provider/aws: Add FlowLog resource #2384
Conversation
| @@ -85,12 +85,13 @@ func Provider() terraform.ResourceProvider { | |||
| ResourcesMap: map[string]*schema.Resource{ | |||
| "aws_app_cookie_stickiness_policy": resourceAwsAppCookieStickinessPolicy(), | |||
| "aws_autoscaling_group": resourceAwsAutoscalingGroup(), | |||
| "aws_flow_log": resourceAwsFlowLog(), | |||
|
cc @radeksimko since I know he has at least looked into Flow Logs |
| return nil | ||
| } | ||
|
|
||
| func flowLogStateRefreshFunc(conn *ec2.EC2, sn string) resource.StateRefreshFunc { |
There was a problem hiding this comment.
Looks like this guy is unused.
|
Review complete - Looking great overall! |
| "testing" | ||
|
|
||
| "github.com/aws/aws-sdk-go/service/ec2" | ||
| "github.com/hashicorp/aws-sdk-go/aws" |
There was a problem hiding this comment.
Wow, great catch! My editor must have auto populated that 😱
Fixed in 0bf127a
catsby
changed the title
|
@phinze cleaned up, sorry for the sloppy 😐 |
| } | ||
|
|
||
| log.Printf( | ||
| "[DEBUG] Flow Log Create configuration: %s", awsutil.StringValue(opts)) |
|
@catsby It looks ok, just one question here: I thought that change in the state should be changed because user/human has done something in order to change the state. My understanding is that these two things will change without user's interaction over time and so far I don't see how would any other Terraform resource react on that. |
|
I reckon this can be fixed later on after merging, but just FYI regarding example in docs: http://docs.aws.amazon.com/cli/latest/reference/ec2/create-flow-logs.html
We're not defining that permission anywhere. |
* master: Update CHANGELOG.md Update CHANGELOG.md Added affinity group resource. update link to actually work provider/azure: Fix SQL client name to match upstream add warning message to explain scenario of conflicting rules typo remove debugging Update CHANGELOG.md provider/aws: Add docs for autoscaling_policy + cloudwatch_metric_alarm provider/aws: Add autoscaling_policy provider/aws: Add cloudwatch_metric_alarm rename method, update docs clean up some conflicts with clean up old, incompatible test update tests with another example update test remove meta usage, stub test fix existing tests Consider security groups with source security groups when hashing
|
@radeksimko Thanks for reviewing
I thought it would be useful, but in hindsight agree, so I removed them in 87c7f63
I updated the documentation to include the needed IAM things to get Flow Logs working, and verified they work. The Logs must Flow |
|
LGTM |
provider/aws: Add FlowLog resource
|
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further. |
ghost
locked and limited conversation to collaborators
This is a proposal config/work for adding a FlowLog resource.
Syntax:
API Docs:
UpdateorModify, things will beForceNew.A
FlowLogcan be attached to either a VPC, Subnet, or ENI. The API call is the same, you just supply the resourceidandtype. Here I propose separatevpc_id,subnet_id, andeni_idsyntax, to avoid a user having to specify both a resourceidand the type.Additionally, the API supports creating multiple flows in a single call, but this creates multiple
FlowLogs, , so our implementation will be 1:1.Remaining: