Paddy
72114636da
Deal with undeleatable bucket ACLs in storage.
...
When GCS buckets are created, they're created with a set of default
ACLs:
* `OWNER:project-owners-{project_number}`
* `OWNER:project-editors-{project_number}`
* `READER:project-viewers-{project_number}`
Normally, this would be fine, or a minor inconvenience. Terraform could
either delete them itself, or the first apply of a user would overwrite
them.
However, trying to remove the `OWNER:project-owners-{project_number}`
ACL yields an API error that the bucket owner must maintain OWNER access
to the bucket. This breaks things like `terraform destroy`, but also
means any config without that line in it will fail to apply, not just
overwrite the value.
To make matters worse, trying to *add* the
`OWNER:project-owners-{project_number}` ACL to any bucket that already
has it _also_ yields the same error about not being able to remove it.
To get around this, the storage_bucket_acl resource has been updated to
largely ignore _just this_ ACL. It will not try to add it if it already
exists, will not try to remove it at all. This does mean that Terraform
is incapable of removing this ACL from a bucket, but I'm not sure it's
possible to do that with the API, anyways.
Tests were also updated to keep the default ACLs as part of the config,
and to change the email addresses to addresses we actually own. I tried
changing to non-existant hashicorp.com email addresses, but was
rejected; only email addresses that are backed by actual Google accounts
can be used, sadly.
2017-09-15 12:03:03 -07:00
Vincent Roseberry
8f6af73181
Update CHANGELOG.md
2017-09-15 08:37:32 -07:00
Christopher Stelma
43e749c213
Add versioning for google storage buckets ( #381 )
2017-09-15 08:36:01 -07:00
Joe Selman
b1879b2459
Update CHANGELOG.md
2017-09-14 19:15:52 -07:00
Joe Selman
3d5eccc1c6
Add stackdriver project sink support ( #432 )
...
* Vendor cloud logging api
* Add logging sink support
* Remove typo
* Set Filter simpler
* Rename typ, typName to resourceType, resourceId
* Handle notFoundError
* Use # instead of // for hcl comments
* Cleanup test code
* Change testAccCheckLoggingProjectSink to take a provided api object
* Fix whitespace change after merge conflict
2017-09-14 19:15:14 -07:00
Vincent Roseberry
b694d5a325
Update CHANGELOG.md
2017-09-14 11:20:55 -07:00
Vincent Roseberry
167abea500
Create, update, move and delete a GCP folders. ( #416 )
...
* Initialize resourcemanager v2beta1 client
* Create new google_folder resource supporting create, move, update and delete operations.
* Add documentation for folders
2017-09-14 11:19:58 -07:00
Vincent Roseberry
3859f643f1
Renaming cluster import test to match other acceptance tests naming scheme ( #434 )
2017-09-14 11:02:00 -07:00
Joe Selman
5e3c31918f
Update CHANGELOG.md
2017-09-14 10:42:30 -07:00
Raúl Naveiras
eee011fc99
Add support for setting labels to google_project ( #383 )
2017-09-14 10:39:21 -07:00
Dana Hoffman
5f86f52d1f
Add DiffSuppressFunc to GKE cluster networks ( #419 )
...
* fix gke network test
* use a state func to store the resource name
2017-09-14 09:36:29 -07:00
Joe Selman
68303edb42
Fix error message not getting expanded properly. ( #430 )
2017-09-14 09:30:06 -07:00
Vincent Roseberry
3027822917
Instance group manager cleanup ( #409 )
2017-09-13 17:06:07 -07:00
Vincent Roseberry
137485ae4f
computeBetaOperationWaitTime doesn't use the timeoutMin properly ( #425 )
2017-09-13 16:29:50 -07:00
Vincent Roseberry
870f456ef9
Save name-only instead of link path in pubsub_topic ( #424 )
2017-09-13 16:29:26 -07:00
Joe Selman
a9a2428a60
Update CHANGELOG.md
2017-09-13 16:19:56 -07:00
Joe Selman
41248230ef
Expose instance_id as a computed field on compute_instance ( #427 )
2017-09-13 16:18:08 -07:00
Vincent Roseberry
f83618624c
Save region name-only instead of the self-link in compute_address ( #422 )
2017-09-13 09:51:32 -07:00
Dana Hoffman
7a7926a7ca
Update CHANGELOG.md
2017-09-13 10:37:09 +08:00
Dana Hoffman
2d733a1600
Add new google_compute_shared_vpc
resource ( #396 )
...
* Revendor compute apis
* Add new resource for shared VPC host
* add test for disabled
* add docs for shared vpc host resource
* make project required
* Add new resource google_compute_shared_vpc
* Remove google_compute_shared_vpc_host
* Add docs for shared vpc resource
* Remove docs for shared vpc host resource
* fix typos in shared vpc docs
* move helper fn to utils.go
2017-09-13 10:36:07 +08:00
Joe Selman
204201a5be
Refactor tests to defer to common method when looking up project ( #410 )
2017-09-12 13:28:31 -07:00
Victor Hiairrassary
9ede711538
Fix BigQuery Dataset doc ( #407 )
...
The `labels` argument should not be nested under `default_table_expiration_ms`
2017-09-12 11:26:19 -07:00
Vincent Roseberry
6b2669f406
Cross-reference multi-zone and single-zone documentation ( #402 )
2017-09-12 09:34:58 -07:00
Joe Selman
a31498e0c4
Update CHANGELOG.md
2017-09-12 08:08:08 -07:00
Joe Selman
7206284739
Add support for labels to compute_global_forwarding_rule ( #395 )
...
* Add support for labels to compute_global_forwarding_rule
* Factor out label api methods and use case statement for api version
2017-09-12 08:06:40 -07:00
Joe Selman
f296f1ef90
Update CHANGELOG.md
2017-09-12 08:06:16 -07:00
Joe Selman
7dea4e86c1
Export connection_name on sql instance resource ( #406 )
2017-09-12 08:04:13 -07:00
Paddy
36d8e3f403
Update CHANGELOG.md
2017-09-11 13:56:32 -07:00
Paddy
cbb71899fc
Update CHANGELOG.md
2017-09-11 13:54:24 -07:00
Paddy
26ec7e04f7
Merge pull request #358 from terraform-providers/paddy_storage_bucket_acl
...
storage: make bucket ACLs control the entire resource.
2017-09-11 13:51:12 -07:00
Vincent Roseberry
a42d59b2c5
Use common utils method in iam policy data source ( #405 )
2017-09-11 12:43:44 -07:00
Daniel Compton
22865ce3bc
Update compute_global_forwading_rule docs to reference global IP address ( #404 )
2017-09-11 10:09:07 -07:00
Vincent Roseberry
6198ca2b06
Remove extraneous line in CHANGELOG.md
2017-09-11 09:51:15 -07:00
Vincent Roseberry
a8706c9c42
Update CHANGELOG.md
2017-09-11 09:50:47 -07:00
Anders Bruun Olsen
bf51f26c07
Pubsub importable ( #392 )
2017-09-11 09:46:27 -07:00
Vincent Roseberry
7c884c7e09
Update CHANGELOG.md
2017-09-08 17:03:39 -07:00
Vincent Roseberry
c751a32626
Add new resource region_instance_group_manager ( #394 )
2017-09-08 17:02:32 -07:00
Vincent Roseberry
676a2a9266
Update CHANGELOG.md
2017-09-07 13:44:08 -07:00
Vincent Roseberry
7ceea51dfd
Add support for alias_ip_range in google_compute_instance network interface ( #375 )
2017-09-07 13:43:00 -07:00
Joe Selman
dcacc292f2
Update CHANGELOG.md
2017-09-07 12:58:27 -07:00
Joe Selman
5cd3e1ec99
Write entire backend service resource when updating ( #364 )
...
Also update the default value for connection_draining_timeout_sec to
match the default used by GCP
2017-09-07 12:56:53 -07:00
Joe Selman
d9d0e751f2
Update CHANGELOG.md
2017-09-07 12:54:46 -07:00
Joe Selman
84fa7ccd27
Don't attempt to delete default users on replica ( #360 )
...
* Don't attempt to delete default users on replica
* Test that we don't attempt to delete root user on replica
2017-09-07 12:44:17 -07:00
Vincent Roseberry
bed05c7643
Update CHANGELOG.md
2017-09-07 10:43:46 -07:00
Vincent Roseberry
c7e2991106
Update CHANGELOG.md
2017-09-07 10:42:30 -07:00
Vincent Roseberry
5be9d28369
Import for compute_address supports multiple id formats. ( #378 )
...
This allows to import address from region and project different than the default project.
2017-09-07 10:38:26 -07:00
Vincent Roseberry
da6b544330
Update CHANGELOG.md
2017-09-07 10:33:45 -07:00
Anders Bruun Olsen
67b7b2dd72
Container cluster importable ( #391 )
2017-09-07 10:31:58 -07:00
Dana Hoffman
ddc522bfec
Update CHANGELOG.md
2017-09-07 22:09:12 +08:00
Dana Hoffman
333c2f09db
Fix bug with CSEK where the key stored in state might be associated with the wrong disk ( #327 )
...
* Fix bug with CSEK where the key stored in state might be associated with the wrong disk
* preserve original order of attached disks
* use the disk index to figure out the raw key
2017-09-07 22:04:26 +08:00