Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

providers/aws: Add ELB Access Logs (supersedes #3708) #3756

Merged
merged 11 commits into from
Nov 11, 2015
Merged

providers/aws: Add ELB Access Logs (supersedes #3708) #3756

merged 11 commits into from
Nov 11, 2015

Conversation

catsby
Copy link
Contributor

@catsby catsby commented Nov 4, 2015

Builds off of #3708, adding tests and fixing some issues that I found to cause panics if not done perfectly right.

@catsby
Copy link
Contributor Author

catsby commented Nov 4, 2015

@tpounds I made a few revisions, let me know if you have questions or see something I shouldn't have done 😄

@tpounds
Copy link
Contributor

tpounds commented Nov 4, 2015

@catsby LGTM. Thanks for picking this back up! I forgot to push the website docs change to by pull request last night. Feel free to cherry-pick it if you like.

https://github.com/tpounds/terraform/commit/a93212e1dba7212f6655efbbb3456494e8d84049

@catsby
Copy link
Contributor Author

catsby commented Nov 4, 2015

@tpounds ah, duh, totally forgot I was supposed to add docs 😆 I cherry-picked yours and updated them to remove the enabled bit. That was the biggest change I made to your original work, I think. To disable, you simply remove the block.

@tpounds
Copy link
Contributor

tpounds commented Nov 4, 2015

@catsby Still LGTM. Thanks again!

@@ -305,6 +328,11 @@ func resourceAwsElbRead(d *schema.ResourceData, meta interface{}) error {
d.Set("idle_timeout", lbAttrs.ConnectionSettings.IdleTimeout)
d.Set("connection_draining", lbAttrs.ConnectionDraining.Enabled)
d.Set("connection_draining_timeout", lbAttrs.ConnectionDraining.Timeout)
if lbAttrs.AccessLog != nil {
if err := d.Set("access_logs", flattenAccessLog(lbAttrs.AccessLog)); err != nil {
log.Printf("[WARN] Error setting ELB Access Logs for (%s): %s", d.Id(), err)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If we end up with an error here - we probably want to return it, no? Seems like an error here would be a bug we'd need to fix, so better to make it obvious.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Makes sense; updated in 8c32536

* master: (95 commits)
  Update CHANGELOG.md
  Update CHANGELOG.md
  Update CHANGELOG.md
  Update CHANGELOG.md
  upgrade a warning to error
  add some logging around create/update requests for IAM user
  Update CHANGELOG.md
  Update CHANGELOG.md
  Build using `make test` on Travis CI
  Update CHANGELOG.md
  provider/aws: Fix error format in Kinesis Firehose
  Update CHANGELOG.md
  Changes to Aws Kinesis Firehouse Docs
  Update CHANGELOG.md
  modify aws_iam_user_test to correctly check username and path for initial and changed username/path
  Update CHANGELOG.md
  Update CHANGELOG.md
  Prompt for input variables before context validate
  Removing the AWS DBInstance Acceptance Test for withoutEngine as this is now part of the checkInstanceAttributes func
  Making engine_version be computed in the db_instance provider
  ...
@phinze
Copy link
Contributor

phinze commented Nov 11, 2015

Looks good! 🚢

catsby added a commit that referenced this pull request Nov 11, 2015
providers/aws: Add `access_logs` to ELB resource [GH-3756]
@catsby catsby merged commit caa0baa into master Nov 11, 2015
@catsby catsby deleted the pr-3708 branch November 11, 2015 15:54
@catsby catsby mentioned this pull request Nov 11, 2015
@tonygyerr
Copy link

I've been trying to see exactly where this is resolved. Any help?

Error Message

  • aws_s3_bucket.a: Error putting S3 logging: InvalidTargetBucketForLogging: You must give the log-delivery group WRITE and READ_ACP permissions to the target bucket

Configuration files
/*
application loadbalancer public
/
resource "aws_alb" "app-pub-alb" {
name = "app-pub-alb"
internal = false
security_groups = ["${aws_security_group.app-lb-pub-sg.id}"]
subnets = ["${element(aws_subnet.lb01_subnet_pub.
.id, count.index)}", "${element(aws_subnet.lb02_subnet_pub..id, count.index)}", "${element(aws_subnet.lb03_subnet_pub..id, count.index)}"]
idle_timeout = 400
ip_address_type = "ipv4"

enable_deletion_protection = false

tags {
project = "${var.project}"
environment = "${var.environment}"
}
access_logs {
bucket = "${var.alb_pub_log_bucket}"
prefix = "${var.alb_pub_log_prefix}"
enabled = "true"
}
depends_on = ["aws_s3_bucket_policy.sitecore_s3_alb_pub_bucket_policy"]
}

/*
target group for alb public
*/
resource "aws_alb_target_group" "app-alb-tg" {
name = "app-alb-tg"
port = 80
protocol = "HTTP"
vpc_id = "${aws_vpc.app-east-vpc.id}"

stickiness {
type = "lb_cookie"
}

health_check {
path = "${var.alb_health_check_path}"
port = "traffic-port"
healthy_threshold = 2
unhealthy_threshold = 6
timeout = 20
interval = 30
protocol = "${var.alb_health_check_backend_protocol}"
}

tags {
project = "${var.project}"
environment = "${var.environment}"
}
}

/*
target group for alb public 443
*/
resource "aws_alb_target_group" "app-alb-443-tg" {
name = "app-alb-443-tg"
port = 443
protocol = "HTTPS"
vpc_id = "${aws_vpc.app-east-vpc.id}"

stickiness {
type = "lb_cookie"
}

health_check {
path = "${var.alb_health_check_path}"
port = "traffic-port"
healthy_threshold = 2
unhealthy_threshold = 6
timeout = 20
interval = 30
protocol = "${var.alb_health_check_backend_protocol}"
}

tags {
project = "${var.project}"
environment = "${var.environment}"
}
}

/*
http listener for alb public
*/
resource "aws_alb_listener" "app-pub-alb-80" {
load_balancer_arn = "${aws_alb.app-pub-alb.arn}"
port = "80"
protocol = "HTTP"
default_action {
target_group_arn = "${aws_alb_target_group.app-alb-tg.arn}"
type = "forward"
}
}

omeid pushed a commit to omeid/terraform that referenced this pull request Mar 30, 2018
* Add support for aws_wafregional_rule

* Updating docs

* Use singular name for predicate field

* Use helpers

* Use flatten func

* Add test for rule without predicates

* Add test for predicate changes

* Require data_id for predicate

* Reformat imports + remove redundant code
@ghost
Copy link

ghost commented Apr 5, 2020

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@ghost ghost locked and limited conversation to collaborators Apr 5, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

5 participants