv6_addresses`, and `tenancy` ([#13033](https://github.com/terraform-providers/terraform-provider-aws/issues/13033)) +* resource/aws_lb_listener_rule: Add support for multiple, weighted target groups in `forward` rules ([#12574](https://github.com/terraform-providers/terraform-provider-aws/issues/12574)) +* resource/aws_lb_listener: Add support for multiple, weighted target groups in default actions ([#12574](https://github.com/terraform-providers/terraform-provider-aws/issues/12574)) +* resource/aws_workspaces_ip_group: Add plan-time validation for `rules.source` ([#13178](https://github.com/terraform-providers/terraform-provider-aws/issues/13178)) BUG FIXES: -* resource/aws_acm_certificate: Detect `AMAZON_ISSUED` type `validation_method` value directly from API response instead of custom logic [GH-13513] -* resource/aws_acm_certificate: Increase deletion retries from 10 minutes to 20 minutes (better support API Gateway Custom Domain deletion) [GH-13513] -* resource/aws_apigatewayv2_stage: Prevent perpetual plan differences with `default_route_settings.logging_level` argument for HTTP APIs [GH-12904] -* resource/aws_appmesh_route: Allow configuration of `spec` `http_route` `action` `weighted_target` `weight` argument to be 0 [GH-13539] -* resource/aws_autoscaling_group: Prevent crash with `tags` argument containing boolean values in Terraform 0.11 and earlier [GH-13604] -* resource/aws_dynamodb_table: Prevent multiple replica creation/deletion errors [GH-13523] -* resource/aws_instance: Prevent perpetual plan differences, forcing replacement, with `ebs_block_device` configuration blocks [GH-13589] -* resource/aws_kinesis_firehose_delivery_stream: Correctly set `kinesis_source_configuration` during import to prevent resource recreation [GH-13536] -* resource/aws_ses_configuration_set: Prevent `Provider produced inconsistent result after apply` errors during creation or import [GH-12024] -* resource/aws_workspaces_ip_group: Remove resource from state if deleted outside of Terraform [GH-13178] +* resource/aws_acm_certificate: Detect `AMAZON_ISSUED` type `validation_method` value directly from API response instead of custom logic ([#13513](https://github.com/terraform-providers/terraform-provider-aws/issues/13513)) +* resource/aws_acm_certificate: Increase deletion retries from 10 minutes to 20 minutes (better support API Gateway Custom Domain deletion) ([#13513](https://github.com/terraform-providers/terraform-provider-aws/issues/13513)) +* resource/aws_apigatewayv2_stage: Prevent perpetual plan differences with `default_route_settings.logging_level` argument for HTTP APIs ([#12904](https://github.com/terraform-providers/terraform-provider-aws/issues/12904)) +* resource/aws_appmesh_route: Allow configuration of `spec` `http_route` `action` `weighted_target` `weight` argument to be 0 ([#13539](https://github.com/terraform-providers/terraform-provider-aws/issues/13539)) +* resource/aws_autoscaling_group: Prevent crash with `tags` argument containing boolean values in Terraform 0.11 and earlier ([#13604](https://github.com/terraform-providers/terraform-provider-aws/issues/13604)) +* resource/aws_dynamodb_table: Prevent multiple replica creation/deletion errors ([#13523](https://github.com/terraform-providers/terraform-provider-aws/issues/13523)) +* resource/aws_instance: Prevent perpetual plan differences, forcing replacement, with `ebs_block_device` configuration blocks [[#13589](https://github.com/terraform-providers/terraform-provider-aws/issues/13589)] +* resource/aws_kinesis_firehose_delivery_stream: Correctly set `kinesis_source_configuration` during import to prevent resource recreation ([#13536](https://github.com/terraform-providers/terraform-provider-aws/issues/13536)) +* resource/aws_ses_configuration_set: Prevent `Provider produced inconsistent result after apply` errors during creation or import [[#12024](https://github.com/terraform-providers/terraform-provider-aws/issues/12024)] +* resource/aws_workspaces_ip_group: Remove resource from state if deleted outside of Terraform ([#13178](https://github.com/terraform-providers/terraform-provider-aws/issues/13178)) ## 2.64.0 (May 28, 2020)