func resourceAwsKmsAliasCreate(d *schema.ResourceData, meta interface{}) error {
conn := meta.(*AWSClient).kmsconn
var name string
if v, ok := d.GetOk("name"); ok {
name = v.(string)
} else if v, ok := d.GetOk("name_prefix"); ok {
name = resource.PrefixedUniqueId(v.(string))
} else {
name = resource.PrefixedUniqueId("alias/")
}
targetKeyId := d.Get("target_key_id").(string)
log.Printf("[DEBUG] KMS alias create name: %s, target_key: %s", name, targetKeyId)
req := &kms.CreateAliasInput{
AliasName: aws.String(name),
TargetKeyId: aws.String(targetKeyId),
}
_, err := conn.CreateAlias(req)
if err != nil {
return err
}
d.SetId(name)
return resourceAwsKmsAliasRead(d, meta)
}
func resourceAwsIamRoleCreate(d *schema.ResourceData, meta interface{}) error {
iamconn := meta.(*AWSClient).iamconn
var name string
if v, ok := d.GetOk("name"); ok {
name = v.(string)
} else if v, ok := d.GetOk("name_prefix"); ok {
name = resource.PrefixedUniqueId(v.(string))
} else {
name = resource.UniqueId()
}
request := &iam.CreateRoleInput{
Path: aws.String(d.Get("path").(string)),
RoleName: aws.String(name),
AssumeRolePolicyDocument: aws.String(d.Get("assume_role_policy").(string)),
}
var createResp *iam.CreateRoleOutput
err := resource.Retry(10*time.Second, func() *resource.RetryError {
var err error
createResp, err = iamconn.CreateRole(request)
// IAM roles can take ~10 seconds to propagate in AWS:
// http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/iam-roles-for-amazon-ec2.html#launch-instance-with-role-console
if isAWSErr(err, "MalformedPolicyDocument", "Invalid principal in policy") {
return resource.RetryableError(err)
}
return resource.NonRetryableError(err)
})
if err != nil {
return fmt.Errorf("Error creating IAM Role %s: %s", name, err)
}
return resourceAwsIamRoleReadResult(d, createResp.Role)
}
func resourceAwsAlbAttachmentCreate(d *schema.ResourceData, meta interface{}) error {
elbconn := meta.(*AWSClient).elbv2conn
params := &elbv2.RegisterTargetsInput{
TargetGroupArn: aws.String(d.Get("target_group_arn").(string)),
Targets: []*elbv2.TargetDescription{
{
Id: aws.String(d.Get("target_id").(string)),
Port: aws.Int64(int64(d.Get("port").(int))),
},
},
}
log.Printf("[INFO] Registering Target %s (%d) with Target Group %s", d.Get("target_id").(string),
d.Get("port").(int), d.Get("target_group_arn").(string))
_, err := elbconn.RegisterTargets(params)
if err != nil {
return errwrap.Wrapf("Error registering targets with target group: {{err}}", err)
}
d.SetId(resource.PrefixedUniqueId(fmt.Sprintf("%s-", d.Get("target_group_arn"))))
return nil
}
func resourceAwsIamInstanceProfileCreate(d *schema.ResourceData, meta interface{}) error {
iamconn := meta.(*AWSClient).iamconn
var name string
if v, ok := d.GetOk("name"); ok {
name = v.(string)
} else if v, ok := d.GetOk("name_prefix"); ok {
name = resource.PrefixedUniqueId(v.(string))
} else {
name = resource.UniqueId()
}
request := &iam.CreateInstanceProfileInput{
InstanceProfileName: aws.String(name),
Path: aws.String(d.Get("path").(string)),
}
var err error
response, err := iamconn.CreateInstanceProfile(request)
if err == nil {
err = instanceProfileReadResult(d, response.InstanceProfile)
}
if err != nil {
return fmt.Errorf("Error creating IAM instance profile %s: %s", name, err)
}
return instanceProfileSetRoles(d, iamconn)
}
func resourceAwsElasticTranscoderPresetCreate(d *schema.ResourceData, meta interface{}) error {
elastictranscoderconn := meta.(*AWSClient).elastictranscoderconn
req := &elastictranscoder.CreatePresetInput{
Audio: expandETAudioParams(d),
Container: aws.String(d.Get("container").(string)),
Description: getStringPtr(d, "description"),
Thumbnails: expandETThumbnails(d),
Video: exapandETVideoParams(d),
}
if name, ok := d.GetOk("name"); ok {
req.Name = aws.String(name.(string))
} else {
name := resource.PrefixedUniqueId("tf-et-preset-")
d.Set("name", name)
req.Name = aws.String(name)
}
log.Printf("[DEBUG] Elastic Transcoder Preset create opts: %s", req)
resp, err := elastictranscoderconn.CreatePreset(req)
if err != nil {
return fmt.Errorf("Error creating Elastic Transcoder Preset: %s", err)
}
if resp.Warning != nil && *resp.Warning != "" {
log.Printf("[WARN] Elastic Transcoder Preset: %s", *resp.Warning)
}
d.SetId(*resp.Preset.Id)
d.Set("arn", *resp.Preset.Arn)
return nil
}
func resourceAwsIamRoleCreate(d *schema.ResourceData, meta interface{}) error {
iamconn := meta.(*AWSClient).iamconn
var name string
if v, ok := d.GetOk("name"); ok {
name = v.(string)
} else if v, ok := d.GetOk("name_prefix"); ok {
name = resource.PrefixedUniqueId(v.(string))
} else {
name = resource.UniqueId()
}
request := &iam.CreateRoleInput{
Path: aws.String(d.Get("path").(string)),
RoleName: aws.String(name),
AssumeRolePolicyDocument: aws.String(d.Get("assume_role_policy").(string)),
}
var createResp *iam.CreateRoleOutput
err := resource.Retry(30*time.Second, func() *resource.RetryError {
var err error
createResp, err = iamconn.CreateRole(request)
// IAM users (referenced in Principal field of assume policy)
// can take ~30 seconds to propagate in AWS
if isAWSErr(err, "MalformedPolicyDocument", "Invalid principal in policy") {
return resource.RetryableError(err)
}
return resource.NonRetryableError(err)
})
if err != nil {
return fmt.Errorf("Error creating IAM Role %s: %s", name, err)
}
return resourceAwsIamRoleReadResult(d, createResp.Role)
}
func resourceAwsIamPolicyCreate(d *schema.ResourceData, meta interface{}) error {
iamconn := meta.(*AWSClient).iamconn
var name string
if v, ok := d.GetOk("name"); ok {
name = v.(string)
} else if v, ok := d.GetOk("name_prefix"); ok {
name = resource.PrefixedUniqueId(v.(string))
} else {
name = resource.UniqueId()
}
request := &iam.CreatePolicyInput{
Description: aws.String(d.Get("description").(string)),
Path: aws.String(d.Get("path").(string)),
PolicyDocument: aws.String(d.Get("policy").(string)),
PolicyName: aws.String(name),
}
response, err := iamconn.CreatePolicy(request)
if err != nil {
return fmt.Errorf("Error creating IAM policy %s: %s", name, err)
}
return readIamPolicy(d, response.Policy)
}
func resourceAwsKeyPairCreate(d *schema.ResourceData, meta interface{}) error {
conn := meta.(*AWSClient).ec2conn
var keyName string
if v, ok := d.GetOk("key_name"); ok {
keyName = v.(string)
} else if v, ok := d.GetOk("key_name_prefix"); ok {
keyName = resource.PrefixedUniqueId(v.(string))
} else {
keyName = resource.UniqueId()
}
publicKey := d.Get("public_key").(string)
req := &ec2.ImportKeyPairInput{
KeyName: aws.String(keyName),
PublicKeyMaterial: []byte(publicKey),
}
resp, err := conn.ImportKeyPair(req)
if err != nil {
return fmt.Errorf("Error import KeyPair: %s", err)
}
d.SetId(*resp.KeyName)
return nil
}
func resourceAwsAlbCreate(d *schema.ResourceData, meta interface{}) error {
elbconn := meta.(*AWSClient).elbv2conn
var name string
if v, ok := d.GetOk("name"); ok {
name = v.(string)
} else if v, ok := d.GetOk("name_prefix"); ok {
name = resource.PrefixedUniqueId(v.(string))
} else {
name = resource.PrefixedUniqueId("tf-lb-")
}
d.Set("name", name)
elbOpts := &elbv2.CreateLoadBalancerInput{
Name: aws.String(name),
Tags: tagsFromMapELBv2(d.Get("tags").(map[string]interface{})),
}
if scheme, ok := d.GetOk("internal"); ok && scheme.(bool) {
elbOpts.Scheme = aws.String("internal")
}
if v, ok := d.GetOk("security_groups"); ok {
elbOpts.SecurityGroups = expandStringList(v.(*schema.Set).List())
}
if v, ok := d.GetOk("subnets"); ok {
elbOpts.Subnets = expandStringList(v.(*schema.Set).List())
}
log.Printf("[DEBUG] ALB create configuration: %#v", elbOpts)
resp, err := elbconn.CreateLoadBalancer(elbOpts)
if err != nil {
return errwrap.Wrapf("Error creating Application Load Balancer: {{err}}", err)
}
if len(resp.LoadBalancers) != 1 {
return fmt.Errorf("No load balancers returned following creation of %s", d.Get("name").(string))
}
d.SetId(*resp.LoadBalancers[0].LoadBalancerArn)
log.Printf("[INFO] ALB ID: %s", d.Id())
return resourceAwsAlbUpdate(d, meta)
}
func validateReferenceName(v interface{}, k string) (ws []string, errors []error) {
value := v.(string)
creationToken := resource.PrefixedUniqueId(fmt.Sprintf("%s-", value))
if len(creationToken) > 64 {
errors = append(errors, fmt.Errorf(
"%q cannot take the Creation Token over the limit of 64 characters: %q", k, value))
}
return
}
func resourceAwsIamRolePolicyAttachmentCreate(d *schema.ResourceData, meta interface{}) error {
conn := meta.(*AWSClient).iamconn
role := d.Get("role").(string)
arn := d.Get("policy_arn").(string)
err := attachPolicyToRole(conn, role, arn)
if err != nil {
return fmt.Errorf("[WARN] Error attaching policy %s to IAM Role %s: %v", arn, role, err)
}
d.SetId(resource.PrefixedUniqueId(fmt.Sprintf("%s-", role)))
return resourceAwsIamRolePolicyAttachmentRead(d, meta)
}
func resourceAwsAutoscalingAttachmentCreate(d *schema.ResourceData, meta interface{}) error {
asgconn := meta.(*AWSClient).autoscalingconn
asgName := d.Get("autoscaling_group_name").(string)
elbName := d.Get("elb").(string)
attachElbInput := &autoscaling.AttachLoadBalancersInput{
AutoScalingGroupName: aws.String(asgName),
LoadBalancerNames: []*string{aws.String(elbName)},
}
log.Printf("[INFO] registering asg %s with ELBs %s", asgName, elbName)
if _, err := asgconn.AttachLoadBalancers(attachElbInput); err != nil {
return errwrap.Wrapf(fmt.Sprintf("Failure attaching AutoScaling Group %s with Elastic Load Balancer: %s: {{err}}", asgName, elbName), err)
}
d.SetId(resource.PrefixedUniqueId(fmt.Sprintf("%s-", asgName)))
return resourceAwsAutoscalingAttachmentRead(d, meta)
}
func resourceAwsIAMServerCertificateCreate(d *schema.ResourceData, meta interface{}) error {
conn := meta.(*AWSClient).iamconn
var sslCertName string
if v, ok := d.GetOk("name"); ok {
sslCertName = v.(string)
} else if v, ok := d.GetOk("name_prefix"); ok {
sslCertName = resource.PrefixedUniqueId(v.(string))
} else {
sslCertName = resource.UniqueId()
}
createOpts := &iam.UploadServerCertificateInput{
CertificateBody: aws.String(d.Get("certificate_body").(string)),
PrivateKey: aws.String(d.Get("private_key").(string)),
ServerCertificateName: aws.String(sslCertName),
}
if v, ok := d.GetOk("certificate_chain"); ok {
createOpts.CertificateChain = aws.String(v.(string))
}
if v, ok := d.GetOk("path"); ok {
createOpts.Path = aws.String(v.(string))
}
log.Printf("[DEBUG] Creating IAM Server Certificate with opts: %s", createOpts)
resp, err := conn.UploadServerCertificate(createOpts)
if err != nil {
if awsErr, ok := err.(awserr.Error); ok {
return fmt.Errorf("[WARN] Error uploading server certificate, error: %s: %s", awsErr.Code(), awsErr.Message())
}
return fmt.Errorf("[WARN] Error uploading server certificate, error: %s", err)
}
d.SetId(*resp.ServerCertificateMetadata.ServerCertificateId)
d.Set("name", sslCertName)
return resourceAwsIAMServerCertificateRead(d, meta)
}
func resourceAwsElasticTranscoderPipelineCreate(d *schema.ResourceData, meta interface{}) error {
elastictranscoderconn := meta.(*AWSClient).elastictranscoderconn
req := &elastictranscoder.CreatePipelineInput{
AwsKmsKeyArn: getStringPtr(d, "aws_kms_key_arn"),
ContentConfig: expandETPiplineOutputConfig(d, "content_config"),
InputBucket: aws.String(d.Get("input_bucket").(string)),
Notifications: expandETNotifications(d),
OutputBucket: getStringPtr(d, "output_bucket"),
Role: getStringPtr(d, "role"),
ThumbnailConfig: expandETPiplineOutputConfig(d, "thumbnail_config"),
}
if name, ok := d.GetOk("name"); ok {
req.Name = aws.String(name.(string))
} else {
name := resource.PrefixedUniqueId("tf-et-")
d.Set("name", name)
req.Name = aws.String(name)
}
if (req.OutputBucket == nil && (req.ContentConfig == nil || req.ContentConfig.Bucket == nil)) ||
(req.OutputBucket != nil && req.ContentConfig != nil && req.ContentConfig.Bucket != nil) {
return fmt.Errorf("[ERROR] you must specify only one of output_bucket or content_config.bucket")
}
log.Printf("[DEBUG] Elastic Transcoder Pipeline create opts: %s", req)
resp, err := elastictranscoderconn.CreatePipeline(req)
if err != nil {
return fmt.Errorf("Error creating Elastic Transcoder Pipeline: %s", err)
}
d.SetId(*resp.Pipeline.Id)
for _, w := range resp.Warnings {
log.Printf("[WARN] Elastic Transcoder Pipeline %v: %v", *w.Code, *w.Message)
}
return resourceAwsElasticTranscoderPipelineRead(d, meta)
}
func resourceAwsElbAttachmentCreate(d *schema.ResourceData, meta interface{}) error {
elbconn := meta.(*AWSClient).elbconn
elbName := d.Get("elb").(string)
instance := d.Get("instance").(string)
registerInstancesOpts := elb.RegisterInstancesWithLoadBalancerInput{
LoadBalancerName: aws.String(elbName),
Instances: []*elb.Instance{{InstanceId: aws.String(instance)}},
}
log.Printf("[INFO] registering instance %s with ELB %s", instance, elbName)
_, err := elbconn.RegisterInstancesWithLoadBalancer(®isterInstancesOpts)
if err != nil {
return fmt.Errorf("Failure registering instances with ELB: %s", err)
}
d.SetId(resource.PrefixedUniqueId(fmt.Sprintf("%s-", elbName)))
return nil
}
func resourceAwsIamRoleCreate(d *schema.ResourceData, meta interface{}) error {
iamconn := meta.(*AWSClient).iamconn
var name string
if v, ok := d.GetOk("name"); ok {
name = v.(string)
} else if v, ok := d.GetOk("name_prefix"); ok {
name = resource.PrefixedUniqueId(v.(string))
} else {
name = resource.UniqueId()
}
request := &iam.CreateRoleInput{
Path: aws.String(d.Get("path").(string)),
RoleName: aws.String(name),
AssumeRolePolicyDocument: aws.String(d.Get("assume_role_policy").(string)),
}
createResp, err := iamconn.CreateRole(request)
if err != nil {
return fmt.Errorf("Error creating IAM Role %s: %s", name, err)
}
return resourceAwsIamRoleReadResult(d, createResp.Role)
}
func resourceAwsDbInstanceCreate(d *schema.ResourceData, meta interface{}) error {
conn := meta.(*AWSClient).rdsconn
tags := tagsFromMapRDS(d.Get("tags").(map[string]interface{}))
identifier := d.Get("identifier").(string)
// Generate a unique ID for the user
if identifier == "" {
identifier = resource.PrefixedUniqueId("tf-")
// SQL Server identifier size is max 15 chars, so truncate
if engine := d.Get("engine").(string); engine != "" {
if strings.Contains(strings.ToLower(engine), "sqlserver") {
identifier = identifier[:15]
}
}
d.Set("identifier", identifier)
}
if v, ok := d.GetOk("replicate_source_db"); ok {
opts := rds.CreateDBInstanceReadReplicaInput{
SourceDBInstanceIdentifier: aws.String(v.(string)),
CopyTagsToSnapshot: aws.Bool(d.Get("copy_tags_to_snapshot").(bool)),
DBInstanceClass: aws.String(d.Get("instance_class").(string)),
DBInstanceIdentifier: aws.String(identifier),
Tags: tags,
}
if attr, ok := d.GetOk("iops"); ok {
opts.Iops = aws.Int64(int64(attr.(int)))
}
if attr, ok := d.GetOk("port"); ok {
opts.Port = aws.Int64(int64(attr.(int)))
}
if attr, ok := d.GetOk("availability_zone"); ok {
opts.AvailabilityZone = aws.String(attr.(string))
}
if attr, ok := d.GetOk("storage_type"); ok {
opts.StorageType = aws.String(attr.(string))
}
if attr, ok := d.GetOk("publicly_accessible"); ok {
opts.PubliclyAccessible = aws.Bool(attr.(bool))
}
if attr, ok := d.GetOk("db_subnet_group_name"); ok {
opts.DBSubnetGroupName = aws.String(attr.(string))
}
if attr, ok := d.GetOk("monitoring_role_arn"); ok {
opts.MonitoringRoleArn = aws.String(attr.(string))
}
if attr, ok := d.GetOk("monitoring_interval"); ok {
opts.MonitoringInterval = aws.Int64(int64(attr.(int)))
}
if attr, ok := d.GetOk("option_group_name"); ok {
opts.OptionGroupName = aws.String(attr.(string))
}
log.Printf("[DEBUG] DB Instance Replica create configuration: %#v", opts)
_, err := conn.CreateDBInstanceReadReplica(&opts)
if err != nil {
return fmt.Errorf("Error creating DB Instance: %s", err)
}
} else if _, ok := d.GetOk("snapshot_identifier"); ok {
opts := rds.RestoreDBInstanceFromDBSnapshotInput{
DBInstanceClass: aws.String(d.Get("instance_class").(string)),
DBInstanceIdentifier: aws.String(d.Get("identifier").(string)),
DBSnapshotIdentifier: aws.String(d.Get("snapshot_identifier").(string)),
AutoMinorVersionUpgrade: aws.Bool(d.Get("auto_minor_version_upgrade").(bool)),
Tags: tags,
CopyTagsToSnapshot: aws.Bool(d.Get("copy_tags_to_snapshot").(bool)),
}
if attr, ok := d.GetOk("availability_zone"); ok {
opts.AvailabilityZone = aws.String(attr.(string))
}
if attr, ok := d.GetOk("db_subnet_group_name"); ok {
opts.DBSubnetGroupName = aws.String(attr.(string))
}
if attr, ok := d.GetOk("engine"); ok {
opts.Engine = aws.String(attr.(string))
}
if attr, ok := d.GetOk("iops"); ok {
opts.Iops = aws.Int64(int64(attr.(int)))
}
if attr, ok := d.GetOk("license_model"); ok {
opts.LicenseModel = aws.String(attr.(string))
}
if attr, ok := d.GetOk("multi_az"); ok {
opts.MultiAZ = aws.Bool(attr.(bool))
}
if attr, ok := d.GetOk("option_group_name"); ok {
opts.OptionGroupName = aws.String(attr.(string))
}
if attr, ok := d.GetOk("port"); ok {
opts.Port = aws.Int64(int64(attr.(int)))
}
if attr, ok := d.GetOk("publicly_accessible"); ok {
opts.PubliclyAccessible = aws.Bool(attr.(bool))
}
if attr, ok := d.GetOk("tde_credential_arn"); ok {
opts.TdeCredentialArn = aws.String(attr.(string))
}
if attr, ok := d.GetOk("storage_type"); ok {
opts.StorageType = aws.String(attr.(string))
}
log.Printf("[DEBUG] DB Instance restore from snapshot configuration: %s", opts)
_, err := conn.RestoreDBInstanceFromDBSnapshot(&opts)
if err != nil {
return fmt.Errorf("Error creating DB Instance: %s", err)
}
var sgUpdate bool
if attr := d.Get("vpc_security_group_ids").(*schema.Set); attr.Len() > 0 {
sgUpdate = true
}
if attr := d.Get("security_group_names").(*schema.Set); attr.Len() > 0 {
sgUpdate = true
}
if sgUpdate {
log.Printf("[INFO] DB is restoring from snapshot with default security, but custom security should be set, will now update after snapshot is restored!")
// wait for instance to get up and then modify security
d.SetId(d.Get("identifier").(string))
log.Printf("[INFO] DB Instance ID: %s", d.Id())
log.Println(
"[INFO] Waiting for DB Instance to be available")
stateConf := &resource.StateChangeConf{
Pending: []string{"creating", "backing-up", "modifying", "resetting-master-credentials",
"maintenance", "renaming", "rebooting", "upgrading"},
Target: []string{"available"},
Refresh: resourceAwsDbInstanceStateRefreshFunc(d, meta),
Timeout: 40 * time.Minute,
MinTimeout: 10 * time.Second,
Delay: 30 * time.Second, // Wait 30 secs before starting
}
// Wait, catching any errors
_, err := stateConf.WaitForState()
if err != nil {
return err
}
err = resourceAwsDbInstanceUpdate(d, meta)
if err != nil {
return err
}
}
} else {
if _, ok := d.GetOk("allocated_storage"); !ok {
return fmt.Errorf(`provider.aws: aws_db_instance: %s: "allocated_storage": required field is not set`, d.Get("name").(string))
}
if _, ok := d.GetOk("engine"); !ok {
return fmt.Errorf(`provider.aws: aws_db_instance: %s: "engine": required field is not set`, d.Get("name").(string))
}
if _, ok := d.GetOk("password"); !ok {
return fmt.Errorf(`provider.aws: aws_db_instance: %s: "password": required field is not set`, d.Get("name").(string))
}
if _, ok := d.GetOk("username"); !ok {
return fmt.Errorf(`provider.aws: aws_db_instance: %s: "username": required field is not set`, d.Get("name").(string))
}
opts := rds.CreateDBInstanceInput{
AllocatedStorage: aws.Int64(int64(d.Get("allocated_storage").(int))),
DBName: aws.String(d.Get("name").(string)),
DBInstanceClass: aws.String(d.Get("instance_class").(string)),
DBInstanceIdentifier: aws.String(d.Get("identifier").(string)),
MasterUsername: aws.String(d.Get("username").(string)),
MasterUserPassword: aws.String(d.Get("password").(string)),
Engine: aws.String(d.Get("engine").(string)),
EngineVersion: aws.String(d.Get("engine_version").(string)),
StorageEncrypted: aws.Bool(d.Get("storage_encrypted").(bool)),
AutoMinorVersionUpgrade: aws.Bool(d.Get("auto_minor_version_upgrade").(bool)),
Tags: tags,
CopyTagsToSnapshot: aws.Bool(d.Get("copy_tags_to_snapshot").(bool)),
}
attr := d.Get("backup_retention_period")
opts.BackupRetentionPeriod = aws.Int64(int64(attr.(int)))
if attr, ok := d.GetOk("multi_az"); ok {
opts.MultiAZ = aws.Bool(attr.(bool))
}
if attr, ok := d.GetOk("maintenance_window"); ok {
opts.PreferredMaintenanceWindow = aws.String(attr.(string))
}
if attr, ok := d.GetOk("backup_window"); ok {
opts.PreferredBackupWindow = aws.String(attr.(string))
}
if attr, ok := d.GetOk("license_model"); ok {
opts.LicenseModel = aws.String(attr.(string))
}
if attr, ok := d.GetOk("parameter_group_name"); ok {
opts.DBParameterGroupName = aws.String(attr.(string))
}
if attr := d.Get("vpc_security_group_ids").(*schema.Set); attr.Len() > 0 {
var s []*string
for _, v := range attr.List() {
s = append(s, aws.String(v.(string)))
}
opts.VpcSecurityGroupIds = s
}
if attr := d.Get("security_group_names").(*schema.Set); attr.Len() > 0 {
var s []*string
for _, v := range attr.List() {
s = append(s, aws.String(v.(string)))
}
opts.DBSecurityGroups = s
}
if attr, ok := d.GetOk("storage_type"); ok {
opts.StorageType = aws.String(attr.(string))
}
if attr, ok := d.GetOk("db_subnet_group_name"); ok {
opts.DBSubnetGroupName = aws.String(attr.(string))
}
if attr, ok := d.GetOk("iops"); ok {
opts.Iops = aws.Int64(int64(attr.(int)))
}
if attr, ok := d.GetOk("port"); ok {
opts.Port = aws.Int64(int64(attr.(int)))
}
if attr, ok := d.GetOk("availability_zone"); ok {
opts.AvailabilityZone = aws.String(attr.(string))
}
if attr, ok := d.GetOk("publicly_accessible"); ok {
opts.PubliclyAccessible = aws.Bool(attr.(bool))
}
if attr, ok := d.GetOk("monitoring_role_arn"); ok {
opts.MonitoringRoleArn = aws.String(attr.(string))
}
if attr, ok := d.GetOk("monitoring_interval"); ok {
opts.MonitoringInterval = aws.Int64(int64(attr.(int)))
}
if attr, ok := d.GetOk("option_group_name"); ok {
opts.OptionGroupName = aws.String(attr.(string))
}
if attr, ok := d.GetOk("kms_key_id"); ok {
opts.KmsKeyId = aws.String(attr.(string))
}
log.Printf("[DEBUG] DB Instance create configuration: %#v", opts)
var err error
err = resource.Retry(5*time.Minute, func() *resource.RetryError {
_, err = conn.CreateDBInstance(&opts)
if err != nil {
if awsErr, ok := err.(awserr.Error); ok {
if awsErr.Code() == "InvalidParameterValue" && strings.Contains(awsErr.Message(), "ENHANCED_MONITORING") {
return resource.RetryableError(awsErr)
}
}
return resource.NonRetryableError(err)
}
return nil
})
if err != nil {
return fmt.Errorf("Error creating DB Instance: %s", err)
}
}
d.SetId(d.Get("identifier").(string))
log.Printf("[INFO] DB Instance ID: %s", d.Id())
log.Println(
"[INFO] Waiting for DB Instance to be available")
stateConf := &resource.StateChangeConf{
Pending: []string{"creating", "backing-up", "modifying", "resetting-master-credentials",
"maintenance", "renaming", "rebooting", "upgrading"},
Target: []string{"available"},
Refresh: resourceAwsDbInstanceStateRefreshFunc(d, meta),
Timeout: 40 * time.Minute,
MinTimeout: 10 * time.Second,
Delay: 30 * time.Second, // Wait 30 secs before starting
}
// Wait, catching any errors
_, err := stateConf.WaitForState()
if err != nil {
return err
}
return resourceAwsDbInstanceRead(d, meta)
}
func resourceAwsLaunchConfigurationCreate(d *schema.ResourceData, meta interface{}) error {
autoscalingconn := meta.(*AWSClient).autoscalingconn
ec2conn := meta.(*AWSClient).ec2conn
createLaunchConfigurationOpts := autoscaling.CreateLaunchConfigurationInput{
LaunchConfigurationName: aws.String(d.Get("name").(string)),
ImageId: aws.String(d.Get("image_id").(string)),
InstanceType: aws.String(d.Get("instance_type").(string)),
EbsOptimized: aws.Bool(d.Get("ebs_optimized").(bool)),
}
if v, ok := d.GetOk("user_data"); ok {
userData := base64.StdEncoding.EncodeToString([]byte(v.(string)))
createLaunchConfigurationOpts.UserData = aws.String(userData)
}
createLaunchConfigurationOpts.InstanceMonitoring = &autoscaling.InstanceMonitoring{
Enabled: aws.Bool(d.Get("enable_monitoring").(bool)),
}
if v, ok := d.GetOk("iam_instance_profile"); ok {
createLaunchConfigurationOpts.IamInstanceProfile = aws.String(v.(string))
}
if v, ok := d.GetOk("placement_tenancy"); ok {
createLaunchConfigurationOpts.PlacementTenancy = aws.String(v.(string))
}
if v, ok := d.GetOk("associate_public_ip_address"); ok {
createLaunchConfigurationOpts.AssociatePublicIpAddress = aws.Bool(v.(bool))
}
if v, ok := d.GetOk("key_name"); ok {
createLaunchConfigurationOpts.KeyName = aws.String(v.(string))
}
if v, ok := d.GetOk("spot_price"); ok {
createLaunchConfigurationOpts.SpotPrice = aws.String(v.(string))
}
if v, ok := d.GetOk("security_groups"); ok {
createLaunchConfigurationOpts.SecurityGroups = expandStringList(
v.(*schema.Set).List(),
)
}
if v, ok := d.GetOk("vpc_classic_link_id"); ok {
createLaunchConfigurationOpts.ClassicLinkVPCId = aws.String(v.(string))
}
if v, ok := d.GetOk("vpc_classic_link_security_groups"); ok {
createLaunchConfigurationOpts.ClassicLinkVPCSecurityGroups = expandStringList(
v.(*schema.Set).List(),
)
}
var blockDevices []*autoscaling.BlockDeviceMapping
// We'll use this to detect if we're declaring it incorrectly as an ebs_block_device.
rootDeviceName, err := fetchRootDeviceName(d.Get("image_id").(string), ec2conn)
if err != nil {
return err
}
if rootDeviceName == nil {
// We do this so the value is empty so we don't have to do nil checks later
var blank string
rootDeviceName = &blank
}
if v, ok := d.GetOk("ebs_block_device"); ok {
vL := v.(*schema.Set).List()
for _, v := range vL {
bd := v.(map[string]interface{})
ebs := &autoscaling.Ebs{
DeleteOnTermination: aws.Bool(bd["delete_on_termination"].(bool)),
}
if v, ok := bd["snapshot_id"].(string); ok && v != "" {
ebs.SnapshotId = aws.String(v)
}
if v, ok := bd["encrypted"].(bool); ok && v {
ebs.Encrypted = aws.Bool(v)
}
if v, ok := bd["volume_size"].(int); ok && v != 0 {
ebs.VolumeSize = aws.Int64(int64(v))
}
if v, ok := bd["volume_type"].(string); ok && v != "" {
ebs.VolumeType = aws.String(v)
}
if v, ok := bd["iops"].(int); ok && v > 0 {
ebs.Iops = aws.Int64(int64(v))
}
if *aws.String(bd["device_name"].(string)) == *rootDeviceName {
return fmt.Errorf("Root device (%s) declared as an 'ebs_block_device'. Use 'root_block_device' keyword.", *rootDeviceName)
}
blockDevices = append(blockDevices, &autoscaling.BlockDeviceMapping{
DeviceName: aws.String(bd["device_name"].(string)),
Ebs: ebs,
})
}
}
if v, ok := d.GetOk("ephemeral_block_device"); ok {
vL := v.(*schema.Set).List()
for _, v := range vL {
bd := v.(map[string]interface{})
blockDevices = append(blockDevices, &autoscaling.BlockDeviceMapping{
DeviceName: aws.String(bd["device_name"].(string)),
VirtualName: aws.String(bd["virtual_name"].(string)),
})
}
}
if v, ok := d.GetOk("root_block_device"); ok {
vL := v.(*schema.Set).List()
if len(vL) > 1 {
return fmt.Errorf("Cannot specify more than one root_block_device.")
}
for _, v := range vL {
bd := v.(map[string]interface{})
ebs := &autoscaling.Ebs{
DeleteOnTermination: aws.Bool(bd["delete_on_termination"].(bool)),
}
if v, ok := bd["volume_size"].(int); ok && v != 0 {
ebs.VolumeSize = aws.Int64(int64(v))
}
if v, ok := bd["volume_type"].(string); ok && v != "" {
ebs.VolumeType = aws.String(v)
}
if v, ok := bd["iops"].(int); ok && v > 0 {
ebs.Iops = aws.Int64(int64(v))
}
if dn, err := fetchRootDeviceName(d.Get("image_id").(string), ec2conn); err == nil {
if dn == nil {
return fmt.Errorf(
"Expected to find a Root Device name for AMI (%s), but got none",
d.Get("image_id").(string))
}
blockDevices = append(blockDevices, &autoscaling.BlockDeviceMapping{
DeviceName: dn,
Ebs: ebs,
})
} else {
return err
}
}
}
if len(blockDevices) > 0 {
createLaunchConfigurationOpts.BlockDeviceMappings = blockDevices
}
var lcName string
if v, ok := d.GetOk("name"); ok {
lcName = v.(string)
} else if v, ok := d.GetOk("name_prefix"); ok {
lcName = resource.PrefixedUniqueId(v.(string))
} else {
lcName = resource.UniqueId()
}
createLaunchConfigurationOpts.LaunchConfigurationName = aws.String(lcName)
log.Printf(
"[DEBUG] autoscaling create launch configuration: %s", createLaunchConfigurationOpts)
// IAM profiles can take ~10 seconds to propagate in AWS:
// http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/iam-roles-for-amazon-ec2.html#launch-instance-with-role-console
err = resource.Retry(30*time.Second, func() *resource.RetryError {
_, err := autoscalingconn.CreateLaunchConfiguration(&createLaunchConfigurationOpts)
if err != nil {
if awsErr, ok := err.(awserr.Error); ok {
if strings.Contains(awsErr.Message(), "Invalid IamInstanceProfile") {
return resource.RetryableError(err)
}
if strings.Contains(awsErr.Message(), "You are not authorized to perform this operation") {
return resource.RetryableError(err)
}
}
return resource.NonRetryableError(err)
}
return nil
})
if err != nil {
return fmt.Errorf("Error creating launch configuration: %s", err)
}
d.SetId(lcName)
log.Printf("[INFO] launch configuration ID: %s", d.Id())
// We put a Retry here since sometimes eventual consistency bites
// us and we need to retry a few times to get the LC to load properly
return resource.Retry(30*time.Second, func() *resource.RetryError {
err := resourceAwsLaunchConfigurationRead(d, meta)
if err != nil {
return resource.RetryableError(err)
}
return nil
})
}
func resourceAwsElbCreate(d *schema.ResourceData, meta interface{}) error {
elbconn := meta.(*AWSClient).elbconn
// Expand the "listener" set to aws-sdk-go compat []*elb.Listener
listeners, err := expandListeners(d.Get("listener").(*schema.Set).List())
if err != nil {
return err
}
var elbName string
if v, ok := d.GetOk("name"); ok {
elbName = v.(string)
} else {
elbName = resource.PrefixedUniqueId("tf-lb-")
d.Set("name", elbName)
}
tags := tagsFromMapELB(d.Get("tags").(map[string]interface{}))
// Provision the elb
elbOpts := &elb.CreateLoadBalancerInput{
LoadBalancerName: aws.String(elbName),
Listeners: listeners,
Tags: tags,
}
if scheme, ok := d.GetOk("internal"); ok && scheme.(bool) {
elbOpts.Scheme = aws.String("internal")
}
if v, ok := d.GetOk("availability_zones"); ok {
elbOpts.AvailabilityZones = expandStringList(v.(*schema.Set).List())
}
if v, ok := d.GetOk("security_groups"); ok {
elbOpts.SecurityGroups = expandStringList(v.(*schema.Set).List())
}
if v, ok := d.GetOk("subnets"); ok {
elbOpts.Subnets = expandStringList(v.(*schema.Set).List())
}
log.Printf("[DEBUG] ELB create configuration: %#v", elbOpts)
if _, err := elbconn.CreateLoadBalancer(elbOpts); err != nil {
return fmt.Errorf("Error creating ELB: %s", err)
}
// Assign the elb's unique identifier for use later
d.SetId(elbName)
log.Printf("[INFO] ELB ID: %s", d.Id())
// Enable partial mode and record what we set
d.Partial(true)
d.SetPartial("name")
d.SetPartial("internal")
d.SetPartial("availability_zones")
d.SetPartial("listener")
d.SetPartial("security_groups")
d.SetPartial("subnets")
d.Set("tags", tagsToMapELB(tags))
return resourceAwsElbUpdate(d, meta)
}
func resourceAwsAutoscalingGroupCreate(d *schema.ResourceData, meta interface{}) error {
conn := meta.(*AWSClient).autoscalingconn
var autoScalingGroupOpts autoscaling.CreateAutoScalingGroupInput
var asgName string
if v, ok := d.GetOk("name"); ok {
asgName = v.(string)
} else {
asgName = resource.PrefixedUniqueId("tf-asg-")
d.Set("name", asgName)
}
autoScalingGroupOpts.AutoScalingGroupName = aws.String(asgName)
autoScalingGroupOpts.LaunchConfigurationName = aws.String(d.Get("launch_configuration").(string))
autoScalingGroupOpts.MinSize = aws.Int64(int64(d.Get("min_size").(int)))
autoScalingGroupOpts.MaxSize = aws.Int64(int64(d.Get("max_size").(int)))
// Availability Zones are optional if VPC Zone Identifer(s) are specified
if v, ok := d.GetOk("availability_zones"); ok && v.(*schema.Set).Len() > 0 {
autoScalingGroupOpts.AvailabilityZones = expandStringList(v.(*schema.Set).List())
}
if v, ok := d.GetOk("tag"); ok {
autoScalingGroupOpts.Tags = autoscalingTagsFromMap(
setToMapByKey(v.(*schema.Set), "key"), d.Get("name").(string))
}
if v, ok := d.GetOk("default_cooldown"); ok {
autoScalingGroupOpts.DefaultCooldown = aws.Int64(int64(v.(int)))
}
if v, ok := d.GetOk("health_check_type"); ok && v.(string) != "" {
autoScalingGroupOpts.HealthCheckType = aws.String(v.(string))
}
if v, ok := d.GetOk("desired_capacity"); ok {
autoScalingGroupOpts.DesiredCapacity = aws.Int64(int64(v.(int)))
}
if v, ok := d.GetOk("health_check_grace_period"); ok {
autoScalingGroupOpts.HealthCheckGracePeriod = aws.Int64(int64(v.(int)))
}
if v, ok := d.GetOk("placement_group"); ok {
autoScalingGroupOpts.PlacementGroup = aws.String(v.(string))
}
if v, ok := d.GetOk("load_balancers"); ok && v.(*schema.Set).Len() > 0 {
autoScalingGroupOpts.LoadBalancerNames = expandStringList(
v.(*schema.Set).List())
}
if v, ok := d.GetOk("vpc_zone_identifier"); ok && v.(*schema.Set).Len() > 0 {
autoScalingGroupOpts.VPCZoneIdentifier = expandVpcZoneIdentifiers(v.(*schema.Set).List())
}
if v, ok := d.GetOk("termination_policies"); ok && len(v.([]interface{})) > 0 {
autoScalingGroupOpts.TerminationPolicies = expandStringList(v.([]interface{}))
}
log.Printf("[DEBUG] AutoScaling Group create configuration: %#v", autoScalingGroupOpts)
_, err := conn.CreateAutoScalingGroup(&autoScalingGroupOpts)
if err != nil {
return fmt.Errorf("Error creating Autoscaling Group: %s", err)
}
d.SetId(d.Get("name").(string))
log.Printf("[INFO] AutoScaling Group ID: %s", d.Id())
if err := waitForASGCapacity(d, meta, capacitySatifiedCreate); err != nil {
return err
}
if _, ok := d.GetOk("enabled_metrics"); ok {
metricsErr := enableASGMetricsCollection(d, conn)
if metricsErr != nil {
return metricsErr
}
}
return resourceAwsAutoscalingGroupRead(d, meta)
}
func resourceAwsS3BucketNotificationPut(d *schema.ResourceData, meta interface{}) error {
s3conn := meta.(*AWSClient).s3conn
bucket := d.Get("bucket").(string)
// TopicNotifications
topicNotifications := d.Get("topic").([]interface{})
topicConfigs := make([]*s3.TopicConfiguration, 0, len(topicNotifications))
for i, c := range topicNotifications {
tc := &s3.TopicConfiguration{}
c := c.(map[string]interface{})
// Id
if val, ok := c["id"].(string); ok && val != "" {
tc.Id = aws.String(val)
} else {
tc.Id = aws.String(resource.PrefixedUniqueId("tf-s3-topic-"))
}
// TopicArn
if val, ok := c["topic_arn"].(string); ok {
tc.TopicArn = aws.String(val)
}
// Events
events := d.Get(fmt.Sprintf("topic.%d.events", i)).(*schema.Set).List()
tc.Events = make([]*string, 0, len(events))
for _, e := range events {
tc.Events = append(tc.Events, aws.String(e.(string)))
}
// Filter
filterRules := make([]*s3.FilterRule, 0, 2)
if val, ok := c["filter_prefix"].(string); ok && val != "" {
filterRule := &s3.FilterRule{
Name: aws.String("prefix"),
Value: aws.String(val),
}
filterRules = append(filterRules, filterRule)
}
if val, ok := c["filter_suffix"].(string); ok && val != "" {
filterRule := &s3.FilterRule{
Name: aws.String("suffix"),
Value: aws.String(val),
}
filterRules = append(filterRules, filterRule)
}
if len(filterRules) > 0 {
tc.Filter = &s3.NotificationConfigurationFilter{
Key: &s3.KeyFilter{
FilterRules: filterRules,
},
}
}
topicConfigs = append(topicConfigs, tc)
}
// SQS
queueNotifications := d.Get("queue").([]interface{})
queueConfigs := make([]*s3.QueueConfiguration, 0, len(queueNotifications))
for i, c := range queueNotifications {
qc := &s3.QueueConfiguration{}
c := c.(map[string]interface{})
// Id
if val, ok := c["id"].(string); ok && val != "" {
qc.Id = aws.String(val)
} else {
qc.Id = aws.String(resource.PrefixedUniqueId("tf-s3-queue-"))
}
// QueueArn
if val, ok := c["queue_arn"].(string); ok {
qc.QueueArn = aws.String(val)
}
// Events
events := d.Get(fmt.Sprintf("queue.%d.events", i)).(*schema.Set).List()
qc.Events = make([]*string, 0, len(events))
for _, e := range events {
qc.Events = append(qc.Events, aws.String(e.(string)))
}
// Filter
filterRules := make([]*s3.FilterRule, 0, 2)
if val, ok := c["filter_prefix"].(string); ok && val != "" {
filterRule := &s3.FilterRule{
Name: aws.String("prefix"),
Value: aws.String(val),
}
filterRules = append(filterRules, filterRule)
}
if val, ok := c["filter_suffix"].(string); ok && val != "" {
filterRule := &s3.FilterRule{
Name: aws.String("suffix"),
Value: aws.String(val),
}
filterRules = append(filterRules, filterRule)
}
if len(filterRules) > 0 {
qc.Filter = &s3.NotificationConfigurationFilter{
Key: &s3.KeyFilter{
FilterRules: filterRules,
},
}
}
queueConfigs = append(queueConfigs, qc)
}
// Lambda
lambdaFunctionNotifications := d.Get("lambda_function").([]interface{})
lambdaConfigs := make([]*s3.LambdaFunctionConfiguration, 0, len(lambdaFunctionNotifications))
for i, c := range lambdaFunctionNotifications {
lc := &s3.LambdaFunctionConfiguration{}
c := c.(map[string]interface{})
// Id
if val, ok := c["id"].(string); ok && val != "" {
lc.Id = aws.String(val)
} else {
lc.Id = aws.String(resource.PrefixedUniqueId("tf-s3-lambda-"))
}
// LambdaFunctionArn
if val, ok := c["lambda_function_arn"].(string); ok {
lc.LambdaFunctionArn = aws.String(val)
}
// Events
events := d.Get(fmt.Sprintf("lambda_function.%d.events", i)).(*schema.Set).List()
lc.Events = make([]*string, 0, len(events))
for _, e := range events {
lc.Events = append(lc.Events, aws.String(e.(string)))
}
// Filter
filterRules := make([]*s3.FilterRule, 0, 2)
if val, ok := c["filter_prefix"].(string); ok && val != "" {
filterRule := &s3.FilterRule{
Name: aws.String("prefix"),
Value: aws.String(val),
}
filterRules = append(filterRules, filterRule)
}
if val, ok := c["filter_suffix"].(string); ok && val != "" {
filterRule := &s3.FilterRule{
Name: aws.String("suffix"),
Value: aws.String(val),
}
filterRules = append(filterRules, filterRule)
}
if len(filterRules) > 0 {
lc.Filter = &s3.NotificationConfigurationFilter{
Key: &s3.KeyFilter{
FilterRules: filterRules,
},
}
}
lambdaConfigs = append(lambdaConfigs, lc)
}
notificationConfiguration := &s3.NotificationConfiguration{}
if len(lambdaConfigs) > 0 {
notificationConfiguration.LambdaFunctionConfigurations = lambdaConfigs
}
if len(queueConfigs) > 0 {
notificationConfiguration.QueueConfigurations = queueConfigs
}
if len(topicConfigs) > 0 {
notificationConfiguration.TopicConfigurations = topicConfigs
}
i := &s3.PutBucketNotificationConfigurationInput{
Bucket: aws.String(bucket),
NotificationConfiguration: notificationConfiguration,
}
log.Printf("[DEBUG] S3 bucket: %s, Putting notification: %v", bucket, i)
err := resource.Retry(1*time.Minute, func() *resource.RetryError {
if _, err := s3conn.PutBucketNotificationConfiguration(i); err != nil {
if awserr, ok := err.(awserr.Error); ok {
switch awserr.Message() {
case "Unable to validate the following destination configurations":
return resource.RetryableError(awserr)
}
}
// Didn't recognize the error, so shouldn't retry.
return resource.NonRetryableError(err)
}
// Successful put configuration
return nil
})
if err != nil {
return fmt.Errorf("Error putting S3 notification configuration: %s", err)
}
d.SetId(bucket)
return resourceAwsS3BucketNotificationRead(d, meta)
}
func resourceAwsElbCreate(d *schema.ResourceData, meta interface{}) error {
elbconn := meta.(*AWSClient).elbconn
// Expand the "listener" set to aws-sdk-go compat []*elb.Listener
listeners, err := expandListeners(d.Get("listener").(*schema.Set).List())
if err != nil {
return err
}
var elbName string
if v, ok := d.GetOk("name"); ok {
elbName = v.(string)
} else {
elbName = resource.PrefixedUniqueId("tf-lb-")
d.Set("name", elbName)
}
tags := tagsFromMapELB(d.Get("tags").(map[string]interface{}))
// Provision the elb
elbOpts := &elb.CreateLoadBalancerInput{
LoadBalancerName: aws.String(elbName),
Listeners: listeners,
Tags: tags,
}
if scheme, ok := d.GetOk("internal"); ok && scheme.(bool) {
elbOpts.Scheme = aws.String("internal")
}
if v, ok := d.GetOk("availability_zones"); ok {
elbOpts.AvailabilityZones = expandStringList(v.(*schema.Set).List())
}
if v, ok := d.GetOk("security_groups"); ok {
elbOpts.SecurityGroups = expandStringList(v.(*schema.Set).List())
}
if v, ok := d.GetOk("subnets"); ok {
elbOpts.Subnets = expandStringList(v.(*schema.Set).List())
}
log.Printf("[DEBUG] ELB create configuration: %#v", elbOpts)
err = resource.Retry(1*time.Minute, func() *resource.RetryError {
_, err := elbconn.CreateLoadBalancer(elbOpts)
if err != nil {
if awsErr, ok := err.(awserr.Error); ok {
// Check for IAM SSL Cert error, eventual consistancy issue
if awsErr.Code() == "CertificateNotFound" {
return resource.RetryableError(
fmt.Errorf("[WARN] Error creating ELB Listener with SSL Cert, retrying: %s", err))
}
}
return resource.NonRetryableError(err)
}
return nil
})
if err != nil {
return err
}
// Assign the elb's unique identifier for use later
d.SetId(elbName)
log.Printf("[INFO] ELB ID: %s", d.Id())
// Enable partial mode and record what we set
d.Partial(true)
d.SetPartial("name")
d.SetPartial("internal")
d.SetPartial("availability_zones")
d.SetPartial("listener")
d.SetPartial("security_groups")
d.SetPartial("subnets")
d.Set("tags", tagsToMapELB(tags))
return resourceAwsElbUpdate(d, meta)
}
func resourceAwsEfsFileSystemCreate(d *schema.ResourceData, meta interface{}) error {
conn := meta.(*AWSClient).efsconn
creationToken := ""
if v, ok := d.GetOk("creation_token"); ok {
creationToken = v.(string)
} else {
if v, ok := d.GetOk("reference_name"); ok {
creationToken = resource.PrefixedUniqueId(fmt.Sprintf("%s-", v.(string)))
log.Printf("[WARN] Using deprecated `reference_name' attribute.")
} else {
creationToken = resource.UniqueId()
}
}
createOpts := &efs.CreateFileSystemInput{
CreationToken: aws.String(creationToken),
}
if v, ok := d.GetOk("performance_mode"); ok {
createOpts.PerformanceMode = aws.String(v.(string))
}
log.Printf("[DEBUG] EFS file system create options: %#v", *createOpts)
fs, err := conn.CreateFileSystem(createOpts)
if err != nil {
return fmt.Errorf("Error creating EFS file system: %s", err)
}
d.SetId(*fs.FileSystemId)
log.Printf("[INFO] EFS file system ID: %s", d.Id())
stateConf := &resource.StateChangeConf{
Pending: []string{"creating"},
Target: []string{"available"},
Refresh: func() (interface{}, string, error) {
resp, err := conn.DescribeFileSystems(&efs.DescribeFileSystemsInput{
FileSystemId: aws.String(d.Id()),
})
if err != nil {
return nil, "error", err
}
if len(resp.FileSystems) < 1 {
return nil, "not-found", fmt.Errorf("EFS file system %q not found", d.Id())
}
fs := resp.FileSystems[0]
log.Printf("[DEBUG] current status of %q: %q", *fs.FileSystemId, *fs.LifeCycleState)
return fs, *fs.LifeCycleState, nil
},
Timeout: 10 * time.Minute,
Delay: 2 * time.Second,
MinTimeout: 3 * time.Second,
}
_, err = stateConf.WaitForState()
if err != nil {
return fmt.Errorf("Error waiting for EFS file system (%q) to create: %q",
d.Id(), err.Error())
}
log.Printf("[DEBUG] EFS file system %q created.", d.Id())
return resourceAwsEfsFileSystemUpdate(d, meta)
}
func resourceComputeInstanceTemplateCreate(d *schema.ResourceData, meta interface{}) error {
config := meta.(*Config)
project, err := getProject(d, config)
if err != nil {
return err
}
instanceProperties := &compute.InstanceProperties{}
instanceProperties.CanIpForward = d.Get("can_ip_forward").(bool)
instanceProperties.Description = d.Get("instance_description").(string)
instanceProperties.MachineType = d.Get("machine_type").(string)
disks, err := buildDisks(d, meta)
if err != nil {
return err
}
instanceProperties.Disks = disks
metadata, err := resourceInstanceMetadata(d)
if err != nil {
return err
}
instanceProperties.Metadata = metadata
networks, err := buildNetworks(d, meta)
if err != nil {
return err
}
instanceProperties.NetworkInterfaces = networks
instanceProperties.Scheduling = &compute.Scheduling{}
instanceProperties.Scheduling.OnHostMaintenance = "MIGRATE"
if v, ok := d.GetOk("automatic_restart"); ok {
instanceProperties.Scheduling.AutomaticRestart = v.(bool)
}
if v, ok := d.GetOk("on_host_maintenance"); ok {
instanceProperties.Scheduling.OnHostMaintenance = v.(string)
}
forceSendFieldsScheduling := make([]string, 0, 3)
var hasSendMaintenance bool
hasSendMaintenance = false
if v, ok := d.GetOk("scheduling"); ok {
_schedulings := v.([]interface{})
if len(_schedulings) > 1 {
return fmt.Errorf("Error, at most one `scheduling` block can be defined")
}
_scheduling := _schedulings[0].(map[string]interface{})
if vp, okp := _scheduling["automatic_restart"]; okp {
instanceProperties.Scheduling.AutomaticRestart = vp.(bool)
forceSendFieldsScheduling = append(forceSendFieldsScheduling, "AutomaticRestart")
}
if vp, okp := _scheduling["on_host_maintenance"]; okp {
instanceProperties.Scheduling.OnHostMaintenance = vp.(string)
forceSendFieldsScheduling = append(forceSendFieldsScheduling, "OnHostMaintenance")
hasSendMaintenance = true
}
if vp, okp := _scheduling["preemptible"]; okp {
instanceProperties.Scheduling.Preemptible = vp.(bool)
forceSendFieldsScheduling = append(forceSendFieldsScheduling, "Preemptible")
if vp.(bool) && !hasSendMaintenance {
instanceProperties.Scheduling.OnHostMaintenance = "TERMINATE"
forceSendFieldsScheduling = append(forceSendFieldsScheduling, "OnHostMaintenance")
}
}
}
instanceProperties.Scheduling.ForceSendFields = forceSendFieldsScheduling
serviceAccountsCount := d.Get("service_account.#").(int)
serviceAccounts := make([]*compute.ServiceAccount, 0, serviceAccountsCount)
for i := 0; i < serviceAccountsCount; i++ {
prefix := fmt.Sprintf("service_account.%d", i)
scopesCount := d.Get(prefix + ".scopes.#").(int)
scopes := make([]string, 0, scopesCount)
for j := 0; j < scopesCount; j++ {
scope := d.Get(fmt.Sprintf(prefix+".scopes.%d", j)).(string)
scopes = append(scopes, canonicalizeServiceScope(scope))
}
serviceAccount := &compute.ServiceAccount{
Email: "default",
Scopes: scopes,
}
serviceAccounts = append(serviceAccounts, serviceAccount)
}
instanceProperties.ServiceAccounts = serviceAccounts
instanceProperties.Tags = resourceInstanceTags(d)
var itName string
if v, ok := d.GetOk("name"); ok {
itName = v.(string)
} else if v, ok := d.GetOk("name_prefix"); ok {
itName = resource.PrefixedUniqueId(v.(string))
} else {
itName = resource.UniqueId()
}
instanceTemplate := compute.InstanceTemplate{
Description: d.Get("description").(string),
Properties: instanceProperties,
Name: itName,
}
op, err := config.clientCompute.InstanceTemplates.Insert(
project, &instanceTemplate).Do()
if err != nil {
return fmt.Errorf("Error creating instance: %s", err)
}
// Store the ID now
d.SetId(instanceTemplate.Name)
err = computeOperationWaitGlobal(config, op, project, "Creating Instance Template")
if err != nil {
return err
}
return resourceComputeInstanceTemplateRead(d, meta)
}
func resourceAwsS3BucketLifecycleUpdate(s3conn *s3.S3, d *schema.ResourceData) error {
bucket := d.Get("bucket").(string)
lifecycleRules := d.Get("lifecycle_rule").([]interface{})
rules := make([]*s3.LifecycleRule, 0, len(lifecycleRules))
for i, lifecycleRule := range lifecycleRules {
r := lifecycleRule.(map[string]interface{})
rule := &s3.LifecycleRule{
Prefix: aws.String(r["prefix"].(string)),
}
// ID
if val, ok := r["id"].(string); ok && val != "" {
rule.ID = aws.String(val)
} else {
rule.ID = aws.String(resource.PrefixedUniqueId("tf-s3-lifecycle-"))
}
// Enabled
if val, ok := r["enabled"].(bool); ok && val {
rule.Status = aws.String(s3.ExpirationStatusEnabled)
} else {
rule.Status = aws.String(s3.ExpirationStatusDisabled)
}
// AbortIncompleteMultipartUpload
if val, ok := r["abort_incomplete_multipart_upload_days"].(int); ok && val > 0 {
rule.AbortIncompleteMultipartUpload = &s3.AbortIncompleteMultipartUpload{
DaysAfterInitiation: aws.Int64(int64(val)),
}
}
// Expiration
expiration := d.Get(fmt.Sprintf("lifecycle_rule.%d.expiration", i)).(*schema.Set).List()
if len(expiration) > 0 {
e := expiration[0].(map[string]interface{})
i := &s3.LifecycleExpiration{}
if val, ok := e["date"].(string); ok && val != "" {
t, err := time.Parse(time.RFC3339, fmt.Sprintf("%sT00:00:00Z", val))
if err != nil {
return fmt.Errorf("Error Parsing AWS S3 Bucket Lifecycle Expiration Date: %s", err.Error())
}
i.Date = aws.Time(t)
} else if val, ok := e["days"].(int); ok && val > 0 {
i.Days = aws.Int64(int64(val))
} else if val, ok := e["expired_object_delete_marker"].(bool); ok {
i.ExpiredObjectDeleteMarker = aws.Bool(val)
}
rule.Expiration = i
}
// NoncurrentVersionExpiration
nc_expiration := d.Get(fmt.Sprintf("lifecycle_rule.%d.noncurrent_version_expiration", i)).(*schema.Set).List()
if len(nc_expiration) > 0 {
e := nc_expiration[0].(map[string]interface{})
if val, ok := e["days"].(int); ok && val > 0 {
rule.NoncurrentVersionExpiration = &s3.NoncurrentVersionExpiration{
NoncurrentDays: aws.Int64(int64(val)),
}
}
}
// Transitions
transitions := d.Get(fmt.Sprintf("lifecycle_rule.%d.transition", i)).(*schema.Set).List()
if len(transitions) > 0 {
rule.Transitions = make([]*s3.Transition, 0, len(transitions))
for _, transition := range transitions {
transition := transition.(map[string]interface{})
i := &s3.Transition{}
if val, ok := transition["date"].(string); ok && val != "" {
t, err := time.Parse(time.RFC3339, fmt.Sprintf("%sT00:00:00Z", val))
if err != nil {
return fmt.Errorf("Error Parsing AWS S3 Bucket Lifecycle Expiration Date: %s", err.Error())
}
i.Date = aws.Time(t)
} else if val, ok := transition["days"].(int); ok && val > 0 {
i.Days = aws.Int64(int64(val))
}
if val, ok := transition["storage_class"].(string); ok && val != "" {
i.StorageClass = aws.String(val)
}
rule.Transitions = append(rule.Transitions, i)
}
}
// NoncurrentVersionTransitions
nc_transitions := d.Get(fmt.Sprintf("lifecycle_rule.%d.noncurrent_version_transition", i)).(*schema.Set).List()
if len(nc_transitions) > 0 {
rule.NoncurrentVersionTransitions = make([]*s3.NoncurrentVersionTransition, 0, len(nc_transitions))
for _, transition := range nc_transitions {
transition := transition.(map[string]interface{})
i := &s3.NoncurrentVersionTransition{}
if val, ok := transition["days"].(int); ok && val > 0 {
i.NoncurrentDays = aws.Int64(int64(val))
}
if val, ok := transition["storage_class"].(string); ok && val != "" {
i.StorageClass = aws.String(val)
}
rule.NoncurrentVersionTransitions = append(rule.NoncurrentVersionTransitions, i)
}
}
rules = append(rules, rule)
}
i := &s3.PutBucketLifecycleConfigurationInput{
Bucket: aws.String(bucket),
LifecycleConfiguration: &s3.BucketLifecycleConfiguration{
Rules: rules,
},
}
err := resource.Retry(1*time.Minute, func() *resource.RetryError {
if _, err := s3conn.PutBucketLifecycleConfiguration(i); err != nil {
return resource.NonRetryableError(err)
}
return nil
})
if err != nil {
return fmt.Errorf("Error putting S3 lifecycle: %s", err)
}
return nil
}
func resourceAwsSecurityGroupCreate(d *schema.ResourceData, meta interface{}) error {
conn := meta.(*AWSClient).ec2conn
securityGroupOpts := &ec2.CreateSecurityGroupInput{}
if v, ok := d.GetOk("vpc_id"); ok {
securityGroupOpts.VpcId = aws.String(v.(string))
}
if v := d.Get("description"); v != nil {
securityGroupOpts.Description = aws.String(v.(string))
}
var groupName string
if v, ok := d.GetOk("name"); ok {
groupName = v.(string)
} else if v, ok := d.GetOk("name_prefix"); ok {
groupName = resource.PrefixedUniqueId(v.(string))
} else {
groupName = resource.UniqueId()
}
securityGroupOpts.GroupName = aws.String(groupName)
var err error
log.Printf(
"[DEBUG] Security Group create configuration: %#v", securityGroupOpts)
createResp, err := conn.CreateSecurityGroup(securityGroupOpts)
if err != nil {
return fmt.Errorf("Error creating Security Group: %s", err)
}
d.SetId(*createResp.GroupId)
log.Printf("[INFO] Security Group ID: %s", d.Id())
// Wait for the security group to truly exist
log.Printf(
"[DEBUG] Waiting for Security Group (%s) to exist",
d.Id())
stateConf := &resource.StateChangeConf{
Pending: []string{""},
Target: []string{"exists"},
Refresh: SGStateRefreshFunc(conn, d.Id()),
Timeout: 1 * time.Minute,
}
resp, err := stateConf.WaitForState()
if err != nil {
return fmt.Errorf(
"Error waiting for Security Group (%s) to become available: %s",
d.Id(), err)
}
// AWS defaults all Security Groups to have an ALLOW ALL egress rule. Here we
// revoke that rule, so users don't unknowingly have/use it.
group := resp.(*ec2.SecurityGroup)
if group.VpcId != nil && *group.VpcId != "" {
log.Printf("[DEBUG] Revoking default egress rule for Security Group for %s", d.Id())
req := &ec2.RevokeSecurityGroupEgressInput{
GroupId: createResp.GroupId,
IpPermissions: []*ec2.IpPermission{
&ec2.IpPermission{
FromPort: aws.Int64(int64(0)),
ToPort: aws.Int64(int64(0)),
IpRanges: []*ec2.IpRange{
&ec2.IpRange{
CidrIp: aws.String("0.0.0.0/0"),
},
},
IpProtocol: aws.String("-1"),
},
},
}
if _, err = conn.RevokeSecurityGroupEgress(req); err != nil {
return fmt.Errorf(
"Error revoking default egress rule for Security Group (%s): %s",
d.Id(), err)
}
}
return resourceAwsSecurityGroupUpdate(d, meta)
}
func resourceAwsAutoscalingGroupCreate(d *schema.ResourceData, meta interface{}) error {
conn := meta.(*AWSClient).autoscalingconn
var asgName string
if v, ok := d.GetOk("name"); ok {
asgName = v.(string)
} else {
asgName = resource.PrefixedUniqueId("tf-asg-")
d.Set("name", asgName)
}
createOpts := autoscaling.CreateAutoScalingGroupInput{
AutoScalingGroupName: aws.String(asgName),
LaunchConfigurationName: aws.String(d.Get("launch_configuration").(string)),
NewInstancesProtectedFromScaleIn: aws.Bool(d.Get("protect_from_scale_in").(bool)),
}
updateOpts := autoscaling.UpdateAutoScalingGroupInput{
AutoScalingGroupName: aws.String(asgName),
}
initialLifecycleHooks := d.Get("initial_lifecycle_hook").(*schema.Set).List()
twoPhases := len(initialLifecycleHooks) > 0
minSize := aws.Int64(int64(d.Get("min_size").(int)))
maxSize := aws.Int64(int64(d.Get("max_size").(int)))
if twoPhases {
createOpts.MinSize = aws.Int64(int64(0))
createOpts.MaxSize = aws.Int64(int64(0))
updateOpts.MinSize = minSize
updateOpts.MaxSize = maxSize
if v, ok := d.GetOk("desired_capacity"); ok {
updateOpts.DesiredCapacity = aws.Int64(int64(v.(int)))
}
} else {
createOpts.MinSize = minSize
createOpts.MaxSize = maxSize
if v, ok := d.GetOk("desired_capacity"); ok {
createOpts.DesiredCapacity = aws.Int64(int64(v.(int)))
}
}
// Availability Zones are optional if VPC Zone Identifer(s) are specified
if v, ok := d.GetOk("availability_zones"); ok && v.(*schema.Set).Len() > 0 {
createOpts.AvailabilityZones = expandStringList(v.(*schema.Set).List())
}
if v, ok := d.GetOk("tag"); ok {
createOpts.Tags = autoscalingTagsFromMap(
setToMapByKey(v.(*schema.Set), "key"), d.Get("name").(string))
}
if v, ok := d.GetOk("default_cooldown"); ok {
createOpts.DefaultCooldown = aws.Int64(int64(v.(int)))
}
if v, ok := d.GetOk("health_check_type"); ok && v.(string) != "" {
createOpts.HealthCheckType = aws.String(v.(string))
}
if v, ok := d.GetOk("health_check_grace_period"); ok {
createOpts.HealthCheckGracePeriod = aws.Int64(int64(v.(int)))
}
if v, ok := d.GetOk("placement_group"); ok {
createOpts.PlacementGroup = aws.String(v.(string))
}
if v, ok := d.GetOk("load_balancers"); ok && v.(*schema.Set).Len() > 0 {
createOpts.LoadBalancerNames = expandStringList(
v.(*schema.Set).List())
}
if v, ok := d.GetOk("vpc_zone_identifier"); ok && v.(*schema.Set).Len() > 0 {
createOpts.VPCZoneIdentifier = expandVpcZoneIdentifiers(v.(*schema.Set).List())
}
if v, ok := d.GetOk("termination_policies"); ok && len(v.([]interface{})) > 0 {
createOpts.TerminationPolicies = expandStringList(v.([]interface{}))
}
if v, ok := d.GetOk("target_group_arns"); ok && len(v.(*schema.Set).List()) > 0 {
createOpts.TargetGroupARNs = expandStringList(v.(*schema.Set).List())
}
log.Printf("[DEBUG] AutoScaling Group create configuration: %#v", createOpts)
_, err := conn.CreateAutoScalingGroup(&createOpts)
if err != nil {
return fmt.Errorf("Error creating AutoScaling Group: %s", err)
}
d.SetId(d.Get("name").(string))
log.Printf("[INFO] AutoScaling Group ID: %s", d.Id())
if twoPhases {
for _, hook := range generatePutLifecycleHookInputs(asgName, initialLifecycleHooks) {
if err = resourceAwsAutoscalingLifecycleHookPutOp(conn, &hook); err != nil {
return fmt.Errorf("Error creating initial lifecycle hooks: %s", err)
}
}
_, err = conn.UpdateAutoScalingGroup(&updateOpts)
if err != nil {
return fmt.Errorf("Error setting AutoScaling Group initial capacity: %s", err)
}
}
if err := waitForASGCapacity(d, meta, capacitySatisfiedCreate); err != nil {
return err
}
if _, ok := d.GetOk("enabled_metrics"); ok {
metricsErr := enableASGMetricsCollection(d, conn)
if metricsErr != nil {
return metricsErr
}
}
return resourceAwsAutoscalingGroupRead(d, meta)
}