Skip to content
Merged
Show file tree
Hide file tree
Changes from 8 commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions ns1/resource_apikey.go
Original file line number Diff line number Diff line change
Expand Up @@ -33,6 +33,7 @@ func apikeyResource() *schema.Resource {
"ip_whitelist_strict": {
Type: schema.TypeBool,
Optional: true,
Default: false,
},
}

Expand Down
37 changes: 37 additions & 0 deletions ns1/resource_apikey_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -199,6 +199,43 @@ func TestAccAPIKey_permissions(t *testing.T) {
})
}

func TestAccAPIKey_emptyIPWhitelist(t *testing.T) {
var apiKey account.APIKey
name := acctest.RandStringFromCharSet(15, acctest.CharSetAlphaNum)

resource.Test(t, resource.TestCase{
PreCheck: func() { testAccPreCheck(t) },
Providers: testAccProviders,
CheckDestroy: testAccCheckAPIKeyDestroy,
Steps: []resource.TestStep{
{
Config: testAccAPIKeyEmptyIPWhitelist(name),
Check: resource.ComposeTestCheckFunc(
testAccCheckAPIKeyExists("ns1_apikey.it", &apiKey),
testAccCheckAPIKeyName(&apiKey, name),
resource.TestCheckResourceAttr("ns1_apikey.it", "ip_whitelist.#", "0"),
resource.TestCheckResourceAttr("ns1_apikey.it", "ip_whitelist_strict", "false"),
testAccCheckAPIKeyIPWhitelists(&apiKey, []string{}),
),
},
},
})
}

func testAccAPIKeyEmptyIPWhitelist(name string) string {
return fmt.Sprintf(`
resource "ns1_apikey" "it" {
name = "%s"

ip_whitelist_strict = false
ip_whitelist = []

dns_view_zones = false
account_manage_users = false
}
`, name)
}

func testAccCheckAPIKeyExists(n string, apiKey *account.APIKey) resource.TestCheckFunc {
return func(s *terraform.State) error {
rs, ok := s.RootModule().Resources[n]
Expand Down
1 change: 1 addition & 0 deletions ns1/resource_record.go
Original file line number Diff line number Diff line change
Expand Up @@ -173,6 +173,7 @@ It is suggested to migrate to a regular "answers" block. Using Terraform 0.12+,
"disabled": {
Type: schema.TypeBool,
Optional: true,
Default: false,
},
"config": {
Type: schema.TypeMap,
Expand Down
2 changes: 1 addition & 1 deletion ns1/resource_redirect.go
Original file line number Diff line number Diff line change
Expand Up @@ -81,7 +81,7 @@ func redirectConfigResource() *schema.Resource {
"https_forced": {
Type: schema.TypeBool,
Optional: true,
Computed: true,
Default: false,
},
"query_forwarding": {
Type: schema.TypeBool,
Expand Down
33 changes: 33 additions & 0 deletions ns1/resource_team_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -154,6 +154,39 @@ func TestAccTeam_import_test(t *testing.T) {
})
}

func TestAccTeam_emptyIPWhitelist(t *testing.T) {
var team account.Team
n := fmt.Sprintf("terraform test team %s", acctest.RandStringFromCharSet(15, acctest.CharSetAlphaNum))

resource.Test(t, resource.TestCase{
PreCheck: func() { testAccPreCheck(t) },
Providers: testAccProviders,
CheckDestroy: testAccCheckTeamDestroy,
Steps: []resource.TestStep{
{
Config: testAccTeamEmptyIPWhitelist(n),
Check: resource.ComposeTestCheckFunc(
testAccCheckTeamExists("ns1_team.foobar", &team),
testAccCheckTeamName(&team, n),
resource.TestCheckResourceAttr("ns1_team.foobar", "ip_whitelist.#", "0"),
testAccCheckTeamIPWhitelists(&team, []account.IPWhitelist{}),
),
},
},
})
}

func testAccTeamEmptyIPWhitelist(name string) string {
return fmt.Sprintf(`
resource "ns1_team" "foobar" {
name = "%s"

dns_view_zones = true
data_manage_datasources = true
}
`, name)
}

func testAccCheckTeamExists(n string, team *account.Team) resource.TestCheckFunc {
return func(s *terraform.State) error {
rs, ok := s.RootModule().Resources[n]
Expand Down
1 change: 1 addition & 0 deletions ns1/resource_user.go
Original file line number Diff line number Diff line change
Expand Up @@ -49,6 +49,7 @@ func userResource() *schema.Resource {
"ip_whitelist_strict": {
Type: schema.TypeBool,
Optional: true,
Default: false,
},
}

Expand Down
48 changes: 48 additions & 0 deletions ns1/resource_user_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -466,6 +466,54 @@ func TestAccUser_import_test(t *testing.T) {
})
}

func TestAccUser_emptyIPWhitelist(t *testing.T) {
var user account.User
rString := acctest.RandStringFromCharSet(15, acctest.CharSetAlphaNum)
name := fmt.Sprintf("terraform acc test user %s", rString)
username := fmt.Sprintf("tf_acc_test_user_%s", rString)

resource.Test(t, resource.TestCase{
PreCheck: func() { testAccPreCheck(t) },
Providers: testAccProviders,
CheckDestroy: testAccCheckUserDestroy,
Steps: []resource.TestStep{
{
Config: testAccUserEmptyIPWhitelist(rString),
Check: resource.ComposeTestCheckFunc(
testAccCheckUserExists("ns1_user.u", &user),
resource.TestCheckResourceAttr("ns1_user.u", "name", name),
resource.TestCheckResourceAttr("ns1_user.u", "username", username),
resource.TestCheckResourceAttr("ns1_user.u", "ip_whitelist.#", "0"),
resource.TestCheckResourceAttr("ns1_user.u", "ip_whitelist_strict", "false"),
testAccCheckUserIPWhitelists(&user, []string{}),
),
},
},
})
}

func testAccUserEmptyIPWhitelist(rString string) string {
return fmt.Sprintf(`
resource "ns1_team" "test" {
name = "terraform test team %s"
}

resource "ns1_user" "u" {
name = "terraform acc test user %s"
username = "tf_acc_test_user_%s"
email = "tf_acc_test_ns1@hashicorp.com"
teams = [ns1_team.test.id]

ip_whitelist_strict = false
ip_whitelist = []

notify = {
billing = false
}
}
`, rString, rString, rString)
}

// Case when a user is on a team and that team updates it's permissions.
// This test is currently failing, as this is not implemented yet - this doesn't
// actually cause any issues because it's just Terraforms state that doesn't have the
Expand Down
4 changes: 2 additions & 2 deletions website/docs/r/apikey.html.markdown
Original file line number Diff line number Diff line change
Expand Up @@ -48,8 +48,8 @@ The following arguments are supported:

* `name` - (Required) The free form name of the apikey.
* `teams` - (Optional) The teams that the apikey belongs to.
* `ip_whitelist` - (Optional) Array of IP addresses/networks to which to grant the API key access.
* `ip_whitelist_strict` - (Optional) Set to true to restrict access to only those IP addresses and networks listed in the **ip_whitelist** field.
* `ip_whitelist` - (Optional, default: `[]`) Array of IP addresses/networks to which to grant the API key access.
* `ip_whitelist_strict` - (Optional, default: `false`) Set to true to restrict access to only those IP addresses and networks listed in the **ip_whitelist** field.
* `dns_view_zones` - (Optional) Whether the apikey can view the accounts zones.
* `dns_manage_zones` - (Optional) Whether the apikey can modify the accounts zones.
* `dns_zones_allow_by_default` - (Optional) If true, enable the `dns_zones_allow` list, otherwise enable the `dns_zones_deny` list.
Expand Down
12 changes: 6 additions & 6 deletions website/docs/r/monitoringjob.html.markdown
Original file line number Diff line number Diff line change
Expand Up @@ -44,22 +44,22 @@ The following arguments are supported:

* `name` - (Required) The free-form display name for the monitoring job.
* `job_type` - (Required) The type of monitoring job to be run. Refer to the NS1 API documentation (https://ns1.com/api#monitoring-jobs) for supported values which include ping, tcp, dns, http.
* `active` - (Required) Indicates if the job is active or temporarily disabled.
* `active` - (Optional, default: `true`) Indicates if the job is active or temporarily disabled.
* `regions` - (Required) The list of region codes in which to run the monitoring
job. See NS1 API docs for supported values.
* `frequency` - (Required) The frequency, in seconds, at which to run the monitoring job in each region.
* `rapid_recheck` - (Required) If true, on any apparent state change, the job is quickly re-run after one second to confirm the state change before notification.
* `policy` - (Required) The policy for determining the monitor's global status
based on the status of the job in all regions. See NS1 API docs for supported values.
* `rapid_recheck` - (Optional, default: `false`) If true, on any apparent state change, the job is quickly re-run after one second to confirm the state change before notification.
* `policy` - (Optional, default: `"quorum"`) The policy for determining the monitor's global status
based on the status of the job in all regions. Supported values: `all`, `one`, `quorum`.
* `config` - (Required) A configuration dictionary with keys and values depending on the job_type. Configuration details for each job_type are found by submitting a GET request to https://api.nsone.net/v1/monitoring/jobtypes.
* `notify_delay` - (Optional) The time in seconds after a failure to wait before sending a notification.
* `notify_repeat` - (Optional) The time in seconds between repeat notifications of a failed job.
* `notify_failback` - (Optional) If true, a notification is sent when a job returns to an "up" state.
* `notify_failback` - (Optional, default: `true`) If true, a notification is sent when a job returns to an "up" state.
* `notify_regional` - (Optional) If true, notifications are sent for any regional failure (and failback if desired), in addition to global state notifications.
* `notify_list` - (Optional) The Terraform ID (e.g. ns1_notifylist.my_slack_notifier.id) of the notification list to which monitoring notifications should be sent.
* `notes` - (Optional) Freeform notes to be included in any notifications about this job.
* `rules` - (Optional) A list of rules for determining failure conditions. Each rule acts on one of the outputs from the monitoring job. You must specify key (the output key); comparison (a comparison to perform on the the output); and value (the value to compare to). For example, {"key":"rtt", "comparison":"<", "value":100} is a rule requiring the rtt from a job to be under 100ms, or the job will be marked failed. Available output keys, comparators, and value types are are found by submitting a GET request to https://api.nsone.net/v1/monitoring/jobtypes.
* `mute` - (Optional) turn off the notifications for the monitoring job.
* `mute` - (Optional, default: `false`) Turn off the notifications for the monitoring job.

## Attributes Reference

Expand Down
6 changes: 3 additions & 3 deletions website/docs/r/pulsar_job.html.markdown
Original file line number Diff line number Diff line change
Expand Up @@ -38,8 +38,8 @@ The following arguments are supported:
* `name` - (Required) Name of the Pulsar job. Typically, this is the name of the CDN or endpoint.
* `app_id` - (Required) ID of the Pulsar app.
* `type_id` - (Required) Specifies the type of Pulsar job - either latency or custom.
* `active` - (Optional) The job's status, if it's active or not.
* `shared` - (Optional) Enable to share data with other approved accounts.
* `active` - (Optional, default: `true`) The job's status, if it's active or not.
* `shared` - (Optional, default: `false`) Enable to share data with other approved accounts.
* `Config` - (Optional) [Config](#config-1) is documented below. Note: **Required if type_id is "latency"**


Expand All @@ -53,7 +53,7 @@ The following arguments are supported:
* `http` - (Optional) Indicates whether or not to use HTTP in measurements.
* `request_timeout_millis` - (Optional) The amount of time to allow a single job to perform N runs.
* `job_timeout_millis` - (Optional) The amount of time to allow a single job to perform 1 run.
* `use_xhr` - (Optional) Indicates wheter or not to use XmlHttpRequest (XHR) when taking measurements.
* `use_xhr` - (Optional, default: `false`) Indicates wheter or not to use XmlHttpRequest (XHR) when taking measurements.
* `static_values` - (Optional) Indicates wheter or not to skip aggregation for this job's measurements.

## Import
Expand Down
9 changes: 4 additions & 5 deletions website/docs/r/record.html.markdown
Original file line number Diff line number Diff line change
Expand Up @@ -139,7 +139,8 @@ The following arguments are supported:
* `link` - (Optional) The fully qualified domain name (without a terminating dot)
of the target record. This means this record is a 'linked' record, and it
inherits all properties from its target.
* `use_client_subnet` - (Optional) Whether to use EDNS client subnet data when
* `override_ttl` - (Optional, default: `false`) Whether to override the TTL value.
* `use_client_subnet` - (Optional, default: `true`) Whether to use EDNS client subnet data when
available(in filter chain).
* ` meta` - (Optional) meta is supported at the `record` level. [Meta](#meta-3)
is documented below.
Expand Down Expand Up @@ -195,10 +196,8 @@ The following arguments are supported:
`filters` support the following:

* `filter` - (Required) The type of filter.
* `disabled` - (Optional) Determines whether the filter is applied in the
filter chain.
* `config` - (Optional) The filters' configuration. Simple key/value pairs
determined by the filter type.
* `disabled` - (Optional, default: `false`) Determines whether the filter is applied in the filter chain.
* `config` - (Optional, default: `{}`) The filters' configuration. Simple key/value pairs determined by the filter type.

#### Regions

Expand Down
8 changes: 4 additions & 4 deletions website/docs/r/redirect.html.markdown
Original file line number Diff line number Diff line change
Expand Up @@ -31,11 +31,11 @@ The following arguments are supported:
* `certificate_id` - (Optional) The certificate redirect id. If not specified the redirect will be created as HTTP,
but it may be turned to HTTPS if a certificate exists for the source domain on the server.
If the certificate is managed in terraform it's recommended to set explictly to "${ns1_redirect_certificate.name.id}".
* `forwarding_mode` - (Optional - defaults to "all") How the target is interpreted:
* `forwarding_mode` - (Optional, default: `"all"`) How the target is interpreted:
* __all__ appends the entire incoming path to the target destination;
* __capture__ appends only the part of the incoming path corresponding to the wildcard (*);
* __none__ does not append any part of the incoming path.
* `forwarding_type` - (Optional - defaults to "permanent") How the redirect is executed:
* `forwarding_type` - (Optional, default: `"permanent"`) How the redirect is executed:
* __permanent__ (HTTP 301) indicates to search engines that they should remove the old page from
their database and replace it with the new target page (this is recommended for SEO);
* __temporary__ (HTTP 302) less common, indicates that search engines should keep the old domain or
Expand All @@ -45,8 +45,8 @@ The following arguments are supported:
* __masking__ preserves the redirected domain in the browser's address bar (this lets users see the
address they entered, even though the displayed content comes from a different web page).
* `https_enabled` - (Read Only) True if HTTPS is supported on the source domain by using Let's Encrypt certificates.
* `https_forced` - (Optional - defaults to true) Forces redirect for users that try to visit HTTP domain to HTTPS instead.
* `query_forwarding` - (Optional - defaults to false) Enables the query string of a URL to be applied directly to the new target URL.
* `https_forced` - (Optional, default: `false`) Forces redirect for users that try to visit HTTP domain to HTTPS instead.
* `query_forwarding` - (Optional, default: `false`) Enables the query string of a URL to be applied directly to the new target URL.
* `tags` - (Optional - array) Tags associated with the configuration.
* `last_updated` - (Read Only) The Unix timestamp representing when the redirect configuration was last updated.

Expand Down
4 changes: 2 additions & 2 deletions website/docs/r/user.html.markdown
Original file line number Diff line number Diff line change
Expand Up @@ -57,8 +57,8 @@ The following arguments are supported:
* `email` - (Required) The email address of the user.
* `notify` - (Required) Whether or not to notify the user of specified events. Only `billing` is available currently.
* `teams` - (Required) The teams that the user belongs to.
* `ip_whitelist` - (Optional) Array of IP addresses/networks to which to grant the user access.
* `ip_whitelist_strict` - (Optional) Set to true to restrict access to only those IP addresses and networks listed in the **ip_whitelist** field.
* `ip_whitelist` - (Optional, default: `[]`) Array of IP addresses/networks to which to grant the user access.
* `ip_whitelist_strict` - (Optional, default: `false`) Set to true to restrict access to only those IP addresses and networks listed in the **ip_whitelist** field.
* `dns_view_zones` - (Optional) Whether the user can view the accounts zones.
* `dns_manage_zones` - (Optional) Whether the user can modify the accounts zones.
* `dns_zones_allow_by_default` - (Optional) If true, enable the `dns_zones_allow` list, otherwise enable the `dns_zones_deny` list.
Expand Down
7 changes: 3 additions & 4 deletions website/docs/r/zone.html.markdown
Original file line number Diff line number Diff line change
Expand Up @@ -103,7 +103,7 @@ The following arguments are supported:
* `secondaries` - (Optional) List of secondary servers. This makes the zone a
primary. Conflicts with `primary` and `additional_primaries`.
[Secondaries](#secondaries-1) is documented below.
* `autogenerate_ns_record` - (Optional, default true). If set to false, clears
* `autogenerate_ns_record` - (Optional, default: `true`). If set to false, clears
the autogenerated NS record on zone creation. This allows an automated
workflow for creating zones with the NS record in terraform state. See
above for an example. Note that this option only has an effect when a zone is
Expand All @@ -117,9 +117,8 @@ A zone can have zero or more `secondaries`. Note how this is implemented in the
example above. A secondary has the following fields:

* `ip` - (Required) IPv4 address of the secondary server.
* `port` - (Optional) Port of the the secondary server. Default `53`.
* `notify` - (Optional) Whether we send `NOTIFY` messages to the secondary host
when the zone changes. Default `false`.
* `port` - (Optional, default: `53`) Port of the the secondary server.
* `notify` - (Optional, default: `false`) Whether we send `NOTIFY` messages to the secondary host when the zone changes. Default `false`.
* `networks` - (Computed) - List of network IDs (`int`) for which the zone
should be made available. Default is network 0, the primary NSONE Global
Network. Normally, you should not have to worry about this.
Expand Down