func resourceAwsRoute53DelegationSetCreate(d *schema.ResourceData, meta interface{}) error {
r53 := meta.(*AWSClient).r53conn
callerRef := resource.UniqueId()
if v, ok := d.GetOk("reference_name"); ok {
callerRef = strings.Join([]string{
v.(string), "-", callerRef,
}, "")
}
input := &route53.CreateReusableDelegationSetInput{
CallerReference: aws.String(callerRef),
}
log.Printf("[DEBUG] Creating Route53 reusable delegation set: %#v", input)
out, err := r53.CreateReusableDelegationSet(input)
if err != nil {
return err
}
log.Printf("[DEBUG] Route53 reusable delegation set created: %#v", out)
set := out.DelegationSet
d.SetId(cleanDelegationSetId(*set.Id))
d.Set("name_servers", expandNameServers(set.NameServers))
return nil
}
func resourceAwsEcsServiceCreate(d *schema.ResourceData, meta interface{}) error {
conn := meta.(*AWSClient).ecsconn
input := ecs.CreateServiceInput{
ServiceName: aws.String(d.Get("name").(string)),
TaskDefinition: aws.String(d.Get("task_definition").(string)),
DesiredCount: aws.Int64(int64(d.Get("desired_count").(int))),
ClientToken: aws.String(resource.UniqueId()),
}
if v, ok := d.GetOk("cluster"); ok {
input.Cluster = aws.String(v.(string))
}
loadBalancers := expandEcsLoadBalancers(d.Get("load_balancer").(*schema.Set).List())
if len(loadBalancers) > 0 {
log.Printf("[DEBUG] Adding ECS load balancers: %s", loadBalancers)
input.LoadBalancers = loadBalancers
}
if v, ok := d.GetOk("iam_role"); ok {
input.Role = aws.String(v.(string))
}
log.Printf("[DEBUG] Creating ECS service: %s", input)
// Retry due to AWS IAM policy eventual consistency
// See https://github.com/hashicorp/terraform/issues/2869
var out *ecs.CreateServiceOutput
var err error
err = resource.Retry(2*time.Minute, func() error {
out, err = conn.CreateService(&input)
if err != nil {
ec2err, ok := err.(awserr.Error)
if !ok {
return &resource.RetryError{Err: err}
}
if ec2err.Code() == "InvalidParameterException" {
log.Printf("[DEBUG] Trying to create ECS service again: %q",
ec2err.Message())
return err
}
return &resource.RetryError{Err: err}
}
return nil
})
if err != nil {
return err
}
service := *out.Service
log.Printf("[DEBUG] ECS service created: %s", *service.ServiceArn)
d.SetId(*service.ServiceArn)
return resourceAwsEcsServiceUpdate(d, meta)
}
func resourceAwsEfsFileSystemCreate(d *schema.ResourceData, meta interface{}) error {
conn := meta.(*AWSClient).efsconn
referenceName := ""
if v, ok := d.GetOk("reference_name"); ok {
referenceName = v.(string) + "-"
}
token := referenceName + resource.UniqueId()
fs, err := conn.CreateFileSystem(&efs.CreateFileSystemInput{
CreationToken: aws.String(token),
})
if err != nil {
return err
}
log.Printf("[DEBUG] Creating EFS file system: %s", *fs)
d.SetId(*fs.FileSystemId)
stateConf := &resource.StateChangeConf{
Pending: []string{"creating"},
Target: "available",
Refresh: func() (interface{}, string, error) {
resp, err := conn.DescribeFileSystems(&efs.DescribeFileSystemsInput{
FileSystemId: aws.String(d.Id()),
})
if err != nil {
return nil, "error", err
}
if len(resp.FileSystems) < 1 {
return nil, "not-found", fmt.Errorf("EFS file system %q not found", d.Id())
}
fs := resp.FileSystems[0]
log.Printf("[DEBUG] current status of %q: %q", *fs.FileSystemId, *fs.LifeCycleState)
return fs, *fs.LifeCycleState, nil
},
Timeout: 10 * time.Minute,
Delay: 2 * time.Second,
MinTimeout: 3 * time.Second,
}
_, err = stateConf.WaitForState()
if err != nil {
return fmt.Errorf("Error waiting for EFS file system (%q) to create: %q",
d.Id(), err.Error())
}
log.Printf("[DEBUG] EFS file system created: %q", *fs.FileSystemId)
return resourceAwsEfsFileSystemUpdate(d, meta)
}
func resourceAwsRDSClusterInstanceCreate(d *schema.ResourceData, meta interface{}) error {
conn := meta.(*AWSClient).rdsconn
tags := tagsFromMapRDS(d.Get("tags").(map[string]interface{}))
createOpts := &rds.CreateDBInstanceInput{
DBInstanceClass: aws.String(d.Get("instance_class").(string)),
DBClusterIdentifier: aws.String(d.Get("cluster_identifier").(string)),
Engine: aws.String("aurora"),
PubliclyAccessible: aws.Bool(d.Get("publicly_accessible").(bool)),
Tags: tags,
}
if v := d.Get("identifier").(string); v != "" {
createOpts.DBInstanceIdentifier = aws.String(v)
} else {
createOpts.DBInstanceIdentifier = aws.String(resource.UniqueId())
}
if attr, ok := d.GetOk("db_subnet_group_name"); ok {
createOpts.DBSubnetGroupName = aws.String(attr.(string))
}
log.Printf("[DEBUG] Creating RDS DB Instance opts: %s", createOpts)
resp, err := conn.CreateDBInstance(createOpts)
if err != nil {
return err
}
d.SetId(*resp.DBInstance.DBInstanceIdentifier)
// reuse db_instance refresh func
stateConf := &resource.StateChangeConf{
Pending: []string{"creating", "backing-up", "modifying"},
Target: "available",
Refresh: resourceAwsDbInstanceStateRefreshFunc(d, meta),
Timeout: 40 * time.Minute,
MinTimeout: 10 * time.Second,
Delay: 10 * time.Second,
}
// Wait, catching any errors
_, err = stateConf.WaitForState()
if err != nil {
return err
}
return resourceAwsRDSClusterInstanceRead(d, meta)
}
func resourceAwsKeyPairCreate(d *schema.ResourceData, meta interface{}) error {
conn := meta.(*AWSClient).ec2conn
keyName := d.Get("key_name").(string)
if keyName == "" {
keyName = resource.UniqueId()
}
publicKey := d.Get("public_key").(string)
req := &ec2.ImportKeyPairInput{
KeyName: aws.String(keyName),
PublicKeyMaterial: []byte(publicKey),
}
resp, err := conn.ImportKeyPair(req)
if err != nil {
return fmt.Errorf("Error import KeyPair: %s", err)
}
d.SetId(*resp.KeyName)
return nil
}
func resourceAwsSecurityGroupCreate(d *schema.ResourceData, meta interface{}) error {
conn := meta.(*AWSClient).ec2conn
securityGroupOpts := &ec2.CreateSecurityGroupInput{}
if v, ok := d.GetOk("vpc_id"); ok {
securityGroupOpts.VpcId = aws.String(v.(string))
}
if v := d.Get("description"); v != nil {
securityGroupOpts.Description = aws.String(v.(string))
}
var groupName string
if v, ok := d.GetOk("name"); ok {
groupName = v.(string)
} else if v, ok := d.GetOk("name_prefix"); ok {
groupName = resource.PrefixedUniqueId(v.(string))
} else {
groupName = resource.UniqueId()
}
securityGroupOpts.GroupName = aws.String(groupName)
var err error
log.Printf(
"[DEBUG] Security Group create configuration: %#v", securityGroupOpts)
createResp, err := conn.CreateSecurityGroup(securityGroupOpts)
if err != nil {
return fmt.Errorf("Error creating Security Group: %s", err)
}
d.SetId(*createResp.GroupId)
log.Printf("[INFO] Security Group ID: %s", d.Id())
// Wait for the security group to truly exist
log.Printf(
"[DEBUG] Waiting for Security Group (%s) to exist",
d.Id())
stateConf := &resource.StateChangeConf{
Pending: []string{""},
Target: "exists",
Refresh: SGStateRefreshFunc(conn, d.Id()),
Timeout: 1 * time.Minute,
}
resp, err := stateConf.WaitForState()
if err != nil {
return fmt.Errorf(
"Error waiting for Security Group (%s) to become available: %s",
d.Id(), err)
}
// AWS defaults all Security Groups to have an ALLOW ALL egress rule. Here we
// revoke that rule, so users don't unknowningly have/use it.
group := resp.(*ec2.SecurityGroup)
if group.VpcId != nil && *group.VpcId != "" {
log.Printf("[DEBUG] Revoking default egress rule for Security Group for %s", d.Id())
req := &ec2.RevokeSecurityGroupEgressInput{
GroupId: createResp.GroupId,
IpPermissions: []*ec2.IpPermission{
&ec2.IpPermission{
FromPort: aws.Int64(int64(0)),
ToPort: aws.Int64(int64(0)),
IpRanges: []*ec2.IpRange{
&ec2.IpRange{
CidrIp: aws.String("0.0.0.0/0"),
},
},
IpProtocol: aws.String("-1"),
},
},
}
if _, err = conn.RevokeSecurityGroupEgress(req); err != nil {
return fmt.Errorf(
"Error revoking default egress rule for Security Group (%s): %s",
d.Id(), err)
}
}
return resourceAwsSecurityGroupUpdate(d, meta)
}
func resourceSqlDatabaseInstanceCreate(d *schema.ResourceData, meta interface{}) error {
config := meta.(*Config)
region := d.Get("region").(string)
databaseVersion := d.Get("database_version").(string)
_settingsList := d.Get("settings").([]interface{})
if len(_settingsList) > 1 {
return fmt.Errorf("At most one settings block is allowed")
}
_settings := _settingsList[0].(map[string]interface{})
settings := &sqladmin.Settings{
Tier: _settings["tier"].(string),
}
if v, ok := _settings["activation_policy"]; ok {
settings.ActivationPolicy = v.(string)
}
if v, ok := _settings["authorized_gae_applications"]; ok {
settings.AuthorizedGaeApplications = make([]string, 0)
for _, app := range v.([]interface{}) {
settings.AuthorizedGaeApplications = append(settings.AuthorizedGaeApplications,
app.(string))
}
}
if v, ok := _settings["backup_configuration"]; ok {
_backupConfigurationList := v.([]interface{})
if len(_backupConfigurationList) > 1 {
return fmt.Errorf("At most one backup_configuration block is allowed")
}
if len(_backupConfigurationList) == 1 && _backupConfigurationList[0] != nil {
settings.BackupConfiguration = &sqladmin.BackupConfiguration{}
_backupConfiguration := _backupConfigurationList[0].(map[string]interface{})
if vp, okp := _backupConfiguration["binary_log_enabled"]; okp {
settings.BackupConfiguration.BinaryLogEnabled = vp.(bool)
}
if vp, okp := _backupConfiguration["enabled"]; okp {
settings.BackupConfiguration.Enabled = vp.(bool)
}
if vp, okp := _backupConfiguration["start_time"]; okp {
settings.BackupConfiguration.StartTime = vp.(string)
}
}
}
if v, ok := _settings["crash_safe_replication"]; ok {
settings.CrashSafeReplicationEnabled = v.(bool)
}
if v, ok := _settings["database_flags"]; ok {
settings.DatabaseFlags = make([]*sqladmin.DatabaseFlags, 0)
_databaseFlagsList := v.([]interface{})
for _, _flag := range _databaseFlagsList {
_entry := _flag.(map[string]interface{})
flag := &sqladmin.DatabaseFlags{}
if vp, okp := _entry["name"]; okp {
flag.Name = vp.(string)
}
if vp, okp := _entry["value"]; okp {
flag.Value = vp.(string)
}
settings.DatabaseFlags = append(settings.DatabaseFlags, flag)
}
}
if v, ok := _settings["ip_configuration"]; ok {
_ipConfigurationList := v.([]interface{})
if len(_ipConfigurationList) > 1 {
return fmt.Errorf("At most one ip_configuration block is allowed")
}
if len(_ipConfigurationList) == 1 && _ipConfigurationList[0] != nil {
settings.IpConfiguration = &sqladmin.IpConfiguration{}
_ipConfiguration := _ipConfigurationList[0].(map[string]interface{})
if vp, okp := _ipConfiguration["ipv4_enabled"]; okp {
settings.IpConfiguration.Ipv4Enabled = vp.(bool)
}
if vp, okp := _ipConfiguration["require_ssl"]; okp {
settings.IpConfiguration.RequireSsl = vp.(bool)
}
if vp, okp := _ipConfiguration["authorized_networks"]; okp {
settings.IpConfiguration.AuthorizedNetworks = make([]*sqladmin.AclEntry, 0)
_authorizedNetworksList := vp.([]interface{})
for _, _acl := range _authorizedNetworksList {
_entry := _acl.(map[string]interface{})
entry := &sqladmin.AclEntry{}
if vpp, okpp := _entry["expiration_time"]; okpp {
entry.ExpirationTime = vpp.(string)
}
if vpp, okpp := _entry["name"]; okpp {
entry.Name = vpp.(string)
}
if vpp, okpp := _entry["value"]; okpp {
entry.Value = vpp.(string)
}
settings.IpConfiguration.AuthorizedNetworks = append(
settings.IpConfiguration.AuthorizedNetworks, entry)
}
}
}
}
if v, ok := _settings["location_preference"]; ok {
_locationPreferenceList := v.([]interface{})
if len(_locationPreferenceList) > 1 {
return fmt.Errorf("At most one location_preference block is allowed")
}
if len(_locationPreferenceList) == 1 && _locationPreferenceList[0] != nil {
settings.LocationPreference = &sqladmin.LocationPreference{}
_locationPreference := _locationPreferenceList[0].(map[string]interface{})
if vp, okp := _locationPreference["follow_gae_application"]; okp {
settings.LocationPreference.FollowGaeApplication = vp.(string)
}
if vp, okp := _locationPreference["zone"]; okp {
settings.LocationPreference.Zone = vp.(string)
}
}
}
if v, ok := _settings["pricing_plan"]; ok {
settings.PricingPlan = v.(string)
}
if v, ok := _settings["replication_type"]; ok {
settings.ReplicationType = v.(string)
}
instance := &sqladmin.DatabaseInstance{
Region: region,
Settings: settings,
DatabaseVersion: databaseVersion,
}
if v, ok := d.GetOk("name"); ok {
instance.Name = v.(string)
} else {
instance.Name = resource.UniqueId()
d.Set("name", instance.Name)
}
if v, ok := d.GetOk("replica_configuration"); ok {
_replicaConfigurationList := v.([]interface{})
if len(_replicaConfigurationList) > 1 {
return fmt.Errorf("Only one replica_configuration block may be defined")
}
if len(_replicaConfigurationList) == 1 && _replicaConfigurationList[0] != nil {
replicaConfiguration := &sqladmin.ReplicaConfiguration{}
mySqlReplicaConfiguration := &sqladmin.MySqlReplicaConfiguration{}
_replicaConfiguration := _replicaConfigurationList[0].(map[string]interface{})
if vp, okp := _replicaConfiguration["ca_certificate"]; okp {
mySqlReplicaConfiguration.CaCertificate = vp.(string)
}
if vp, okp := _replicaConfiguration["client_certificate"]; okp {
mySqlReplicaConfiguration.ClientCertificate = vp.(string)
}
if vp, okp := _replicaConfiguration["client_key"]; okp {
mySqlReplicaConfiguration.ClientKey = vp.(string)
}
if vp, okp := _replicaConfiguration["connect_retry_interval"]; okp {
mySqlReplicaConfiguration.ConnectRetryInterval = int64(vp.(int))
}
if vp, okp := _replicaConfiguration["dump_file_path"]; okp {
mySqlReplicaConfiguration.DumpFilePath = vp.(string)
}
if vp, okp := _replicaConfiguration["master_heartbeat_period"]; okp {
mySqlReplicaConfiguration.MasterHeartbeatPeriod = int64(vp.(int))
}
if vp, okp := _replicaConfiguration["password"]; okp {
mySqlReplicaConfiguration.Password = vp.(string)
}
if vp, okp := _replicaConfiguration["ssl_cipher"]; okp {
mySqlReplicaConfiguration.SslCipher = vp.(string)
}
if vp, okp := _replicaConfiguration["username"]; okp {
mySqlReplicaConfiguration.Username = vp.(string)
}
if vp, okp := _replicaConfiguration["verify_server_certificate"]; okp {
mySqlReplicaConfiguration.VerifyServerCertificate = vp.(bool)
}
replicaConfiguration.MysqlReplicaConfiguration = mySqlReplicaConfiguration
instance.ReplicaConfiguration = replicaConfiguration
}
}
if v, ok := d.GetOk("master_instance_name"); ok {
instance.MasterInstanceName = v.(string)
}
op, err := config.clientSqlAdmin.Instances.Insert(config.Project, instance).Do()
if err != nil {
if gerr, ok := err.(*googleapi.Error); ok && gerr.Code == 409 {
return fmt.Errorf("Error, the name %s is unavailable because it was used recently", instance.Name)
} else {
return fmt.Errorf("Error, failed to create instance %s: %s", instance.Name, err)
}
}
err = sqladminOperationWait(config, op, "Create Instance")
if err != nil {
return err
}
return resourceSqlDatabaseInstanceRead(d, meta)
}
func resourceAwsLaunchConfigurationCreate(d *schema.ResourceData, meta interface{}) error {
autoscalingconn := meta.(*AWSClient).autoscalingconn
ec2conn := meta.(*AWSClient).ec2conn
createLaunchConfigurationOpts := autoscaling.CreateLaunchConfigurationInput{
LaunchConfigurationName: aws.String(d.Get("name").(string)),
ImageId: aws.String(d.Get("image_id").(string)),
InstanceType: aws.String(d.Get("instance_type").(string)),
EbsOptimized: aws.Bool(d.Get("ebs_optimized").(bool)),
}
if v, ok := d.GetOk("user_data"); ok {
userData := base64.StdEncoding.EncodeToString([]byte(v.(string)))
createLaunchConfigurationOpts.UserData = aws.String(userData)
}
createLaunchConfigurationOpts.InstanceMonitoring = &autoscaling.InstanceMonitoring{
Enabled: aws.Bool(d.Get("enable_monitoring").(bool)),
}
if v, ok := d.GetOk("iam_instance_profile"); ok {
createLaunchConfigurationOpts.IamInstanceProfile = aws.String(v.(string))
}
if v, ok := d.GetOk("placement_tenancy"); ok {
createLaunchConfigurationOpts.PlacementTenancy = aws.String(v.(string))
}
if v, ok := d.GetOk("associate_public_ip_address"); ok {
createLaunchConfigurationOpts.AssociatePublicIpAddress = aws.Bool(v.(bool))
}
if v, ok := d.GetOk("key_name"); ok {
createLaunchConfigurationOpts.KeyName = aws.String(v.(string))
}
if v, ok := d.GetOk("spot_price"); ok {
createLaunchConfigurationOpts.SpotPrice = aws.String(v.(string))
}
if v, ok := d.GetOk("security_groups"); ok {
createLaunchConfigurationOpts.SecurityGroups = expandStringList(
v.(*schema.Set).List(),
)
}
var blockDevices []*autoscaling.BlockDeviceMapping
if v, ok := d.GetOk("ebs_block_device"); ok {
vL := v.(*schema.Set).List()
for _, v := range vL {
bd := v.(map[string]interface{})
ebs := &autoscaling.Ebs{
DeleteOnTermination: aws.Bool(bd["delete_on_termination"].(bool)),
Encrypted: aws.Bool(bd["encrypted"].(bool)),
}
if v, ok := bd["snapshot_id"].(string); ok && v != "" {
ebs.SnapshotId = aws.String(v)
}
if v, ok := bd["volume_size"].(int); ok && v != 0 {
ebs.VolumeSize = aws.Int64(int64(v))
}
if v, ok := bd["volume_type"].(string); ok && v != "" {
ebs.VolumeType = aws.String(v)
}
if v, ok := bd["iops"].(int); ok && v > 0 {
ebs.Iops = aws.Int64(int64(v))
}
blockDevices = append(blockDevices, &autoscaling.BlockDeviceMapping{
DeviceName: aws.String(bd["device_name"].(string)),
Ebs: ebs,
})
}
}
if v, ok := d.GetOk("ephemeral_block_device"); ok {
vL := v.(*schema.Set).List()
for _, v := range vL {
bd := v.(map[string]interface{})
blockDevices = append(blockDevices, &autoscaling.BlockDeviceMapping{
DeviceName: aws.String(bd["device_name"].(string)),
VirtualName: aws.String(bd["virtual_name"].(string)),
})
}
}
if v, ok := d.GetOk("root_block_device"); ok {
vL := v.(*schema.Set).List()
if len(vL) > 1 {
return fmt.Errorf("Cannot specify more than one root_block_device.")
}
for _, v := range vL {
bd := v.(map[string]interface{})
ebs := &autoscaling.Ebs{
DeleteOnTermination: aws.Bool(bd["delete_on_termination"].(bool)),
}
if v, ok := bd["volume_size"].(int); ok && v != 0 {
ebs.VolumeSize = aws.Int64(int64(v))
}
if v, ok := bd["volume_type"].(string); ok && v != "" {
ebs.VolumeType = aws.String(v)
}
if v, ok := bd["iops"].(int); ok && v > 0 {
ebs.Iops = aws.Int64(int64(v))
}
if dn, err := fetchRootDeviceName(d.Get("image_id").(string), ec2conn); err == nil {
if dn == nil {
return fmt.Errorf(
"Expected to find a Root Device name for AMI (%s), but got none",
d.Get("image_id").(string))
}
blockDevices = append(blockDevices, &autoscaling.BlockDeviceMapping{
DeviceName: dn,
Ebs: ebs,
})
} else {
return err
}
}
}
if len(blockDevices) > 0 {
createLaunchConfigurationOpts.BlockDeviceMappings = blockDevices
}
var lcName string
if v, ok := d.GetOk("name"); ok {
lcName = v.(string)
} else if v, ok := d.GetOk("name_prefix"); ok {
lcName = resource.PrefixedUniqueId(v.(string))
} else {
lcName = resource.UniqueId()
}
createLaunchConfigurationOpts.LaunchConfigurationName = aws.String(lcName)
log.Printf(
"[DEBUG] autoscaling create launch configuration: %s", createLaunchConfigurationOpts)
// IAM profiles can take ~10 seconds to propagate in AWS:
// http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/iam-roles-for-amazon-ec2.html#launch-instance-with-role-console
err := resource.Retry(30*time.Second, func() error {
_, err := autoscalingconn.CreateLaunchConfiguration(&createLaunchConfigurationOpts)
if err != nil {
if awsErr, ok := err.(awserr.Error); ok {
if awsErr.Message() == "Invalid IamInstanceProfile" {
return err
}
}
return &resource.RetryError{
Err: err,
}
}
return nil
})
if err != nil {
return fmt.Errorf("Error creating launch configuration: %s", err)
}
d.SetId(lcName)
log.Printf("[INFO] launch configuration ID: %s", d.Id())
// We put a Retry here since sometimes eventual consistency bites
// us and we need to retry a few times to get the LC to load properly
return resource.Retry(30*time.Second, func() error {
return resourceAwsLaunchConfigurationRead(d, meta)
})
}