From fcdf56b9d9623cf6e8d5869c96134d01ef993569 Mon Sep 17 00:00:00 2001
From: Richard Wall <richard.wall@clusterhq.com>
Date: Sat, 13 Feb 2016 13:54:33 -0800
Subject: [PATCH] #2638 plus a fix.

---
 admin/installer/cloudformation.py             | 25 ++++++++++++-------
 flocker/acceptance/endtoend/test_installer.py |  4 +++
 2 files changed, 20 insertions(+), 9 deletions(-)

diff --git a/admin/installer/cloudformation.py b/admin/installer/cloudformation.py
index 2a12bbc4f8..8e3aa6f774 100644
--- a/admin/installer/cloudformation.py
+++ b/admin/installer/cloudformation.py
@@ -141,7 +141,7 @@ def _validate_cluster_size(size):
 # Keys corresponding to CloudFormation user Inputs.
 access_key_id_param = template.add_parameter(Parameter(
     "AmazonAccessKeyID",
-    Description="Your Amazon AWS access key ID (mandatory)",
+    Description="Required: Your Amazon AWS access key ID",
     Type="String",
     NoEcho=True,
     AllowedPattern="[\w]+",
@@ -150,25 +150,32 @@ def _validate_cluster_size(size):
 ))
 secret_access_key_param = template.add_parameter(Parameter(
     "AmazonSecretAccessKey",
-    Description="Your Amazon AWS secret access key (mandatory)",
+    Description="Required: Your Amazon AWS secret access key",
     Type="String",
     NoEcho=True,
     MinLength="1",
 ))
 keyname_param = template.add_parameter(Parameter(
     "EC2KeyPair",
-    Description="Name of an existing EC2 KeyPair to enable SSH "
-                "access to the instance (mandatory)",
+    Description="Required: Name of an existing EC2 KeyPair to enable SSH "
+                "access to the instance",
+    Type="AWS::EC2::KeyPair::KeyName",
+))
+template.add_parameter(Parameter(
+    "S3AccessPolicy",
+    Description="Required: Is current IAM user allowed to access S3? "
+                "S3 access is required to distribute Flocker and Docker "
+                "configuration amongst stack nodes. Reference: "
+                "http://docs.aws.amazon.com/IAM/latest/UserGuide/"
+                "access_permissions.html Stack creation will fail if user "
+                "cannot access S3",
     Type="String",
-    MinLength="1",
-    AllowedPattern="[\x20-\x7E]*",
-    MaxLength="255",
-    ConstraintDescription="can contain only ASCII characters.",
+    AllowedValues=["Yes"],
 ))
 volumehub_token = template.add_parameter(Parameter(
     "VolumeHubToken",
     Description=(
-        "Your Volume Hub token (optional). "
+        "Optional: Your Volume Hub token. "
         "You'll find the token at https://volumehub.clusterhq.com/v1/token."
     ),
     Type="String",
diff --git a/flocker/acceptance/endtoend/test_installer.py b/flocker/acceptance/endtoend/test_installer.py
index 248c1b599c..62b285d77c 100644
--- a/flocker/acceptance/endtoend/test_installer.py
+++ b/flocker/acceptance/endtoend/test_installer.py
@@ -268,6 +268,10 @@ def _new_stack(self):
             {
                 'ParameterKey': 'VolumeHubToken',
                 'ParameterValue': os.environ['VOLUMEHUB_TOKEN']
+            },
+            {
+                'ParameterKey': 'S3AccessPolicy',
+                'ParameterValue': 'Yes'
             }
         ]