diff --git a/aws/resource_aws_autoscaling_group.go b/aws/resource_aws_autoscaling_group.go index 89719dce1c0e..272a8828d882 100644 --- a/aws/resource_aws_autoscaling_group.go +++ b/aws/resource_aws_autoscaling_group.go @@ -242,6 +242,12 @@ func resourceAwsAutoscalingGroup() *schema.Resource { Elem: &schema.Schema{Type: schema.TypeMap}, ConflictsWith: []string{"tag"}, }, + + "service_linked_role_arn": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, }, } } @@ -393,6 +399,10 @@ func resourceAwsAutoscalingGroupCreate(d *schema.ResourceData, meta interface{}) createOpts.TargetGroupARNs = expandStringList(v.(*schema.Set).List()) } + if v, ok := d.GetOk("service_linked_role_arn"); ok { + createOpts.ServiceLinkedRoleARN = aws.String(v.(string)) + } + log.Printf("[DEBUG] AutoScaling Group create configuration: %#v", createOpts) _, err := conn.CreateAutoScalingGroup(&createOpts) if err != nil { @@ -468,6 +478,7 @@ func resourceAwsAutoscalingGroupRead(d *schema.ResourceData, meta interface{}) e d.Set("max_size", g.MaxSize) d.Set("placement_group", g.PlacementGroup) d.Set("name", g.AutoScalingGroupName) + d.Set("service_linked_role_arn", g.ServiceLinkedRoleARN) var tagList, tagsList []*autoscaling.TagDescription var tagOk, tagsOk bool @@ -714,6 +725,10 @@ func resourceAwsAutoscalingGroupUpdate(d *schema.ResourceData, meta interface{}) } } + if d.HasChange("service_linked_role_arn") { + opts.ServiceLinkedRoleARN = aws.String(d.Get("service_linked_role_arn").(string)) + } + return resourceAwsAutoscalingGroupRead(d, meta) } diff --git a/aws/resource_aws_autoscaling_group_test.go b/aws/resource_aws_autoscaling_group_test.go index a472fc88435a..6c21d2133454 100644 --- a/aws/resource_aws_autoscaling_group_test.go +++ b/aws/resource_aws_autoscaling_group_test.go @@ -474,6 +474,26 @@ func TestAccAWSAutoScalingGroup_withMetrics(t *testing.T) { }) } +func TestAccAWSAutoScalingGroup_serviceLinkedRoleARN(t *testing.T) { + var group autoscaling.Group + + resource.Test(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSAutoScalingGroupDestroy, + Steps: []resource.TestStep{ + resource.TestStep{ + Config: testAccAWSAutoScalingGroupConfig_withServiceLinkedRoleARN, + Check: resource.ComposeTestCheckFunc( + testAccCheckAWSAutoScalingGroupExists("aws_autoscaling_group.bar", &group), + resource.TestCheckResourceAttrSet( + "aws_autoscaling_group.bar", "service_linked_role_arn"), + ), + }, + }, + }) +} + func TestAccAWSAutoScalingGroup_ALB_TargetGroups(t *testing.T) { var group autoscaling.Group var tg elbv2.TargetGroup @@ -1434,6 +1454,40 @@ resource "aws_autoscaling_group" "bar" { `, name, name) } +const testAccAWSAutoScalingGroupConfig_withServiceLinkedRoleARN = ` +data "aws_ami" "test_ami" { + most_recent = true + + filter { + name = "owner-alias" + values = ["amazon"] + } + + filter { + name = "name" + values = ["amzn-ami-hvm-*-x86_64-gp2"] + } +} + +data "aws_iam_role" "autoscaling_service_linked_role" { + name = "AWSServiceRoleForAutoScaling" +} + +resource "aws_launch_configuration" "foobar" { + image_id = "${data.aws_ami.test_ami.id}" + instance_type = "t2.micro" +} + +resource "aws_autoscaling_group" "bar" { + availability_zones = ["us-west-2a"] + desired_capacity = 0 + max_size = 0 + min_size = 0 + launch_configuration = "${aws_launch_configuration.foobar.name}" + service_linked_role_arn = "${data.aws_iam_role.autoscaling_service_linked_role.arn}" +} +` + const testAccAWSAutoscalingMetricsCollectionConfig_allMetricsCollected = ` data "aws_ami" "test_ami" { most_recent = true diff --git a/website/docs/r/autoscaling_group.html.markdown b/website/docs/r/autoscaling_group.html.markdown index ddd2f9ff7888..f9774aab0103 100644 --- a/website/docs/r/autoscaling_group.html.markdown +++ b/website/docs/r/autoscaling_group.html.markdown @@ -172,6 +172,7 @@ Note that if you suspend either the `Launch` or `Terminate` process types, it ca * `protect_from_scale_in` (Optional) Allows setting instance protection. The autoscaling group will not select instances with this setting for terminination during scale in events. +* `service_linked_role_arn` (Optional) The ARN of the service-linked role that the ASG will use to call other AWS services Tags support the following: