New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

AWS Provider Coverage #28

Closed
pearkes opened this Issue Jul 21, 2014 · 127 comments

Comments

Projects
None yet
@pearkes
Member

pearkes commented Jul 21, 2014

AWS Provider Coverage

View this spreadsheet for a near-time summary of AWS resource coverage. If there's a resource you would like to see coverage for, just add your GitHub username to next to the resource. We will use the number of community upvotes in the spreadsheet to help prioritize our efforts.

https://docs.google.com/spreadsheets/d/1yJKjLaTmkWcUS3T8TLwvXC6EBwNSpuQbIq0Y7OnMXhw/edit?usp=sharing

@zwily

This comment has been minimized.

zwily commented Jul 28, 2014

Other services I'm currently using CloudFormation for: Dynamo and ElasticBeanstalk

@pearkes pearkes added the enhancement label Jul 29, 2014

@AlexanderEkdahl

This comment has been minimized.

Contributor

AlexanderEkdahl commented Jul 29, 2014

Does Route53 work with Aliases?

@MrJoy

This comment has been minimized.

MrJoy commented Jul 29, 2014

Also, what about tags and EBS volumes/snapshots?

@pearkes

This comment has been minimized.

Member

pearkes commented Jul 30, 2014

@AlexanderEkdahl as of now, no. Added to the list.

@vertis

This comment has been minimized.

Contributor

vertis commented Jul 30, 2014

#103 adds support for using ELBs within a VPC and for the internal argument

@nirev

This comment has been minimized.

nirev commented Jul 30, 2014

What about configuring OpsWorks stacks?

@pearkes

This comment has been minimized.

Member

pearkes commented Jul 30, 2014

@nirev Added to the list!

@AlexanderEkdahl

This comment has been minimized.

Contributor

AlexanderEkdahl commented Jul 30, 2014

How does mitchellh/goamz compare to the other goamz forks? From what I can see there are other forks which provides more features.

@rosstimson

This comment has been minimized.

rosstimson commented Jul 31, 2014

I'd like to be able to start an EC2 instance with an assigned IAM role, this would really help with keeping security credentials out of templates/scripts.

SSL support for ELBs should be a priority IMO as well.

@pearkes

This comment has been minimized.

Member

pearkes commented Jul 31, 2014

@rosstimson Yea, I think SSL is definitely a priority too.

I added IAM roles to the list. It's already in goamz so should be pretty easy.

@yawn

This comment has been minimized.

Contributor

yawn commented Aug 3, 2014

  • Rootvolume size and type, volumes in general, ephemeral storage, encryption etc.
  • Tags everywhere possible (not just EC2)
@yawn

This comment has been minimized.

Contributor

yawn commented Aug 3, 2014

What's the consensus on providing pull-requests for aspects of this issue? Create a new issue to start a discussion on how to approach the problem or flesh out a solution, open a PR and have the discussion there?

I got time over the weekend to implement block device mappings but I'd like to synchronize regarding the update semantics as well as on how much magic (if at all) should be applied for things like DeviceName mapping or (potentially) automatic ephemeral storage mapping.

@pearkes

This comment has been minimized.

Member

pearkes commented Aug 4, 2014

@yawn PR is preferable if there's any code involved, happy to talk things out there. You can also find us on Freenode in #terraform-tool.

@yawn

This comment has been minimized.

Contributor

yawn commented Aug 5, 2014

Ok!

@girvo

This comment has been minimized.

girvo commented Aug 5, 2014

SSL for ELBs are my major feature request, so I guess it's time to go have a poke through some Go code!

@brianknight10

This comment has been minimized.

brianknight10 commented Aug 5, 2014

Hey guys - this is a great list and I appreciate the emphasis on AWS features.

I've been looking at my CloudFormation templates and one implicit item that keeps appearing is the need to support VPC features with many of the API items, such as EC2, ElastiCache, RDS, ELB, etc. This includes using VPC security groups.

Under ElastiCache, similar to RDS, is the need to support SubnetGroups.

Otherwise, my priorities are SSL with ELB, ElastiCache, and EC2 subitems like tags, IAM roles, auto-scaling, and the ElastiCache/RDS subnet groups.

I'll help as I can.

@pearkes

This comment has been minimized.

Member

pearkes commented Aug 5, 2014

@brianknight10 Thanks for the input! You're right, although there is relatively strong support in the providers for VPC features, there are definitely still gaps. I've updated the list with some of your suggestions.

@kief

This comment has been minimized.

kief commented Aug 6, 2014

How about support for EBS volumes? I'd like to define an EBS volume to attach to an instance, and when I apply a plan that rebuilds the instance, it will reattach the volume. This would give us the ability to persist certain data.

@pearkes

This comment has been minimized.

Member

pearkes commented Aug 6, 2014

@kief Added. Nice idea!

@alekstorm

This comment has been minimized.

Contributor

alekstorm commented Aug 7, 2014

EC2 security groups should be able to take egress blocks as well. However, we'll run into a problem with mutually dependent security groups, e.g.

resource "aws_security_group" "foo" {
    ...
    ingress {
        ...
        security_groups = ["${aws_security_group.bar}"]
    }
}

resource "aws_security_group" "bar" {
    ...
    egress {
        ...
        security_groups = ["${aws_security_group.foo}"]
    }
}

CloudFormation solves this by introducing two new resource types, AWS::EC2::SecurityGroupIngress and AWS::EC2::SecurityGroupEgress. Barring more sophisticated dependency graph logic, I think we'll need something similar (aws_security_group_ingress and aws_security_group_egress), in addition to the ingress and egress blocks.

@c4milo

This comment has been minimized.

Contributor

c4milo commented Apr 27, 2015

@catsby, @phinze I put off writing support for Route53 alias records to focus on DHCP Option Set support as that is more pressing on my end.

@andreijs

This comment has been minimized.

andreijs commented Apr 28, 2015

Also route 53 does not support internal vpc associations

bitglue pushed a commit to bitglue/terraform that referenced this issue Apr 28, 2015

Phil Frost
Implement AWS IAM resources
- Users
- Groups
- Roles
- Inline policies for the above three
- Instance profiles
- Managed policies
- Access keys

This is most of the data types provided by IAM. There are a few things
missing, but the functionality here is probably sufficient for 95% of
the cases. Makes a dent in hashicorp#28.

bitglue pushed a commit to bitglue/terraform that referenced this issue Apr 28, 2015

Phil Frost
Implement AWS IAM resources
- Users
- Groups
- Roles
- Inline policies for the above three
- Instance profiles
- Managed policies
- Access keys

This is most of the data types provided by IAM. There are a few things
missing, but the functionality here is probably sufficient for 95% of
the cases. Makes a dent in hashicorp#28.
@c4milo

This comment has been minimized.

Contributor

c4milo commented Apr 28, 2015

@catsby, @phinze, I'm almost done with DHCP Options support, but Terraform is crashing on me upon destroying. It doesn't seem to be related to the DHCP Options work, though. May I have a hand please? https://github.com/managedbyq/terraform-1/tree/aws_dhcp_options and https://gist.github.com/c4milo/4c68e16a33fdfe7e8380

@c4milo

This comment has been minimized.

Contributor

c4milo commented Apr 28, 2015

@catsby @phinze I got unstuck \o/. I will be sending a PR shortly.

bitglue pushed a commit to bitglue/terraform that referenced this issue Apr 29, 2015

Phil Frost
Implement AWS IAM resources
- Users
- Groups
- Roles
- Inline policies for the above three
- Instance profiles
- Managed policies
- Access keys

This is most of the data types provided by IAM. There are a few things
missing, but the functionality here is probably sufficient for 95% of
the cases. Makes a dent in hashicorp#28.

bitglue pushed a commit to bitglue/terraform that referenced this issue May 4, 2015

Phil Frost
Implement AWS IAM resources
- Users
- Groups
- Roles
- Inline policies for the above three
- Instance profiles
- Managed policies
- Access keys

This is most of the data types provided by IAM. There are a few things
missing, but the functionality here is probably sufficient for 95% of
the cases. Makes a dent in hashicorp#28.

bitglue pushed a commit to bitglue/terraform that referenced this issue May 5, 2015

Phil Frost
Implement AWS IAM resources
- Users
- Groups
- Roles
- Inline policies for the above three
- Instance profiles
- Managed policies
- Access keys

This is most of the data types provided by IAM. There are a few things
missing, but the functionality here is probably sufficient for 95% of
the cases. Makes a dent in hashicorp#28.
@nevir

This comment has been minimized.

Contributor

nevir commented May 14, 2015

Just +1ing for ElastiCache's CreateReplicationGroup (also added to spreadsheet)

@phinze

This comment has been minimized.

Member

phinze commented May 14, 2015

@nevir Part of the motivation for the spreadsheet is to collect feedback on desired features while avoiding the need to send a github notification for a "+1" to the 77 folks on this thread + 176 watchers on the repo. In other words, if you got your name on the spreadsheet, no need to post here. 😀

That being said, if anybody has a specific use case or details they'd like to share or discuss further, please feel free to open a fresh issue and link it from the "Relevant Issues" column on the spreadsheet.

@hashicorp hashicorp locked and limited conversation to collaborators May 14, 2015

@catsby

This comment has been minimized.

Member

catsby commented Mar 11, 2016

Hello friends –

With regret, I'm going to close this issue. The spreadsheet was a great idea but ultimately mapping api calls to valuable features in Terraform didn't quite pan out.

For now we'll be tracking individual feature requests in their own GitHub issues. I realize this may lead to duplication, but I'll do the best I can to stay on top of things.

Please let know if you have any questions, comments, concerns et. al. Thanks for helping out here 😄

@catsby catsby closed this Mar 11, 2016

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.