AWS Provider Coverage

[pearkes]

AWS Provider Coverage

View this spreadsheet for a near-time summary of AWS resource coverage. If there's a resource you would like to see coverage for, just add your GitHub username to next to the resource. We will use the number of community upvotes in the spreadsheet to help prioritize our efforts.

https://docs.google.com/spreadsheets/d/1yJKjLaTmkWcUS3T8TLwvXC6EBwNSpuQbIq0Y7OnMXhw/edit?usp=sharing

[zwily]

Other services I'm currently using CloudFormation for: Dynamo and ElasticBeanstalk

[AlexanderEkdahl]

Does Route53 work with Aliases?

[MrJoy]

Also, what about tags and EBS volumes/snapshots?

[pearkes]

@AlexanderEkdahl as of now, no. Added to the list.

[vertis]

#103 adds support for using ELBs within a VPC and for the internal argument

[nirev]

What about configuring OpsWorks stacks?

[pearkes]

@nirev Added to the list!

[AlexanderEkdahl]

How does mitchellh/goamz compare to the other goamz forks? From what I can see there are other forks which provides more features.

[rosstimson]

I'd like to be able to start an EC2 instance with an assigned IAM role, this would really help with keeping security credentials out of templates/scripts.

SSL support for ELBs should be a priority IMO as well.

[pearkes]

@rosstimson Yea, I think SSL is definitely a priority too.

I added IAM roles to the list. It's already in goamz so should be pretty easy.

[yawn]

• Rootvolume size and type, volumes in general, ephemeral storage, encryption etc.
• Tags everywhere possible (not just EC2)

[yawn]

What's the consensus on providing pull-requests for aspects of this issue? Create a new issue to start a discussion on how to approach the problem or flesh out a solution, open a PR and have the discussion there?

I got time over the weekend to implement block device mappings but I'd like to synchronize regarding the update semantics as well as on how much magic (if at all) should be applied for things like DeviceName mapping or (potentially) automatic ephemeral storage mapping.

[pearkes]

@yawn PR is preferable if there's any code involved, happy to talk things out there. You can also find us on Freenode in #terraform-tool.

[yawn]

Ok!

[girvo]

SSL for ELBs are my major feature request, so I guess it's time to go have a poke through some Go code!

[brianknight10]

Hey guys - this is a great list and I appreciate the emphasis on AWS features.

I've been looking at my CloudFormation templates and one implicit item that keeps appearing is the need to support VPC features with many of the API items, such as EC2, ElastiCache, RDS, ELB, etc. This includes using VPC security groups.

Under ElastiCache, similar to RDS, is the need to support SubnetGroups.

Otherwise, my priorities are SSL with ELB, ElastiCache, and EC2 subitems like tags, IAM roles, auto-scaling, and the ElastiCache/RDS subnet groups.

I'll help as I can.

[pearkes]

@brianknight10 Thanks for the input! You're right, although there is relatively strong support in the providers for VPC features, there are definitely still gaps. I've updated the list with some of your suggestions.

[kief]

How about support for EBS volumes? I'd like to define an EBS volume to attach to an instance, and when I apply a plan that rebuilds the instance, it will reattach the volume. This would give us the ability to persist certain data.

[pearkes]

@kief Added. Nice idea!

[alekstorm]

EC2 security groups should be able to take egress blocks as well. However, we'll run into a problem with mutually dependent security groups, e.g.

resource "aws_security_group" "foo" {
    ...
    ingress {
        ...
        security_groups = ["${aws_security_group.bar}"]
    }
}

resource "aws_security_group" "bar" {
    ...
    egress {
        ...
        security_groups = ["${aws_security_group.foo}"]
    }
}

CloudFormation solves this by introducing two new resource types, AWS::EC2::SecurityGroupIngress and AWS::EC2::SecurityGroupEgress. Barring more sophisticated dependency graph logic, I think we'll need something similar (aws_security_group_ingress and aws_security_group_egress), in addition to the ingress and egress blocks.

[c4milo]

@catsby, @phinze I put off writing support for Route53 alias records to focus on DHCP Option Set support as that is more pressing on my end.

[andreijs]

Also route 53 does not support internal vpc associations

[c4milo]

@catsby, @phinze, I'm almost done with DHCP Options support, but Terraform is crashing on me upon destroying. It doesn't seem to be related to the DHCP Options work, though. May I have a hand please? https://github.com/managedbyq/terraform-1/tree/aws_dhcp_options and https://gist.github.com/c4milo/4c68e16a33fdfe7e8380

[c4milo]

@catsby @phinze I got unstuck \o/. I will be sending a PR shortly.

[nevir]

Just +1ing for ElastiCache's CreateReplicationGroup (also added to spreadsheet)

[phinze]

@nevir Part of the motivation for the spreadsheet is to collect feedback on desired features while avoiding the need to send a github notification for a "+1" to the 77 folks on this thread + 176 watchers on the repo. In other words, if you got your name on the spreadsheet, no need to post here. 😀

That being said, if anybody has a specific use case or details they'd like to share or discuss further, please feel free to open a fresh issue and link it from the "Relevant Issues" column on the spreadsheet.

[catsby]

Hello friends –

With regret, I'm going to close this issue. The spreadsheet was a great idea but ultimately mapping api calls to valuable features in Terraform didn't quite pan out.

For now we'll be tracking individual feature requests in their own GitHub issues. I realize this may lead to duplication, but I'll do the best I can to stay on top of things.

Please let know if you have any questions, comments, concerns et. al. Thanks for helping out here 😄