Merge remote-tracking branch 'upstream/stable-website'

coveooss · Jun 18, 2020 · 0df74e9 · 0df74e9
2 parents f61abef + 9fba38a
commit 0df74e9
Show file tree

Hide file tree

Showing 22 changed files with 4,751 additions and 74 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,3 +1,18 @@
+## 2.66.0 (June 12, 2020)
+
+FEATURES:
+
+* **New Data Source:** `aws_wafv2_rule_group` ([#12790](https://github.com/terraform-providers/terraform-provider-aws/issues/12790))
+* **New Resource:** `aws_wafv2_rule_group` ([#12677](https://github.com/terraform-providers/terraform-provider-aws/issues/12677))
+
+BUG FIXES:
+
+* resource/aws_autoscaling_group: Allow `on_demand_base_capacity` to be set to 0 [[#13623](https://github.com/terraform-providers/terraform-provider-aws/issues/13623)] 
+* resource/aws_autoscaling_group: Add `Computed` field to `instances_distribution` and it's sub-fields `on_demand_allocation_strategy`, `on_demand_base_capacity`, `on_demand_percentage_above_base_capacity`, and `spot_allocation_strategy`  ([#13623](https://github.com/terraform-providers/terraform-provider-aws/issues/13623))
+* resource/aws_autoscaling_group: Remove `Default` field from `instances_distribution` sub-fields `on_demand_allocation_strategy`, `on_demand_percentage_above_base_capacity`, and `spot_allocation_strategy`  ([#13623](https://github.com/terraform-providers/terraform-provider-aws/issues/13623))
+* resource/aws_batch_job_definition: Prevent differences when no `command` is specified in container properties ([#13634](https://github.com/terraform-providers/terraform-provider-aws/issues/13634))
+* resource/aws_instance: Continue supporting empty string (`""`) `private_ip` argument ([#13640](https://github.com/terraform-providers/terraform-provider-aws/issues/13640))
+
 ## 2.65.0 (June 04, 2020)
 
 ENHANCEMENTS:

diff --git a/GNUmakefile b/GNUmakefile
@@ -100,6 +100,7 @@ awsproviderlint:
 		-S015 \
 		-S016 \
 		-S017 \
+		-S018 \
 		-S019 \
 		-S020 \
 		-S021 \

diff --git a/aws/config.go b/aws/config.go
@@ -720,7 +720,7 @@ func (c *Config) Client() (interface{}, error) {
 			r.Retryable = aws.Bool(true)
 		}
 
-		if r.Operation.Name == "CreateIPSet" || r.Operation.Name == "CreateRegexPatternSet" {
+		if r.Operation.Name == "CreateIPSet" || r.Operation.Name == "CreateRegexPatternSet" || r.Operation.Name == "CreateRuleGroup" {
 			// WAFv2 supports tag on create which can result in the below error codes according to the documentation
 			if isAWSErr(r.Error, wafv2.ErrCodeWAFTagOperationException, "Retry your request") {
 				r.Retryable = aws.Bool(true)

diff --git a/aws/data_source_aws_wafv2_rule_group.go b/aws/data_source_aws_wafv2_rule_group.go
@@ -0,0 +1,83 @@
+package aws
+
+import (
+	"fmt"
+
+	"github.com/aws/aws-sdk-go/aws"
+	"github.com/aws/aws-sdk-go/service/wafv2"
+	"github.com/hashicorp/terraform-plugin-sdk/helper/schema"
+	"github.com/hashicorp/terraform-plugin-sdk/helper/validation"
+)
+
+func dataSourceAwsWafv2RuleGroup() *schema.Resource {
+	return &schema.Resource{
+		Read: dataSourceAwsWafv2RuleGroupRead,
+
+		Schema: map[string]*schema.Schema{
+			"arn": {
+				Type:     schema.TypeString,
+				Computed: true,
+			},
+			"description": {
+				Type:     schema.TypeString,
+				Computed: true,
+			},
+			"name": {
+				Type:     schema.TypeString,
+				Required: true,
+			},
+			"scope": {
+				Type:     schema.TypeString,
+				Required: true,
+				ValidateFunc: validation.StringInSlice([]string{
+					wafv2.ScopeCloudfront,
+					wafv2.ScopeRegional,
+				}, false),
+			},
+		},
+	}
+}
+
+func dataSourceAwsWafv2RuleGroupRead(d *schema.ResourceData, meta interface{}) error {
+	conn := meta.(*AWSClient).wafv2conn
+	name := d.Get("name").(string)
+
+	var foundRuleGroup *wafv2.RuleGroupSummary
+	input := &wafv2.ListRuleGroupsInput{
+		Scope: aws.String(d.Get("scope").(string)),
+		Limit: aws.Int64(100),
+	}
+
+	for {
+		resp, err := conn.ListRuleGroups(input)
+		if err != nil {
+			return fmt.Errorf("Error reading WAFv2 RuleGroups: %s", err)
+		}
+
+		if resp == nil || resp.RuleGroups == nil {
+			return fmt.Errorf("Error reading WAFv2 RuleGroups")
+		}
+
+		for _, ruleGroup := range resp.RuleGroups {
+			if aws.StringValue(ruleGroup.Name) == name {
+				foundRuleGroup = ruleGroup
+				break
+			}
+		}
+
+		if resp.NextMarker == nil || foundRuleGroup != nil {
+			break
+		}
+		input.NextMarker = resp.NextMarker
+	}
+
+	if foundRuleGroup == nil {
+		return fmt.Errorf("WAFv2 RuleGroup not found for name: %s", name)
+	}
+
+	d.SetId(aws.StringValue(foundRuleGroup.Id))
+	d.Set("arn", aws.StringValue(foundRuleGroup.ARN))
+	d.Set("description", aws.StringValue(foundRuleGroup.Description))
+
+	return nil
+}
diff --git a/aws/data_source_aws_wafv2_rule_group_test.go b/aws/data_source_aws_wafv2_rule_group_test.go
@@ -0,0 +1,80 @@
+package aws
+
+import (
+	"fmt"
+	"regexp"
+	"testing"
+
+	"github.com/hashicorp/terraform-plugin-sdk/helper/acctest"
+	"github.com/hashicorp/terraform-plugin-sdk/helper/resource"
+)
+
+func TestAccDataSourceAwsWafv2RuleGroup_Basic(t *testing.T) {
+	name := acctest.RandomWithPrefix("tf-acc-test")
+	resourceName := "aws_wafv2_rule_group.test"
+	datasourceName := "data.aws_wafv2_rule_group.test"
+
+	resource.ParallelTest(t, resource.TestCase{
+		PreCheck:  func() { testAccPreCheck(t) },
+		Providers: testAccProviders,
+		Steps: []resource.TestStep{
+			{
+				Config:      testAccDataSourceAwsWafv2RuleGroup_NonExistent(name),
+				ExpectError: regexp.MustCompile(`WAFv2 RuleGroup not found`),
+			},
+			{
+				Config: testAccDataSourceAwsWafv2RuleGroup_Name(name),
+				Check: resource.ComposeTestCheckFunc(
+					resource.TestCheckResourceAttrPair(datasourceName, "arn", resourceName, "arn"),
+					testAccMatchResourceAttrRegionalARN(datasourceName, "arn", "wafv2", regexp.MustCompile(fmt.Sprintf("regional/rulegroup/%v/.+$", name))),
+					resource.TestCheckResourceAttrPair(datasourceName, "description", resourceName, "description"),
+					resource.TestCheckResourceAttrPair(datasourceName, "id", resourceName, "id"),
+					resource.TestCheckResourceAttrPair(datasourceName, "name", resourceName, "name"),
+					resource.TestCheckResourceAttrPair(datasourceName, "scope", resourceName, "scope"),
+				),
+			},
+		},
+	})
+}
+
+func testAccDataSourceAwsWafv2RuleGroup_Name(name string) string {
+	return fmt.Sprintf(`
+resource "aws_wafv2_rule_group" "test" {
+  name     = "%s"
+  scope    = "REGIONAL"
+  capacity = 10
+
+  visibility_config {
+    cloudwatch_metrics_enabled = false
+    metric_name                = "friendly-rule-metric-name"
+    sampled_requests_enabled   = false
+  }
+}
+
+data "aws_wafv2_rule_group" "test" {
+  name  = aws_wafv2_rule_group.test.name
+  scope = "REGIONAL"
+}
+`, name)
+}
+
+func testAccDataSourceAwsWafv2RuleGroup_NonExistent(name string) string {
+	return fmt.Sprintf(`
+resource "aws_wafv2_rule_group" "test" {
+  name     = "%s"
+  scope    = "REGIONAL"
+  capacity = 10
+
+  visibility_config {
+    cloudwatch_metrics_enabled = false
+    metric_name                = "friendly-rule-metric-name"
+    sampled_requests_enabled   = false
+  }
+}
+
+data "aws_wafv2_rule_group" "test" {
+  name  = "tf-acc-test-does-not-exist"
+  scope = "REGIONAL"
+}
+`, name)
+}
diff --git a/aws/internal/service/batch/equivalency/container_properties.go b/aws/internal/service/batch/equivalency/container_properties.go
@@ -19,6 +19,11 @@ func (cp *containerProperties) Reduce() error {
 		return aws.StringValue(cp.Environment[i].Name) < aws.StringValue(cp.Environment[j].Name)
 	})
 
+	// Prevent difference of API response that adds an empty array when not configured during the request
+	if len(cp.Command) == 0 {
+		cp.Command = nil
+	}
+
 	// Prevent difference of API response that adds an empty array when not configured during the request
 	if len(cp.Environment) == 0 {
 		cp.Environment = nil

diff --git a/aws/internal/service/batch/equivalency/container_properties_test.go b/aws/internal/service/batch/equivalency/container_properties_test.go
@@ -205,6 +205,38 @@ func TestEquivalentBatchContainerPropertiesJSON(t *testing.T) {
 	"vcpus": 8,
 	"jobRoleArn": "arn:aws:iam::123456789012:role/example"
 }
+`,
+			ExpectEquivalent: true,
+		},
+		{
+			Name: "empty command, mountPoints, resourceRequirements, ulimits, volumes",
+			ApiJson: `
+{
+	"image": "123.dkr.ecr.us-east-1.amazonaws.com/my-app",
+	"vcpus": 1,
+	"memory": 4096,
+	"command": [],
+	"jobRoleArn": "arn:aws:iam::123:role/role-test",
+	"volumes": [],
+	"environment": [{"name":"ENVIRONMENT","value":"test"}],
+	"mountPoints": [],
+	"ulimits": [],
+	"resourceRequirements": []
+}
+`,
+			ConfigurationJson: `
+{
+    "image": "123.dkr.ecr.us-east-1.amazonaws.com/my-app",
+    "memory": 4096,
+    "vcpus": 1,
+    "jobRoleArn": "arn:aws:iam::123:role/role-test",
+    "environment": [
+      {
+        "name": "ENVIRONMENT",
+        "value": "test"
+      }
+   ]
+}
 `,
 			ExpectEquivalent: true,
 		},

diff --git a/aws/provider.go b/aws/provider.go
@@ -337,6 +337,7 @@ func Provider() terraform.ResourceProvider {
 			"aws_wafregional_web_acl":                       dataSourceAwsWafRegionalWebAcl(),
 			"aws_wafv2_ip_set":                              dataSourceAwsWafv2IPSet(),
 			"aws_wafv2_regex_pattern_set":                   dataSourceAwsWafv2RegexPatternSet(),
+			"aws_wafv2_rule_group":                          dataSourceAwsWafv2RuleGroup(),
 			"aws_workspaces_bundle":                         dataSourceAwsWorkspaceBundle(),
 
 			// Adding the Aliases for the ALB -> LB Rename
@@ -891,6 +892,7 @@ func Provider() terraform.ResourceProvider {
 			"aws_wafregional_web_acl_association":                     resourceAwsWafRegionalWebAclAssociation(),
 			"aws_wafv2_ip_set":                                        resourceAwsWafv2IPSet(),
 			"aws_wafv2_regex_pattern_set":                             resourceAwsWafv2RegexPatternSet(),
+			"aws_wafv2_rule_group":                                    resourceAwsWafv2RuleGroup(),
 			"aws_worklink_fleet":                                      resourceAwsWorkLinkFleet(),
 			"aws_worklink_website_certificate_authority_association":  resourceAwsWorkLinkWebsiteCertificateAuthorityAssociation(),
 			"aws_workspaces_directory":                                resourceAwsWorkspacesDirectory(),

diff --git a/aws/resource_aws_autoscaling_group.go b/aws/resource_aws_autoscaling_group.go
@@ -95,43 +95,37 @@ func resourceAwsAutoscalingGroup() *schema.Resource {
 							Type:     schema.TypeList,
 							Optional: true,
 							MaxItems: 1,
-							// Ignore missing configuration block
-							DiffSuppressFunc: func(k, old, new string, d *schema.ResourceData) bool {
-								if old == "1" && new == "0" {
-									return true
-								}
-								return false
-							},
+							Computed: true,
+							// Ideally we'd want to detect drift detection,
+							// but a DiffSuppressFunc here does not behave nicely
+							// for detecting missing configuration blocks
 							Elem: &schema.Resource{
 								Schema: map[string]*schema.Schema{
+									// These fields are returned from calls to the API
+									// even if not provided at input time and can be omitted in requests;
+									// thus, to prevent non-empty plans, we set these
+									// to Computed and remove Defaults
 									"on_demand_allocation_strategy": {
 										Type:     schema.TypeString,
 										Optional: true,
-										Default:  "prioritized",
-										// Reference: https://github.com/hashicorp/terraform/issues/18027
-										// ValidateFunc: validation.StringInSlice([]string{
-										// 	"prioritized",
-										// }, false),
+										Computed: true,
 									},
 									"on_demand_base_capacity": {
 										Type:         schema.TypeInt,
 										Optional:     true,
+										Computed:     true,
 										ValidateFunc: validation.IntAtLeast(0),
 									},
 									"on_demand_percentage_above_base_capacity": {
 										Type:         schema.TypeInt,
 										Optional:     true,
-										Default:      100,
+										Computed:     true,
 										ValidateFunc: validation.IntBetween(0, 100),
 									},
 									"spot_allocation_strategy": {
 										Type:     schema.TypeString,
 										Optional: true,
-										Default:  "lowest-price",
-										// Reference: https://github.com/hashicorp/terraform/issues/18027
-										// ValidateFunc: validation.StringInSlice([]string{
-										// 	"lowest-price",
-										// }, false),
+										Computed: true,
 									},
 									"spot_instance_pools": {
 										Type:         schema.TypeInt,

diff --git a/aws/resource_aws_autoscaling_group_test.go b/aws/resource_aws_autoscaling_group_test.go
@@ -1708,6 +1708,67 @@ func TestAccAWSAutoScalingGroup_MixedInstancesPolicy_InstancesDistribution_OnDem
 	})
 }
 
+// Test to verify fix for behavior in GH-ISSUE 7368
+func TestAccAWSAutoScalingGroup_MixedInstancesPolicy_InstancesDistribution_UpdateToZeroOnDemandBaseCapacity(t *testing.T) {
+	var group autoscaling.Group
+	resourceName := "aws_autoscaling_group.test"
+	rName := acctest.RandomWithPrefix("tf-acc-test")
+
+	resource.ParallelTest(t, resource.TestCase{
+		PreCheck:     func() { testAccPreCheck(t) },
+		Providers:    testAccProviders,
+		CheckDestroy: testAccCheckAWSAutoScalingGroupDestroy,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccAWSAutoScalingGroupConfig_MixedInstancesPolicy_InstancesDistribution_OnDemandBaseCapacity(rName, 1),
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckAWSAutoScalingGroupExists(resourceName, &group),
+					resource.TestCheckResourceAttr(resourceName, "mixed_instances_policy.#", "1"),
+					resource.TestCheckResourceAttr(resourceName, "mixed_instances_policy.0.instances_distribution.#", "1"),
+					resource.TestCheckResourceAttr(resourceName, "mixed_instances_policy.0.instances_distribution.0.on_demand_base_capacity", "1"),
+				),
+			},
+			{
+				ResourceName:      resourceName,
+				ImportState:       true,
+				ImportStateVerify: true,
+				ImportStateVerifyIgnore: []string{
+					"force_delete",
+					"initial_lifecycle_hook",
+					"name_prefix",
+					"tag",
+					"tags",
+					"wait_for_capacity_timeout",
+					"wait_for_elb_capacity",
+				},
+			},
+			{
+				Config: testAccAWSAutoScalingGroupConfig_MixedInstancesPolicy_InstancesDistribution_OnDemandBaseCapacity(rName, 0),
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckAWSAutoScalingGroupExists(resourceName, &group),
+					resource.TestCheckResourceAttr(resourceName, "mixed_instances_policy.#", "1"),
+					resource.TestCheckResourceAttr(resourceName, "mixed_instances_policy.0.instances_distribution.#", "1"),
+					resource.TestCheckResourceAttr(resourceName, "mixed_instances_policy.0.instances_distribution.0.on_demand_base_capacity", "0"),
+				),
+			},
+			{
+				ResourceName:      resourceName,
+				ImportState:       true,
+				ImportStateVerify: true,
+				ImportStateVerifyIgnore: []string{
+					"force_delete",
+					"initial_lifecycle_hook",
+					"name_prefix",
+					"tag",
+					"tags",
+					"wait_for_capacity_timeout",
+					"wait_for_elb_capacity",
+				},
+			},
+		},
+	})
+}
+
 func TestAccAWSAutoScalingGroup_MixedInstancesPolicy_InstancesDistribution_OnDemandPercentageAboveBaseCapacity(t *testing.T) {
 	var group autoscaling.Group
 	resourceName := "aws_autoscaling_group.test"
-Original file line number
+Diff line change
@@ Expand Up / @@ -100,6 +100,7 @@ awsproviderlint: @@
     		-S015 \
     		-S016 \
     		-S017 \
+    		-S018 \
     		-S019 \
     		-S020 \
     		-S021 \
@@ Expand Down @@