diff --git a/aws/data_source_aws_availability_zones.go b/aws/data_source_aws_availability_zones.go index bee053e1d9a..6457609af56 100644 --- a/aws/data_source_aws_availability_zones.go +++ b/aws/data_source_aws_availability_zones.go @@ -22,14 +22,18 @@ func dataSourceAwsAvailabilityZones() *schema.Resource { Optional: true, }, "blacklisted_names": { - Type: schema.TypeSet, - Optional: true, - Elem: &schema.Schema{Type: schema.TypeString}, + Type: schema.TypeSet, + Optional: true, + ConflictsWith: []string{"exclude_names"}, + Deprecated: "use `exclude_names` instead", + Elem: &schema.Schema{Type: schema.TypeString}, }, "blacklisted_zone_ids": { - Type: schema.TypeSet, - Optional: true, - Elem: &schema.Schema{Type: schema.TypeString}, + Type: schema.TypeSet, + Optional: true, + ConflictsWith: []string{"exclude_zone_ids"}, + Deprecated: "use `exclude_zone_ids` instead", + Elem: &schema.Schema{Type: schema.TypeString}, }, "filter": ec2CustomFiltersSchema(), "group_names": { @@ -42,6 +46,18 @@ func dataSourceAwsAvailabilityZones() *schema.Resource { Computed: true, Elem: &schema.Schema{Type: schema.TypeString}, }, + "exclude_names": { + Type: schema.TypeSet, + Optional: true, + ConflictsWith: []string{"blacklisted_names"}, + Elem: &schema.Schema{Type: schema.TypeString}, + }, + "exclude_zone_ids": { + Type: schema.TypeSet, + Optional: true, + ConflictsWith: []string{"blacklisted_zone_ids"}, + Elem: &schema.Schema{Type: schema.TypeString}, + }, "state": { Type: schema.TypeString, Optional: true, @@ -105,6 +121,9 @@ func dataSourceAwsAvailabilityZonesRead(d *schema.ResourceData, meta interface{} blacklistedNames := d.Get("blacklisted_names").(*schema.Set) blacklistedZoneIDs := d.Get("blacklisted_zone_ids").(*schema.Set) + excludeNames := d.Get("exclude_names").(*schema.Set) + excludeZoneIDs := d.Get("exclude_zone_ids").(*schema.Set) + groupNames := schema.NewSet(schema.HashString, nil) names := []string{} zoneIds := []string{} @@ -113,11 +132,11 @@ func dataSourceAwsAvailabilityZonesRead(d *schema.ResourceData, meta interface{} name := aws.StringValue(v.ZoneName) zoneID := aws.StringValue(v.ZoneId) - if blacklistedNames.Contains(name) { + if blacklistedNames.Contains(name) || excludeNames.Contains(name) { continue } - if blacklistedZoneIDs.Contains(zoneID) { + if blacklistedZoneIDs.Contains(zoneID) || excludeZoneIDs.Contains(zoneID) { continue } diff --git a/aws/data_source_aws_availability_zones_test.go b/aws/data_source_aws_availability_zones_test.go index 00877f12593..4ffa5d752f3 100644 --- a/aws/data_source_aws_availability_zones_test.go +++ b/aws/data_source_aws_availability_zones_test.go @@ -107,7 +107,7 @@ func TestAccAWSAvailabilityZones_AllAvailabilityZones(t *testing.T) { func TestAccAWSAvailabilityZones_BlacklistedNames(t *testing.T) { allDataSourceName := "data.aws_availability_zones.all" - blacklistedDataSourceName := "data.aws_availability_zones.test" + excludeDataSourceName := "data.aws_availability_zones.test" resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, @@ -116,7 +116,7 @@ func TestAccAWSAvailabilityZones_BlacklistedNames(t *testing.T) { { Config: testAccCheckAwsAvailabilityZonesConfigBlacklistedNames(), Check: resource.ComposeTestCheckFunc( - testAccCheckAwsAvailabilityZonesBlacklisting(allDataSourceName, blacklistedDataSourceName), + testAccCheckAwsAvailabilityZonesExcluded(allDataSourceName, excludeDataSourceName), ), }, }, @@ -125,7 +125,7 @@ func TestAccAWSAvailabilityZones_BlacklistedNames(t *testing.T) { func TestAccAWSAvailabilityZones_BlacklistedZoneIds(t *testing.T) { allDataSourceName := "data.aws_availability_zones.all" - blacklistedDataSourceName := "data.aws_availability_zones.test" + excludeDataSourceName := "data.aws_availability_zones.test" resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, @@ -134,7 +134,7 @@ func TestAccAWSAvailabilityZones_BlacklistedZoneIds(t *testing.T) { { Config: testAccCheckAwsAvailabilityZonesConfigBlacklistedZoneIds(), Check: resource.ComposeTestCheckFunc( - testAccCheckAwsAvailabilityZonesBlacklisting(allDataSourceName, blacklistedDataSourceName), + testAccCheckAwsAvailabilityZonesExcluded(allDataSourceName, excludeDataSourceName), ), }, }, @@ -158,6 +158,42 @@ func TestAccAWSAvailabilityZones_Filter(t *testing.T) { }) } +func TestAccAWSAvailabilityZones_ExcludeNames(t *testing.T) { + allDataSourceName := "data.aws_availability_zones.all" + excludeDataSourceName := "data.aws_availability_zones.test" + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + Steps: []resource.TestStep{ + { + Config: testAccCheckAwsAvailabilityZonesConfigExcludeNames(), + Check: resource.ComposeTestCheckFunc( + testAccCheckAwsAvailabilityZonesExcluded(allDataSourceName, excludeDataSourceName), + ), + }, + }, + }) +} + +func TestAccAWSAvailabilityZones_ExcludeZoneIds(t *testing.T) { + allDataSourceName := "data.aws_availability_zones.all" + excludeDataSourceName := "data.aws_availability_zones.test" + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + Steps: []resource.TestStep{ + { + Config: testAccCheckAwsAvailabilityZonesConfigExcludeZoneIds(), + Check: resource.ComposeTestCheckFunc( + testAccCheckAwsAvailabilityZonesExcluded(allDataSourceName, excludeDataSourceName), + ), + }, + }, + }) +} + func TestAccAWSAvailabilityZones_stateFilter(t *testing.T) { resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, @@ -198,16 +234,16 @@ func testAccCheckAwsAvailabilityZonesMeta(n string) resource.TestCheckFunc { } } -func testAccCheckAwsAvailabilityZonesBlacklisting(allDataSourceName, blacklistedDataSourceName string) resource.TestCheckFunc { +func testAccCheckAwsAvailabilityZonesExcluded(allDataSourceName, excludeDataSourceName string) resource.TestCheckFunc { return func(s *terraform.State) error { allResourceState, ok := s.RootModule().Resources[allDataSourceName] if !ok { return fmt.Errorf("Resource does not exist: %s", allDataSourceName) } - blacklistedResourceState, ok := s.RootModule().Resources[blacklistedDataSourceName] + excludeResourceState, ok := s.RootModule().Resources[excludeDataSourceName] if !ok { - return fmt.Errorf("Resource does not exist: %s", blacklistedDataSourceName) + return fmt.Errorf("Resource does not exist: %s", excludeDataSourceName) } for _, attribute := range []string{"names.#", "zone_ids.#"} { @@ -217,13 +253,13 @@ func testAccCheckAwsAvailabilityZonesBlacklisting(allDataSourceName, blacklisted return fmt.Errorf("cannot find %s in %s resource state attributes: %+v", attribute, allDataSourceName, allResourceState.Primary.Attributes) } - blacklistedValue, ok := blacklistedResourceState.Primary.Attributes[attribute] + excludeValue, ok := excludeResourceState.Primary.Attributes[attribute] if !ok { - return fmt.Errorf("cannot find %s in %s resource state attributes: %+v", attribute, blacklistedDataSourceName, blacklistedResourceState.Primary.Attributes) + return fmt.Errorf("cannot find %s in %s resource state attributes: %+v", attribute, excludeDataSourceName, excludeResourceState.Primary.Attributes) } - if allValue == blacklistedValue { + if allValue == excludeValue { return fmt.Errorf("expected %s attribute value difference, got: %s", attribute, allValue) } } @@ -338,6 +374,26 @@ data "aws_availability_zones" "test" { `) } +func testAccCheckAwsAvailabilityZonesConfigExcludeNames() string { + return fmt.Sprintf(` +data "aws_availability_zones" "all" {} + +data "aws_availability_zones" "test" { + exclude_names = ["${data.aws_availability_zones.all.names[0]}"] +} +`) +} + +func testAccCheckAwsAvailabilityZonesConfigExcludeZoneIds() string { + return fmt.Sprintf(` +data "aws_availability_zones" "all" {} + +data "aws_availability_zones" "test" { + exclude_zone_ids = ["${data.aws_availability_zones.all.zone_ids[0]}"] +} +`) +} + const testAccCheckAwsAvailabilityZonesStateConfig = ` data "aws_availability_zones" "state_filter" { state = "available" diff --git a/aws/data_source_aws_ec2_transit_gateway_vpc_attachment_test.go b/aws/data_source_aws_ec2_transit_gateway_vpc_attachment_test.go index 1acb93589bb..e4d80a56d0e 100644 --- a/aws/data_source_aws_ec2_transit_gateway_vpc_attachment_test.go +++ b/aws/data_source_aws_ec2_transit_gateway_vpc_attachment_test.go @@ -61,8 +61,8 @@ func testAccAWSEc2TransitGatewayVpcAttachmentDataSourceConfigFilter() string { return fmt.Sprintf(` data "aws_availability_zones" "available" { # IncorrectState: Transit Gateway is not available in availability zone us-west-2d - blacklisted_zone_ids = ["usw2-az4"] - state = "available" + exclude_zone_ids = ["usw2-az4"] + state = "available" filter { name = "opt-in-status" @@ -109,8 +109,8 @@ func testAccAWSEc2TransitGatewayVpcAttachmentDataSourceConfigID() string { return fmt.Sprintf(` data "aws_availability_zones" "available" { # IncorrectState: Transit Gateway is not available in availability zone us-west-2d - blacklisted_zone_ids = ["usw2-az4"] - state = "available" + exclude_zone_ids = ["usw2-az4"] + state = "available" filter { name = "opt-in-status" diff --git a/aws/data_source_aws_eip_test.go b/aws/data_source_aws_eip_test.go index 77028e3b314..7abbdf72f25 100644 --- a/aws/data_source_aws_eip_test.go +++ b/aws/data_source_aws_eip_test.go @@ -292,8 +292,8 @@ data "aws_eip" "test" { const testAccDataSourceAwsEipConfigInstance = ` data "aws_availability_zones" "available" { # Error launching source instance: Unsupported: Your requested instance type (t2.micro) is not supported in your requested Availability Zone (us-west-2d). - blacklisted_zone_ids = ["usw2-az4"] - state = "available" + exclude_zone_ids = ["usw2-az4"] + state = "available" filter { name = "opt-in-status" diff --git a/aws/data_source_aws_route_test.go b/aws/data_source_aws_route_test.go index 82cba87ac67..8cb217a3f9c 100644 --- a/aws/data_source_aws_route_test.go +++ b/aws/data_source_aws_route_test.go @@ -197,8 +197,8 @@ func testAccAWSRouteDataSourceConfigTransitGatewayID() string { return fmt.Sprintf(` data "aws_availability_zones" "available" { # IncorrectState: Transit Gateway is not available in availability zone us-west-2d - blacklisted_zone_ids = ["usw2-az4"] - state = "available" + exclude_zone_ids = ["usw2-az4"] + state = "available" filter { name = "opt-in-status" diff --git a/aws/resource_aws_appautoscaling_scheduled_action_test.go b/aws/resource_aws_appautoscaling_scheduled_action_test.go index c136ea48887..0d5645d1f7e 100644 --- a/aws/resource_aws_appautoscaling_scheduled_action_test.go +++ b/aws/resource_aws_appautoscaling_scheduled_action_test.go @@ -233,8 +233,8 @@ func testAccAppautoscalingScheduledActionConfig_EMR(rName, ts string) string { return fmt.Sprintf(` data "aws_availability_zones" "available" { # The requested instance type c4.large is not supported in the requested availability zone. - blacklisted_zone_ids = ["usw2-az4"] - state = "available" + exclude_zone_ids = ["usw2-az4"] + state = "available" filter { name = "opt-in-status" diff --git a/aws/resource_aws_appautoscaling_target_test.go b/aws/resource_aws_appautoscaling_target_test.go index fe255056d7b..6b5f04a3167 100644 --- a/aws/resource_aws_appautoscaling_target_test.go +++ b/aws/resource_aws_appautoscaling_target_test.go @@ -322,8 +322,8 @@ func testAccAWSAppautoscalingTargetEmrClusterConfig(rInt int) string { return fmt.Sprintf(` data "aws_availability_zones" "available" { # The requested instance type m3.xlarge is not supported in the requested availability zone. - blacklisted_zone_ids = ["usw2-az4"] - state = "available" + exclude_zone_ids = ["usw2-az4"] + state = "available" filter { name = "opt-in-status" diff --git a/aws/resource_aws_autoscaling_group_test.go b/aws/resource_aws_autoscaling_group_test.go index 1a08ab5504d..1a061f70501 100644 --- a/aws/resource_aws_autoscaling_group_test.go +++ b/aws/resource_aws_autoscaling_group_test.go @@ -934,8 +934,8 @@ data "aws_ami" "test" { data "aws_availability_zones" "available" { # t2.micro is not supported in us-west-2d - blacklisted_zone_ids = ["usw2-az4"] - state = "available" + exclude_zone_ids = ["usw2-az4"] + state = "available" filter { name = "opt-in-status" @@ -2422,8 +2422,8 @@ resource "aws_internet_gateway" "gw" { data "aws_availability_zones" "available" { # t2.micro is not supported in us-west-2d - blacklisted_zone_ids = ["usw2-az4"] - state = "available" + exclude_zone_ids = ["usw2-az4"] + state = "available" filter { name = "opt-in-status" @@ -2527,8 +2527,8 @@ resource "aws_internet_gateway" "gw" { data "aws_availability_zones" "available" { # t2.micro is not supported in us-west-2d - blacklisted_zone_ids = ["usw2-az4"] - state = "available" + exclude_zone_ids = ["usw2-az4"] + state = "available" filter { name = "opt-in-status" @@ -3495,8 +3495,8 @@ resource "aws_vpc" "test" { data "aws_availability_zones" "available" { # t2.micro is not supported in us-west-2d - blacklisted_zone_ids = ["usw2-az4"] - state = "available" + exclude_zone_ids = ["usw2-az4"] + state = "available" filter { name = "opt-in-status" @@ -3782,8 +3782,8 @@ data "aws_ami" "test" { data "aws_availability_zones" "available" { # t2.micro is not supported in us-west-2d - blacklisted_zone_ids = ["usw2-az4"] - state = "available" + exclude_zone_ids = ["usw2-az4"] + state = "available" filter { name = "opt-in-status" @@ -4206,8 +4206,8 @@ func testAccAWSAutoScalingGroupPartitionConfig(rName string) string { return fmt.Sprintf(` data "aws_availability_zones" "available" { # t2.micro is not supported in us-west-2d - blacklisted_zone_ids = ["usw2-az4"] - state = "available" + exclude_zone_ids = ["usw2-az4"] + state = "available" filter { name = "opt-in-status" diff --git a/aws/resource_aws_cloud9_environment_ec2_test.go b/aws/resource_aws_cloud9_environment_ec2_test.go index e15d183d660..f701ec1821e 100644 --- a/aws/resource_aws_cloud9_environment_ec2_test.go +++ b/aws/resource_aws_cloud9_environment_ec2_test.go @@ -293,8 +293,8 @@ func testAccAWSCloud9EnvironmentEc2ConfigBase() string { return fmt.Sprintf(` data "aws_availability_zones" "available" { # t2.micro instance type is not available in these Availability Zones - blacklisted_zone_ids = ["usw2-az4"] - state = "available" + exclude_zone_ids = ["usw2-az4"] + state = "available" filter { name = "opt-in-status" diff --git a/aws/resource_aws_codebuild_project_test.go b/aws/resource_aws_codebuild_project_test.go index 3ad5b58d9ca..e6471279040 100644 --- a/aws/resource_aws_codebuild_project_test.go +++ b/aws/resource_aws_codebuild_project_test.go @@ -3385,8 +3385,8 @@ func testAccAWSCodeBuildProjectConfig_VpcConfig1(rName string) string { return testAccAWSCodeBuildProjectConfig_Base_ServiceRole(rName) + fmt.Sprintf(` data "aws_availability_zones" "available" { # InvalidInputException: CodeBuild currently doesn't support VPC in us-west-2d, please select subnets in other availability zones. - blacklisted_zone_ids = ["usw2-az4"] - state = "available" + exclude_zone_ids = ["usw2-az4"] + state = "available" filter { name = "opt-in-status" @@ -3446,8 +3446,8 @@ func testAccAWSCodeBuildProjectConfig_VpcConfig2(rName string) string { return testAccAWSCodeBuildProjectConfig_Base_ServiceRole(rName) + fmt.Sprintf(` data "aws_availability_zones" "available" { # InvalidInputException: CodeBuild currently doesn't support VPC in us-west-2d, please select subnets in other availability zones. - blacklisted_zone_ids = ["usw2-az4"] - state = "available" + exclude_zone_ids = ["usw2-az4"] + state = "available" filter { name = "opt-in-status" diff --git a/aws/resource_aws_ec2_client_vpn_network_association_test.go b/aws/resource_aws_ec2_client_vpn_network_association_test.go index 7d69dc7619d..f1deb9732ed 100644 --- a/aws/resource_aws_ec2_client_vpn_network_association_test.go +++ b/aws/resource_aws_ec2_client_vpn_network_association_test.go @@ -150,8 +150,8 @@ func testAccEc2ClientVpnNetworkAssociationConfig(rName string) string { return testAccEc2ClientVpnNetworkAssociationConfigAcmCertificateBase() + fmt.Sprintf(` data "aws_availability_zones" "available" { # InvalidParameterValue: AZ us-west-2d is not currently supported. Please choose another az in this region - blacklisted_zone_ids = ["usw2-az4"] - state = "available" + exclude_zone_ids = ["usw2-az4"] + state = "available" filter { name = "opt-in-status" diff --git a/aws/resource_aws_ec2_transit_gateway_route_test.go b/aws/resource_aws_ec2_transit_gateway_route_test.go index e51161a9a3c..d1a02b52026 100644 --- a/aws/resource_aws_ec2_transit_gateway_route_test.go +++ b/aws/resource_aws_ec2_transit_gateway_route_test.go @@ -207,8 +207,8 @@ func testAccAWSEc2TransitGatewayRouteConfigDestinationCidrBlock() string { return fmt.Sprintf(` data "aws_availability_zones" "available" { # IncorrectState: Transit Gateway is not available in availability zone us-west-2d - blacklisted_zone_ids = ["usw2-az4"] - state = "available" + exclude_zone_ids = ["usw2-az4"] + state = "available" filter { name = "opt-in-status" diff --git a/aws/resource_aws_ec2_transit_gateway_vpc_attachment_accepter_test.go b/aws/resource_aws_ec2_transit_gateway_vpc_attachment_accepter_test.go index ca9c284ead8..7599671e62e 100644 --- a/aws/resource_aws_ec2_transit_gateway_vpc_attachment_accepter_test.go +++ b/aws/resource_aws_ec2_transit_gateway_vpc_attachment_accepter_test.go @@ -193,8 +193,8 @@ func testAccAWSEc2TransitGatewayVpcAttachmentAccepterConfig_base(rName string) s return testAccAlternateAccountProviderConfig() + fmt.Sprintf(` data "aws_availability_zones" "available" { # IncorrectState: Transit Gateway is not available in availability zone us-west-2d - blacklisted_zone_ids = ["usw2-az4"] - state = "available" + exclude_zone_ids = ["usw2-az4"] + state = "available" filter { name = "opt-in-status" diff --git a/aws/resource_aws_ec2_transit_gateway_vpc_attachment_test.go b/aws/resource_aws_ec2_transit_gateway_vpc_attachment_test.go index b7bea1599a8..77b712de3df 100644 --- a/aws/resource_aws_ec2_transit_gateway_vpc_attachment_test.go +++ b/aws/resource_aws_ec2_transit_gateway_vpc_attachment_test.go @@ -545,8 +545,8 @@ func testAccAWSEc2TransitGatewayVpcAttachmentConfig() string { return fmt.Sprintf(` data "aws_availability_zones" "available" { # IncorrectState: Transit Gateway is not available in availability zone us-west-2d - blacklisted_zone_ids = ["usw2-az4"] - state = "available" + exclude_zone_ids = ["usw2-az4"] + state = "available" filter { name = "opt-in-status" @@ -586,8 +586,8 @@ func testAccAWSEc2TransitGatewayVpcAttachmentConfigDnsSupport(dnsSupport string) return fmt.Sprintf(` data "aws_availability_zones" "available" { # IncorrectState: Transit Gateway is not available in availability zone us-west-2d - blacklisted_zone_ids = ["usw2-az4"] - state = "available" + exclude_zone_ids = ["usw2-az4"] + state = "available" filter { name = "opt-in-status" @@ -628,8 +628,8 @@ func testAccAWSEc2TransitGatewayVpcAttachmentConfigIpv6Support(ipv6Support strin return fmt.Sprintf(` data "aws_availability_zones" "available" { # IncorrectState: Transit Gateway is not available in availability zone us-west-2d - blacklisted_zone_ids = ["usw2-az4"] - state = "available" + exclude_zone_ids = ["usw2-az4"] + state = "available" filter { name = "opt-in-status" @@ -672,8 +672,8 @@ func testAccAWSEc2TransitGatewayVpcAttachmentConfigSharedTransitGateway(rName st return testAccAlternateAccountProviderConfig() + fmt.Sprintf(` data "aws_availability_zones" "available" { # IncorrectState: Transit Gateway is not available in availability zone us-west-2d - blacklisted_zone_ids = ["usw2-az4"] - state = "available" + exclude_zone_ids = ["usw2-az4"] + state = "available" filter { name = "opt-in-status" @@ -739,8 +739,8 @@ func testAccAWSEc2TransitGatewayVpcAttachmentConfigSubnetIds1() string { return fmt.Sprintf(` data "aws_availability_zones" "available" { # IncorrectState: Transit Gateway is not available in availability zone us-west-2d - blacklisted_zone_ids = ["usw2-az4"] - state = "available" + exclude_zone_ids = ["usw2-az4"] + state = "available" filter { name = "opt-in-status" @@ -782,8 +782,8 @@ func testAccAWSEc2TransitGatewayVpcAttachmentConfigSubnetIds2() string { return fmt.Sprintf(` data "aws_availability_zones" "available" { # IncorrectState: Transit Gateway is not available in availability zone us-west-2d - blacklisted_zone_ids = ["usw2-az4"] - state = "available" + exclude_zone_ids = ["usw2-az4"] + state = "available" filter { name = "opt-in-status" @@ -825,8 +825,8 @@ func testAccAWSEc2TransitGatewayVpcAttachmentConfigTags1(tagKey1, tagValue1 stri return fmt.Sprintf(` data "aws_availability_zones" "available" { # IncorrectState: Transit Gateway is not available in availability zone us-west-2d - blacklisted_zone_ids = ["usw2-az4"] - state = "available" + exclude_zone_ids = ["usw2-az4"] + state = "available" filter { name = "opt-in-status" @@ -870,8 +870,8 @@ func testAccAWSEc2TransitGatewayVpcAttachmentConfigTags2(tagKey1, tagValue1, tag return fmt.Sprintf(` data "aws_availability_zones" "available" { # IncorrectState: Transit Gateway is not available in availability zone us-west-2d - blacklisted_zone_ids = ["usw2-az4"] - state = "available" + exclude_zone_ids = ["usw2-az4"] + state = "available" filter { name = "opt-in-status" @@ -916,8 +916,8 @@ func testAccAWSEc2TransitGatewayVpcAttachmentConfigTransitGatewayDefaultRouteTab return fmt.Sprintf(` data "aws_availability_zones" "available" { # IncorrectState: Transit Gateway is not available in availability zone us-west-2d - blacklisted_zone_ids = ["usw2-az4"] - state = "available" + exclude_zone_ids = ["usw2-az4"] + state = "available" filter { name = "opt-in-status" @@ -962,8 +962,8 @@ func testAccAWSEc2TransitGatewayVpcAttachmentConfigTransitGatewayDefaultRouteTab return fmt.Sprintf(` data "aws_availability_zones" "available" { # IncorrectState: Transit Gateway is not available in availability zone us-west-2d - blacklisted_zone_ids = ["usw2-az4"] - state = "available" + exclude_zone_ids = ["usw2-az4"] + state = "available" filter { name = "opt-in-status" @@ -1004,8 +1004,8 @@ func testAccAWSEc2TransitGatewayVpcAttachmentConfigTransitGatewayDefaultRouteTab return fmt.Sprintf(` data "aws_availability_zones" "available" { # IncorrectState: Transit Gateway is not available in availability zone us-west-2d - blacklisted_zone_ids = ["usw2-az4"] - state = "available" + exclude_zone_ids = ["usw2-az4"] + state = "available" filter { name = "opt-in-status" diff --git a/aws/resource_aws_elastic_beanstalk_environment_test.go b/aws/resource_aws_elastic_beanstalk_environment_test.go index 0dd82b45002..d80dc3ddde9 100644 --- a/aws/resource_aws_elastic_beanstalk_environment_test.go +++ b/aws/resource_aws_elastic_beanstalk_environment_test.go @@ -725,8 +725,8 @@ data "aws_availability_zones" "available" { # Default instance type of t2.micro is not available in this Availability Zone # The failure will occur during Elastic Beanstalk CloudFormation Template handling # after waiting upwards of one hour to initialize the Auto Scaling Group. - blacklisted_zone_ids = ["usw2-az4"] - state = "available" + exclude_zone_ids = ["usw2-az4"] + state = "available" filter { name = "opt-in-status" diff --git a/aws/resource_aws_elasticache_replication_group_test.go b/aws/resource_aws_elasticache_replication_group_test.go index c434043cac6..235e9a22ac6 100644 --- a/aws/resource_aws_elasticache_replication_group_test.go +++ b/aws/resource_aws_elasticache_replication_group_test.go @@ -1107,8 +1107,8 @@ resource "aws_elasticache_replication_group" "test" { var testAccAWSElasticacheReplicationGroupRedisClusterInVPCConfig = fmt.Sprintf(` data "aws_availability_zones" "available" { # InvalidParameterValue: Specified node type cache.m3.medium is not available in AZ us-east-1b. - blacklisted_zone_ids = ["use1-az1"] - state = "available" + exclude_zone_ids = ["use1-az1"] + state = "available" filter { name = "opt-in-status" @@ -1544,8 +1544,8 @@ func testAccAWSElasticacheReplicationGroupConfig_NumberCacheClusters(rName strin return fmt.Sprintf(` data "aws_availability_zones" "available" { # InvalidParameterValue: Specified node type cache.m3.medium is not available in AZ us-east-1b. - blacklisted_zone_ids = ["use1-az1"] - state = "available" + exclude_zone_ids = ["use1-az1"] + state = "available" filter { name = "opt-in-status" diff --git a/aws/resource_aws_emr_cluster_test.go b/aws/resource_aws_emr_cluster_test.go index 65ea77d7b80..1aa10b98d61 100644 --- a/aws/resource_aws_emr_cluster_test.go +++ b/aws/resource_aws_emr_cluster_test.go @@ -3659,8 +3659,8 @@ func testAccAWSEmrClusterConfigBaseVpc(mapPublicIPOnLaunch bool) string { return fmt.Sprintf(` data "aws_availability_zones" "available" { # Many instance types are not available in this availability zone - blacklisted_zone_ids = ["usw2-az4"] - state = "available" + exclude_zone_ids = ["usw2-az4"] + state = "available" filter { name = "opt-in-status" values = ["opt-in-not-required"] diff --git a/aws/resource_aws_emr_instance_group_test.go b/aws/resource_aws_emr_instance_group_test.go index a8a71e8a8cb..090f1debacc 100644 --- a/aws/resource_aws_emr_instance_group_test.go +++ b/aws/resource_aws_emr_instance_group_test.go @@ -344,8 +344,8 @@ func testAccAWSEMRInstanceGroupRecreated(t *testing.T, before, after *emr.Instan const testAccAWSEmrInstanceGroupBase = ` data "aws_availability_zones" "available" { # Many instance types are not available in this availability zone - blacklisted_zone_ids = ["usw2-az4"] - state = "available" + exclude_zone_ids = ["usw2-az4"] + state = "available" filter { name = "opt-in-status" diff --git a/aws/resource_aws_instance_test.go b/aws/resource_aws_instance_test.go index 17b28e86148..7ff0b0d027c 100644 --- a/aws/resource_aws_instance_test.go +++ b/aws/resource_aws_instance_test.go @@ -3085,8 +3085,8 @@ func testAccInstanceConfigInDefaultVpcBySgName(rName string) string { return testAccLatestAmazonLinuxHvmEbsAmiConfig() + fmt.Sprintf(` data "aws_availability_zones" "current" { # Exclude usw2-az4 (us-west-2d) as it has limited instance types. - blacklisted_zone_ids = ["usw2-az4"] - state = "available" + exclude_zone_ids = ["usw2-az4"] + state = "available" filter { name = "opt-in-status" @@ -3117,8 +3117,8 @@ func testAccInstanceConfigInDefaultVpcBySgId(rName string) string { return testAccLatestAmazonLinuxHvmEbsAmiConfig() + fmt.Sprintf(` data "aws_availability_zones" "current" { # Exclude usw2-az4 (us-west-2d) as it has limited instance types. - blacklisted_zone_ids = ["usw2-az4"] - state = "available" + exclude_zone_ids = ["usw2-az4"] + state = "available" filter { name = "opt-in-status" @@ -4598,8 +4598,8 @@ func testAccAwsInstanceVpcConfig(rName string, mapPublicIpOnLaunch bool) string return fmt.Sprintf(` data "aws_availability_zones" "current" { # Exclude usw2-az4 (us-west-2d) as it has limited instance types. - blacklisted_zone_ids = ["usw2-az4"] - state = "available" + exclude_zone_ids = ["usw2-az4"] + state = "available" filter { name = "opt-in-status" @@ -4669,8 +4669,8 @@ func testAccAwsInstanceVpcIpv6Config(rName string) string { return fmt.Sprintf(` data "aws_availability_zones" "current" { # Exclude usw2-az4 (us-west-2d) as it has limited instance types. - blacklisted_zone_ids = ["usw2-az4"] - state = "available" + exclude_zone_ids = ["usw2-az4"] + state = "available" filter { name = "opt-in-status" diff --git a/aws/resource_aws_lb_target_group_attachment_test.go b/aws/resource_aws_lb_target_group_attachment_test.go index 4a6ffa861e7..82fe4bb49c1 100644 --- a/aws/resource_aws_lb_target_group_attachment_test.go +++ b/aws/resource_aws_lb_target_group_attachment_test.go @@ -241,8 +241,8 @@ func testAccAWSLBTargetGroupAttachmentConfigInstanceBase() string { return fmt.Sprintf(` data "aws_availability_zones" "available" { # t2.micro instance type is not available in these Availability Zones - blacklisted_zone_ids = ["usw2-az4"] - state = "available" + exclude_zone_ids = ["usw2-az4"] + state = "available" filter { name = "opt-in-status" diff --git a/aws/resource_aws_route_table_test.go b/aws/resource_aws_route_table_test.go index 40914d93893..9124ef86cc6 100644 --- a/aws/resource_aws_route_table_test.go +++ b/aws/resource_aws_route_table_test.go @@ -857,8 +857,8 @@ func testAccAWSRouteTableConfigRouteTransitGatewayID() string { return fmt.Sprintf(` data "aws_availability_zones" "available" { # IncorrectState: Transit Gateway is not available in availability zone us-west-2d - blacklisted_zone_ids = ["usw2-az4"] - state = "available" + exclude_zone_ids = ["usw2-az4"] + state = "available" filter { name = "opt-in-status" diff --git a/aws/resource_aws_route_test.go b/aws/resource_aws_route_test.go index 0a9abb77b36..e28f5633452 100644 --- a/aws/resource_aws_route_test.go +++ b/aws/resource_aws_route_test.go @@ -1005,8 +1005,8 @@ resource "aws_route" "bar" { var testAccAWSRouteNoopChange = fmt.Sprint(` data "aws_availability_zones" "available" { # IncorrectState: Transit Gateway is not available in availability zone us-west-2d - blacklisted_zone_ids = ["usw2-az4"] - state = "available" + exclude_zone_ids = ["usw2-az4"] + state = "available" filter { name = "opt-in-status" @@ -1141,8 +1141,8 @@ func testAccAWSRouteConfigTransitGatewayIDDestinatationCidrBlock() string { return fmt.Sprintf(` data "aws_availability_zones" "available" { # IncorrectState: Transit Gateway is not available in availability zone us-west-2d - blacklisted_zone_ids = ["usw2-az4"] - state = "available" + exclude_zone_ids = ["usw2-az4"] + state = "available" filter { name = "opt-in-status" diff --git a/aws/resource_aws_spot_instance_request_test.go b/aws/resource_aws_spot_instance_request_test.go index 36efe0b4442..003b376e171 100644 --- a/aws/resource_aws_spot_instance_request_test.go +++ b/aws/resource_aws_spot_instance_request_test.go @@ -653,8 +653,8 @@ func testAccAWSSpotInstanceRequestConfig_withBlockDuration(rInt int) string { func testAccAWSSpotInstanceRequestConfigVPC(rInt int) string { return fmt.Sprintf(` data "aws_availability_zones" "available" { - blacklisted_zone_ids = ["usw2-az4"] - state = "available" + exclude_zone_ids = ["usw2-az4"] + state = "available" filter { name = "opt-in-status" @@ -709,8 +709,8 @@ tags = { func testAccAWSSpotInstanceRequestConfig_SubnetAndSGAndPublicIpAddress(rInt int) string { return fmt.Sprintf(` data "aws_availability_zones" "available" { - blacklisted_zone_ids = ["usw2-az4"] - state = "available" + exclude_zone_ids = ["usw2-az4"] + state = "available" filter { name = "opt-in-status" diff --git a/docs/contributing/contribution-checklists.md b/docs/contributing/contribution-checklists.md index 34c39eb4970..96fb1bb239d 100644 --- a/docs/contributing/contribution-checklists.md +++ b/docs/contributing/contribution-checklists.md @@ -214,7 +214,7 @@ Some AWS components support [resource-based IAM policies](https://docs.aws.amazo - Many of these policies require the Amazon Resource Name (ARN) of the resource in the policy itself. It is difficult to workaround this requirement with custom difference handling within a self-contained resource. - Sometimes policies between two resources need to be written where they cross-reference each other resource's ARN within each policy. Without a separate resource, this introduces a configuration cycle. - Splitting the resources allows operators to logically split their infrastructure on purely operational and security boundaries with separate configurations/modules. -- Splitting the resources prevents any separate policy API calls from needing to be whitelisted in the main resource in environments with restrictive IAM permissions, which can be undesirable. +- Splitting the resources prevents any separate policy API calls from needing to be permitted in the main resource in environments with restrictive IAM permissions, which can be undesirable. Follow the [New Resource section][#new-resource] for more information about implementing the separate resource. diff --git a/examples/eks-getting-started/README.md b/examples/eks-getting-started/README.md index 30ffab8a535..c53678db392 100644 --- a/examples/eks-getting-started/README.md +++ b/examples/eks-getting-started/README.md @@ -4,4 +4,4 @@ This is the full configuration from https://www.terraform.io/docs/providers/aws/ See that guide for additional information. -NOTE: This full configuration utilizes the [Terraform http provider](https://www.terraform.io/docs/providers/http/index.html) to call out to icanhazip.com to determine your local workstation external IP for easily configuring EC2 Security Group access to the Kubernetes master servers. Feel free to replace this as necessary. +NOTE: This full configuration utilizes the [Terraform http provider](https://www.terraform.io/docs/providers/http/index.html) to call out to icanhazip.com to determine your local workstation external IP for easily configuring EC2 Security Group access to the Kubernetes servers. Feel free to replace this as necessary. diff --git a/website/docs/d/availability_zones.html.markdown b/website/docs/d/availability_zones.html.markdown index 5939110abe4..6d322a47d9d 100644 --- a/website/docs/d/availability_zones.html.markdown +++ b/website/docs/d/availability_zones.html.markdown @@ -73,9 +73,11 @@ data "aws_availability_zones" "example" { The following arguments are supported: * `all_availability_zones` - (Optional) Set to `true` to include all Availability Zones and Local Zones regardless of your opt in status. -* `blacklisted_names` - (Optional) List of blacklisted Availability Zone names. -* `blacklisted_zone_ids` - (Optional) List of blacklisted Availability Zone IDs. +* `blacklisted_names` - (Optional, **DEPRECATED**) List of Availability Zone names to exclude. Use `exclude_names` instead. +* `blacklisted_zone_ids` - (Optional, **DEPRECATED**) List of Availability Zone IDs to exclude. Use `exclude_zone_ids` instead. * `filter` - (Optional) Configuration block(s) for filtering. Detailed below. +* `exclude_names` - (Optional) List of Availability Zone names to exclude. +* `exclude_zone_ids` - (Optional) List of Availability Zone IDs to exclude. * `state` - (Optional) Allows to filter list of Availability Zones based on their current state. Can be either `"available"`, `"information"`, `"impaired"` or `"unavailable"`. By default the list includes a complete set of Availability Zones diff --git a/website/docs/d/billing_service_account.html.markdown b/website/docs/d/billing_service_account.html.markdown index 69982b1f763..5680f0c9ace 100644 --- a/website/docs/d/billing_service_account.html.markdown +++ b/website/docs/d/billing_service_account.html.markdown @@ -8,7 +8,7 @@ description: |- # Data Source: aws_billing_service_account -Use this data source to get the Account ID of the [AWS Billing and Cost Management Service Account](http://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-getting-started.html#step-2) for the purpose of whitelisting in S3 bucket policy. +Use this data source to get the Account ID of the [AWS Billing and Cost Management Service Account](http://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-getting-started.html#step-2) for the purpose of permitting in S3 bucket policy. ## Example Usage diff --git a/website/docs/d/elb_service_account.html.markdown b/website/docs/d/elb_service_account.html.markdown index b4c0c2d2f3d..bc6ead3ccc4 100644 --- a/website/docs/d/elb_service_account.html.markdown +++ b/website/docs/d/elb_service_account.html.markdown @@ -9,7 +9,7 @@ description: |- # Data Source: aws_elb_service_account Use this data source to get the Account ID of the [AWS Elastic Load Balancing Service Account](http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/enable-access-logs.html#attach-bucket-policy) -in a given region for the purpose of whitelisting in S3 bucket policy. +in a given region for the purpose of permitting in S3 bucket policy. ## Example Usage diff --git a/website/docs/guides/version-3-upgrade.html.md b/website/docs/guides/version-3-upgrade.html.md index 1b1bbc0df7e..c0a4bf9b1c2 100644 --- a/website/docs/guides/version-3-upgrade.html.md +++ b/website/docs/guides/version-3-upgrade.html.md @@ -19,6 +19,7 @@ Upgrade topics: - [Provider Version Configuration](#provider-version-configuration) +- [Data Source: aws_availability_zones](#data-source-aws_availability_zones) - [Data Source: aws_lambda_invocation](#data-source-aws_lambda_invocation) - [Resource: aws_emr_cluster](#resource-aws_emr_cluster) @@ -52,6 +53,48 @@ provider "aws" { } ``` +## Data Source: aws_availability_zones + +### blacklisted_names Attribute Removal + +Switch your Terraform configuration to the `exclude_names` attribute instead. + +For example, given this previous configuration: + +```hcl +data "aws_availability_zones" "example" { + blacklisted_names = ["us-west-2d"] +} +``` + +An updated configuration: + +```hcl +data "aws_availability_zones" "example" { + exclude_names = ["us-west-2d"] +} +``` + +### blacklisted_zone_ids Attribute Removal + +Switch your Terraform configuration to the `exclude_zone_ids` attribute instead. + +For example, given this previous configuration: + +```hcl +data "aws_availability_zones" "example" { + blacklisted_zone_ids = ["usw2-az4"] +} +``` + +An updated configuration: + +```hcl +data "aws_availability_zones" "example" { + exclude_zone_ids = ["usw2-az4"] +} +``` + ## Data Source: aws_lambda_invocation ### result_map Attribute Removal diff --git a/website/docs/index.html.markdown b/website/docs/index.html.markdown index 99f3d97785f..325a5ba63f4 100644 --- a/website/docs/index.html.markdown +++ b/website/docs/index.html.markdown @@ -190,12 +190,12 @@ for more information about connecting to alternate AWS endpoints or AWS compatib experiencing transient failures. The delay between the subsequent API calls increases exponentially. -* `allowed_account_ids` - (Optional) List of allowed, white listed, AWS +* `allowed_account_ids` - (Optional) List of allowed AWS account IDs to prevent you from mistakenly using an incorrect one (and potentially end up destroying a live environment). Conflicts with `forbidden_account_ids`. -* `forbidden_account_ids` - (Optional) List of forbidden, blacklisted, +* `forbidden_account_ids` - (Optional) List of forbidden AWS account IDs to prevent you mistakenly using a wrong one (and potentially end up destroying a live environment). Conflicts with `allowed_account_ids`. diff --git a/website/docs/r/securityhub_member.markdown b/website/docs/r/securityhub_member.markdown index c156563a217..cfcbecb3b90 100644 --- a/website/docs/r/securityhub_member.markdown +++ b/website/docs/r/securityhub_member.markdown @@ -37,7 +37,7 @@ The following attributes are exported in addition to the arguments listed above: * `id` - The ID of the member AWS account (matches `account_id`). * `master_id` - The ID of the master Security Hub AWS account. -* `member_status` - The status of the relationship between the member account and its master account. +* `member_status` - The status of the member account relationship. ## Import