diff --git a/CHANGELOG.md b/CHANGELOG.md
index 93577f215158..ade2d61b586a 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -3,6 +3,8 @@
 FEATURES:
   * **New provider: `vcd` - VMware vCloud Director** [GH-3785]
   * **New provider: `postgresql` - Create PostgreSQL databases and roles** [GH-3653]
+  * **New provider: `chef` - Create chef environments, roles, etc** [GH-3084]
+  * **New resource: `aws_autoscaling_schedule`** [GH-4256]
   * **New resource: `google_pubsub_topic`** [GH-3671]
   * **New resource: `google_pubsub_subscription`** [GH-3671]
   * **New resource: `tls_locally_signed_cert`** [GH-3930]
@@ -19,6 +21,7 @@ IMPROVEMENTS:
   * provider/aws: Add support for `skip_final_snapshot` to `aws_db_instance` [GH-3853]
   * provider/aws: Adding support for Tags to DB SecurityGroup [GH-4260]
   * provider/aws: Adding Tag support for DB Param Groups [GH-4259]
+  * provider/aws: Validate IOPs for EBS Volumes [GH-4146]
   * provider/aws: DB Subnet group arn output [GH-4261]
   * provider/cloudstack: performance improvements [GH-4150]
   * provider/docker: Add support for setting the entry point on `docker_container` resources [GH-3761]
@@ -32,6 +35,7 @@ IMPROVEMENTS:
   * provider/vsphere: Add folder handling for folder-qualified vm names [GH-3939]
   * provider/vsphere: Change ip_address parameter for ipv6 support [GH-4035]
   * provider/openstack: Increase instance timeout from 10 to 30 minutes [GH-4223]
+  * provider/google: Add `restart_policy` attribute to `google_managed_instance_group` [GH-3892]
 
 BUG FIXES:
 
@@ -48,6 +52,8 @@ BUG FIXES:
   * provider/aws: Fix missing AMI issue with Launch Configurations [GH-4242]
   * provider/aws: Opsworks stack SSH key is write-only [GH-4241]
   * provider/aws: Fix issue with ElasticSearch Domain `access_policies` always appear changed [GH-4245]
+  * provider/aws: Fix issue with nil parameter group value causing panic in `aws_db_parameter_group` [GH-4318]
+  * provider/azure: Update for [breaking change to upstream client library](https://github.com/Azure/azure-sdk-for-go/commit/68d50cb53a73edfeb7f17f5e86cdc8eb359a9528). [GH-4300]
   * provider/digitalocean: Fix issue where a floating IP attached to a missing droplet causes a panic [GH-4214]
   * provider/openstack: Handle volumes in "deleting" state [GH-4204]
   * provider/vsphere: Create and attach additional disks before bootup [GH-4196]
diff --git a/builtin/bins/provider-chef/main.go b/builtin/bins/provider-chef/main.go
new file mode 100644
index 000000000000..b1bd8b537ef7
--- /dev/null
+++ b/builtin/bins/provider-chef/main.go
@@ -0,0 +1,12 @@
+package main
+
+import (
+	"github.com/hashicorp/terraform/builtin/providers/chef"
+	"github.com/hashicorp/terraform/plugin"
+)
+
+func main() {
+	plugin.Serve(&plugin.ServeOpts{
+		ProviderFunc: chef.Provider,
+	})
+}
diff --git a/builtin/providers/aws/provider.go b/builtin/providers/aws/provider.go
index c123cc184c2a..313f74b18a73 100644
--- a/builtin/providers/aws/provider.go
+++ b/builtin/providers/aws/provider.go
@@ -174,6 +174,7 @@ func Provider() terraform.ResourceProvider {
 			"aws_autoscaling_group":                resourceAwsAutoscalingGroup(),
 			"aws_autoscaling_notification":         resourceAwsAutoscalingNotification(),
 			"aws_autoscaling_policy":               resourceAwsAutoscalingPolicy(),
+			"aws_autoscaling_schedule":             resourceAwsAutoscalingSchedule(),
 			"aws_cloudformation_stack":             resourceAwsCloudFormationStack(),
 			"aws_cloudtrail":                       resourceAwsCloudTrail(),
 			"aws_cloudwatch_log_group":             resourceAwsCloudWatchLogGroup(),
diff --git a/builtin/providers/aws/resource_aws_autoscaling_schedule.go b/builtin/providers/aws/resource_aws_autoscaling_schedule.go
new file mode 100644
index 000000000000..b8a1135deee0
--- /dev/null
+++ b/builtin/providers/aws/resource_aws_autoscaling_schedule.go
@@ -0,0 +1,189 @@
+package aws
+
+import (
+	"fmt"
+	"log"
+	"time"
+
+	"github.com/aws/aws-sdk-go/aws"
+	"github.com/aws/aws-sdk-go/service/autoscaling"
+	"github.com/hashicorp/terraform/helper/schema"
+)
+
+const awsAutoscalingScheduleTimeLayout = "2006-01-02T15:04:05Z"
+
+func resourceAwsAutoscalingSchedule() *schema.Resource {
+	return &schema.Resource{
+		Create: resourceAwsAutoscalingScheduleCreate,
+		Read:   resourceAwsAutoscalingScheduleRead,
+		Update: resourceAwsAutoscalingScheduleCreate,
+		Delete: resourceAwsAutoscalingScheduleDelete,
+
+		Schema: map[string]*schema.Schema{
+			"arn": &schema.Schema{
+				Type:     schema.TypeString,
+				Computed: true,
+			},
+			"scheduled_action_name": &schema.Schema{
+				Type:     schema.TypeString,
+				Required: true,
+				ForceNew: true,
+			},
+			"autoscaling_group_name": &schema.Schema{
+				Type:     schema.TypeString,
+				Required: true,
+				ForceNew: true,
+			},
+			"start_time": &schema.Schema{
+				Type:         schema.TypeString,
+				Optional:     true,
+				Computed:     true,
+				ValidateFunc: validateASGScheduleTimestamp,
+			},
+			"end_time": &schema.Schema{
+				Type:         schema.TypeString,
+				Optional:     true,
+				Computed:     true,
+				ValidateFunc: validateASGScheduleTimestamp,
+			},
+			"recurrence": &schema.Schema{
+				Type:     schema.TypeString,
+				Optional: true,
+				Computed: true,
+			},
+			"min_size": &schema.Schema{
+				Type:     schema.TypeInt,
+				Optional: true,
+				Computed: true,
+			},
+			"max_size": &schema.Schema{
+				Type:     schema.TypeInt,
+				Optional: true,
+				Computed: true,
+			},
+			"desired_capacity": &schema.Schema{
+				Type:     schema.TypeInt,
+				Optional: true,
+				Computed: true,
+			},
+		},
+	}
+}
+
+func resourceAwsAutoscalingScheduleCreate(d *schema.ResourceData, meta interface{}) error {
+	autoscalingconn := meta.(*AWSClient).autoscalingconn
+	params := &autoscaling.PutScheduledUpdateGroupActionInput{
+		AutoScalingGroupName: aws.String(d.Get("autoscaling_group_name").(string)),
+		ScheduledActionName:  aws.String(d.Get("scheduled_action_name").(string)),
+	}
+
+	if attr, ok := d.GetOk("start_time"); ok {
+		t, err := time.Parse(awsAutoscalingScheduleTimeLayout, attr.(string))
+		if err != nil {
+			return fmt.Errorf("Error Parsing AWS Autoscaling Group Schedule Start Time: %s", err.Error())
+		}
+		params.StartTime = aws.Time(t)
+	}
+
+	if attr, ok := d.GetOk("end_time"); ok {
+		t, err := time.Parse(awsAutoscalingScheduleTimeLayout, attr.(string))
+		if err != nil {
+			return fmt.Errorf("Error Parsing AWS Autoscaling Group Schedule End Time: %s", err.Error())
+		}
+		params.EndTime = aws.Time(t)
+	}
+
+	if attr, ok := d.GetOk("recurrance"); ok {
+		params.Recurrence = aws.String(attr.(string))
+	}
+
+	if attr, ok := d.GetOk("min_size"); ok {
+		params.MinSize = aws.Int64(int64(attr.(int)))
+	}
+
+	if attr, ok := d.GetOk("max_size"); ok {
+		params.MaxSize = aws.Int64(int64(attr.(int)))
+	}
+
+	if attr, ok := d.GetOk("desired_capacity"); ok {
+		params.DesiredCapacity = aws.Int64(int64(attr.(int)))
+	}
+
+	log.Printf("[INFO] Creating Autoscaling Scheduled Action: %s", d.Get("scheduled_action_name").(string))
+	_, err := autoscalingconn.PutScheduledUpdateGroupAction(params)
+	if err != nil {
+		return fmt.Errorf("Error Creating Autoscaling Scheduled Action: %s", err.Error())
+	}
+
+	d.SetId(d.Get("scheduled_action_name").(string))
+
+	return resourceAwsAutoscalingScheduleRead(d, meta)
+}
+
+func resourceAwsAutoscalingScheduleRead(d *schema.ResourceData, meta interface{}) error {
+	sa, err := resourceAwsASGScheduledActionRetrieve(d, meta)
+	if err != nil {
+		return err
+	}
+
+	d.Set("autoscaling_group_name", sa.AutoScalingGroupName)
+	d.Set("arn", sa.ScheduledActionARN)
+	d.Set("desired_capacity", sa.DesiredCapacity)
+	d.Set("min_size", sa.MinSize)
+	d.Set("max_size", sa.MaxSize)
+	d.Set("recurrance", sa.Recurrence)
+	d.Set("start_time", sa.StartTime.Format(awsAutoscalingScheduleTimeLayout))
+	d.Set("end_time", sa.EndTime.Format(awsAutoscalingScheduleTimeLayout))
+
+	return nil
+}
+
+func resourceAwsAutoscalingScheduleDelete(d *schema.ResourceData, meta interface{}) error {
+	autoscalingconn := meta.(*AWSClient).autoscalingconn
+
+	params := &autoscaling.DeleteScheduledActionInput{
+		AutoScalingGroupName: aws.String(d.Get("autoscaling_group_name").(string)),
+		ScheduledActionName:  aws.String(d.Id()),
+	}
+
+	log.Printf("[INFO] Deleting Autoscaling Scheduled Action: %s", d.Id())
+	_, err := autoscalingconn.DeleteScheduledAction(params)
+	if err != nil {
+		return fmt.Errorf("Error deleting Autoscaling Scheduled Action: %s", err.Error())
+	}
+
+	return nil
+}
+
+func resourceAwsASGScheduledActionRetrieve(d *schema.ResourceData, meta interface{}) (*autoscaling.ScheduledUpdateGroupAction, error) {
+	autoscalingconn := meta.(*AWSClient).autoscalingconn
+
+	params := &autoscaling.DescribeScheduledActionsInput{
+		AutoScalingGroupName: aws.String(d.Get("autoscaling_group_name").(string)),
+		ScheduledActionNames: []*string{aws.String(d.Id())},
+	}
+
+	log.Printf("[INFO] Describing Autoscaling Scheduled Action: %+v", params)
+	actions, err := autoscalingconn.DescribeScheduledActions(params)
+	if err != nil {
+		return nil, fmt.Errorf("Error retrieving Autoscaling Scheduled Actions: %s", err)
+	}
+
+	if len(actions.ScheduledUpdateGroupActions) != 1 ||
+		*actions.ScheduledUpdateGroupActions[0].ScheduledActionName != d.Id() {
+		return nil, fmt.Errorf("Unable to find Autoscaling Scheduled Action: %#v", actions.ScheduledUpdateGroupActions)
+	}
+
+	return actions.ScheduledUpdateGroupActions[0], nil
+}
+
+func validateASGScheduleTimestamp(v interface{}, k string) (ws []string, errors []error) {
+	value := v.(string)
+	_, err := time.Parse(awsAutoscalingScheduleTimeLayout, value)
+	if err != nil {
+		errors = append(errors, fmt.Errorf(
+			"%q cannot be parsed as iso8601 Timestamp Format", value))
+	}
+
+	return
+}
diff --git a/builtin/providers/aws/resource_aws_autoscaling_schedule_test.go b/builtin/providers/aws/resource_aws_autoscaling_schedule_test.go
new file mode 100644
index 000000000000..3bd031526763
--- /dev/null
+++ b/builtin/providers/aws/resource_aws_autoscaling_schedule_test.go
@@ -0,0 +1,117 @@
+package aws
+
+import (
+	"fmt"
+	"testing"
+
+	"github.com/aws/aws-sdk-go/aws"
+	"github.com/aws/aws-sdk-go/service/autoscaling"
+	"github.com/hashicorp/terraform/helper/resource"
+	"github.com/hashicorp/terraform/terraform"
+)
+
+func TestAccAWSAutoscalingSchedule_basic(t *testing.T) {
+	var schedule autoscaling.ScheduledUpdateGroupAction
+
+	resource.Test(t, resource.TestCase{
+		PreCheck:     func() { testAccPreCheck(t) },
+		Providers:    testAccProviders,
+		CheckDestroy: testAccCheckAWSAutoscalingScheduleDestroy,
+		Steps: []resource.TestStep{
+			resource.TestStep{
+				Config: testAccAWSAutoscalingScheduleConfig,
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckScalingScheduleExists("aws_autoscaling_schedule.foobar", &schedule),
+				),
+			},
+		},
+	})
+}
+
+func testAccCheckScalingScheduleExists(n string, policy *autoscaling.ScheduledUpdateGroupAction) resource.TestCheckFunc {
+	return func(s *terraform.State) error {
+		rs, ok := s.RootModule().Resources[n]
+		if !ok {
+			return fmt.Errorf("Not found: %s", n)
+		}
+
+		autoScalingGroup, _ := rs.Primary.Attributes["autoscaling_group_name"]
+		conn := testAccProvider.Meta().(*AWSClient).autoscalingconn
+		params := &autoscaling.DescribeScheduledActionsInput{
+			AutoScalingGroupName: aws.String(autoScalingGroup),
+			ScheduledActionNames: []*string{aws.String(rs.Primary.ID)},
+		}
+
+		resp, err := conn.DescribeScheduledActions(params)
+		if err != nil {
+			return err
+		}
+		if len(resp.ScheduledUpdateGroupActions) == 0 {
+			return fmt.Errorf("Scaling Schedule not found")
+		}
+
+		return nil
+	}
+}
+
+func testAccCheckAWSAutoscalingScheduleDestroy(s *terraform.State) error {
+	conn := testAccProvider.Meta().(*AWSClient).autoscalingconn
+
+	for _, rs := range s.RootModule().Resources {
+		if rs.Type != "aws_autoscaling_schedule" {
+			continue
+		}
+
+		autoScalingGroup, _ := rs.Primary.Attributes["autoscaling_group_name"]
+		params := &autoscaling.DescribeScheduledActionsInput{
+			AutoScalingGroupName: aws.String(autoScalingGroup),
+			ScheduledActionNames: []*string{aws.String(rs.Primary.ID)},
+		}
+
+		resp, err := conn.DescribeScheduledActions(params)
+
+		if err == nil {
+			if len(resp.ScheduledUpdateGroupActions) != 0 &&
+				*resp.ScheduledUpdateGroupActions[0].ScheduledActionName == rs.Primary.ID {
+				return fmt.Errorf("Scaling Schedule Still Exists: %s", rs.Primary.ID)
+			}
+		}
+	}
+
+	return nil
+}
+
+var testAccAWSAutoscalingScheduleConfig = fmt.Sprintf(`
+resource "aws_launch_configuration" "foobar" {
+    name = "terraform-test-foobar5"
+    image_id = "ami-21f78e11"
+    instance_type = "t1.micro"
+}
+
+resource "aws_autoscaling_group" "foobar" {
+    availability_zones = ["us-west-2a"]
+    name = "terraform-test-foobar5"
+    max_size = 1
+    min_size = 1
+    health_check_grace_period = 300
+    health_check_type = "ELB"
+    force_delete = true
+    termination_policies = ["OldestInstance"]
+    launch_configuration = "${aws_launch_configuration.foobar.name}"
+    tag {
+        key = "Foo"
+        value = "foo-bar"
+        propagate_at_launch = true
+    }
+}
+
+resource "aws_autoscaling_schedule" "foobar" {
+    scheduled_action_name = "foobar"
+    min_size = 0
+    max_size = 1
+    desired_capacity = 0
+    start_time = "2016-12-11T18:00:00Z"
+    end_time = "2016-12-12T06:00:00Z"
+    autoscaling_group_name = "${aws_autoscaling_group.foobar.name}"
+}
+`)
diff --git a/builtin/providers/aws/resource_aws_ebs_volume.go b/builtin/providers/aws/resource_aws_ebs_volume.go
index 1680b4f533e0..3046ac46c6d8 100644
--- a/builtin/providers/aws/resource_aws_ebs_volume.go
+++ b/builtin/providers/aws/resource_aws_ebs_volume.go
@@ -76,9 +76,6 @@ func resourceAwsEbsVolumeCreate(d *schema.ResourceData, meta interface{}) error
 	if value, ok := d.GetOk("encrypted"); ok {
 		request.Encrypted = aws.Bool(value.(bool))
 	}
-	if value, ok := d.GetOk("iops"); ok {
-		request.Iops = aws.Int64(int64(value.(int)))
-	}
 	if value, ok := d.GetOk("kms_key_id"); ok {
 		request.KmsKeyId = aws.String(value.(string))
 	}
@@ -88,18 +85,35 @@ func resourceAwsEbsVolumeCreate(d *schema.ResourceData, meta interface{}) error
 	if value, ok := d.GetOk("snapshot_id"); ok {
 		request.SnapshotId = aws.String(value.(string))
 	}
+
+	// IOPs are only valid, and required for, storage type io1. The current minimu
+	// is 100. Instead of a hard validation we we only apply the IOPs to the
+	// request if the type is io1, and log a warning otherwise. This allows users
+	// to "disable" iops. See https://github.com/hashicorp/terraform/pull/4146
+	var t string
 	if value, ok := d.GetOk("type"); ok {
-		request.VolumeType = aws.String(value.(string))
+		t = value.(string)
+		request.VolumeType = aws.String(t)
+	}
+
+	iops := d.Get("iops").(int)
+	if t != "io1" && iops > 0 {
+		log.Printf("[WARN] IOPs is only valid for storate type io1 for EBS Volumes")
+	} else if t == "io1" {
+		// We add the iops value without validating it's size, to allow AWS to
+		// enforce a size requirement (currently 100)
+		request.Iops = aws.Int64(int64(iops))
 	}
 
+	log.Printf(
+		"[DEBUG] EBS Volume create opts: %s", request)
 	result, err := conn.CreateVolume(request)
 	if err != nil {
 		return fmt.Errorf("Error creating EC2 volume: %s", err)
 	}
 
-	log.Printf(
-		"[DEBUG] Waiting for Volume (%s) to become available",
-		d.Id())
+	log.Println(
+		"[DEBUG] Waiting for Volume to become available")
 
 	stateConf := &resource.StateChangeConf{
 		Pending:    []string{"creating"},
@@ -199,9 +213,6 @@ func readVolume(d *schema.ResourceData, volume *ec2.Volume) error {
 	if volume.Encrypted != nil {
 		d.Set("encrypted", *volume.Encrypted)
 	}
-	if volume.Iops != nil {
-		d.Set("iops", *volume.Iops)
-	}
 	if volume.KmsKeyId != nil {
 		d.Set("kms_key_id", *volume.KmsKeyId)
 	}
@@ -214,6 +225,17 @@ func readVolume(d *schema.ResourceData, volume *ec2.Volume) error {
 	if volume.VolumeType != nil {
 		d.Set("type", *volume.VolumeType)
 	}
+
+	if volume.VolumeType != nil && *volume.VolumeType == "io1" {
+		// Only set the iops attribute if the volume type is io1. Setting otherwise
+		// can trigger a refresh/plan loop based on the computed value that is given
+		// from AWS, and prevent us from specifying 0 as a valid iops.
+		//   See https://github.com/hashicorp/terraform/pull/4146
+		if volume.Iops != nil {
+			d.Set("iops", *volume.Iops)
+		}
+	}
+
 	if volume.Tags != nil {
 		d.Set("tags", tagsToMap(volume.Tags))
 	}
diff --git a/builtin/providers/aws/resource_aws_ebs_volume_test.go b/builtin/providers/aws/resource_aws_ebs_volume_test.go
index aab92eb01122..940c8157cabf 100644
--- a/builtin/providers/aws/resource_aws_ebs_volume_test.go
+++ b/builtin/providers/aws/resource_aws_ebs_volume_test.go
@@ -26,6 +26,22 @@ func TestAccAWSEBSVolume_basic(t *testing.T) {
 	})
 }
 
+func TestAccAWSEBSVolume_NoIops(t *testing.T) {
+	var v ec2.Volume
+	resource.Test(t, resource.TestCase{
+		PreCheck:  func() { testAccPreCheck(t) },
+		Providers: testAccProviders,
+		Steps: []resource.TestStep{
+			resource.TestStep{
+				Config: testAccAwsEbsVolumeConfigWithNoIops,
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckVolumeExists("aws_ebs_volume.iops_test", &v),
+				),
+			},
+		},
+	})
+}
+
 func TestAccAWSEBSVolume_withTags(t *testing.T) {
 	var v ec2.Volume
 	resource.Test(t, resource.TestCase{
@@ -86,3 +102,15 @@ resource "aws_ebs_volume" "tags_test" {
 	}
 }
 `
+
+const testAccAwsEbsVolumeConfigWithNoIops = `
+resource "aws_ebs_volume" "iops_test" {
+	availability_zone = "us-west-2a"
+	size = 10
+  type = "gp2"
+	iops = 0
+	tags {
+		Name = "TerraformTest"
+	}
+}
+`
diff --git a/builtin/providers/aws/structure.go b/builtin/providers/aws/structure.go
index b5ca83a797d8..748ecc88be8d 100644
--- a/builtin/providers/aws/structure.go
+++ b/builtin/providers/aws/structure.go
@@ -399,10 +399,16 @@ func flattenEcsContainerDefinitions(definitions []*ecs.ContainerDefinition) (str
 func flattenParameters(list []*rds.Parameter) []map[string]interface{} {
 	result := make([]map[string]interface{}, 0, len(list))
 	for _, i := range list {
-		result = append(result, map[string]interface{}{
-			"name":  strings.ToLower(*i.ParameterName),
-			"value": strings.ToLower(*i.ParameterValue),
-		})
+		if i.ParameterName != nil {
+			r := make(map[string]interface{})
+			r["name"] = strings.ToLower(*i.ParameterName)
+			// Default empty string, guard against nil parameter values
+			r["value"] = ""
+			if i.ParameterValue != nil {
+				r["value"] = strings.ToLower(*i.ParameterValue)
+			}
+			result = append(result, r)
+		}
 	}
 	return result
 }
diff --git a/builtin/providers/azure/resource_azure_instance.go b/builtin/providers/azure/resource_azure_instance.go
index 8a643931c3d3..c30b07ea41e5 100644
--- a/builtin/providers/azure/resource_azure_instance.go
+++ b/builtin/providers/azure/resource_azure_instance.go
@@ -682,7 +682,7 @@ func retrieveImageDetails(
 func retrieveVMImageDetails(
 	vmImageClient virtualmachineimage.Client,
 	label string) (func(*virtualmachine.Role) error, string, []string, error) {
-	imgs, err := vmImageClient.ListVirtualMachineImages()
+	imgs, err := vmImageClient.ListVirtualMachineImages(virtualmachineimage.ListParameters{})
 	if err != nil {
 		return nil, "", nil, fmt.Errorf("Error retrieving image details: %s", err)
 	}
diff --git a/builtin/providers/chef/provider.go b/builtin/providers/chef/provider.go
new file mode 100644
index 000000000000..7a04b977583e
--- /dev/null
+++ b/builtin/providers/chef/provider.go
@@ -0,0 +1,112 @@
+package chef
+
+import (
+	"encoding/json"
+	"fmt"
+	"io/ioutil"
+	"os"
+	"strings"
+	"time"
+
+	"github.com/hashicorp/terraform/helper/schema"
+	"github.com/hashicorp/terraform/terraform"
+
+	chefc "github.com/go-chef/chef"
+)
+
+func Provider() terraform.ResourceProvider {
+	return &schema.Provider{
+		Schema: map[string]*schema.Schema{
+			"server_url": &schema.Schema{
+				Type:        schema.TypeString,
+				Required:    true,
+				DefaultFunc: schema.EnvDefaultFunc("CHEF_SERVER_URL", nil),
+				Description: "URL of the root of the target Chef server or organization.",
+			},
+			"client_name": &schema.Schema{
+				Type:        schema.TypeString,
+				Required:    true,
+				DefaultFunc: schema.EnvDefaultFunc("CHEF_CLIENT_NAME", nil),
+				Description: "Name of a registered client within the Chef server.",
+			},
+			"private_key_pem": &schema.Schema{
+				Type:        schema.TypeString,
+				Required:    true,
+				DefaultFunc: providerPrivateKeyEnvDefault,
+				Description: "PEM-formatted private key for client authentication.",
+			},
+			"allow_unverified_ssl": &schema.Schema{
+				Type:        schema.TypeBool,
+				Optional:    true,
+				Description: "If set, the Chef client will permit unverifiable SSL certificates.",
+			},
+		},
+
+		ResourcesMap: map[string]*schema.Resource{
+			//"chef_acl":           resourceChefAcl(),
+			//"chef_client":        resourceChefClient(),
+			//"chef_cookbook":      resourceChefCookbook(),
+			"chef_data_bag":      resourceChefDataBag(),
+			"chef_data_bag_item": resourceChefDataBagItem(),
+			"chef_environment":   resourceChefEnvironment(),
+			"chef_node":          resourceChefNode(),
+			"chef_role":          resourceChefRole(),
+		},
+
+		ConfigureFunc: providerConfigure,
+	}
+}
+
+func providerConfigure(d *schema.ResourceData) (interface{}, error) {
+	config := &chefc.Config{
+		Name:    d.Get("client_name").(string),
+		Key:     d.Get("private_key_pem").(string),
+		BaseURL: d.Get("server_url").(string),
+		SkipSSL: d.Get("allow_unverified_ssl").(bool),
+		Timeout: 10 * time.Second,
+	}
+
+	return chefc.NewClient(config)
+}
+
+func providerPrivateKeyEnvDefault() (interface{}, error) {
+	if fn := os.Getenv("CHEF_PRIVATE_KEY_FILE"); fn != "" {
+		contents, err := ioutil.ReadFile(fn)
+		if err != nil {
+			return nil, err
+		}
+		return string(contents), nil
+	}
+
+	return nil, nil
+}
+
+func jsonStateFunc(value interface{}) string {
+	// Parse and re-stringify the JSON to make sure it's always kept
+	// in a normalized form.
+	in, ok := value.(string)
+	if !ok {
+		return "null"
+	}
+	var tmp map[string]interface{}
+
+	// Assuming the value must be valid JSON since it passed okay through
+	// our prepareDataBagItemContent function earlier.
+	json.Unmarshal([]byte(in), &tmp)
+
+	jsonValue, _ := json.Marshal(&tmp)
+	return string(jsonValue)
+}
+
+func runListEntryStateFunc(value interface{}) string {
+	// Recipes in run lists can either be naked, like "foo", or can
+	// be explicitly qualified as "recipe[foo]". Whichever form we use,
+	// the server will always normalize to the explicit form,
+	// so we'll normalize too and then we won't generate unnecessary
+	// diffs when we refresh.
+	in := value.(string)
+	if !strings.Contains(in, "[") {
+		return fmt.Sprintf("recipe[%s]", in)
+	}
+	return in
+}
diff --git a/builtin/providers/chef/provider_test.go b/builtin/providers/chef/provider_test.go
new file mode 100644
index 000000000000..1d12945f4604
--- /dev/null
+++ b/builtin/providers/chef/provider_test.go
@@ -0,0 +1,62 @@
+package chef
+
+import (
+	"os"
+	"testing"
+
+	"github.com/hashicorp/terraform/helper/schema"
+	"github.com/hashicorp/terraform/terraform"
+)
+
+// To run these acceptance tests, you will need access to a Chef server.
+// An easy way to get one is to sign up for a hosted Chef server account
+// at https://manage.chef.io/signup , after which your base URL will
+// be something like https://api.opscode.com/organizations/example/ .
+// You will also need to create a "client" and write its private key to
+// a file somewhere.
+//
+// You can then set the following environment variables to make these
+// tests work:
+// CHEF_SERVER_URL to the base URL as described above.
+// CHEF_CLIENT_NAME to the name of the client object you created.
+// CHEF_PRIVATE_KEY_FILE to the path to the private key file you created.
+//
+// You will probably need to edit the global permissions on your Chef
+// Server account to allow this client (or all clients, if you're lazy)
+// to have both List and Create access on all types of object:
+//     https://manage.chef.io/organizations/saymedia/global_permissions
+//
+// With all of that done, you can run like this:
+//    make testacc TEST=./builtin/providers/chef
+
+var testAccProviders map[string]terraform.ResourceProvider
+var testAccProvider *schema.Provider
+
+func init() {
+	testAccProvider = Provider().(*schema.Provider)
+	testAccProviders = map[string]terraform.ResourceProvider{
+		"chef": testAccProvider,
+	}
+}
+
+func TestProvider(t *testing.T) {
+	if err := Provider().(*schema.Provider).InternalValidate(); err != nil {
+		t.Fatalf("err: %s", err)
+	}
+}
+
+func TestProvider_impl(t *testing.T) {
+	var _ terraform.ResourceProvider = Provider()
+}
+
+func testAccPreCheck(t *testing.T) {
+	if v := os.Getenv("CHEF_SERVER_URL"); v == "" {
+		t.Fatal("CHEF_SERVER_URL must be set for acceptance tests")
+	}
+	if v := os.Getenv("CHEF_CLIENT_NAME"); v == "" {
+		t.Fatal("CHEF_CLIENT_NAME must be set for acceptance tests")
+	}
+	if v := os.Getenv("CHEF_PRIVATE_KEY_FILE"); v == "" {
+		t.Fatal("CHEF_PRIVATE_KEY_FILE must be set for acceptance tests")
+	}
+}
diff --git a/builtin/providers/chef/resource_data_bag.go b/builtin/providers/chef/resource_data_bag.go
new file mode 100644
index 000000000000..a9c08748cdc3
--- /dev/null
+++ b/builtin/providers/chef/resource_data_bag.go
@@ -0,0 +1,77 @@
+package chef
+
+import (
+	"github.com/hashicorp/terraform/helper/schema"
+
+	chefc "github.com/go-chef/chef"
+)
+
+func resourceChefDataBag() *schema.Resource {
+	return &schema.Resource{
+		Create: CreateDataBag,
+		Read:   ReadDataBag,
+		Delete: DeleteDataBag,
+
+		Schema: map[string]*schema.Schema{
+			"name": &schema.Schema{
+				Type:     schema.TypeString,
+				Required: true,
+				ForceNew: true,
+			},
+			"api_uri": &schema.Schema{
+				Type:     schema.TypeString,
+				Computed: true,
+			},
+		},
+	}
+}
+
+func CreateDataBag(d *schema.ResourceData, meta interface{}) error {
+	client := meta.(*chefc.Client)
+
+	dataBag := &chefc.DataBag{
+		Name: d.Get("name").(string),
+	}
+
+	result, err := client.DataBags.Create(dataBag)
+	if err != nil {
+		return err
+	}
+
+	d.SetId(dataBag.Name)
+	d.Set("api_uri", result.URI)
+	return nil
+}
+
+func ReadDataBag(d *schema.ResourceData, meta interface{}) error {
+	client := meta.(*chefc.Client)
+
+	// The Chef API provides no API to read a data bag's metadata,
+	// but we can try to read its items and use that as a proxy for
+	// whether it still exists.
+
+	name := d.Id()
+
+	_, err := client.DataBags.ListItems(name)
+	if err != nil {
+		if errRes, ok := err.(*chefc.ErrorResponse); ok {
+			if errRes.Response.StatusCode == 404 {
+				d.SetId("")
+				return nil
+			}
+		}
+	}
+	return err
+}
+
+func DeleteDataBag(d *schema.ResourceData, meta interface{}) error {
+	client := meta.(*chefc.Client)
+
+	name := d.Id()
+
+	_, err := client.DataBags.Delete(name)
+	if err == nil {
+		d.SetId("")
+	}
+	return err
+}
diff --git a/builtin/providers/chef/resource_data_bag_item.go b/builtin/providers/chef/resource_data_bag_item.go
new file mode 100644
index 000000000000..ff6f7ac67327
--- /dev/null
+++ b/builtin/providers/chef/resource_data_bag_item.go
@@ -0,0 +1,120 @@
+package chef
+
+import (
+	"encoding/json"
+	"fmt"
+
+	"github.com/hashicorp/terraform/helper/schema"
+
+	chefc "github.com/go-chef/chef"
+)
+
+func resourceChefDataBagItem() *schema.Resource {
+	return &schema.Resource{
+		Create: CreateDataBagItem,
+		Read:   ReadDataBagItem,
+		Delete: DeleteDataBagItem,
+
+		Schema: map[string]*schema.Schema{
+			"data_bag_name": &schema.Schema{
+				Type:     schema.TypeString,
+				Required: true,
+				ForceNew: true,
+			},
+			"content_json": &schema.Schema{
+				Type:      schema.TypeString,
+				Required:  true,
+				ForceNew:  true,
+				StateFunc: jsonStateFunc,
+			},
+			"id": &schema.Schema{
+				Type:     schema.TypeString,
+				Computed: true,
+			},
+		},
+	}
+}
+
+func CreateDataBagItem(d *schema.ResourceData, meta interface{}) error {
+	client := meta.(*chefc.Client)
+
+	dataBagName := d.Get("data_bag_name").(string)
+	itemId, itemContent, err := prepareDataBagItemContent(d.Get("content_json").(string))
+	if err != nil {
+		return err
+	}
+
+	err = client.DataBags.CreateItem(dataBagName, itemContent)
+	if err != nil {
+		return err
+	}
+
+	d.SetId(itemId)
+	d.Set("id", itemId)
+	return nil
+}
+
+func ReadDataBagItem(d *schema.ResourceData, meta interface{}) error {
+	client := meta.(*chefc.Client)
+
+	// The Chef API provides no API to read a data bag's metadata,
+	// but we can try to read its items and use that as a proxy for
+	// whether it still exists.
+
+	itemId := d.Id()
+	dataBagName := d.Get("data_bag_name").(string)
+
+	value, err := client.DataBags.GetItem(dataBagName, itemId)
+	if err != nil {
+		if errRes, ok := err.(*chefc.ErrorResponse); ok {
+			if errRes.Response.StatusCode == 404 {
+				d.SetId("")
+				return nil
+			}
+		} else {
+			return err
+		}
+	}
+
+	jsonContent, err := json.Marshal(value)
+	if err != nil {
+		return err
+	}
+
+	d.Set("content_json", string(jsonContent))
+
+	return nil
+}
+
+func DeleteDataBagItem(d *schema.ResourceData, meta interface{}) error {
+	client := meta.(*chefc.Client)
+
+	itemId := d.Id()
+	dataBagName := d.Get("data_bag_name").(string)
+
+	err := client.DataBags.DeleteItem(dataBagName, itemId)
+	if err == nil {
+		d.SetId("")
+		d.Set("id", "")
+	}
+	return err
+}
+
+func prepareDataBagItemContent(contentJson string) (string, interface{}, error) {
+	var value map[string]interface{}
+	err := json.Unmarshal([]byte(contentJson), &value)
+	if err != nil {
+		return "", nil, err
+	}
+
+	var itemId string
+	if itemIdI, ok := value["id"]; ok {
+		itemId, _ = itemIdI.(string)
+	}
+
+	if itemId == "" {
+		return "", nil, fmt.Errorf("content_json must have id attribute, set to a string")
+	}
+
+	return itemId, value, nil
+}
diff --git a/builtin/providers/chef/resource_data_bag_item_test.go b/builtin/providers/chef/resource_data_bag_item_test.go
new file mode 100644
index 000000000000..9630d8b6c878
--- /dev/null
+++ b/builtin/providers/chef/resource_data_bag_item_test.go
@@ -0,0 +1,95 @@
+package chef
+
+import (
+	"fmt"
+	"reflect"
+	"testing"
+
+	chefc "github.com/go-chef/chef"
+
+	"github.com/hashicorp/terraform/helper/resource"
+	"github.com/hashicorp/terraform/terraform"
+)
+
+func TestAccDataBagItem_basic(t *testing.T) {
+	var dataBagItemName string
+	resource.Test(t, resource.TestCase{
+		PreCheck:     func() { testAccPreCheck(t) },
+		Providers:    testAccProviders,
+		CheckDestroy: testAccDataBagItemCheckDestroy(dataBagItemName),
+		Steps: []resource.TestStep{
+			resource.TestStep{
+				Config: testAccDataBagItemConfig_basic,
+				Check: testAccDataBagItemCheck(
+					"chef_data_bag_item.test", &dataBagItemName,
+				),
+			},
+		},
+	})
+}
+
+func testAccDataBagItemCheck(rn string, name *string) resource.TestCheckFunc {
+	return func(s *terraform.State) error {
+		rs, ok := s.RootModule().Resources[rn]
+		if !ok {
+			return fmt.Errorf("resource not found: %s", rn)
+		}
+
+		if rs.Primary.ID == "" {
+			return fmt.Errorf("data bag item id not set")
+		}
+
+		client := testAccProvider.Meta().(*chefc.Client)
+		content, err := client.DataBags.GetItem("terraform-acc-test-bag-item-basic", rs.Primary.ID)
+		if err != nil {
+			return fmt.Errorf("error getting data bag item: %s", err)
+		}
+
+		expectedContent := map[string]interface{}{
+			"id":             "terraform_acc_test",
+			"something_else": true,
+		}
+		if !reflect.DeepEqual(content, expectedContent) {
+			return fmt.Errorf("wrong content: expected %#v, got %#v", expectedContent, content)
+		}
+
+		if expected := "terraform_acc_test"; rs.Primary.Attributes["id"] != expected {
+			return fmt.Errorf("wrong id; expected %#v, got %#v", expected, rs.Primary.Attributes["id"])
+		}
+
+		*name = rs.Primary.ID
+
+		return nil
+	}
+}
+
+func testAccDataBagItemCheckDestroy(name string) resource.TestCheckFunc {
+	return func(s *terraform.State) error {
+		client := testAccProvider.Meta().(*chefc.Client)
+		_, err := client.DataBags.GetItem("terraform-acc-test-bag-item-basic", name)
+		if err == nil {
+			return fmt.Errorf("data bag item still exists")
+		}
+		if _, ok := err.(*chefc.ErrorResponse); err != nil && !ok {
+			return fmt.Errorf("got something other than an HTTP error (%v) when getting data bag item", err)
+		}
+
+		return nil
+	}
+}
+
+const testAccDataBagItemConfig_basic = `
+resource "chef_data_bag" "test" {
+  name = "terraform-acc-test-bag-item-basic"
+}
+resource "chef_data_bag_item" "test" {
+  data_bag_name = "terraform-acc-test-bag-item-basic"
+  depends_on = ["chef_data_bag.test"]
+  content_json = <<EOT
+{
+    "id": "terraform_acc_test",
+    "something_else": true
+}
+EOT
+}
+`
diff --git a/builtin/providers/chef/resource_data_bag_test.go b/builtin/providers/chef/resource_data_bag_test.go
new file mode 100644
index 000000000000..92b74e5df6fa
--- /dev/null
+++ b/builtin/providers/chef/resource_data_bag_test.go
@@ -0,0 +1,70 @@
+package chef
+
+import (
+	"fmt"
+	"testing"
+
+	chefc "github.com/go-chef/chef"
+
+	"github.com/hashicorp/terraform/helper/resource"
+	"github.com/hashicorp/terraform/terraform"
+)
+
+func TestAccDataBag_basic(t *testing.T) {
+	var dataBagName string
+	resource.Test(t, resource.TestCase{
+		PreCheck:     func() { testAccPreCheck(t) },
+		Providers:    testAccProviders,
+		CheckDestroy: testAccDataBagCheckDestroy(dataBagName),
+		Steps: []resource.TestStep{
+			resource.TestStep{
+				Config: testAccDataBagConfig_basic,
+				Check: testAccDataBagCheckExists("chef_data_bag.test", &dataBagName),
+			},
+		},
+	})
+}
+
+func testAccDataBagCheckExists(rn string, name *string) resource.TestCheckFunc {
+	return func(s *terraform.State) error {
+		rs, ok := s.RootModule().Resources[rn]
+		if !ok {
+			return fmt.Errorf("resource not found: %s", rn)
+		}
+
+		if rs.Primary.ID == "" {
+			return fmt.Errorf("data bag id not set")
+		}
+
+		client := testAccProvider.Meta().(*chefc.Client)
+		_, err := client.DataBags.ListItems(rs.Primary.ID)
+		if err != nil {
+			return fmt.Errorf("error getting data bag: %s", err)
+		}
+
+		*name = rs.Primary.ID
+
+		return nil
+	}
+}
+
+func testAccDataBagCheckDestroy(name string) resource.TestCheckFunc {
+	return func(s *terraform.State) error {
+		client := testAccProvider.Meta().(*chefc.Client)
+		result, err := client.DataBags.ListItems(name)
+		if err == nil && len(*result) != 0 {
+			return fmt.Errorf("data bag still exists")
+		}
+		if _, ok := err.(*chefc.ErrorResponse); err != nil && !ok {
+			return fmt.Errorf("got something other than an HTTP error (%v) when getting data bag", err)
+		}
+
+		return nil
+	}
+}
+
+const testAccDataBagConfig_basic = `
+resource "chef_data_bag" "test" {
+  name = "terraform-acc-test-basic"
+}
+`
diff --git a/builtin/providers/chef/resource_environment.go b/builtin/providers/chef/resource_environment.go
new file mode 100644
index 000000000000..605f037acbbb
--- /dev/null
+++ b/builtin/providers/chef/resource_environment.go
@@ -0,0 +1,183 @@
+package chef
+
+import (
+	"encoding/json"
+	"fmt"
+
+	"github.com/hashicorp/terraform/helper/schema"
+
+	chefc "github.com/go-chef/chef"
+)
+
+func resourceChefEnvironment() *schema.Resource {
+	return &schema.Resource{
+		Create: CreateEnvironment,
+		Update: UpdateEnvironment,
+		Read:   ReadEnvironment,
+		Delete: DeleteEnvironment,
+
+		Schema: map[string]*schema.Schema{
+			"name": &schema.Schema{
+				Type:     schema.TypeString,
+				Required: true,
+				ForceNew: true,
+			},
+			"description": &schema.Schema{
+				Type:     schema.TypeString,
+				Optional: true,
+				Default:  "Managed by Terraform",
+			},
+			"default_attributes_json": &schema.Schema{
+				Type:      schema.TypeString,
+				Optional:  true,
+				Default:   "{}",
+				StateFunc: jsonStateFunc,
+			},
+			"override_attributes_json": &schema.Schema{
+				Type:      schema.TypeString,
+				Optional:  true,
+				Default:   "{}",
+				StateFunc: jsonStateFunc,
+			},
+			"cookbook_constraints": &schema.Schema{
+				Type:     schema.TypeMap,
+				Optional: true,
+				Elem: &schema.Schema{
+					Type: schema.TypeString,
+				},
+			},
+		},
+	}
+}
+
+func CreateEnvironment(d *schema.ResourceData, meta interface{}) error {
+	client := meta.(*chefc.Client)
+
+	env, err := environmentFromResourceData(d)
+	if err != nil {
+		return err
+	}
+
+	_, err = client.Environments.Create(env)
+	if err != nil {
+		return err
+	}
+
+	d.SetId(env.Name)
+	return ReadEnvironment(d, meta)
+}
+
+func UpdateEnvironment(d *schema.ResourceData, meta interface{}) error {
+	client := meta.(*chefc.Client)
+
+	env, err := environmentFromResourceData(d)
+	if err != nil {
+		return err
+	}
+
+	_, err = client.Environments.Put(env)
+	if err != nil {
+		return err
+	}
+
+	d.SetId(env.Name)
+	return ReadEnvironment(d, meta)
+}
+
+func ReadEnvironment(d *schema.ResourceData, meta interface{}) error {
+	client := meta.(*chefc.Client)
+
+	name := d.Id()
+
+	env, err := client.Environments.Get(name)
+	if err != nil {
+		if errRes, ok := err.(*chefc.ErrorResponse); ok {
+			if errRes.Response.StatusCode == 404 {
+				d.SetId("")
+				return nil
+			}
+		} else {
+			return err
+		}
+	}
+
+	d.Set("name", env.Name)
+	d.Set("description", env.Description)
+
+	defaultAttrJson, err := json.Marshal(env.DefaultAttributes)
+	if err != nil {
+		return err
+	}
+	d.Set("default_attributes_json", defaultAttrJson)
+
+	overrideAttrJson, err := json.Marshal(env.OverrideAttributes)
+	if err != nil {
+		return err
+	}
+	d.Set("override_attributes_json", overrideAttrJson)
+
+	cookbookVersionsI := map[string]interface{}{}
+	for k, v := range env.CookbookVersions {
+		cookbookVersionsI[k] = v
+	}
+	d.Set("cookbook_constraints", cookbookVersionsI)
+
+	return nil
+}
+
+func DeleteEnvironment(d *schema.ResourceData, meta interface{}) error {
+	client := meta.(*chefc.Client)
+
+	name := d.Id()
+
+	// For some reason Environments.Delete is not exposed by the
+	// underlying client library, so we have to do this manually.
+
+	path := fmt.Sprintf("environments/%s", name)
+
+	httpReq, err := client.NewRequest("DELETE", path, nil)
+	if err != nil {
+		return err
+	}
+
+	_, err = client.Do(httpReq, nil)
+	if err == nil {
+		d.SetId("")
+	}
+
+	return err
+}
+
+func environmentFromResourceData(d *schema.ResourceData) (*chefc.Environment, error) {
+
+	env := &chefc.Environment{
+		Name:        d.Get("name").(string),
+		Description: d.Get("description").(string),
+		ChefType:    "environment",
+	}
+
+	var err error
+
+	err = json.Unmarshal(
+		[]byte(d.Get("default_attributes_json").(string)),
+		&env.DefaultAttributes,
+	)
+	if err != nil {
+		return nil, fmt.Errorf("default_attributes_json: %s", err)
+	}
+
+	err = json.Unmarshal(
+		[]byte(d.Get("override_attributes_json").(string)),
+		&env.OverrideAttributes,
+	)
+	if err != nil {
+		return nil, fmt.Errorf("override_attributes_json: %s", err)
+	}
+
+	env.CookbookVersions = make(map[string]string)
+	for k, vI := range d.Get("cookbook_constraints").(map[string]interface{}) {
+		env.CookbookVersions[k] = vI.(string)
+	}
+
+	return env, nil
+}
diff --git a/builtin/providers/chef/resource_environment_test.go b/builtin/providers/chef/resource_environment_test.go
new file mode 100644
index 000000000000..b441d2ffc42d
--- /dev/null
+++ b/builtin/providers/chef/resource_environment_test.go
@@ -0,0 +1,120 @@
+package chef
+
+import (
+	"fmt"
+	"reflect"
+	"testing"
+
+	chefc "github.com/go-chef/chef"
+
+	"github.com/hashicorp/terraform/helper/resource"
+	"github.com/hashicorp/terraform/terraform"
+)
+
+func TestAccEnvironment_basic(t *testing.T) {
+	var env chefc.Environment
+
+	resource.Test(t, resource.TestCase{
+		PreCheck:     func() { testAccPreCheck(t) },
+		Providers:    testAccProviders,
+		CheckDestroy: testAccEnvironmentCheckDestroy(&env),
+		Steps: []resource.TestStep{
+			resource.TestStep{
+				Config: testAccEnvironmentConfig_basic,
+				Check: resource.ComposeTestCheckFunc(
+					testAccEnvironmentCheckExists("chef_environment.test", &env),
+					func(s *terraform.State) error {
+
+						if expected := "terraform-acc-test-basic"; env.Name != expected {
+							return fmt.Errorf("wrong name; expected %v, got %v", expected, env.Name)
+						}
+						if expected := "Terraform Acceptance Tests"; env.Description != expected {
+							return fmt.Errorf("wrong description; expected %v, got %v", expected, env.Description)
+						}
+
+						expectedConstraints := map[string]string{
+							"terraform": "= 1.0.0",
+						}
+						if !reflect.DeepEqual(env.CookbookVersions, expectedConstraints) {
+							return fmt.Errorf("wrong cookbook constraints; expected %#v, got %#v", expectedConstraints, env.CookbookVersions)
+						}
+
+						var expectedAttributes interface{}
+						expectedAttributes = map[string]interface{}{
+							"terraform_acc_test": true,
+						}
+						if !reflect.DeepEqual(env.DefaultAttributes, expectedAttributes) {
+							return fmt.Errorf("wrong default attributes; expected %#v, got %#v", expectedAttributes, env.DefaultAttributes)
+						}
+						if !reflect.DeepEqual(env.OverrideAttributes, expectedAttributes) {
+							return fmt.Errorf("wrong override attributes; expected %#v, got %#v", expectedAttributes, env.OverrideAttributes)
+						}
+
+						return nil
+					},
+				),
+			},
+		},
+	})
+}
+
+func testAccEnvironmentCheckExists(rn string, env *chefc.Environment) resource.TestCheckFunc {
+	return func(s *terraform.State) error {
+		rs, ok := s.RootModule().Resources[rn]
+		if !ok {
+			return fmt.Errorf("resource not found: %s", rn)
+		}
+
+		if rs.Primary.ID == "" {
+			return fmt.Errorf("environment id not set")
+		}
+
+		client := testAccProvider.Meta().(*chefc.Client)
+		gotEnv, err := client.Environments.Get(rs.Primary.ID)
+		if err != nil {
+			return fmt.Errorf("error getting environment: %s", err)
+		}
+
+		*env = *gotEnv
+
+		return nil
+	}
+}
+
+func testAccEnvironmentCheckDestroy(env *chefc.Environment) resource.TestCheckFunc {
+	return func(s *terraform.State) error {
+		client := testAccProvider.Meta().(*chefc.Client)
+		_, err := client.Environments.Get(env.Name)
+		if err == nil {
+			return fmt.Errorf("environment still exists")
+		}
+		if _, ok := err.(*chefc.ErrorResponse); !ok {
+			// A more specific check is tricky because Chef Server can return
+			// a few different error codes in this case depending on which
+			// part of its stack catches the error.
+			return fmt.Errorf("got something other than an HTTP error (%v) when getting environment", err)
+		}
+
+		return nil
+	}
+}
+
+const testAccEnvironmentConfig_basic = `
+resource "chef_environment" "test" {
+  name = "terraform-acc-test-basic"
+  description = "Terraform Acceptance Tests"
+  default_attributes_json = <<EOT
+{
+     "terraform_acc_test": true
+}
+EOT
+  override_attributes_json = <<EOT
+{
+     "terraform_acc_test": true
+}
+EOT
+  cookbook_constraints = {
+    "terraform" = "= 1.0.0"
+  }
+}
+`
diff --git a/builtin/providers/chef/resource_node.go b/builtin/providers/chef/resource_node.go
new file mode 100644
index 000000000000..6ded52ce2fe2
--- /dev/null
+++ b/builtin/providers/chef/resource_node.go
@@ -0,0 +1,216 @@
+package chef
+
+import (
+	"encoding/json"
+	"fmt"
+
+	"github.com/hashicorp/terraform/helper/schema"
+
+	chefc "github.com/go-chef/chef"
+)
+
+func resourceChefNode() *schema.Resource {
+	return &schema.Resource{
+		Create: CreateNode,
+		Update: UpdateNode,
+		Read:   ReadNode,
+		Delete: DeleteNode,
+
+		Schema: map[string]*schema.Schema{
+			"name": &schema.Schema{
+				Type:     schema.TypeString,
+				Required: true,
+				ForceNew: true,
+			},
+			"environment_name": &schema.Schema{
+				Type:     schema.TypeString,
+				Optional: true,
+				Default:  "_default",
+			},
+			"automatic_attributes_json": &schema.Schema{
+				Type:      schema.TypeString,
+				Optional:  true,
+				Default:   "{}",
+				StateFunc: jsonStateFunc,
+			},
+			"normal_attributes_json": &schema.Schema{
+				Type:      schema.TypeString,
+				Optional:  true,
+				Default:   "{}",
+				StateFunc: jsonStateFunc,
+			},
+			"default_attributes_json": &schema.Schema{
+				Type:      schema.TypeString,
+				Optional:  true,
+				Default:   "{}",
+				StateFunc: jsonStateFunc,
+			},
+			"override_attributes_json": &schema.Schema{
+				Type:      schema.TypeString,
+				Optional:  true,
+				Default:   "{}",
+				StateFunc: jsonStateFunc,
+			},
+			"run_list": &schema.Schema{
+				Type:     schema.TypeList,
+				Optional: true,
+				Elem: &schema.Schema{
+					Type:      schema.TypeString,
+					StateFunc: runListEntryStateFunc,
+				},
+			},
+		},
+	}
+}
+
+func CreateNode(d *schema.ResourceData, meta interface{}) error {
+	client := meta.(*chefc.Client)
+
+	node, err := nodeFromResourceData(d)
+	if err != nil {
+		return err
+	}
+
+	_, err = client.Nodes.Post(*node)
+	if err != nil {
+		return err
+	}
+
+	d.SetId(node.Name)
+	return ReadNode(d, meta)
+}
+
+func UpdateNode(d *schema.ResourceData, meta interface{}) error {
+	client := meta.(*chefc.Client)
+
+	node, err := nodeFromResourceData(d)
+	if err != nil {
+		return err
+	}
+
+	_, err = client.Nodes.Put(*node)
+	if err != nil {
+		return err
+	}
+
+	d.SetId(node.Name)
+	return ReadNode(d, meta)
+}
+
+func ReadNode(d *schema.ResourceData, meta interface{}) error {
+	client := meta.(*chefc.Client)
+
+	name := d.Id()
+
+	node, err := client.Nodes.Get(name)
+	if err != nil {
+		if errRes, ok := err.(*chefc.ErrorResponse); ok {
+			if errRes.Response.StatusCode == 404 {
+				d.SetId("")
+				return nil
+			}
+		} else {
+			return err
+		}
+	}
+
+	d.Set("name", node.Name)
+	d.Set("environment_name", node.Environment)
+
+	automaticAttrJson, err := json.Marshal(node.AutomaticAttributes)
+	if err != nil {
+		return err
+	}
+	d.Set("automatic_attributes_json", automaticAttrJson)
+
+	normalAttrJson, err := json.Marshal(node.NormalAttributes)
+	if err != nil {
+		return err
+	}
+	d.Set("normal_attributes_json", normalAttrJson)
+
+	defaultAttrJson, err := json.Marshal(node.DefaultAttributes)
+	if err != nil {
+		return err
+	}
+	d.Set("default_attributes_json", defaultAttrJson)
+
+	overrideAttrJson, err := json.Marshal(node.OverrideAttributes)
+	if err != nil {
+		return err
+	}
+	d.Set("override_attributes_json", overrideAttrJson)
+
+	runListI := make([]interface{}, len(node.RunList))
+	for i, v := range node.RunList {
+		runListI[i] = v
+	}
+	d.Set("run_list", runListI)
+
+	return nil
+}
+
+func DeleteNode(d *schema.ResourceData, meta interface{}) error {
+	client := meta.(*chefc.Client)
+
+	name := d.Id()
+	err := client.Nodes.Delete(name)
+
+	if err == nil {
+		d.SetId("")
+	}
+
+	return err
+}
+
+func nodeFromResourceData(d *schema.ResourceData) (*chefc.Node, error) {
+
+	node := &chefc.Node{
+		Name:        d.Get("name").(string),
+		Environment: d.Get("environment_name").(string),
+		ChefType:    "node",
+		JsonClass:   "Chef::Node",
+	}
+
+	var err error
+
+	err = json.Unmarshal(
+		[]byte(d.Get("automatic_attributes_json").(string)),
+		&node.AutomaticAttributes,
+	)
+	if err != nil {
+		return nil, fmt.Errorf("automatic_attributes_json: %s", err)
+	}
+
+	err = json.Unmarshal(
+		[]byte(d.Get("normal_attributes_json").(string)),
+		&node.NormalAttributes,
+	)
+	if err != nil {
+		return nil, fmt.Errorf("normal_attributes_json: %s", err)
+	}
+
+	err = json.Unmarshal(
+		[]byte(d.Get("default_attributes_json").(string)),
+		&node.DefaultAttributes,
+	)
+	if err != nil {
+		return nil, fmt.Errorf("default_attributes_json: %s", err)
+	}
+
+	err = json.Unmarshal(
+		[]byte(d.Get("override_attributes_json").(string)),
+		&node.OverrideAttributes,
+	)
+	if err != nil {
+		return nil, fmt.Errorf("override_attributes_json: %s", err)
+	}
+
+	runListI := d.Get("run_list").([]interface{})
+	node.RunList = make([]string, len(runListI))
+	for i, vI := range runListI {
+		node.RunList[i] = vI.(string)
+	}
+
+	return node, nil
+}
diff --git a/builtin/providers/chef/resource_node_test.go b/builtin/providers/chef/resource_node_test.go
new file mode 100644
index 000000000000..ace6c75a3a8d
--- /dev/null
+++ b/builtin/providers/chef/resource_node_test.go
@@ -0,0 +1,139 @@
+package chef
+
+import (
+	"fmt"
+	"reflect"
+	"testing"
+
+	chefc "github.com/go-chef/chef"
+
+	"github.com/hashicorp/terraform/helper/resource"
+	"github.com/hashicorp/terraform/terraform"
+)
+
+func TestAccNode_basic(t *testing.T) {
+	var node chefc.Node
+
+	resource.Test(t, resource.TestCase{
+		PreCheck:     func() { testAccPreCheck(t) },
+		Providers:    testAccProviders,
+		CheckDestroy: testAccNodeCheckDestroy(&node),
+		Steps: []resource.TestStep{
+			resource.TestStep{
+				Config: testAccNodeConfig_basic,
+				Check: resource.ComposeTestCheckFunc(
+					testAccNodeCheckExists("chef_node.test", &node),
+					func(s *terraform.State) error {
+
+						if expected := "terraform-acc-test-basic"; node.Name != expected {
+							return fmt.Errorf("wrong name; expected %v, got %v", expected, node.Name)
+						}
+						if expected := "terraform-acc-test-node-basic"; node.Environment != expected {
+							return fmt.Errorf("wrong environment; expected %v, got %v", expected, node.Environment)
+						}
+
+						expectedRunList := []string{
+							"recipe[terraform@1.0.0]",
+							"recipe[consul]",
+							"role[foo]",
+						}
+						if !reflect.DeepEqual(node.RunList, expectedRunList) {
+							return fmt.Errorf("wrong runlist; expected %#v, got %#v", expectedRunList, node.RunList)
+						}
+
+						var expectedAttributes interface{}
+						expectedAttributes = map[string]interface{}{
+							"terraform_acc_test": true,
+						}
+						if !reflect.DeepEqual(node.AutomaticAttributes, expectedAttributes) {
+							return fmt.Errorf("wrong automatic attributes; expected %#v, got %#v", expectedAttributes, node.AutomaticAttributes)
+						}
+						if !reflect.DeepEqual(node.NormalAttributes, expectedAttributes) {
+							return fmt.Errorf("wrong normal attributes; expected %#v, got %#v", expectedAttributes, node.NormalAttributes)
+						}
+						if !reflect.DeepEqual(node.DefaultAttributes, expectedAttributes) {
+							return fmt.Errorf("wrong default attributes; expected %#v, got %#v", expectedAttributes, node.DefaultAttributes)
+						}
+						if !reflect.DeepEqual(node.OverrideAttributes, expectedAttributes) {
+							return fmt.Errorf("wrong override attributes; expected %#v, got %#v", expectedAttributes, node.OverrideAttributes)
+						}
+
+						return nil
+					},
+				),
+			},
+		},
+	})
+}
+
+func testAccNodeCheckExists(rn string, node *chefc.Node) resource.TestCheckFunc {
+	return func(s *terraform.State) error {
+		rs, ok := s.RootModule().Resources[rn]
+		if !ok {
+			return fmt.Errorf("resource not found: %s", rn)
+		}
+
+		if rs.Primary.ID == "" {
+			return fmt.Errorf("node id not set")
+		}
+
+		client := testAccProvider.Meta().(*chefc.Client)
+		gotNode, err := client.Nodes.Get(rs.Primary.ID)
+		if err != nil {
+			return fmt.Errorf("error getting node: %s", err)
+		}
+
+		*node = gotNode
+
+		return nil
+	}
+}
+
+func testAccNodeCheckDestroy(node *chefc.Node) resource.TestCheckFunc {
+	return func(s *terraform.State) error {
+		client := testAccProvider.Meta().(*chefc.Client)
+		_, err := client.Nodes.Get(node.Name)
+		if err == nil {
+			return fmt.Errorf("node still exists")
+		}
+		if _, ok := err.(*chefc.ErrorResponse); !ok {
+			// A more specific check is tricky because Chef Server can return
+			// a few different error codes in this case depending on which
+			// part of its stack catches the error.
+			return fmt.Errorf("got something other than an HTTP error (%v) when getting node", err)
+		}
+
+		return nil
+	}
+}
+
+const testAccNodeConfig_basic = `
+resource "chef_environment" "test" {
+  name = "terraform-acc-test-node-basic"
+}
+resource "chef_node" "test" {
+  name = "terraform-acc-test-basic"
+  environment_name = "terraform-acc-test-node-basic"
+  automatic_attributes_json = <<EOT
+{
+     "terraform_acc_test": true
+}
+EOT
+  normal_attributes_json = <<EOT
+{
+     "terraform_acc_test": true
+}
+EOT
+  default_attributes_json = <<EOT
+{
+     "terraform_acc_test": true
+}
+EOT
+  override_attributes_json = <<EOT
+{
+     "terraform_acc_test": true
+}
+EOT
+  run_list = ["terraform@1.0.0", "recipe[consul]", "role[foo]"]
+}
+`
diff --git a/builtin/providers/chef/resource_role.go b/builtin/providers/chef/resource_role.go
new file mode 100644
index 000000000000..8e3f7431635d
--- /dev/null
+++ b/builtin/providers/chef/resource_role.go
@@ -0,0 +1,185 @@
+package chef
+
+import (
+	"encoding/json"
+	"fmt"
+
+	"github.com/hashicorp/terraform/helper/schema"
+
+	chefc "github.com/go-chef/chef"
+)
+
+func resourceChefRole() *schema.Resource {
+	return &schema.Resource{
+		Create: CreateRole,
+		Update: UpdateRole,
+		Read:   ReadRole,
+		Delete: DeleteRole,
+
+		Schema: map[string]*schema.Schema{
+			"name": &schema.Schema{
+				Type:     schema.TypeString,
+				Required: true,
+				ForceNew: true,
+			},
+			"description": &schema.Schema{
+				Type:     schema.TypeString,
+				Optional: true,
+				Default:  "Managed by Terraform",
+			},
+			"default_attributes_json": &schema.Schema{
+				Type:      schema.TypeString,
+				Optional:  true,
+				Default:   "{}",
+				StateFunc: jsonStateFunc,
+			},
+			"override_attributes_json": &schema.Schema{
+				Type:      schema.TypeString,
+				Optional:  true,
+				Default:   "{}",
+				StateFunc: jsonStateFunc,
+			},
+			"run_list": &schema.Schema{
+				Type:     schema.TypeList,
+				Optional: true,
+				Elem: &schema.Schema{
+					Type:      schema.TypeString,
+					StateFunc: runListEntryStateFunc,
+				},
+			},
+		},
+	}
+}
+
+func CreateRole(d *schema.ResourceData, meta interface{}) error {
+	client := meta.(*chefc.Client)
+
+	role, err := roleFromResourceData(d)
+	if err != nil {
+		return err
+	}
+
+	_, err = client.Roles.Create(role)
+	if err != nil {
+		return err
+	}
+
+	d.SetId(role.Name)
+	return ReadRole(d, meta)
+}
+
+func UpdateRole(d *schema.ResourceData, meta interface{}) error {
+	client := meta.(*chefc.Client)
+
+	role, err := roleFromResourceData(d)
+	if err != nil {
+		return err
+	}
+
+	_, err = client.Roles.Put(role)
+	if err != nil {
+		return err
+	}
+
+	d.SetId(role.Name)
+	return ReadRole(d, meta)
+}
+
+func ReadRole(d *schema.ResourceData, meta interface{}) error {
+	client := meta.(*chefc.Client)
+
+	name := d.Id()
+
+	role, err := client.Roles.Get(name)
+	if err != nil {
+		if errRes, ok := err.(*chefc.ErrorResponse); ok {
+			if errRes.Response.StatusCode == 404 {
+				d.SetId("")
+				return nil
+			}
+		} else {
+			return err
+		}
+	}
+
+	d.Set("name", role.Name)
+	d.Set("description", role.Description)
+
+	defaultAttrJson, err := json.Marshal(role.DefaultAttributes)
+	if err != nil {
+		return err
+	}
+	d.Set("default_attributes_json", defaultAttrJson)
+
+	overrideAttrJson, err := json.Marshal(role.OverrideAttributes)
+	if err != nil {
+		return err
+	}
+	d.Set("override_attributes_json", overrideAttrJson)
+
+	runListI := make([]interface{}, len(role.RunList))
+	for i, v := range role.RunList {
+		runListI[i] = v
+	}
+	d.Set("run_list", runListI)
+
+	return nil
+}
+
+func DeleteRole(d *schema.ResourceData, meta interface{}) error {
+	client := meta.(*chefc.Client)
+
+	name := d.Id()
+
+	// For some reason Roles.Delete is not exposed by the
+	// underlying client library, so we have to do this manually.
+
+	path := fmt.Sprintf("roles/%s", name)
+
+	httpReq, err := client.NewRequest("DELETE", path, nil)
+	if err != nil {
+		return err
+	}
+
+	_, err = client.Do(httpReq, nil)
+	if err == nil {
+		d.SetId("")
+	}
+
+	return err
+}
+
+func roleFromResourceData(d *schema.ResourceData) (*chefc.Role, error) {
+
+	role := &chefc.Role{
+		Name:        d.Get("name").(string),
+		Description: d.Get("description").(string),
+		ChefType:    "role",
+	}
+
+	var err error
+
+	err = json.Unmarshal(
+		[]byte(d.Get("default_attributes_json").(string)),
+		&role.DefaultAttributes,
+	)
+	if err != nil {
+		return nil, fmt.Errorf("default_attributes_json: %s", err)
+	}
+
+	err = json.Unmarshal(
+		[]byte(d.Get("override_attributes_json").(string)),
+		&role.OverrideAttributes,
+	)
+	if err != nil {
+		return nil, fmt.Errorf("override_attributes_json: %s", err)
+	}
+
+	runListI := d.Get("run_list").([]interface{})
+	role.RunList = make([]string, len(runListI))
+	for i, vI := range runListI {
+		role.RunList[i] = vI.(string)
+	}
+
+	return role, nil
+}
diff --git a/builtin/providers/chef/resource_role_test.go b/builtin/providers/chef/resource_role_test.go
new file mode 100644
index 000000000000..3859e4e858df
--- /dev/null
+++ b/builtin/providers/chef/resource_role_test.go
@@ -0,0 +1,120 @@
+package chef
+
+import (
+	"fmt"
+	"reflect"
+	"testing"
+
+	chefc "github.com/go-chef/chef"
+
+	"github.com/hashicorp/terraform/helper/resource"
+	"github.com/hashicorp/terraform/terraform"
+)
+
+func TestAccRole_basic(t *testing.T) {
+	var role chefc.Role
+
+	resource.Test(t, resource.TestCase{
+		PreCheck:     func() { testAccPreCheck(t) },
+		Providers:    testAccProviders,
+		CheckDestroy: testAccRoleCheckDestroy(&role),
+		Steps: []resource.TestStep{
+			resource.TestStep{
+				Config: testAccRoleConfig_basic,
+				Check: resource.ComposeTestCheckFunc(
+					testAccRoleCheckExists("chef_role.test", &role),
+					func(s *terraform.State) error {
+
+						if expected := "terraform-acc-test-basic"; role.Name != expected {
+							return fmt.Errorf("wrong name; expected %v, got %v", expected, role.Name)
+						}
+						if expected := "Terraform Acceptance Tests"; role.Description != expected {
+							return fmt.Errorf("wrong description; expected %v, got %v", expected, role.Description)
+						}
+
+						expectedRunList := chefc.RunList{
+							"recipe[terraform@1.0.0]",
+							"recipe[consul]",
+							"role[foo]",
+						}
+						if !reflect.DeepEqual(role.RunList, expectedRunList) {
+							return fmt.Errorf("wrong runlist; expected %#v, got %#v", expectedRunList, role.RunList)
+						}
+
+						var expectedAttributes interface{}
+						expectedAttributes = map[string]interface{}{
+							"terraform_acc_test": true,
+						}
+						if !reflect.DeepEqual(role.DefaultAttributes, expectedAttributes) {
+							return fmt.Errorf("wrong default attributes; expected %#v, got %#v", expectedAttributes, role.DefaultAttributes)
+						}
+						if !reflect.DeepEqual(role.OverrideAttributes, expectedAttributes) {
+							return fmt.Errorf("wrong override attributes; expected %#v, got %#v", expectedAttributes, role.OverrideAttributes)
+						}
+
+						return nil
+					},
+				),
+			},
+		},
+	})
+}
+
+func testAccRoleCheckExists(rn string, role *chefc.Role) resource.TestCheckFunc {
+	return func(s *terraform.State) error {
+		rs, ok := s.RootModule().Resources[rn]
+		if !ok {
+			return fmt.Errorf("resource not found: %s", rn)
+		}
+
+		if rs.Primary.ID == "" {
+			return fmt.Errorf("role id not set")
+		}
+
+		client := testAccProvider.Meta().(*chefc.Client)
+		gotRole, err := client.Roles.Get(rs.Primary.ID)
+		if err != nil {
+			return fmt.Errorf("error getting role: %s", err)
+		}
+
+		*role = *gotRole
+
+		return nil
+	}
+}
+
+func testAccRoleCheckDestroy(role *chefc.Role) resource.TestCheckFunc {
+	return func(s *terraform.State) error {
+		client := testAccProvider.Meta().(*chefc.Client)
+		_, err := client.Roles.Get(role.Name)
+		if err == nil {
+			return fmt.Errorf("role still exists")
+		}
+		if _, ok := err.(*chefc.ErrorResponse); !ok {
+			// A more specific check is tricky because Chef Server can return
+			// a few different error codes in this case depending on which
+			// part of its stack catches the error.
+			return fmt.Errorf("got something other than an HTTP error (%v) when getting role", err)
+		}
+
+		return nil
+	}
+}
+
+const testAccRoleConfig_basic = `
+resource "chef_role" "test" {
+  name = "terraform-acc-test-basic"
+  description = "Terraform Acceptance Tests"
+  default_attributes_json = <<EOT
+{
+     "terraform_acc_test": true
+}
+EOT
+  override_attributes_json = <<EOT
+{
+     "terraform_acc_test": true
+}
+EOT
+  run_list = ["terraform@1.0.0", "recipe[consul]", "role[foo]"]
+}
+`
diff --git a/builtin/providers/google/compute_operation.go b/builtin/providers/google/compute_operation.go
index 987e983b474d..66398f9f8632 100644
--- a/builtin/providers/google/compute_operation.go
+++ b/builtin/providers/google/compute_operation.go
@@ -134,6 +134,10 @@ func computeOperationWaitRegion(config *Config, op *compute.Operation, region, a
 }
 
 func computeOperationWaitZone(config *Config, op *compute.Operation, zone, activity string) error {
+	return computeOperationWaitZoneTime(config, op, zone, 4, activity)
+}
+
+func computeOperationWaitZoneTime(config *Config, op *compute.Operation, zone string, minutes int, activity string) error {
 	w := &ComputeOperationWaiter{
 		Service: config.clientCompute,
 		Op:      op,
@@ -143,7 +147,7 @@ func computeOperationWaitZone(config *Config, op *compute.Operation, zone, activ
 	}
 	state := w.Conf()
 	state.Delay = 10 * time.Second
-	state.Timeout = 4 * time.Minute
+	state.Timeout = time.Duration(minutes) * time.Minute
 	state.MinTimeout = 2 * time.Second
 	opRaw, err := state.WaitForState()
 	if err != nil {
diff --git a/builtin/providers/google/config.go b/builtin/providers/google/config.go
index 5467c6483b95..159a57e09326 100644
--- a/builtin/providers/google/config.go
+++ b/builtin/providers/google/config.go
@@ -16,9 +16,9 @@ import (
 	"google.golang.org/api/compute/v1"
 	"google.golang.org/api/container/v1"
 	"google.golang.org/api/dns/v1"
+	"google.golang.org/api/pubsub/v1"
 	"google.golang.org/api/sqladmin/v1beta4"
 	"google.golang.org/api/storage/v1"
-	"google.golang.org/api/pubsub/v1"
 )
 
 // Config is the configuration structure used to instantiate the Google
@@ -33,7 +33,7 @@ type Config struct {
 	clientDns       *dns.Service
 	clientStorage   *storage.Service
 	clientSqlAdmin  *sqladmin.Service
-	clientPubsub	*pubsub.Service
+	clientPubsub    *pubsub.Service
 }
 
 func (c *Config) loadAndValidate() error {
diff --git a/builtin/providers/google/provider.go b/builtin/providers/google/provider.go
index 3fa46c7d5646..adec631d7ed4 100644
--- a/builtin/providers/google/provider.go
+++ b/builtin/providers/google/provider.go
@@ -70,8 +70,8 @@ func Provider() terraform.ResourceProvider {
 			"google_dns_record_set":                 resourceDnsRecordSet(),
 			"google_sql_database":                   resourceSqlDatabase(),
 			"google_sql_database_instance":          resourceSqlDatabaseInstance(),
-			"google_pubsub_topic":			 resourcePubsubTopic(),
-			"google_pubsub_subscription":		 resourcePubsubSubscription(),
+			"google_pubsub_topic":                   resourcePubsubTopic(),
+			"google_pubsub_subscription":            resourcePubsubSubscription(),
 			"google_storage_bucket":                 resourceStorageBucket(),
 			"google_storage_bucket_acl":             resourceStorageBucketAcl(),
 			"google_storage_bucket_object":          resourceStorageBucketObject(),
diff --git a/builtin/providers/google/resource_compute_instance.go b/builtin/providers/google/resource_compute_instance.go
index 808c5de789ec..3359c4d64992 100644
--- a/builtin/providers/google/resource_compute_instance.go
+++ b/builtin/providers/google/resource_compute_instance.go
@@ -8,6 +8,7 @@ import (
 	"github.com/hashicorp/terraform/helper/schema"
 	"google.golang.org/api/compute/v1"
 	"google.golang.org/api/googleapi"
+	"strings"
 )
 
 func stringHashcode(v interface{}) int {
@@ -285,9 +286,10 @@ func getInstance(config *Config, d *schema.ResourceData) (*compute.Instance, err
 	if err != nil {
 		if gerr, ok := err.(*googleapi.Error); ok && gerr.Code == 404 {
 			// The resource doesn't exist anymore
+			id := d.Id()
 			d.SetId("")
 
-			return nil, fmt.Errorf("Resource %s no longer exists", config.Project)
+			return nil, fmt.Errorf("Resource %s no longer exists", id)
 		}
 
 		return nil, fmt.Errorf("Error reading instance: %s", err)
@@ -547,8 +549,13 @@ func resourceComputeInstanceCreate(d *schema.ResourceData, meta interface{}) err
 func resourceComputeInstanceRead(d *schema.ResourceData, meta interface{}) error {
 	config := meta.(*Config)
 
+	id := d.Id()
 	instance, err := getInstance(config, d)
 	if err != nil {
+		if strings.Contains(err.Error(), "no longer exists") {
+			log.Printf("[WARN] Google Compute Instance (%s) not found", id)
+			return nil
+		}
 		return err
 	}
 
diff --git a/builtin/providers/google/resource_compute_instance_group_manager.go b/builtin/providers/google/resource_compute_instance_group_manager.go
index b0186b7070ec..77b714312688 100644
--- a/builtin/providers/google/resource_compute_instance_group_manager.go
+++ b/builtin/providers/google/resource_compute_instance_group_manager.go
@@ -53,6 +53,12 @@ func resourceComputeInstanceGroupManager() *schema.Resource {
 				Required: true,
 			},
 
+			"update_strategy": &schema.Schema{
+				Type:     schema.TypeString,
+				Optional: true,
+				Default:  "RESTART",
+			},
+
 			"target_pools": &schema.Schema{
 				Type:     schema.TypeSet,
 				Optional: true,
@@ -112,6 +118,11 @@ func resourceComputeInstanceGroupManagerCreate(d *schema.ResourceData, meta inte
 		manager.TargetPools = s
 	}
 
+	updateStrategy := d.Get("update_strategy").(string)
+	if !(updateStrategy == "NONE" || updateStrategy == "RESTART") {
+		return fmt.Errorf("Update strategy must be \"NONE\" or \"RESTART\"")
+	}
+
 	log.Printf("[DEBUG] InstanceGroupManager insert request: %#v", manager)
 	op, err := config.clientCompute.InstanceGroupManagers.Insert(
 		config.Project, d.Get("zone").(string), manager).Do()
@@ -209,6 +220,35 @@ func resourceComputeInstanceGroupManagerUpdate(d *schema.ResourceData, meta inte
 			return err
 		}
 
+		if d.Get("update_strategy").(string) == "RESTART" {
+			managedInstances, err := config.clientCompute.InstanceGroupManagers.ListManagedInstances(
+				config.Project, d.Get("zone").(string), d.Id()).Do()
+
+			managedInstanceCount := len(managedInstances.ManagedInstances)
+			instances := make([]string, managedInstanceCount)
+			for i, v := range managedInstances.ManagedInstances {
+				instances[i] = v.Instance
+			}
+
+			recreateInstances := &compute.InstanceGroupManagersRecreateInstancesRequest{
+				Instances: instances,
+			}
+
+			op, err = config.clientCompute.InstanceGroupManagers.RecreateInstances(
+				config.Project, d.Get("zone").(string), d.Id(), recreateInstances).Do()
+
+			if err != nil {
+				return fmt.Errorf("Error restarting instance group managers instances: %s", err)
+			}
+
+			// Wait for the operation to complete
+			err = computeOperationWaitZoneTime(config, op, d.Get("zone").(string),
+				managedInstanceCount * 4, "Restarting InstanceGroupManagers instances")
+			if err != nil {
+				return err
+			}
+		}
+
 		d.SetPartial("instance_template")
 	}
 
diff --git a/builtin/providers/google/resource_pubsub_subscription.go b/builtin/providers/google/resource_pubsub_subscription.go
index 6a1f19da731a..03e6f3123846 100644
--- a/builtin/providers/google/resource_pubsub_subscription.go
+++ b/builtin/providers/google/resource_pubsub_subscription.go
@@ -2,8 +2,9 @@ package google
 
 import (
 	"fmt"
-	"google.golang.org/api/pubsub/v1"
+
 	"github.com/hashicorp/terraform/helper/schema"
+	"google.golang.org/api/pubsub/v1"
 )
 
 func resourcePubsubSubscription() *schema.Resource {
@@ -29,7 +30,7 @@ func resourcePubsubSubscription() *schema.Resource {
 				Type:     schema.TypeList,
 				Optional: true,
 				ForceNew: true,
-				Elem:     &schema.Resource{
+				Elem: &schema.Resource{
 					Schema: map[string]*schema.Schema{
 						"attributes": &schema.Schema{
 							Type:     schema.TypeMap,
@@ -52,14 +53,13 @@ func resourcePubsubSubscription() *schema.Resource {
 				Required: true,
 				ForceNew: true,
 			},
-
 		},
 	}
 }
 
 func cleanAdditionalArgs(args map[string]interface{}) map[string]string {
 	cleaned_args := make(map[string]string)
-	for k,v := range  args {
+	for k, v := range args {
 		cleaned_args[k] = v.(string)
 	}
 	return cleaned_args
@@ -91,7 +91,7 @@ func resourcePubsubSubscriptionCreate(d *schema.ResourceData, meta interface{})
 		attributesClean := cleanAdditionalArgs(attributes)
 		pushConfig := &pubsub.PushConfig{Attributes: attributesClean, PushEndpoint: push_config["push_endpoint"].(string)}
 		subscription = &pubsub.Subscription{AckDeadlineSeconds: ackDeadlineSeconds, Topic: computed_topic_name, PushConfig: pushConfig}
-	}  else {
+	} else {
 		subscription = &pubsub.Subscription{AckDeadlineSeconds: ackDeadlineSeconds, Topic: computed_topic_name}
 	}
 
@@ -100,7 +100,7 @@ func resourcePubsubSubscriptionCreate(d *schema.ResourceData, meta interface{})
 	if err != nil {
 		return err
 	}
-	
+
 	d.SetId(res.Name)
 
 	return nil
@@ -108,7 +108,7 @@ func resourcePubsubSubscriptionCreate(d *schema.ResourceData, meta interface{})
 
 func resourcePubsubSubscriptionRead(d *schema.ResourceData, meta interface{}) error {
 	config := meta.(*Config)
-	
+
 	name := d.Id()
 	call := config.clientPubsub.Projects.Subscriptions.Get(name)
 	_, err := call.Do()
@@ -119,7 +119,6 @@ func resourcePubsubSubscriptionRead(d *schema.ResourceData, meta interface{}) er
 	return nil
 }
 
-
 func resourcePubsubSubscriptionDelete(d *schema.ResourceData, meta interface{}) error {
 	config := meta.(*Config)
 
@@ -127,8 +126,8 @@ func resourcePubsubSubscriptionDelete(d *schema.ResourceData, meta interface{})
 	call := config.clientPubsub.Projects.Subscriptions.Delete(name)
 	_, err := call.Do()
 	if err != nil {
-		return err 
+		return err
 	}
-	
+
 	return nil
 }
diff --git a/builtin/providers/google/resource_pubsub_subscription_test.go b/builtin/providers/google/resource_pubsub_subscription_test.go
index b0eb2a25ba91..0bbed3aed7d1 100644
--- a/builtin/providers/google/resource_pubsub_subscription_test.go
+++ b/builtin/providers/google/resource_pubsub_subscription_test.go
@@ -71,4 +71,3 @@ resource "google_pubsub_subscription" "foobar_sub" {
 	name = "foobar_sub"
 	topic = "${google_pubsub_topic.foobar_sub.name}"
 }`
-
diff --git a/builtin/providers/google/resource_pubsub_topic.go b/builtin/providers/google/resource_pubsub_topic.go
index c6ec7cf0fe78..9d6a6a87976e 100644
--- a/builtin/providers/google/resource_pubsub_topic.go
+++ b/builtin/providers/google/resource_pubsub_topic.go
@@ -2,8 +2,9 @@ package google
 
 import (
 	"fmt"
-	"google.golang.org/api/pubsub/v1"
+
 	"github.com/hashicorp/terraform/helper/schema"
+	"google.golang.org/api/pubsub/v1"
 )
 
 func resourcePubsubTopic() *schema.Resource {
@@ -18,7 +19,6 @@ func resourcePubsubTopic() *schema.Resource {
 				Required: true,
 				ForceNew: true,
 			},
-
 		},
 	}
 }
@@ -34,7 +34,7 @@ func resourcePubsubTopicCreate(d *schema.ResourceData, meta interface{}) error {
 	if err != nil {
 		return err
 	}
-	
+
 	d.SetId(res.Name)
 
 	return nil
@@ -42,7 +42,7 @@ func resourcePubsubTopicCreate(d *schema.ResourceData, meta interface{}) error {
 
 func resourcePubsubTopicRead(d *schema.ResourceData, meta interface{}) error {
 	config := meta.(*Config)
-	
+
 	name := d.Id()
 	call := config.clientPubsub.Projects.Topics.Get(name)
 	_, err := call.Do()
@@ -53,7 +53,6 @@ func resourcePubsubTopicRead(d *schema.ResourceData, meta interface{}) error {
 	return nil
 }
 
-
 func resourcePubsubTopicDelete(d *schema.ResourceData, meta interface{}) error {
 	config := meta.(*Config)
 
@@ -61,8 +60,8 @@ func resourcePubsubTopicDelete(d *schema.ResourceData, meta interface{}) error {
 	call := config.clientPubsub.Projects.Topics.Delete(name)
 	_, err := call.Do()
 	if err != nil {
-		return err 
+		return err
 	}
-	
+
 	return nil
 }
diff --git a/builtin/providers/openstack/resource_openstack_compute_secgroup_v2_test.go b/builtin/providers/openstack/resource_openstack_compute_secgroup_v2_test.go
index 4cb99fa7416a..28223fa1bbc3 100644
--- a/builtin/providers/openstack/resource_openstack_compute_secgroup_v2_test.go
+++ b/builtin/providers/openstack/resource_openstack_compute_secgroup_v2_test.go
@@ -97,9 +97,9 @@ func TestAccComputeV2SecGroup_self(t *testing.T) {
 					testAccCheckComputeV2SecGroupExists(t, "openstack_compute_secgroup_v2.test_group_1", &secgroup),
 					testAccCheckComputeV2SecGroupGroupIDMatch(t, &secgroup, &secgroup),
 					resource.TestCheckResourceAttr(
-						"openstack_compute_secgroup_v2.test_group_1", "rule.1118853483.self", "true"),
+						"openstack_compute_secgroup_v2.test_group_1", "rule.3170486100.self", "true"),
 					resource.TestCheckResourceAttr(
-						"openstack_compute_secgroup_v2.test_group_1", "rule.1118853483.from_group_id", ""),
+						"openstack_compute_secgroup_v2.test_group_1", "rule.3170486100.from_group_id", ""),
 				),
 			},
 		},
diff --git a/website/source/assets/stylesheets/_docs.scss b/website/source/assets/stylesheets/_docs.scss
index ed1a598d31be..5f2b07021215 100755
--- a/website/source/assets/stylesheets/_docs.scss
+++ b/website/source/assets/stylesheets/_docs.scss
@@ -9,6 +9,7 @@ body.page-sub{
 body.layout-atlas,
 body.layout-aws,
 body.layout-azure,
+body.layout-chef,
 body.layout-cloudflare,
 body.layout-cloudstack,
 body.layout-consul,
@@ -201,7 +202,9 @@ body.layout-intro{
 
 	h1{
 		color: $purple;
+    font-size: 36px;
 		text-transform: uppercase;
+    word-wrap: break-word;
 		padding-bottom: 24px;
     margin-top: 40px;
 		margin-bottom: 24px;
@@ -218,7 +221,6 @@ body.layout-intro{
     }
 }
 
-
 @media (max-width: 992px) {
 	body.layout-docs,
 	body.layout-inner,
@@ -279,6 +281,7 @@ body.layout-intro{
 
   .bs-docs-section{
     h1{
+      font-size: 32px;
       padding-top: 24px;
       border-top: 1px solid #eeeeee;
     }
@@ -292,7 +295,7 @@ body.layout-intro{
         }
 
 		h1{
-			font-size: 32px;
+			font-size: 28px;
 		}
 	}
 }
diff --git a/website/source/docs/configuration/override.html.md b/website/source/docs/configuration/override.html.md
index a667adcd5884..1f841af08a02 100644
--- a/website/source/docs/configuration/override.html.md
+++ b/website/source/docs/configuration/override.html.md
@@ -37,7 +37,7 @@ If you have a Terraform configuration `example.tf` with the contents:
 
 ```
 resource "aws_instance" "web" {
-    ami = "ami-1234567"
+    ami = "ami-d05e75b8"
 }
 ```
 
diff --git a/website/source/docs/configuration/resources.html.md b/website/source/docs/configuration/resources.html.md
index d5e087fec413..3bf2031ac222 100644
--- a/website/source/docs/configuration/resources.html.md
+++ b/website/source/docs/configuration/resources.html.md
@@ -25,8 +25,8 @@ A resource configuration looks like the following:
 
 ```
 resource "aws_instance" "web" {
-    ami = "ami-123456"
-    instance_type = "m1.small"
+    ami = "ami-d05e75b8"
+    instance_type = "t2.micro"
 }
 ```
 
diff --git a/website/source/docs/modules/usage.html.markdown b/website/source/docs/modules/usage.html.markdown
index 8f98a9d6b390..65ce75cf334b 100644
--- a/website/source/docs/modules/usage.html.markdown
+++ b/website/source/docs/modules/usage.html.markdown
@@ -87,9 +87,9 @@ For example:
 
 ```
 resource "aws_instance" "client" {
-	ami = "ami-123456"
-	instance_type = "m1.small"
-	availability_zone = "${module.consul.server_availability_zone}"
+  ami = "ami-d05e75b8"
+  instance_type = "t2.micro"  
+  availability_zone = "${module.consul.server_availability_zone}"
 }
 ```
 
diff --git a/website/source/docs/providers/aws/r/autoscaling_schedule.html.markdown b/website/source/docs/providers/aws/r/autoscaling_schedule.html.markdown
new file mode 100644
index 000000000000..4ad947293259
--- /dev/null
+++ b/website/source/docs/providers/aws/r/autoscaling_schedule.html.markdown
@@ -0,0 +1,55 @@
+---
+layout: "aws"
+page_title: "AWS: aws_autoscaling_schedule"
+sidebar_current: "docs-aws-resource-autoscaling-schedule"
+description: |-
+  Provides an AutoScaling Schedule resource.
+---
+
+# aws\_autoscaling\_schedule
+
+Provides an AutoScaling Schedule resource.
+
+## Example Usage
+```
+resource "aws_autoscaling_group" "foobar" {
+    availability_zones = ["us-west-2a"]
+    name = "terraform-test-foobar5"
+    max_size = 1
+    min_size = 1
+    health_check_grace_period = 300
+    health_check_type = "ELB"
+    force_delete = true
+    termination_policies = ["OldestInstance"]
+}
+
+resource "aws_autoscaling_schedule" "foobar" {
+    scheduled_action_name = "foobar"
+    min_size = 0
+    max_size = 1
+    desired_capacity = 0
+    start_time = "2016-12-11T18:00:00Z"
+    end_time = "2016-12-12T06:00:00Z"
+    autoscaling_group_name = "${aws_autoscaling_group.foobar.name}"
+}
+```
+
+## Argument Reference
+
+The following arguments are supported:
+
+* `autoscaling_group_name` - (Required) The name or Amazon Resource Name (ARN) of the Auto Scaling group.
+* `scheduled_action_name` - (Required) The name of this scaling action.
+* `start_time` - (Optional) The time for this action to start, in "YYYY-MM-DDThh:mm:ssZ" format in UTC/GMT only (for example, 2014-06-01T00:00:00Z ).
+                            If you try to schedule your action in the past, Auto Scaling returns an error message.
+* `end_time` - (Optional) The time for this action to end, in "YYYY-MM-DDThh:mm:ssZ" format in UTC/GMT only (for example, 2014-06-01T00:00:00Z ).
+                          If you try to schedule your action in the past, Auto Scaling returns an error messag
+* `recurrence` - (Optional) The time when recurring future actions will start. Start time is specified by the user following the Unix cron syntax format. 
+* `min_size` - (Optional) The minimum size for the Auto Scaling group.
+* `max_size` - (Optional) The maximum size for the Auto Scaling group.
+* `desired_capacity` - (Optional) The number of EC2 instances that should be running in the group.
+
+~> **NOTE:** When `start_time` and `end_time` are specified with `recurrence` , they form the boundaries of when the recurring action will start and stop.
+
+## Attribute Reference
+* `arn` - The ARN assigned by AWS to the autoscaling schedule.
\ No newline at end of file
diff --git a/website/source/docs/providers/aws/r/ebs_volume.html.md b/website/source/docs/providers/aws/r/ebs_volume.html.md
index 00bb639a6a77..8a41ea26b5ac 100644
--- a/website/source/docs/providers/aws/r/ebs_volume.html.md
+++ b/website/source/docs/providers/aws/r/ebs_volume.html.md
@@ -14,7 +14,7 @@ Manages a single EBS volume.
 
 ```
 resource "aws_ebs_volume" "example" {
-    availability_zone = "us-west-1a"
+    availability_zone = "us-west-2a"
     size = 40
     tags {
         Name = "HelloWorld"
diff --git a/website/source/docs/providers/aws/r/elasticache_cluster.html.markdown b/website/source/docs/providers/aws/r/elasticache_cluster.html.markdown
index 9d547b5dc118..3f511f84d6fa 100644
--- a/website/source/docs/providers/aws/r/elasticache_cluster.html.markdown
+++ b/website/source/docs/providers/aws/r/elasticache_cluster.html.markdown
@@ -77,7 +77,7 @@ Example: `arn:aws:s3:::my_bucket/snapshot1.rdb`
 * `snapshot_window` - (Optional) The daily time range (in UTC) during which ElastiCache will 
 begin taking a daily snapshot of your cache cluster. Can only be used for the Redis engine. Example: 05:00-09:00
 
-* `snapshow_retention_limit` - (Optional) The number of days for which ElastiCache will 
+* `snapshot_retention_limit` - (Optional) The number of days for which ElastiCache will 
 retain automatic cache cluster snapshots before deleting them. For example, if you set 
 SnapshotRetentionLimit to 5, then a snapshot that was taken today will be retained for 5 days 
 before being deleted. If the value of SnapshotRetentionLimit is set to zero (0), backups are turned off. 
diff --git a/website/source/docs/providers/aws/r/instance.html.markdown b/website/source/docs/providers/aws/r/instance.html.markdown
index e9e8356454b0..79e4d220703d 100644
--- a/website/source/docs/providers/aws/r/instance.html.markdown
+++ b/website/source/docs/providers/aws/r/instance.html.markdown
@@ -14,11 +14,11 @@ and deleted. Instances also support [provisioning](/docs/provisioners/index.html
 ## Example Usage
 
 ```
-# Create a new instance of the ami-1234 on an m1.small node
-# with an AWS Tag naming it "HelloWorld"
+# Create a new instance of the `ami-d05e75b8` (Ubuntu 14.04) on an 
+# t2.micro node with an AWS Tag naming it "HelloWorld"
 resource "aws_instance" "web" {
-    ami = "ami-1234"
-    instance_type = "m1.small"
+    ami = "ami-d05e75b8"
+    instance_type = "t2.micro"
     tags {
         Name = "HelloWorld"
     }
diff --git a/website/source/docs/providers/aws/r/launch_configuration.html.markdown b/website/source/docs/providers/aws/r/launch_configuration.html.markdown
index 413f1b4a1e86..4f820b7f6798 100644
--- a/website/source/docs/providers/aws/r/launch_configuration.html.markdown
+++ b/website/source/docs/providers/aws/r/launch_configuration.html.markdown
@@ -15,8 +15,8 @@ Provides a resource to create a new launch configuration, used for autoscaling g
 ```
 resource "aws_launch_configuration" "as_conf" {
     name = "web_config"
-    image_id = "ami-1234"
-    instance_type = "m1.small"
+    ami = "ami-d05e75b8"
+    instance_type = "t2.micro"
 }
 ```
 
@@ -33,8 +33,8 @@ with `name_prefix`.  Example:
 ```
 resource "aws_launch_configuration" "as_conf" {
     name_prefix = "terraform-lc-example-"
-    image_id = "ami-1234"
-    instance_type = "m1.small"
+    ami = "ami-d05e75b8"
+    instance_type = "t2.micro"
 
     lifecycle {
       create_before_destroy = true
@@ -66,8 +66,8 @@ for more information or how to launch [Spot Instances][3] with Terraform.
 
 ```
 resource "aws_launch_configuration" "as_conf" {
-    image_id = "ami-1234"
-    instance_type = "m1.small"
+    ami = "ami-d05e75b8"
+    instance_type = "t2.micro"
     spot_price = "0.001"
     lifecycle {
       create_before_destroy = true
diff --git a/website/source/docs/providers/aws/r/route53_health_check.html.markdown b/website/source/docs/providers/aws/r/route53_health_check.html.markdown
index 07f8dc751a03..3456bcb1127f 100644
--- a/website/source/docs/providers/aws/r/route53_health_check.html.markdown
+++ b/website/source/docs/providers/aws/r/route53_health_check.html.markdown
@@ -38,5 +38,5 @@ The following arguments are supported:
 * `search_string` - (Optional) String searched in respoonse body for check to considered healthy.
 * `tags` - (Optional) A mapping of tags to assign to the health check.
 
-Exactly one of `fqdn` or `ip_address` must be specified.
+At least one of either `fqdn` or `ip_address` must be specified.
 
diff --git a/website/source/docs/providers/chef/index.html.markdown b/website/source/docs/providers/chef/index.html.markdown
new file mode 100644
index 000000000000..91bcf99826b0
--- /dev/null
+++ b/website/source/docs/providers/chef/index.html.markdown
@@ -0,0 +1,60 @@
+---
+layout: "chef"
+page_title: "Provider: Chef"
+sidebar_current: "docs-chef-index"
+description: |-
+  Chef is a systems and cloud infrastructure automation framework.
+---
+
+# Chef Provider
+
+[Chef](https://www.chef.io/) is a systems and cloud infrastructure automation
+framework. The Chef provider allows Terraform to manage various resources
+that exist within [Chef Server](http://docs.chef.io/chef_server.html).
+
+Use the navigation to the left to read about the available resources.
+
+## Example Usage
+
+```
+# Configure the Chef provider
+provider "chef" {
+     "server_url" = "https://api.opscode.com/organizations/example/"
+
+     // You can set up a "Client" within the Chef Server management console.
+     "client_name" = "terraform"
+     "private_key_pem" = "${file(\"chef-terraform.pem\")}"
+}
+
+# Create a Chef Environment
+resource "chef_environment" "production" {
+    name = "production"
+}
+
+# Create a Chef Role
+resource "chef_role" "app_server" {
+    name = "app_server"
+    run_list = [
+        "recipe[terraform]"
+    ]
+}
+```
+
+## Argument Reference
+
+The following arguments are supported:
+
+* `server_url` - (Required) The HTTP(S) API URL of the Chef server to use. If
+  the target Chef server supports organizations, use the full URL of the
+  organization you wish to configure. May be provided instead via the
+  ``CHEF_SERVER_URL`` environment variable.
+* `client_name` - (Required) The name of the client account to use when making
+  requests. This must have been already configured on the Chef server.
+  May be provided instead via the ``CHEF_CLIENT_NAME`` environment variable.
+* `private_key_pem` - (Required) The PEM-formatted private key belonging to
+  the configured client. This is issued by the server when a new client object
+  is created. May be provided instead in a file whose path is in the
+  ``CHEF_PRIVATE_KEY_FILE`` environment variable.
+* `allow_unverified_ssl` - (Optional) Boolean indicating whether to make
+  requests to a Chef server whose SSL certicate cannot be verified. Defaults
+  to ``false``.
diff --git a/website/source/docs/providers/chef/r/data_bag.html.markdown b/website/source/docs/providers/chef/r/data_bag.html.markdown
new file mode 100644
index 000000000000..6df60d84f579
--- /dev/null
+++ b/website/source/docs/providers/chef/r/data_bag.html.markdown
@@ -0,0 +1,38 @@
+---
+layout: "chef"
+page_title: "Chef: chef_data_bag"
+sidebar_current: "docs-chef-resource-data-bag"
+description: |-
+  Creates and manages a data bag in Chef Server.
+---
+
+# chef\_data\_bag
+
+A [data bag](http://docs.chef.io/data_bags.html) is a collection of
+configuration objects that are stored as JSON in Chef Server and can be
+retrieved and used in Chef recipes.
+
+This resource creates the data bag itself. Inside each data bag is a collection
+of items which can be created using the ``chef_data_bag_item`` resource.
+
+## Example Usage
+
+```
+resource "chef_data_bag" "example" {
+    name = "example-data-bag"
+}
+```
+
+## Argument Reference
+
+The following arguments are supported:
+
+* `name` - (Required) The unique name to assign to the data bag. This is the
+  name that other server clients will use to find and retrieve data from the
+  data bag.
+
+## Attributes Reference
+
+The following attributes are exported:
+
+* `api_url` - The URL representing this data bag in the Chef server API.
diff --git a/website/source/docs/providers/chef/r/data_bag_item.html.markdown b/website/source/docs/providers/chef/r/data_bag_item.html.markdown
new file mode 100644
index 000000000000..2265c16e4f67
--- /dev/null
+++ b/website/source/docs/providers/chef/r/data_bag_item.html.markdown
@@ -0,0 +1,48 @@
+---
+layout: "chef"
+page_title: "Chef: chef_data_bag_item"
+sidebar_current: "docs-chef-resource-data-bag-item"
+description: |-
+  Creates and manages an object within a data bag in Chef Server.
+---
+
+# chef\_data\_bag\_item
+
+A [data bag](http://docs.chef.io/data_bags.html) is a collection of
+configuration objects that are stored as JSON in Chef Server and can be
+retrieved and used in Chef recipes.
+
+This resource creates objects within an existing data bag. To create the
+data bag itself, use the ``chef_data_bag`` resource.
+
+## Example Usage
+
+```
+resource "chef_data_bag_item" "example" {
+    data_bag_name = "example-data-bag"
+    content_json = <<EOT
+{
+    "id": "example-item",
+    "any_arbitrary_data": true
+}
+EOT
+}
+```
+
+## Argument Reference
+
+The following arguments are supported:
+
+* `data_bag_name` - (Required) The name of the data bag into which this item
+  will be placed.
+* `content_json` - (Required) A string containing a JSON object that will be
+  the content of the item. Must at minimum contain a property called "id"
+  that is unique within the data bag, which will become the identifier of
+  the created item.
+
+## Attributes Reference
+
+The following attributes are exported:
+
+* `id` - The value of the "id" property in the ``content_json`` JSON object,
+  which can be used by clients to retrieve this item's content.
diff --git a/website/source/docs/providers/chef/r/environment.html.markdown b/website/source/docs/providers/chef/r/environment.html.markdown
new file mode 100644
index 000000000000..ddad4ee56ad3
--- /dev/null
+++ b/website/source/docs/providers/chef/r/environment.html.markdown
@@ -0,0 +1,40 @@
+---
+layout: "chef"
+page_title: "Chef: chef_environment"
+sidebar_current: "docs-chef-resource-environment"
+description: |-
+  Creates and manages an environment in Chef Server.
+---
+
+# chef\_environment
+
+An [environment](http://docs.chef.io/environments.html) is a container for
+Chef nodes that share a set of attribute values and may have a set of version
+constraints for which cookbook versions may be used on its nodes.
+
+## Example Usage
+
+```
+resource "chef_environment" "example" {
+    name = "example-environment"
+}
+```
+
+## Argument Reference
+
+The following arguments are supported:
+
+* `name` - (Required) The unique name to assign to the environment. This name
+  will be used when nodes are created within the environment.
+* `description` - (Optional) A human-friendly description of the environment.
+  If not set, a placeholder of "Managed by Terraform" will be set.
+* `default_attributes_json` - (Optional) String containing a JSON-serialized
+  object containing the default attributes for the environment.
+* `override_attributes_json` - (Optional) String containing a JSON-serialized
+  object containing the override attributes for the environment.
+* `cookbook_constraints` - (Optional) Mapping of cookbook names to cookbook
+  version constraints that should apply for this environment.
+
+## Attributes Reference
+
+This resource exports no further attributes.
diff --git a/website/source/docs/providers/chef/r/node.html.markdown b/website/source/docs/providers/chef/r/node.html.markdown
new file mode 100644
index 000000000000..c95578c8a71b
--- /dev/null
+++ b/website/source/docs/providers/chef/r/node.html.markdown
@@ -0,0 +1,48 @@
+---
+layout: "chef"
+page_title: "Chef: chef_node"
+sidebar_current: "docs-chef-resource-node"
+description: |-
+  Creates and manages a node in Chef Server.
+---
+
+# chef\_node
+
+A [node](http://docs.chef.io/nodes.html) is a computer whose
+configuration is managed by Chef.
+
+Although this resource allows a node to be registered, it does not actually
+configure the computer in question to interact with Chef. In most cases it
+is better to use [the `chef` provisioner](/docs/provisioners/chef.html) to
+configure the Chef client on a computer and have it register itself with the
+Chef server.
+
+## Example Usage
+
+```
+resource "chef_node" "example" {
+    name = "example-environment"
+    environment_name = "${chef_environment.example.name}"
+    run_list = ["recipe[example]", "role[app_server]"]
+}
+```
+
+## Argument Reference
+
+The following arguments are supported:
+
+* `name` - (Required) The unique name to assign to the node.
+* `automatic_attributes_json` - (Optional) String containing a JSON-serialized
+  object containing the automatic attributes for the node.
+* `normal_attributes_json` - (Optional) String containing a JSON-serialized
+  object containing the normal attributes for the node.
+* `default_attributes_json` - (Optional) String containing a JSON-serialized
+  object containing the default attributes for the node.
+* `override_attributes_json` - (Optional) String containing a JSON-serialized
+  object containing the override attributes for the node.
+* `run_list` - (Optional) List of strings to set as the
+  [run list](https://docs.chef.io/run_lists.html) for the node.
+
+## Attributes Reference
+
+This resource exports no further attributes.
diff --git a/website/source/docs/providers/chef/r/role.html.markdown b/website/source/docs/providers/chef/r/role.html.markdown
new file mode 100644
index 000000000000..be48834fe596
--- /dev/null
+++ b/website/source/docs/providers/chef/r/role.html.markdown
@@ -0,0 +1,40 @@
+---
+layout: "chef"
+page_title: "Chef: chef_role"
+sidebar_current: "docs-chef-resource-role"
+description: |-
+  Creates and manages a role in Chef Server.
+---
+
+# chef\_role
+
+A [role](http://docs.chef.io/roles.html) is a set of standard configuration
+that can apply across multiple nodes that perform the same function.
+
+## Example Usage
+
+```
+resource "chef_role" "example" {
+    name = "example-role"
+    run_list = ["recipe[example]"]
+}
+```
+
+## Argument Reference
+
+The following arguments are supported:
+
+* `name` - (Required) The unique name to assign to the role.
+* `description` - (Optional) A human-friendly description of the role.
+  If not set, a placeholder of "Managed by Terraform" will be set.
+* `default_attributes_json` - (Optional) String containing a JSON-serialized
+  object containing the default attributes for the role.
+* `override_attributes_json` - (Optional) String containing a JSON-serialized
+  object containing the override attributes for the role.
+* `run_list` - (Optional) List of strings to set as the
+  [run list](https://docs.chef.io/run_lists.html) for any nodes that belong
+  to this role.
+
+## Attributes Reference
+
+This resource exports no further attributes.
diff --git a/website/source/docs/providers/google/index.html.markdown b/website/source/docs/providers/google/index.html.markdown
index 14a208d6a2af..2dfc69cfde06 100644
--- a/website/source/docs/providers/google/index.html.markdown
+++ b/website/source/docs/providers/google/index.html.markdown
@@ -73,7 +73,10 @@ the process more straightforwarded, it is documented here:
 1. Log into the [Google Developers Console](https://console.developers.google.com)
    and select a project.
 
-2. Under the "APIs & Auth" section, click "Credentials."
+2. Click the menu button in the top left corner, and navigate to "Permissions",
+   then "Service accounts", and finally "Create service account".
 
-3. Create a new OAuth client ID and select "Service account" as the type
-   of account. Once created, and after a P12 key is downloaded, a JSON file should be downloaded. This is your _account file_.
+3. Provide a name and ID in the corresponding fields, select
+   "Furnish a new private key", and select "JSON" as the key type.
+
+4. Clicking "Create" will download your `credentials`.
diff --git a/website/source/docs/providers/google/r/compute_instance_group_manager.html.markdown b/website/source/docs/providers/google/r/compute_instance_group_manager.html.markdown
index 30527c80ac7e..8bc6c1500606 100644
--- a/website/source/docs/providers/google/r/compute_instance_group_manager.html.markdown
+++ b/website/source/docs/providers/google/r/compute_instance_group_manager.html.markdown
@@ -20,6 +20,7 @@ resource "google_compute_instance_group_manager" "foobar" {
 	description = "Terraform test instance group manager"
 	name = "terraform-test"
 	instance_template = "${google_compute_instance_template.foobar.self_link}"
+	update_strategy= "NONE"
 	target_pools = ["${google_compute_target_pool.foobar.self_link}"]
 	base_instance_name = "foobar"
 	zone = "us-central1-a"
@@ -41,7 +42,13 @@ instance name.
 group manager.
 
 * `instance_template` - (Required) The full URL to an instance template from
-which all new instances will be created.
+which all new instances will be created. 
+
+* `update_strategy` - (Optional, Default `"RESTART"`) If the `instance_template` resource is
+modified, a value of `"NONE"` will prevent any of the managed instances from
+being restarted by Terraform. A value of `"RESTART"` will restart all of the 
+instances at once. In the future, as the GCE API matures we will support
+`"ROLLING_UPDATE"` as well.
 
 * `name` - (Required) The name of the instance group manager. Must be 1-63
 characters long and comply with [RFC1035](https://www.ietf.org/rfc/rfc1035.txt).
diff --git a/website/source/docs/providers/google/r/container_cluster.html.markdown b/website/source/docs/providers/google/r/container_cluster.html.markdown
index b2db4bedfae4..9fe63cbe24ce 100644
--- a/website/source/docs/providers/google/r/container_cluster.html.markdown
+++ b/website/source/docs/providers/google/r/container_cluster.html.markdown
@@ -14,14 +14,23 @@ description: |-
 
 ```
 resource "google_container_cluster" "primary" {
-	name = "marcellus-wallace"
-	zone = "us-central1-a"
-	initial_node_count = 3
+    name = "marcellus-wallace"
+    zone = "us-central1-a"
+    initial_node_count = 3
 
-	master_auth {
-		username = "mr.yoda"
-		password = "adoy.rm"
-	}
+    master_auth {
+        username = "mr.yoda"
+        password = "adoy.rm"
+    }
+
+    node_config {
+        oauth_scopes = [
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/devstorage.read_only",
+            "https://www.googleapis.com/auth/logging.write",
+            "https://www.googleapis.com/auth/monitoring"
+        ]
+    }
 }
 ```
 
diff --git a/website/source/index.html.erb b/website/source/index.html.erb
index 92a6c3f17b93..52c8b747bf00 100644
--- a/website/source/index.html.erb
+++ b/website/source/index.html.erb
@@ -196,8 +196,8 @@
 								<p>resource <span class="txt-spe">"aws_instance"</span> <span class="txt-str">"app"</span> {</p>
 								<p>    count = <span class="txt-int">5</span></p>
 								<p> </p>
-								<p>    ami = <span class="txt-str">"ami-043a5034"</span></p>
-								<p>    instance_type = <span class="txt-str">"m1.small"</span></p>
+								<p>    ami = <span class="txt-str">"ami-d05e75b8"</span></p>
+								<p>    instance_type = <span class="txt-str">"t2.micro"</span></p>
 								<p>}</p>
 								</div>
 							</div>
diff --git a/website/source/layouts/aws.erb b/website/source/layouts/aws.erb
index 1da203dca2fd..c2df5bbf5c9b 100644
--- a/website/source/layouts/aws.erb
+++ b/website/source/layouts/aws.erb
@@ -128,6 +128,10 @@
                             <a href="/docs/providers/aws/r/autoscaling_policy.html">aws_autoscaling_policy</a>
                         </li>
 
+                        <li<%= sidebar_current("docs-aws-resource-autoscaling-schedule") %>>
+                          <a href="/docs/providers/aws/r/autoscaling_schedule.html">aws_autoscaling_schedule</a>
+                        </li>
+
                         <li<%= sidebar_current("docs-aws-resource-ebs-volume") %>>
                             <a href="/docs/providers/aws/r/ebs_volume.html">aws_ebs_volume</a>
                         </li>
diff --git a/website/source/layouts/chef.erb b/website/source/layouts/chef.erb
new file mode 100644
index 000000000000..bf01f680caa1
--- /dev/null
+++ b/website/source/layouts/chef.erb
@@ -0,0 +1,38 @@
+<% wrap_layout :inner do %>
+	<% content_for :sidebar do %>
+		<div class="docs-sidebar hidden-print affix-top" role="complementary">
+			<ul class="nav docs-sidenav">
+				<li<%= sidebar_current("docs-home") %>>
+				<a href="/docs/providers/index.html">&laquo; Documentation Home</a>
+                </li>
+
+				<li<%= sidebar_current("docs-chef-index") %>>
+				<a href="/docs/providers/consul/index.html">Chef Provider</a>
+                </li>
+
+				<li<%= sidebar_current(/^docs-chef-resource/) %>>
+				<a href="#">Resources</a>
+                <ul class="nav nav-visible">
+                    <li<%= sidebar_current("docs-chef-resource-data-bag") %>>
+					<a href="/docs/providers/chef/r/data_bag.html">chef_data_bag</a>
+					</li>
+                    <li<%= sidebar_current("docs-chef-resource-data-bag-item") %>>
+					<a href="/docs/providers/chef/r/data_bag_item.html">chef_data_bag_item</a>
+					</li>
+                    <li<%= sidebar_current("docs-chef-resource-environment") %>>
+					<a href="/docs/providers/chef/r/environment.html">chef_environment</a>
+					</li>
+                    <li<%= sidebar_current("docs-chef-resource-node") %>>
+					<a href="/docs/providers/chef/r/node.html">chef_node</a>
+					</li>
+                    <li<%= sidebar_current("docs-chef-resource-role") %>>
+					<a href="/docs/providers/chef/r/role.html">chef_role</a>
+					</li>
+				</ul>
+				</li>
+			</ul>
+		</div>
+	<% end %>
+
+	<%= yield %>
+	<% end %>
diff --git a/website/source/layouts/docs.erb b/website/source/layouts/docs.erb
index ff088e8e8cbe..3deb5be98f1f 100644
--- a/website/source/layouts/docs.erb
+++ b/website/source/layouts/docs.erb
@@ -133,6 +133,10 @@
 					<a href="/docs/providers/azure/index.html">Azure</a>
 					</li>
 
+					<li<%= sidebar_current("docs-providers-chef") %>>
+					<a href="/docs/providers/chef/index.html">Chef</a>
+					</li>
+
 					<li<%= sidebar_current("docs-providers-cloudflare") %>>
 					<a href="/docs/providers/cloudflare/index.html">CloudFlare</a>
 					</li>