hashicorp-cla
commented
5 years ago
All committers have signed the CLA.
Closed mustafashabib closed 5 years ago
hashicorp-cla
commented
5 years ago
All committers have signed the CLA.
mustafashabib
commented
5 years ago Seems to apply correctly on a default example:
provider "aws" {
access_key = "KEY"
secret_key = "SECRET"
region = "us-east-1"
}
module "consul" {
source = "github.com/mustafashabib/terraform-aws-consul"
num_servers = "3"
}When I run terraform plan (after terraform init)
Output is
terraform plan
Refreshing Terraform state in-memory prior to plan...
The refreshed state will be used to calculate this plan, but will not be
persisted to local or remote state storage.
module.consul.data.template_file.user_data_server: Refreshing state...
module.consul.data.template_file.user_data_client: Refreshing state...
module.consul.data.aws_ami.consul: Refreshing state...
module.consul.module.consul_servers.module.iam_policies.data.aws_iam_policy_document.auto_discover_cluster: Refreshing state...
module.consul.data.aws_region.current: Refreshing state...
module.consul.data.aws_vpc.default: Refreshing state...
module.consul.module.consul_servers.data.aws_iam_policy_document.instance_role: Refreshing state...
module.consul.module.consul_clients.module.iam_policies.data.aws_iam_policy_document.auto_discover_cluster: Refreshing state...
module.consul.module.consul_clients.data.aws_iam_policy_document.instance_role: Refreshing state...
module.consul.data.aws_subnet_ids.default: Refreshing state...
------------------------------------------------------------------------
An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
+ create
Terraform will perform the following actions:
# module.consul.module.consul_clients.aws_autoscaling_group.autoscaling_group will be created
+ resource "aws_autoscaling_group" "autoscaling_group" {
+ arn = (known after apply)
+ availability_zones = []
+ default_cooldown = (known after apply)
+ desired_capacity = 6
+ enabled_metrics = []
+ force_delete = false
+ health_check_grace_period = 300
+ health_check_type = "EC2"
+ id = (known after apply)
+ launch_configuration = (known after apply)
+ load_balancers = (known after apply)
+ max_size = 6
+ metrics_granularity = "1Minute"
+ min_size = 6
+ name = (known after apply)
+ name_prefix = "consul-example-client"
+ protect_from_scale_in = false
+ service_linked_role_arn = (known after apply)
+ tags = [
+ {
+ "key" = "Name"
+ "propagate_at_launch" = "true"
+ "value" = "consul-example-client"
},
+ {
+ "key" = "consul-clients"
+ "propagate_at_launch" = "true"
+ "value" = "consul-example"
},
]
+ target_group_arns = (known after apply)
+ termination_policies = [
+ "Default",
]
+ vpc_zone_identifier = [
+ "subnet-03148f39",
+ "subnet-65a12769",
+ "subnet-65ae1212",
+ "subnet-7d778e56",
+ "subnet-ccf89da9",
+ "subnet-de558a87",
]
+ wait_for_capacity_timeout = "10m"
}
# module.consul.module.consul_clients.aws_iam_instance_profile.instance_profile[0] will be created
+ resource "aws_iam_instance_profile" "instance_profile" {
+ arn = (known after apply)
+ create_date = (known after apply)
+ id = (known after apply)
+ name = (known after apply)
+ name_prefix = "consul-example-client"
+ path = "/"
+ role = (known after apply)
+ roles = (known after apply)
+ unique_id = (known after apply)
}
# module.consul.module.consul_clients.aws_iam_role.instance_role[0] will be created
+ resource "aws_iam_role" "instance_role" {
+ arn = (known after apply)
+ assume_role_policy = jsonencode(
{
+ Statement = [
+ {
+ Action = "sts:AssumeRole"
+ Effect = "Allow"
+ Principal = {
+ Service = "ec2.amazonaws.com"
}
+ Sid = ""
},
]
+ Version = "2012-10-17"
}
)
+ create_date = (known after apply)
+ force_detach_policies = false
+ id = (known after apply)
+ max_session_duration = 3600
+ name = (known after apply)
+ name_prefix = "consul-example-client"
+ path = "/"
+ unique_id = (known after apply)
}
# module.consul.module.consul_clients.aws_launch_configuration.launch_configuration will be created
+ resource "aws_launch_configuration" "launch_configuration" {
+ associate_public_ip_address = false
+ ebs_optimized = false
+ enable_monitoring = true
+ iam_instance_profile = (known after apply)
+ id = (known after apply)
+ image_id = "ami-0a9b5046374af8659"
+ instance_type = "t2.micro"
+ key_name = (known after apply)
+ name = (known after apply)
+ name_prefix = "consul-example-client-"
+ security_groups = (known after apply)
+ user_data = "97e031d0aa6d1e6b2cd1838301fbecde7751eefb"
+ ebs_block_device {
+ delete_on_termination = (known after apply)
+ device_name = (known after apply)
+ encrypted = (known after apply)
+ iops = (known after apply)
+ no_device = (known after apply)
+ snapshot_id = (known after apply)
+ volume_size = (known after apply)
+ volume_type = (known after apply)
}
+ root_block_device {
+ delete_on_termination = true
+ iops = (known after apply)
+ volume_size = 50
+ volume_type = "standard"
}
}
# module.consul.module.consul_clients.aws_security_group.lc_security_group will be created
+ resource "aws_security_group" "lc_security_group" {
+ arn = (known after apply)
+ description = "Security group for the consul-example-client launch configuration"
+ egress = (known after apply)
+ id = (known after apply)
+ ingress = (known after apply)
+ name = (known after apply)
+ name_prefix = "consul-example-client"
+ owner_id = (known after apply)
+ revoke_rules_on_delete = false
+ tags = {
+ "Name" = "consul-example-client"
}
+ vpc_id = "vpc-6b2bb80e"
}
# module.consul.module.consul_clients.aws_security_group_rule.allow_all_outbound will be created
+ resource "aws_security_group_rule" "allow_all_outbound" {
+ cidr_blocks = [
+ "0.0.0.0/0",
]
+ from_port = 0
+ id = (known after apply)
+ protocol = "-1"
+ security_group_id = (known after apply)
+ self = false
+ source_security_group_id = (known after apply)
+ to_port = 0
+ type = "egress"
}
# module.consul.module.consul_clients.aws_security_group_rule.allow_ssh_inbound[0] will be created
+ resource "aws_security_group_rule" "allow_ssh_inbound" {
+ cidr_blocks = [
+ "0.0.0.0/0",
]
+ from_port = 22
+ id = (known after apply)
+ protocol = "tcp"
+ security_group_id = (known after apply)
+ self = false
+ source_security_group_id = (known after apply)
+ to_port = 22
+ type = "ingress"
}
# module.consul.module.consul_servers.aws_autoscaling_group.autoscaling_group will be created
+ resource "aws_autoscaling_group" "autoscaling_group" {
+ arn = (known after apply)
+ availability_zones = []
+ default_cooldown = (known after apply)
+ desired_capacity = 3
+ enabled_metrics = []
+ force_delete = false
+ health_check_grace_period = 300
+ health_check_type = "EC2"
+ id = (known after apply)
+ launch_configuration = (known after apply)
+ load_balancers = (known after apply)
+ max_size = 3
+ metrics_granularity = "1Minute"
+ min_size = 3
+ name = (known after apply)
+ name_prefix = "consul-example-server"
+ protect_from_scale_in = false
+ service_linked_role_arn = (known after apply)
+ tags = [
+ {
+ "key" = "Name"
+ "propagate_at_launch" = "true"
+ "value" = "consul-example-server"
},
+ {
+ "key" = "consul-servers"
+ "propagate_at_launch" = "true"
+ "value" = "consul-example"
},
+ {
+ "key" = "Environment"
+ "propagate_at_launch" = "true"
+ "value" = "development"
},
]
+ target_group_arns = (known after apply)
+ termination_policies = [
+ "Default",
]
+ vpc_zone_identifier = [
+ "subnet-03148f39",
+ "subnet-65a12769",
+ "subnet-65ae1212",
+ "subnet-7d778e56",
+ "subnet-ccf89da9",
+ "subnet-de558a87",
]
+ wait_for_capacity_timeout = "10m"
}
# module.consul.module.consul_servers.aws_iam_instance_profile.instance_profile[0] will be created
+ resource "aws_iam_instance_profile" "instance_profile" {
+ arn = (known after apply)
+ create_date = (known after apply)
+ id = (known after apply)
+ name = (known after apply)
+ name_prefix = "consul-example-server"
+ path = "/"
+ role = (known after apply)
+ roles = (known after apply)
+ unique_id = (known after apply)
}
# module.consul.module.consul_servers.aws_iam_role.instance_role[0] will be created
+ resource "aws_iam_role" "instance_role" {
+ arn = (known after apply)
+ assume_role_policy = jsonencode(
{
+ Statement = [
+ {
+ Action = "sts:AssumeRole"
+ Effect = "Allow"
+ Principal = {
+ Service = "ec2.amazonaws.com"
}
+ Sid = ""
},
]
+ Version = "2012-10-17"
}
)
+ create_date = (known after apply)
+ force_detach_policies = false
+ id = (known after apply)
+ max_session_duration = 3600
+ name = (known after apply)
+ name_prefix = "consul-example-server"
+ path = "/"
+ unique_id = (known after apply)
}
# module.consul.module.consul_servers.aws_launch_configuration.launch_configuration will be created
+ resource "aws_launch_configuration" "launch_configuration" {
+ associate_public_ip_address = false
+ ebs_optimized = false
+ enable_monitoring = true
+ iam_instance_profile = (known after apply)
+ id = (known after apply)
+ image_id = "ami-0a9b5046374af8659"
+ instance_type = "t2.micro"
+ key_name = (known after apply)
+ name = (known after apply)
+ name_prefix = "consul-example-server-"
+ security_groups = (known after apply)
+ user_data = "bea44523b6e01d16013cc9699c268cc65005f72f"
+ ebs_block_device {
+ delete_on_termination = (known after apply)
+ device_name = (known after apply)
+ encrypted = (known after apply)
+ iops = (known after apply)
+ no_device = (known after apply)
+ snapshot_id = (known after apply)
+ volume_size = (known after apply)
+ volume_type = (known after apply)
}
+ root_block_device {
+ delete_on_termination = true
+ iops = (known after apply)
+ volume_size = 50
+ volume_type = "standard"
}
}
# module.consul.module.consul_servers.aws_security_group.lc_security_group will be created
+ resource "aws_security_group" "lc_security_group" {
+ arn = (known after apply)
+ description = "Security group for the consul-example-server launch configuration"
+ egress = (known after apply)
+ id = (known after apply)
+ ingress = (known after apply)
+ name = (known after apply)
+ name_prefix = "consul-example-server"
+ owner_id = (known after apply)
+ revoke_rules_on_delete = false
+ tags = {
+ "Name" = "consul-example-server"
}
+ vpc_id = "vpc-6b2bb80e"
}
# module.consul.module.consul_servers.aws_security_group_rule.allow_all_outbound will be created
+ resource "aws_security_group_rule" "allow_all_outbound" {
+ cidr_blocks = [
+ "0.0.0.0/0",
]
+ from_port = 0
+ id = (known after apply)
+ protocol = "-1"
+ security_group_id = (known after apply)
+ self = false
+ source_security_group_id = (known after apply)
+ to_port = 0
+ type = "egress"
}
# module.consul.module.consul_servers.aws_security_group_rule.allow_ssh_inbound[0] will be created
+ resource "aws_security_group_rule" "allow_ssh_inbound" {
+ cidr_blocks = [
+ "0.0.0.0/0",
]
+ from_port = 22
+ id = (known after apply)
+ protocol = "tcp"
+ security_group_id = (known after apply)
+ self = false
+ source_security_group_id = (known after apply)
+ to_port = 22
+ type = "ingress"
}
# module.consul.module.consul_clients.module.iam_policies.aws_iam_role_policy.auto_discover_cluster[0] will be created
+ resource "aws_iam_role_policy" "auto_discover_cluster" {
+ id = (known after apply)
+ name = "auto-discover-cluster"
+ policy = jsonencode(
{
+ Statement = [
+ {
+ Action = [
+ "ec2:DescribeTags",
+ "ec2:DescribeInstances",
+ "autoscaling:DescribeAutoScalingGroups",
]
+ Effect = "Allow"
+ Resource = "*"
+ Sid = ""
},
]
+ Version = "2012-10-17"
}
)
+ role = (known after apply)
}
# module.consul.module.consul_clients.module.security_group_rules.aws_security_group_rule.allow_cli_rpc_inbound[0] will be created
+ resource "aws_security_group_rule" "allow_cli_rpc_inbound" {
+ cidr_blocks = [
+ "0.0.0.0/0",
]
+ from_port = 8400
+ id = (known after apply)
+ protocol = "tcp"
+ security_group_id = (known after apply)
+ self = false
+ source_security_group_id = (known after apply)
+ to_port = 8400
+ type = "ingress"
}
# module.consul.module.consul_clients.module.security_group_rules.aws_security_group_rule.allow_cli_rpc_inbound_from_self will be created
+ resource "aws_security_group_rule" "allow_cli_rpc_inbound_from_self" {
+ from_port = 8400
+ id = (known after apply)
+ protocol = "tcp"
+ security_group_id = (known after apply)
+ self = true
+ source_security_group_id = (known after apply)
+ to_port = 8400
+ type = "ingress"
}
# module.consul.module.consul_clients.module.security_group_rules.aws_security_group_rule.allow_dns_tcp_inbound[0] will be created
+ resource "aws_security_group_rule" "allow_dns_tcp_inbound" {
+ cidr_blocks = [
+ "0.0.0.0/0",
]
+ from_port = 8600
+ id = (known after apply)
+ protocol = "tcp"
+ security_group_id = (known after apply)
+ self = false
+ source_security_group_id = (known after apply)
+ to_port = 8600
+ type = "ingress"
}
# module.consul.module.consul_clients.module.security_group_rules.aws_security_group_rule.allow_dns_tcp_inbound_from_self will be created
+ resource "aws_security_group_rule" "allow_dns_tcp_inbound_from_self" {
+ from_port = 8600
+ id = (known after apply)
+ protocol = "tcp"
+ security_group_id = (known after apply)
+ self = true
+ source_security_group_id = (known after apply)
+ to_port = 8600
+ type = "ingress"
}
# module.consul.module.consul_clients.module.security_group_rules.aws_security_group_rule.allow_dns_udp_inbound[0] will be created
+ resource "aws_security_group_rule" "allow_dns_udp_inbound" {
+ cidr_blocks = [
+ "0.0.0.0/0",
]
+ from_port = 8600
+ id = (known after apply)
+ protocol = "udp"
+ security_group_id = (known after apply)
+ self = false
+ source_security_group_id = (known after apply)
+ to_port = 8600
+ type = "ingress"
}
# module.consul.module.consul_clients.module.security_group_rules.aws_security_group_rule.allow_dns_udp_inbound_from_self will be created
+ resource "aws_security_group_rule" "allow_dns_udp_inbound_from_self" {
+ from_port = 8600
+ id = (known after apply)
+ protocol = "udp"
+ security_group_id = (known after apply)
+ self = true
+ source_security_group_id = (known after apply)
+ to_port = 8600
+ type = "ingress"
}
# module.consul.module.consul_clients.module.security_group_rules.aws_security_group_rule.allow_http_api_inbound[0] will be created
+ resource "aws_security_group_rule" "allow_http_api_inbound" {
+ cidr_blocks = [
+ "0.0.0.0/0",
]
+ from_port = 8500
+ id = (known after apply)
+ protocol = "tcp"
+ security_group_id = (known after apply)
+ self = false
+ source_security_group_id = (known after apply)
+ to_port = 8500
+ type = "ingress"
}
# module.consul.module.consul_clients.module.security_group_rules.aws_security_group_rule.allow_http_api_inbound_from_self will be created
+ resource "aws_security_group_rule" "allow_http_api_inbound_from_self" {
+ from_port = 8500
+ id = (known after apply)
+ protocol = "tcp"
+ security_group_id = (known after apply)
+ self = true
+ source_security_group_id = (known after apply)
+ to_port = 8500
+ type = "ingress"
}
# module.consul.module.consul_clients.module.security_group_rules.aws_security_group_rule.allow_serf_wan_tcp_inbound[0] will be created
+ resource "aws_security_group_rule" "allow_serf_wan_tcp_inbound" {
+ cidr_blocks = [
+ "0.0.0.0/0",
]
+ from_port = 8302
+ id = (known after apply)
+ protocol = "tcp"
+ security_group_id = (known after apply)
+ self = false
+ source_security_group_id = (known after apply)
+ to_port = 8302
+ type = "ingress"
}
# module.consul.module.consul_clients.module.security_group_rules.aws_security_group_rule.allow_serf_wan_tcp_inbound_from_self will be created
+ resource "aws_security_group_rule" "allow_serf_wan_tcp_inbound_from_self" {
+ from_port = 8302
+ id = (known after apply)
+ protocol = "tcp"
+ security_group_id = (known after apply)
+ self = true
+ source_security_group_id = (known after apply)
+ to_port = 8302
+ type = "ingress"
}
# module.consul.module.consul_clients.module.security_group_rules.aws_security_group_rule.allow_serf_wan_udp_inbound[0] will be created
+ resource "aws_security_group_rule" "allow_serf_wan_udp_inbound" {
+ cidr_blocks = [
+ "0.0.0.0/0",
]
+ from_port = 8302
+ id = (known after apply)
+ protocol = "udp"
+ security_group_id = (known after apply)
+ self = false
+ source_security_group_id = (known after apply)
+ to_port = 8302
+ type = "ingress"
}
# module.consul.module.consul_clients.module.security_group_rules.aws_security_group_rule.allow_serf_wan_udp_inbound_from_self will be created
+ resource "aws_security_group_rule" "allow_serf_wan_udp_inbound_from_self" {
+ from_port = 8302
+ id = (known after apply)
+ protocol = "udp"
+ security_group_id = (known after apply)
+ self = true
+ source_security_group_id = (known after apply)
+ to_port = 8302
+ type = "ingress"
}
# module.consul.module.consul_clients.module.security_group_rules.aws_security_group_rule.allow_server_rpc_inbound[0] will be created
+ resource "aws_security_group_rule" "allow_server_rpc_inbound" {
+ cidr_blocks = [
+ "0.0.0.0/0",
]
+ from_port = 8300
+ id = (known after apply)
+ protocol = "tcp"
+ security_group_id = (known after apply)
+ self = false
+ source_security_group_id = (known after apply)
+ to_port = 8300
+ type = "ingress"
}
# module.consul.module.consul_clients.module.security_group_rules.aws_security_group_rule.allow_server_rpc_inbound_from_self will be created
+ resource "aws_security_group_rule" "allow_server_rpc_inbound_from_self" {
+ from_port = 8300
+ id = (known after apply)
+ protocol = "tcp"
+ security_group_id = (known after apply)
+ self = true
+ source_security_group_id = (known after apply)
+ to_port = 8300
+ type = "ingress"
}
# module.consul.module.consul_servers.module.iam_policies.aws_iam_role_policy.auto_discover_cluster[0] will be created
+ resource "aws_iam_role_policy" "auto_discover_cluster" {
+ id = (known after apply)
+ name = "auto-discover-cluster"
+ policy = jsonencode(
{
+ Statement = [
+ {
+ Action = [
+ "ec2:DescribeTags",
+ "ec2:DescribeInstances",
+ "autoscaling:DescribeAutoScalingGroups",
]
+ Effect = "Allow"
+ Resource = "*"
+ Sid = ""
},
]
+ Version = "2012-10-17"
}
)
+ role = (known after apply)
}
# module.consul.module.consul_servers.module.security_group_rules.aws_security_group_rule.allow_cli_rpc_inbound[0] will be created
+ resource "aws_security_group_rule" "allow_cli_rpc_inbound" {
+ cidr_blocks = [
+ "0.0.0.0/0",
]
+ from_port = 8400
+ id = (known after apply)
+ protocol = "tcp"
+ security_group_id = (known after apply)
+ self = false
+ source_security_group_id = (known after apply)
+ to_port = 8400
+ type = "ingress"
}
# module.consul.module.consul_servers.module.security_group_rules.aws_security_group_rule.allow_cli_rpc_inbound_from_self will be created
+ resource "aws_security_group_rule" "allow_cli_rpc_inbound_from_self" {
+ from_port = 8400
+ id = (known after apply)
+ protocol = "tcp"
+ security_group_id = (known after apply)
+ self = true
+ source_security_group_id = (known after apply)
+ to_port = 8400
+ type = "ingress"
}
# module.consul.module.consul_servers.module.security_group_rules.aws_security_group_rule.allow_dns_tcp_inbound[0] will be created
+ resource "aws_security_group_rule" "allow_dns_tcp_inbound" {
+ cidr_blocks = [
+ "0.0.0.0/0",
]
+ from_port = 8600
+ id = (known after apply)
+ protocol = "tcp"
+ security_group_id = (known after apply)
+ self = false
+ source_security_group_id = (known after apply)
+ to_port = 8600
+ type = "ingress"
}
# module.consul.module.consul_servers.module.security_group_rules.aws_security_group_rule.allow_dns_tcp_inbound_from_self will be created
+ resource "aws_security_group_rule" "allow_dns_tcp_inbound_from_self" {
+ from_port = 8600
+ id = (known after apply)
+ protocol = "tcp"
+ security_group_id = (known after apply)
+ self = true
+ source_security_group_id = (known after apply)
+ to_port = 8600
+ type = "ingress"
}
# module.consul.module.consul_servers.module.security_group_rules.aws_security_group_rule.allow_dns_udp_inbound[0] will be created
+ resource "aws_security_group_rule" "allow_dns_udp_inbound" {
+ cidr_blocks = [
+ "0.0.0.0/0",
]
+ from_port = 8600
+ id = (known after apply)
+ protocol = "udp"
+ security_group_id = (known after apply)
+ self = false
+ source_security_group_id = (known after apply)
+ to_port = 8600
+ type = "ingress"
}
# module.consul.module.consul_servers.module.security_group_rules.aws_security_group_rule.allow_dns_udp_inbound_from_self will be created
+ resource "aws_security_group_rule" "allow_dns_udp_inbound_from_self" {
+ from_port = 8600
+ id = (known after apply)
+ protocol = "udp"
+ security_group_id = (known after apply)
+ self = true
+ source_security_group_id = (known after apply)
+ to_port = 8600
+ type = "ingress"
}
# module.consul.module.consul_servers.module.security_group_rules.aws_security_group_rule.allow_http_api_inbound[0] will be created
+ resource "aws_security_group_rule" "allow_http_api_inbound" {
+ cidr_blocks = [
+ "0.0.0.0/0",
]
+ from_port = 8500
+ id = (known after apply)
+ protocol = "tcp"
+ security_group_id = (known after apply)
+ self = false
+ source_security_group_id = (known after apply)
+ to_port = 8500
+ type = "ingress"
}
# module.consul.module.consul_servers.module.security_group_rules.aws_security_group_rule.allow_http_api_inbound_from_self will be created
+ resource "aws_security_group_rule" "allow_http_api_inbound_from_self" {
+ from_port = 8500
+ id = (known after apply)
+ protocol = "tcp"
+ security_group_id = (known after apply)
+ self = true
+ source_security_group_id = (known after apply)
+ to_port = 8500
+ type = "ingress"
}
# module.consul.module.consul_servers.module.security_group_rules.aws_security_group_rule.allow_serf_wan_tcp_inbound[0] will be created
+ resource "aws_security_group_rule" "allow_serf_wan_tcp_inbound" {
+ cidr_blocks = [
+ "0.0.0.0/0",
]
+ from_port = 8302
+ id = (known after apply)
+ protocol = "tcp"
+ security_group_id = (known after apply)
+ self = false
+ source_security_group_id = (known after apply)
+ to_port = 8302
+ type = "ingress"
}
# module.consul.module.consul_servers.module.security_group_rules.aws_security_group_rule.allow_serf_wan_tcp_inbound_from_self will be created
+ resource "aws_security_group_rule" "allow_serf_wan_tcp_inbound_from_self" {
+ from_port = 8302
+ id = (known after apply)
+ protocol = "tcp"
+ security_group_id = (known after apply)
+ self = true
+ source_security_group_id = (known after apply)
+ to_port = 8302
+ type = "ingress"
}
# module.consul.module.consul_servers.module.security_group_rules.aws_security_group_rule.allow_serf_wan_udp_inbound[0] will be created
+ resource "aws_security_group_rule" "allow_serf_wan_udp_inbound" {
+ cidr_blocks = [
+ "0.0.0.0/0",
]
+ from_port = 8302
+ id = (known after apply)
+ protocol = "udp"
+ security_group_id = (known after apply)
+ self = false
+ source_security_group_id = (known after apply)
+ to_port = 8302
+ type = "ingress"
}
# module.consul.module.consul_servers.module.security_group_rules.aws_security_group_rule.allow_serf_wan_udp_inbound_from_self will be created
+ resource "aws_security_group_rule" "allow_serf_wan_udp_inbound_from_self" {
+ from_port = 8302
+ id = (known after apply)
+ protocol = "udp"
+ security_group_id = (known after apply)
+ self = true
+ source_security_group_id = (known after apply)
+ to_port = 8302
+ type = "ingress"
}
# module.consul.module.consul_servers.module.security_group_rules.aws_security_group_rule.allow_server_rpc_inbound[0] will be created
+ resource "aws_security_group_rule" "allow_server_rpc_inbound" {
+ cidr_blocks = [
+ "0.0.0.0/0",
]
+ from_port = 8300
+ id = (known after apply)
+ protocol = "tcp"
+ security_group_id = (known after apply)
+ self = false
+ source_security_group_id = (known after apply)
+ to_port = 8300
+ type = "ingress"
}
# module.consul.module.consul_servers.module.security_group_rules.aws_security_group_rule.allow_server_rpc_inbound_from_self will be created
+ resource "aws_security_group_rule" "allow_server_rpc_inbound_from_self" {
+ from_port = 8300
+ id = (known after apply)
+ protocol = "tcp"
+ security_group_id = (known after apply)
+ self = true
+ source_security_group_id = (known after apply)
+ to_port = 8300
+ type = "ingress"
}
# module.consul.module.consul_clients.module.security_group_rules.module.client_security_group_rules.aws_security_group_rule.allow_serf_lan_tcp_inbound[0] will be created
+ resource "aws_security_group_rule" "allow_serf_lan_tcp_inbound" {
+ cidr_blocks = [
+ "0.0.0.0/0",
]
+ from_port = 8301
+ id = (known after apply)
+ protocol = "tcp"
+ security_group_id = (known after apply)
+ self = false
+ source_security_group_id = (known after apply)
+ to_port = 8301
+ type = "ingress"
}
# module.consul.module.consul_clients.module.security_group_rules.module.client_security_group_rules.aws_security_group_rule.allow_serf_lan_tcp_inbound_from_self will be created
+ resource "aws_security_group_rule" "allow_serf_lan_tcp_inbound_from_self" {
+ from_port = 8301
+ id = (known after apply)
+ protocol = "tcp"
+ security_group_id = (known after apply)
+ self = true
+ source_security_group_id = (known after apply)
+ to_port = 8301
+ type = "ingress"
}
# module.consul.module.consul_clients.module.security_group_rules.module.client_security_group_rules.aws_security_group_rule.allow_serf_lan_udp_inbound[0] will be created
+ resource "aws_security_group_rule" "allow_serf_lan_udp_inbound" {
+ cidr_blocks = [
+ "0.0.0.0/0",
]
+ from_port = 8301
+ id = (known after apply)
+ protocol = "udp"
+ security_group_id = (known after apply)
+ self = false
+ source_security_group_id = (known after apply)
+ to_port = 8301
+ type = "ingress"
}
# module.consul.module.consul_clients.module.security_group_rules.module.client_security_group_rules.aws_security_group_rule.allow_serf_lan_udp_inbound_from_self will be created
+ resource "aws_security_group_rule" "allow_serf_lan_udp_inbound_from_self" {
+ from_port = 8301
+ id = (known after apply)
+ protocol = "udp"
+ security_group_id = (known after apply)
+ self = true
+ source_security_group_id = (known after apply)
+ to_port = 8301
+ type = "ingress"
}
# module.consul.module.consul_servers.module.security_group_rules.module.client_security_group_rules.aws_security_group_rule.allow_serf_lan_tcp_inbound[0] will be created
+ resource "aws_security_group_rule" "allow_serf_lan_tcp_inbound" {
+ cidr_blocks = [
+ "0.0.0.0/0",
]
+ from_port = 8301
+ id = (known after apply)
+ protocol = "tcp"
+ security_group_id = (known after apply)
+ self = false
+ source_security_group_id = (known after apply)
+ to_port = 8301
+ type = "ingress"
}
# module.consul.module.consul_servers.module.security_group_rules.module.client_security_group_rules.aws_security_group_rule.allow_serf_lan_tcp_inbound_from_self will be created
+ resource "aws_security_group_rule" "allow_serf_lan_tcp_inbound_from_self" {
+ from_port = 8301
+ id = (known after apply)
+ protocol = "tcp"
+ security_group_id = (known after apply)
+ self = true
+ source_security_group_id = (known after apply)
+ to_port = 8301
+ type = "ingress"
}
# module.consul.module.consul_servers.module.security_group_rules.module.client_security_group_rules.aws_security_group_rule.allow_serf_lan_udp_inbound[0] will be created
+ resource "aws_security_group_rule" "allow_serf_lan_udp_inbound" {
+ cidr_blocks = [
+ "0.0.0.0/0",
]
+ from_port = 8301
+ id = (known after apply)
+ protocol = "udp"
+ security_group_id = (known after apply)
+ self = false
+ source_security_group_id = (known after apply)
+ to_port = 8301
+ type = "ingress"
}
# module.consul.module.consul_servers.module.security_group_rules.module.client_security_group_rules.aws_security_group_rule.allow_serf_lan_udp_inbound_from_self will be created
+ resource "aws_security_group_rule" "allow_serf_lan_udp_inbound_from_self" {
+ from_port = 8301
+ id = (known after apply)
+ protocol = "udp"
+ security_group_id = (known after apply)
+ self = true
+ source_security_group_id = (known after apply)
+ to_port = 8301
+ type = "ingress"
}
Plan: 52 to add, 0 to change, 0 to destroy.
------------------------------------------------------------------------
Etiene
commented
5 years ago Thanks for the PR! So this will only work with terraform 12 but not with older version, correct? Let me run the tests :)
mustafashabib
commented
5 years ago Thanks for the PR! So this will only work with terraform 12 but not with older version, correct? Let me run the tests :)
Yes @Etiene that's correct. Based on my understanding in the upgrade guide, these changes are not backwards compatible.
Etiene
commented
5 years ago Have you tried running the tests after this update? I kicked off our automated tests but currently it is failing with:
Error: Error parsing /tmp/TestConsulClusterWithAmazonLinuxAmi896389390/terraform-aws-consul/main.tf: At 60:19: Unknown token: 60:19 IDENT var.num_servers
Perhaps a previous version of terraform is still being used somewhere in the process
Etiene
commented
5 years ago But also terratest supports terraform 0.12 only as of v0.16.0, so the terratest version and the tests need to be updated as well before it can run
adriananeci
commented
5 years ago Any progress regarding terraform 0.12 compatibility?
mustafashabib
commented
5 years ago I'll do my best to take a look today or tomorrow about updating tests, missed that earlier.
On May 31, 2019, at 1:45 PM, Etiene Dalcol notifications@github.com wrote:
But also terratest supports terraform 0.12 only as of v0.16.0, so the terratest version and the tests need to be updated as well
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub, or mute the thread.
deitch
commented
5 years ago Glad to come across this. I have a tf config that depends on this (and the vault one), and cannot run in tf 0.12 because of the 0.11-ism.
Out of curiosity, how do you plan on maintaining support for 0.11 and 0.12, since the syntax is incompatible? Will you do multiple branches? Or just keep 0.12 only going forward except for hotfixes?
brikis98
commented
5 years ago Out of curiosity, how do you plan on maintaining support for 0.11 and 0.12, since the syntax is incompatible? Will you do multiple branches? Or just keep 0.12 only going forward except for hotfixes?
We will be updating each module, merging the updates into master, and doing a new (backwards incompatible) release. After that, we will only support 0.12 going forward, other than security-related hotfixes.
deitch
commented
5 years ago Makes sense. Thanks.
I really do wish that, e.g. 0.12.x (or maybe 0.12.0-0.12.4, or some subset) supported both fo an easier transition path. The knowledge must be in there anyways, since 0.12.x includes that 0.12upgrade command. Big Bang transitions are hard to do.
yorinasub17
commented
5 years ago Hi @mustafashabib , I am the project lead for the tf12 updates at Gruntwork, and I'm almost ready to start on the consul, vault, and nomad modules. I am expecting to get started with these modules next week.
I wanted to check in to see if you were still interested in completing this, or would you be ok with me taking on the torch? I will build off of your commits so the initial work here will still be properly attributed to you.
Taking a scan here, here are the things that need to be addressed:
examples foldertype set, not just list and map.null instead of "" to mean "unset".Just let me know!
mustafashabib
commented
5 years ago Thank you - I haven’t had time to update the tests and the examples. Feel free to take over this PR, I appreciate your work!
On Jun 20, 2019, at 6:25 PM, Yoriyasu Yano notifications@github.com wrote:
Hi @mustafashabib https://github.com/mustafashabib , I am the project lead for the tf12 updates at Gruntwork, and I'm almost ready to start on the consul, vault, and nomad modules. I am expecting to get started with these modules next week.
I wanted to check in to see if you were still interested in completing this, or would you be ok with me taking on the torch? I will build off of your commits so the initial work here will still be properly attributed to you.
Taking a scan here, here are the things that need to be addressed:
We need to update not just the root example, but all the examples in the examples folder Need to update the tests to run off of tf12. This includes upgrading terratest to 0.16.X. All the input vars should have type set, not just list and map. Following the new tf12 convention, we should default to using null instead of "" to mean "unset". Just let me know!
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/hashicorp/terraform-aws-consul/pull/138?email_source=notifications&email_token=AAGMHAU32M2P4ASGLLO4CBDP3P7VJA5CNFSM4HPLIYN2YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGODYG46EY#issuecomment-504221459, or mute the thread https://github.com/notifications/unsubscribe-auth/AAGMHAWTJCIS3756ZWHPVBDP3P7VJANCNFSM4HPLIYNQ.
mcalhoun
commented
5 years ago Closing in favor of #144
To make this module compatible with the new release of Terraform 0.12, I've applied
terraform 0.12upgradeto this module and all those in themodulesdirectory.