Documentation

Index

Constants

View Source
const (
	AWSAMIRetryTimeout       = 40 * time.Minute
	AWSAMIDeleteRetryTimeout = 90 * time.Minute
	AWSAMIRetryDelay         = 5 * time.Second
	AWSAMIRetryMinTimeout    = 3 * time.Second
)
View Source
const (
	AWSRDSClusterEndpointRetryDelay      = 5 * time.Second
	AWSRDSClusterEndpointRetryMinTimeout = 3 * time.Second
)
View Source
const (
	MINIMUM_VERSIONED_SCHEMA             = 2.0
	SSM_DOCUMENT_PERMISSIONS_BATCH_LIMIT = 20
)
View Source
const (
	GatewayAssociationStateDeleted = "deleted"
)
View Source
const (
	VpcCidrBlockStateCodeDeleted = "deleted"
)

Variables

View Source
var LambdaFunctionRegexp = `^(arn:[\w-]+:lambda:)?([a-z]{2}-(?:[a-z]+-){1,2}\d{1}:)?(\d{12}:)?(function:)?([a-zA-Z0-9-_]+)(:(\$LATEST|[a-zA-Z0-9-_]+))?$`
View Source
var SNSAttributeMap = map[string]string{
	"application_failure_feedback_role_arn":    "ApplicationFailureFeedbackRoleArn",
	"application_success_feedback_role_arn":    "ApplicationSuccessFeedbackRoleArn",
	"application_success_feedback_sample_rate": "ApplicationSuccessFeedbackSampleRate",
	"arn":                                 "TopicArn",
	"delivery_policy":                     "DeliveryPolicy",
	"display_name":                        "DisplayName",
	"http_failure_feedback_role_arn":      "HTTPFailureFeedbackRoleArn",
	"http_success_feedback_role_arn":      "HTTPSuccessFeedbackRoleArn",
	"http_success_feedback_sample_rate":   "HTTPSuccessFeedbackSampleRate",
	"kms_master_key_id":                   "KmsMasterKeyId",
	"lambda_failure_feedback_role_arn":    "LambdaFailureFeedbackRoleArn",
	"lambda_success_feedback_role_arn":    "LambdaSuccessFeedbackRoleArn",
	"lambda_success_feedback_sample_rate": "LambdaSuccessFeedbackSampleRate",
	"policy":                              "Policy",
	"sqs_failure_feedback_role_arn":       "SQSFailureFeedbackRoleArn",
	"sqs_success_feedback_role_arn":       "SQSSuccessFeedbackRoleArn",
	"sqs_success_feedback_sample_rate":    "SQSSuccessFeedbackSampleRate",
}

    Mutable attributes

    Functions

    func AMIStateRefreshFunc

    func AMIStateRefreshFunc(client *ec2.EC2, id string) resource.StateRefreshFunc

    func DBClusterEndpointStateRefreshFunc

    func DBClusterEndpointStateRefreshFunc(conn *rds.RDS, id string) resource.StateRefreshFunc

    func EcsContainerDefinitionsAreEquivalent

    func EcsContainerDefinitionsAreEquivalent(def1, def2 string, isAWSVPC bool) (bool, error)

      EcsContainerDefinitionsAreEquivalent determines equality between two ECS container definition JSON strings Note: This function will be moved out of the aws package in the future.

      func FQDN

      func FQDN(name string) string

      func GetAccountIDAndPartition

      func GetAccountIDAndPartition(iamconn *iam.IAM, stsconn *sts.STS, authProviderName string) (string, string, error)

      func GetAccountIDAndPartitionFromEC2Metadata

      func GetAccountIDAndPartitionFromEC2Metadata() (string, string, error)

      func GetAccountIDAndPartitionFromIAMGetUser

      func GetAccountIDAndPartitionFromIAMGetUser(iamconn *iam.IAM) (string, string, error)

      func GetAccountIDAndPartitionFromIAMListRoles

      func GetAccountIDAndPartitionFromIAMListRoles(iamconn *iam.IAM) (string, string, error)

      func GetAccountIDAndPartitionFromSTSGetCallerIdentity

      func GetAccountIDAndPartitionFromSTSGetCallerIdentity(stsconn *sts.STS) (string, string, error)

      func GetCredentials

      func GetCredentials(c *Config) (*awsCredentials.Credentials, error)

        This function is responsible for reading credentials from the environment in the case that they're not explicitly specified in the Terraform configuration.

        func GetSupportedEC2Platforms

        func GetSupportedEC2Platforms(conn *ec2.EC2) ([]string, error)

        func HostedZoneIDForRegion

        func HostedZoneIDForRegion(region string) (string, error)

          Returns the hosted zone ID for an S3 website endpoint region. This can be used as input to the aws_route53_record resource's zone_id argument.

          func IGAttachStateRefreshFunc

          func IGAttachStateRefreshFunc(conn *ec2.EC2, id string, expected string) resource.StateRefreshFunc

            IGAttachStateRefreshFunc returns a resource.StateRefreshFunc that is used watch the state of an internet gateway's attachment.

            func IGStateRefreshFunc

            func IGStateRefreshFunc(conn *ec2.EC2, id string) resource.StateRefreshFunc

              IGStateRefreshFunc returns a resource.StateRefreshFunc that is used to watch an internet gateway.

              func InstanceStateRefreshFunc

              func InstanceStateRefreshFunc(conn *ec2.EC2, instanceID string, failStates []string) resource.StateRefreshFunc

                InstanceStateRefreshFunc returns a resource.StateRefreshFunc that is used to watch an EC2 instance.

                func Ipv6CidrStateRefreshFunc

                func Ipv6CidrStateRefreshFunc(conn *ec2.EC2, id string, associationId string) resource.StateRefreshFunc

                func IsAWSErrExtended

                func IsAWSErrExtended(err error, code string, message string, origErrMessage string) bool

                  IsAWSErrExtended returns true if the error matches all conditions

                  * err is of type awserr.Error
                  * Error.Code() matches code
                  * Error.Message() contains message
                  * Error.OrigErr() contains origErrMessage
                  

                  Note: This function will be moved out of the aws package in the future.

                  func NGStateRefreshFunc

                  func NGStateRefreshFunc(conn *ec2.EC2, id string) resource.StateRefreshFunc

                    NGStateRefreshFunc returns a resource.StateRefreshFunc that is used to watch a NAT Gateway.

                    func OpsworksInstanceStateRefreshFunc

                    func OpsworksInstanceStateRefreshFunc(conn *opsworks.OpsWorks, instanceID string) resource.StateRefreshFunc

                    func Provider

                    func Provider() terraform.ResourceProvider

                      Provider returns a terraform.ResourceProvider.

                      func RetryOnAwsCodes

                      func RetryOnAwsCodes(codes []string, f func() (interface{}, error)) (interface{}, error)

                        RetryOnAwsCodes retries AWS error codes for one minute Note: This function will be moved out of the aws package in the future.

                        func SGStateRefreshFunc

                        func SGStateRefreshFunc(conn *ec2.EC2, id string) resource.StateRefreshFunc

                          SGStateRefreshFunc returns a resource.StateRefreshFunc that is used to watch a security group.

                          func SpotInstanceStateRefreshFunc

                          func SpotInstanceStateRefreshFunc(
                          	conn *ec2.EC2, sir ec2.SpotInstanceRequest) resource.StateRefreshFunc

                            SpotInstanceStateRefreshFunc returns a resource.StateRefreshFunc that is used to watch an EC2 spot instance request

                            func SubnetIpv6CidrStateRefreshFunc

                            func SubnetIpv6CidrStateRefreshFunc(conn *ec2.EC2, id string, associationId string) resource.StateRefreshFunc

                            func SubnetStateRefreshFunc

                            func SubnetStateRefreshFunc(conn *ec2.EC2, id string) resource.StateRefreshFunc

                              SubnetStateRefreshFunc returns a resource.StateRefreshFunc that is used to watch a Subnet.

                              func VPCStateRefreshFunc

                              func VPCStateRefreshFunc(conn *ec2.EC2, id string) resource.StateRefreshFunc

                                VPCStateRefreshFunc returns a resource.StateRefreshFunc that is used to watch a VPC.

                                func WebsiteDomainUrl

                                func WebsiteDomainUrl(region string) string

                                Types

                                type AWSClient

                                type AWSClient struct {
                                	// contains filtered or unexported fields
                                }

                                func (*AWSClient) DynamoDB

                                func (c *AWSClient) DynamoDB() *dynamodb.DynamoDB

                                func (*AWSClient) IsChinaCloud

                                func (c *AWSClient) IsChinaCloud() bool

                                func (*AWSClient) S3

                                func (c *AWSClient) S3() *s3.S3

                                type ByGroupPair

                                type ByGroupPair []*ec2.UserIdGroupPair

                                  ByGroupPair implements sort.Interface for []*ec2.UserIDGroupPairs based on GroupID or GroupName field (only one should be set).

                                  func (ByGroupPair) Len

                                  func (b ByGroupPair) Len() int

                                  func (ByGroupPair) Less

                                  func (b ByGroupPair) Less(i, j int) bool

                                  func (ByGroupPair) Swap

                                  func (b ByGroupPair) Swap(i, j int)

                                  type CloudWatchEventPermissionPolicyDoc

                                  type CloudWatchEventPermissionPolicyDoc struct {
                                  	Version    string
                                  	ID         string                                     `json:"Id,omitempty"`
                                  	Statements []CloudWatchEventPermissionPolicyStatement `json:"Statement"`
                                  }

                                    CloudWatchEventPermissionPolicyDoc represents the Policy attribute of DescribeEventBus See also: https://docs.aws.amazon.com/AmazonCloudWatchEvents/latest/APIReference/API_DescribeEventBus.html

                                    type CloudWatchEventPermissionPolicyStatement

                                    type CloudWatchEventPermissionPolicyStatement struct {
                                    	Sid       string
                                    	Effect    string
                                    	Action    string
                                    	Condition *CloudWatchEventPermissionPolicyStatementCondition `json:"Condition,omitempty"`
                                    	Principal interface{}                                        // "*" or {"AWS": "arn:aws:iam::111111111111:root"}
                                    	Resource  string
                                    }

                                      CloudWatchEventPermissionPolicyStatement represents the Statement attribute of CloudWatchEventPermissionPolicyDoc See also: https://docs.aws.amazon.com/AmazonCloudWatchEvents/latest/APIReference/API_DescribeEventBus.html

                                      type CloudWatchEventPermissionPolicyStatementCondition

                                      type CloudWatchEventPermissionPolicyStatementCondition struct {
                                      	Key   string
                                      	Type  string
                                      	Value string
                                      }

                                        CloudWatchEventPermissionPolicyStatementCondition represents the Condition attribute of CloudWatchEventPermissionPolicyStatement See also: https://docs.aws.amazon.com/AmazonCloudWatchEvents/latest/APIReference/API_DescribeEventBus.html

                                        func (*CloudWatchEventPermissionPolicyStatementCondition) UnmarshalJSON

                                        func (condition *CloudWatchEventPermissionPolicyStatementCondition) UnmarshalJSON(b []byte) error

                                        type Config

                                        type Config struct {
                                        	AccessKey     string
                                        	SecretKey     string
                                        	CredsFilename string
                                        	Profile       string
                                        	Token         string
                                        	Region        string
                                        	MaxRetries    int
                                        
                                        	AssumeRoleARN         string
                                        	AssumeRoleExternalID  string
                                        	AssumeRoleSessionName string
                                        	AssumeRolePolicy      string
                                        
                                        	AllowedAccountIds   []interface{}
                                        	ForbiddenAccountIds []interface{}
                                        
                                        	AcmEndpoint              string
                                        	ApigatewayEndpoint       string
                                        	CloudFormationEndpoint   string
                                        	CloudWatchEndpoint       string
                                        	CloudWatchEventsEndpoint string
                                        	CloudWatchLogsEndpoint   string
                                        	DynamoDBEndpoint         string
                                        	DeviceFarmEndpoint       string
                                        	Ec2Endpoint              string
                                        	EcsEndpoint              string
                                        	AutoscalingEndpoint      string
                                        	EcrEndpoint              string
                                        	EfsEndpoint              string
                                        	EsEndpoint               string
                                        	ElbEndpoint              string
                                        	IamEndpoint              string
                                        	KinesisEndpoint          string
                                        	KinesisAnalyticsEndpoint string
                                        	KmsEndpoint              string
                                        	LambdaEndpoint           string
                                        	RdsEndpoint              string
                                        	R53Endpoint              string
                                        	S3Endpoint               string
                                        	S3ControlEndpoint        string
                                        	SnsEndpoint              string
                                        	SqsEndpoint              string
                                        	StsEndpoint              string
                                        	SsmEndpoint              string
                                        	Insecure                 bool
                                        
                                        	SkipCredsValidation     bool
                                        	SkipGetEC2Platforms     bool
                                        	SkipRegionValidation    bool
                                        	SkipRequestingAccountId bool
                                        	SkipMetadataApiCheck    bool
                                        	S3ForcePathStyle        bool
                                        }

                                        func (*Config) Client

                                        func (c *Config) Client() (interface{}, error)

                                          Client configures and returns a fully initialized AWSClient

                                          func (*Config) ValidateAccountId

                                          func (c *Config) ValidateAccountId(accountId string) error

                                            ValidateAccountId returns a context-specific error if the configured account id is explicitly forbidden or not authorised; and nil if it is authorised.

                                            func (*Config) ValidateRegion

                                            func (c *Config) ValidateRegion() error

                                              ValidateRegion returns an error if the configured region is not a valid aws region and nil otherwise.

                                              type GroupIdentifier

                                              type GroupIdentifier struct {
                                              	// The ID of the security group.
                                              	GroupId *string
                                              
                                              	// The name of the security group.
                                              	GroupName *string
                                              
                                              	Description *string
                                              }

                                                Like ec2.GroupIdentifier but with additional rule description.

                                                type IAMPolicyDoc

                                                type IAMPolicyDoc struct {
                                                	Version    string                `json:",omitempty"`
                                                	Id         string                `json:",omitempty"`
                                                	Statements []*IAMPolicyStatement `json:"Statement"`
                                                }

                                                func (*IAMPolicyDoc) Merge

                                                func (self *IAMPolicyDoc) Merge(newDoc *IAMPolicyDoc)

                                                type IAMPolicyStatement

                                                type IAMPolicyStatement struct {
                                                	Sid           string
                                                	Effect        string                         `json:",omitempty"`
                                                	Actions       interface{}                    `json:"Action,omitempty"`
                                                	NotActions    interface{}                    `json:"NotAction,omitempty"`
                                                	Resources     interface{}                    `json:"Resource,omitempty"`
                                                	NotResources  interface{}                    `json:"NotResource,omitempty"`
                                                	Principals    IAMPolicyStatementPrincipalSet `json:"Principal,omitempty"`
                                                	NotPrincipals IAMPolicyStatementPrincipalSet `json:"NotPrincipal,omitempty"`
                                                	Conditions    IAMPolicyStatementConditionSet `json:"Condition,omitempty"`
                                                }

                                                type IAMPolicyStatementCondition

                                                type IAMPolicyStatementCondition struct {
                                                	Test     string
                                                	Variable string
                                                	Values   interface{}
                                                }

                                                type IAMPolicyStatementConditionSet

                                                type IAMPolicyStatementConditionSet []IAMPolicyStatementCondition

                                                func (IAMPolicyStatementConditionSet) MarshalJSON

                                                func (cs IAMPolicyStatementConditionSet) MarshalJSON() ([]byte, error)

                                                func (*IAMPolicyStatementConditionSet) UnmarshalJSON

                                                func (cs *IAMPolicyStatementConditionSet) UnmarshalJSON(b []byte) error

                                                type IAMPolicyStatementPrincipal

                                                type IAMPolicyStatementPrincipal struct {
                                                	Type        string
                                                	Identifiers interface{}
                                                }

                                                type IAMPolicyStatementPrincipalSet

                                                type IAMPolicyStatementPrincipalSet []IAMPolicyStatementPrincipal

                                                func (IAMPolicyStatementPrincipalSet) MarshalJSON

                                                func (ps IAMPolicyStatementPrincipalSet) MarshalJSON() ([]byte, error)

                                                func (*IAMPolicyStatementPrincipalSet) UnmarshalJSON

                                                func (ps *IAMPolicyStatementPrincipalSet) UnmarshalJSON(b []byte) error

                                                type KmsGrantMissingError

                                                type KmsGrantMissingError string

                                                  Custom error, so we don't have to rely on the content of an error message

                                                  func NewKmsGrantMissingError

                                                  func NewKmsGrantMissingError(msg string) KmsGrantMissingError

                                                  func (KmsGrantMissingError) Error

                                                  func (e KmsGrantMissingError) Error() string

                                                  type LambdaPolicy

                                                  type LambdaPolicy struct {
                                                  	Version   string
                                                  	Statement []LambdaPolicyStatement
                                                  	Id        string
                                                  }

                                                  type LambdaPolicyStatement

                                                  type LambdaPolicyStatement struct {
                                                  	Condition map[string]map[string]string
                                                  	Action    string
                                                  	Resource  string
                                                  	Effect    string
                                                  	Principal map[string]string
                                                  	Sid       string
                                                  }

                                                  type Reassignment

                                                  type Reassignment struct {
                                                  	// contains filtered or unexported fields
                                                  }

                                                  type S3Website

                                                  type S3Website struct {
                                                  	Endpoint, Domain string
                                                  }

                                                  func WebsiteEndpoint

                                                  func WebsiteEndpoint(bucket string, region string) *S3Website

                                                  type StringPtrSlice

                                                  type StringPtrSlice []*string

                                                    Define Sort interface for []*string so we can ensure the order of geo_restrictions.locations

                                                    func (StringPtrSlice) Len

                                                    func (p StringPtrSlice) Len() int

                                                    func (StringPtrSlice) Less

                                                    func (p StringPtrSlice) Less(i, j int) bool

                                                    func (StringPtrSlice) Swap

                                                    func (p StringPtrSlice) Swap(i, j int)

                                                    type TunnelInfo

                                                    type TunnelInfo struct {
                                                    	Tunnel1Address          string
                                                    	Tunnel1CgwInsideAddress string
                                                    	Tunnel1VgwInsideAddress string
                                                    	Tunnel1PreSharedKey     string
                                                    	Tunnel1BGPASN           string
                                                    	Tunnel1BGPHoldTime      int
                                                    	Tunnel2Address          string
                                                    	Tunnel2CgwInsideAddress string
                                                    	Tunnel2VgwInsideAddress string
                                                    	Tunnel2PreSharedKey     string
                                                    	Tunnel2BGPASN           string
                                                    	Tunnel2BGPHoldTime      int
                                                    }

                                                    type WafRegionalRetryer

                                                    type WafRegionalRetryer struct {
                                                    	Connection *wafregional.WAFRegional
                                                    	Region     string
                                                    }

                                                    func (*WafRegionalRetryer) RetryWithToken

                                                    func (t *WafRegionalRetryer) RetryWithToken(f withRegionalTokenFunc) (interface{}, error)

                                                    type WafRetryer

                                                    type WafRetryer struct {
                                                    	Connection *waf.WAF
                                                    }

                                                    func (*WafRetryer) RetryWithToken

                                                    func (t *WafRetryer) RetryWithToken(f withTokenFunc) (interface{}, error)

                                                    type XmlIpsecTunnel

                                                    type XmlIpsecTunnel struct {
                                                    	OutsideAddress   string `xml:"vpn_gateway>tunnel_outside_address>ip_address"`
                                                    	BGPASN           string `xml:"vpn_gateway>bgp>asn"`
                                                    	BGPHoldTime      int    `xml:"vpn_gateway>bgp>hold_time"`
                                                    	PreSharedKey     string `xml:"ike>pre_shared_key"`
                                                    	CgwInsideAddress string `xml:"customer_gateway>tunnel_inside_address>ip_address"`
                                                    	VgwInsideAddress string `xml:"vpn_gateway>tunnel_inside_address>ip_address"`
                                                    }

                                                    type XmlVpnConnectionConfig

                                                    type XmlVpnConnectionConfig struct {
                                                    	Tunnels []XmlIpsecTunnel `xml:"ipsec_tunnel"`
                                                    }

                                                    func (XmlVpnConnectionConfig) Len

                                                    func (slice XmlVpnConnectionConfig) Len() int

                                                    func (XmlVpnConnectionConfig) Less

                                                    func (slice XmlVpnConnectionConfig) Less(i, j int) bool

                                                    func (XmlVpnConnectionConfig) Swap

                                                    func (slice XmlVpnConnectionConfig) Swap(i, j int)

                                                    Source Files