provider/aws: Implement IPV6 Support for ec2 / VPC

[stack72]

• aws_vpc support added
• aws_egress_only_internet_gateway
• aws_subnet support added
• aws_instance support added

[apparentlymart]

This name feels a little strange... having read the docs I now understand what you meant by "amazon" here but it reads as if "Amazon IPv6" is some sort of product name.

I must admit I'm not sure what to suggest as an alternative. assign_generated_ipv6_cidr_block is one idea that came to mind, though it's long. Perhaps assign_generated_ipv6_range is a shorter way of saying it. I also wonder if the word "assign" already has the "chosen by someone else" meaning embedded in it enough, so that assign_ipv6_range would be sufficient to get the point across.

Feel free to ignore me, since I know this is not the most constructive comment... 😖

[stack72]

Totally agreed :) Made the change to assign_generated_ipv6_cidr_block - i went with generated so it was closer to the AWS docs

[stack72]

VPC Tests:

% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSVpc_'                                                 
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/02/28 12:36:37 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSVpc_ -timeout 120m
=== RUN   TestAccAWSVpc_importBasic
--- PASS: TestAccAWSVpc_importBasic (55.76s)
=== RUN   TestAccAWSVpc_basic
--- PASS: TestAccAWSVpc_basic (41.47s)
=== RUN   TestAccAWSVpc_enableIpv6
--- PASS: TestAccAWSVpc_enableIpv6 (67.65s)
=== RUN   TestAccAWSVpc_dedicatedTenancy
--- PASS: TestAccAWSVpc_dedicatedTenancy (121.01s)
=== RUN   TestAccAWSVpc_tags
--- PASS: TestAccAWSVpc_tags (121.15s)
=== RUN   TestAccAWSVpc_update
--- PASS: TestAccAWSVpc_update (187.46s)
=== RUN   TestAccAWSVpc_bothDnsOptionsSet
--- PASS: TestAccAWSVpc_bothDnsOptionsSet (20.11s)
=== RUN   TestAccAWSVpc_DisabledDnsSupport
--- PASS: TestAccAWSVpc_DisabledDnsSupport (94.21s)
=== RUN   TestAccAWSVpc_classiclinkOptionSet
--- PASS: TestAccAWSVpc_classiclinkOptionSet (146.69s)
PASS
ok  	github.com/hashicorp/terraform/builtin/providers/aws	855.536s

Subnet Tests:

% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSSubnet_'                                               
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/02/28 12:54:18 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSSubnet_ -timeout 120m
=== RUN   TestAccAWSSubnet_importBasic
--- PASS: TestAccAWSSubnet_importBasic (92.15s)
=== RUN   TestAccAWSSubnet_basic
--- PASS: TestAccAWSSubnet_basic (61.26s)
=== RUN   TestAccAWSSubnet_ipv6
--- PASS: TestAccAWSSubnet_ipv6 (120.25s)
PASS
ok  	github.com/hashicorp/terraform/builtin/providers/aws	273.686s

egress internet gateway:

% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSEgressOnlyInternetGateway_'             
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/02/28 13:35:44 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSEgressOnlyInternetGateway_ -timeout 120m
=== RUN   TestAccAWSEgressOnlyInternetGateway_basic
--- PASS: TestAccAWSEgressOnlyInternetGateway_basic (57.33s)
PASS
ok  	github.com/hashicorp/terraform/builtin/providers/aws	57.362s

Instance Tests:

% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSInstance_'                                                      
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/02/28 12:34:14 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSInstance_ -timeout 120m
=== RUN   TestAccAWSInstance_importBasic
--- PASS: TestAccAWSInstance_importBasic (135.46s)
=== RUN   TestAccAWSInstance_basic
--- PASS: TestAccAWSInstance_basic (203.86s)
=== RUN   TestAccAWSInstance_rootInstanceStore
--- PASS: TestAccAWSInstance_rootInstanceStore (114.74s)
=== RUN   TestAccAWSInstance_sourceDestCheck
--- PASS: TestAccAWSInstance_sourceDestCheck (473.48s)
=== RUN   TestAccAWSInstance_disableApiTermination
--- PASS: TestAccAWSInstance_disableApiTermination (283.95s)
=== RUN   TestAccAWSInstance_vpc
--- PASS: TestAccAWSInstance_vpc (163.70s)
=== RUN   TestAccAWSInstance_ipv6_supportAddressCount
--- PASS: TestAccAWSInstance_ipv6_supportAddressCount (145.34s)
=== RUN   TestAccAWSInstance_NetworkInstanceSecurityGroups
--- PASS: TestAccAWSInstance_NetworkInstanceSecurityGroups (177.08s)
=== RUN   TestAccAWSInstance_NetworkInstanceVPCSecurityGroupIDs
--- PASS: TestAccAWSInstance_NetworkInstanceVPCSecurityGroupIDs (176.94s)
=== RUN   TestAccAWSInstance_tags
--- PASS: TestAccAWSInstance_tags (159.90s)
=== RUN   TestAccAWSInstance_privateIP
--- PASS: TestAccAWSInstance_privateIP (153.08s)
=== RUN   TestAccAWSInstance_associatePublicIPAndPrivateIP
--- PASS: TestAccAWSInstance_associatePublicIPAndPrivateIP (167.74s)
=== RUN   TestAccAWSInstance_rootBlockDeviceMismatch
--- PASS: TestAccAWSInstance_rootBlockDeviceMismatch (143.69s)
=== RUN   TestAccAWSInstance_forceNewAndTagsDrift
--- PASS: TestAccAWSInstance_forceNewAndTagsDrift (231.97s)
=== RUN   TestAccAWSInstance_changeInstanceType
--- PASS: TestAccAWSInstance_changeInstanceType (162.21s)
PASS
ok	github.com/hashicorp/terraform/builtin/providers/aws	3276.841s

[tombuildsstuff]

missing a description as per AWS docs

[grubernaut]

LGTM!

[rfletcher]

I've just run terraform plan for the first time with 0.8.8 and all EC2 Classic aws_instance resources created with an earlier version now show this line in the plan:

ipv6_addresses.#:  "" => "<computed>" (forces new resource)

What's the best way to keep these instances from being destroyed?

[rfletcher]

Answering my own question, adding this to the aws_instance config did the trick:

ipv6_addresses = []

Maybe there's a missing test case here? I'm happy to provide more details about these instances if needed.

[catsby]

Hey @rfletcher - this issue should be fixed with #12385 , and will go out in the next Terraform release. Until then unfortunately your workout is likely needed. I apologize for the hassle here 😦

[rfletcher]

Oh that's great, thanks. No worries. Sorry I missed the other PR!

[netflash]

Hmm... not sure where to address this...
I had a VPC and this parameter assign_generated_ipv6_cidr_block hasn't been set, so it was false by default. In webui I have added the IPv6 CIDR to the VPC and then, when I have run terraform plan, terraform had shown me, that it's going to recreate the whole VPC and all the dependencies.

-/+ module.vpc-stage.aws_vpc.mod
    assign_generated_ipv6_cidr_block: "false" => "true" (forces new resource)

I got back to webui, removed that CIDR, waited for a while, and then terraform plan had given me no changes.

I assume this parameter could be amended without re-creating the whole VPC.
What is the best place to report this behavior ?

[stack72]

hi @netflash

I am adding this right now

P.

[netflash]

Thanks, mate. @stack72

[ghost]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.