by

Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Activity
    Shane Donohoe
    @shanedabes
    I've gotten further now but it seems like this doesn't support older wapi versions
    doesn't mention which ones it does though
    dixitneha
    @dixitneha
    Hi Everyone - I'm trying to create apigateway integration for lambda function and in the api url , I want to enable path params ..not sure how i can do that using TF.
    looking for something like GET request class/student/{Id}
    and POST request class/student
    Kalyan chakravarthy
    @kalyan088_twitter
    I'm too working on writing module for apigateway
    seems complex to implement it in TF
    using this for reference https://github.com/clouddrove/terraform-aws-api-gateway and using map to get inputs into module instead of lists
    let me know if there's any better way to approach this
    Greg Swallow
    @gswallow
    Hello, all. I have a question about the terraform cloud. Is there a way to create a workspace from the CLI where plans and applies are carried out locally, as opposed to remotely?
    Chris Johnson
    @chrisjohnson
    That seems like it totally defeats the point of terraform cloud
    What's your use case? If you are using cloud it's because you want runs and state to be managed centrally
    Ryan Tiffany
    @greyhoundforty

    Does anyone have a good example for generating a list using the templatefile function? In this case I want to take the IP addresses of my IBM Cloud VPC instances and have them end up in a list like this in the generated installer script for my consul instances:

    retry_join = ["<system one IP>", "<system two IP>", "<system three IP>"]

    I use the following when updating the IBM private DNS service and it works:

    element(ibm_is_instance.consul_instance[*].primary_network_interface[0].primary_ipv4_address, count.index)

    The part I am stuck on is the user_data piece:

    user_data = templatefile("${path.module}/installer.sh", { consul_version = var.consul_version, acl_token = var.acl_token, zone = var.zone, encrypt_key = var.encrypt_key })

    I think it would be formatlist but not sure how to jam that in to the templatefile function

    Greg Swallow
    @gswallow
    @chrisjohnson want to use terraform cloud for state storage I guess (it's a client's choice, actually) but run terraform from azure devops
    Chris Johnson
    @chrisjohnson
    You don't need terraform cloud then, you just need remote state
    Greg Swallow
    @gswallow
    agree
    Chris Johnson
    @chrisjohnson
    That doesn't require terraform cloud
    Greg Swallow
    @gswallow
    also agree
    client has terraform cloud
    Chris Johnson
    @chrisjohnson
    You can attach to a remote state somehow, let me pull up a doc
    It won't change the workspace to execute locally but it would let you run local terraform and have that manipulate the remote state
    Greg Swallow
    @gswallow
    my problem is that, when the remote state is on terraform cloud, the cli prevents me from storing the plan locally
    unless I go in by hand and set the workspace to plan & apply locally
    s3 & dynamodb would be just fine as far as I'm concerned.
    Chris Johnson
    @chrisjohnson
    Which command are you running to store the plan locally?
    Greg Swallow
    @gswallow
    terraform plan -lock=false -var-file=tfvars/${{ parameters.tf_env }}.tfvars -out=${{ parameters.tf_env }}.plan -detailed-exitcode .
    then that plan gets stored as an artifact, downloaded, and applied in the next stage
    Chris Johnson
    @chrisjohnson
    Probably best to just convince them to do things the usual way TBH, cloud/TFE are not the most graceful to interact with
    Greg Swallow
    @gswallow
    lol fair enough :)
    Kalyan chakravarthy
    @kalyan088_twitter
    Hello everyone, need a small help with for_each and for
    I'm planning to create a resource only if a key in variable map has a object == AWS_PROXY
    how to achieve it using for?
    resources = {
      resource1 = {
        method = {
        }
        integration = {
          type                      = "HTTP"                                
          integration_http_method   = "POST"                              
        }
      },
      resource2 = {
        method = {
        }
        integration = {
          integration_http_method = "POST"
          type                    = "AWS_PROXY"
          }
      }
    tried using this but didn't work
    pretty new using for and for_each
      for_each      = {
        for k, v in var.resources : k => v 
        if contains(v.integration.type, "AWS_PROXY")
      }
    Tj Vanderpoel
    @bougyman
    and how did that fail?
    It looks weird to see in json. I've never used json for writing tf.
    Kalyan chakravarthy
    @kalyan088_twitter
    its a nested map and it worked for creating resources based on key but not able to get it work using value
      for_each = {
        for k, r in var.resources : k => r
        if contains(keys(r), "method_response")
      }
    Tj Vanderpoel
    @bougyman
    why not just if v.intergration.type == "AWS_PROXY", then?
    1 reply
    contains() is for lists, I thought.
    abhishek Reddy
    @Abhishek_Karra3_twitter

    Hello, can someone suggest with the below error

    01:02:40  Error: Error refreshing state: 1 error occurred:
    [2020-07-08T08:02:40.922Z]     * data.aws_ssm_parameter.windows_admin_password: 1 error occurred:
    [2020-07-08T08:02:40.922Z]     * data.aws_ssm_parameter.windows_admin_password: data.aws_ssm_parameter.windows_admin_password: Error describing SSM parameter: ParameterNotFound:

    Code :

    data "aws_ssm_parameter" "windows_admin_password" {
      name = "/unix/sbx/windows/unix-win-admin-creds"
    }
    
    // User data
    data "template_file" "win_user_data" {
      template = "${file("library/resources/cloud-init/windows_user_data")}"
    
      vars {
        windows_admin_password = '${data.aws_ssm_parameter.windows_admin_password.value}'
      }
    }

    I am able to call the parameter value using the aws cli. The value is getting on AWSCLI but fails with error "Error describing SSM parameter: ParameterNotFound:" using with terraform.

    abhishek Reddy
    @Abhishek_Karra3_twitter
    Also, i'm using the The ssm parameter stored password in another place. Can some please advice with the error..
    Thanks in advance.
    resource "aws_instance" "test" {
      connection {
        type     = "winrm"
        user     = "Administrator"
        password = '${data.aws_ssm_parameter.windows_admin_password.value}'
        timeout  = "10m"
      }
    matrixbot
    @matrixbot

    jlj > <@gitter_kalyan088_twitter:matrix.org> its a nested map and it worked for creating resources based on key but not able to get it work using value

      for_each = {
        for k, r in var.resources : k => r
        if contains(keys(r), "method_response")
      }

    That syntax looks correct, apart from Tj Vanderpoel (Gitter)

    jlj * That syntax looks correct, apart from Tj Vanderpoel (Gitter)'s point: that's my understanding too, about contains being exclusively for lists (and sets). As asked, what error(s) are you getting?
    Halil Burak Cetinkaya
    @hburak

    Hi! I'm trying to follow this demo https://www.hashicorp.com/resources/managing-vault-with-terraform/ to start with Vault through Terraform in a GCP project. What I'm trying to do is deploy Vault clusters on GKE with Consul as the backend. I am stuck in the GKE cluster creation part. I'm getting a bad request error as below:

    Error: googleapi: Error 400: The user does not have access to service account "default". Ask a project owner to grant you the iam.serviceAccountUser role on the service account., badRequest

    1 reply
    matrixbot
    @matrixbot

    jlj > <@gitter_hburak:matrix.org> Hi! I'm trying to follow this demo https://www.hashicorp.com/resources/managing-vault-with-terraform/ to start with Vault through Terraform in a GCP project. What I'm trying to do is deploy Vault clusters on GKE with Consul as the backend. I am stuck in the GKE cluster creation part. I'm getting a bad request error as below:

    Error: googleapi: Error 400: The user does not have access to service account "default". Ask a project owner to grant you the iam.serviceAccountUser role on the service account., badRequest

    This likely isn't a Terraform issue. Might be a GCP permissions one: as stated in the error message, if you grant your user account "service account user" permission for the associated GCP project, that should fix this problem.

    Tom Withers
    @TomTucka
    resource "aws_s3_bucket" "bucket" {
        bucket      = "test.bucket"
    
      lifecycle_rule {
        enabled = true
        prefix  = "healthcheck_"
    
        expiration {
          days                         = 1
          expired_object_delete_marker = true
        }
      }
    }
    Heya, does anyone know if removing days = 1 as its an optional parameter will delete expired objects immediately?
    ¯\_(ツ)_/¯
    @RogierDikkes_twitter
    Hi, what is the new format in terraform 0.12 of checking if a variable is empty. I used to use a syntax like this in terraform 0.11, however now i get the message back that it expects a newline.
    ssl_certificate_id = var.certificate_id != "" : var.certificate_id
    Lucas
    @lucasvuotto
    conditionals have 3 parts: condition ? result_if_true : result_if_false
    as for the pattern itself, I'm using something = var.some_var == null ? "a value" : var.some_var
    ¯\_(ツ)_/¯
    @RogierDikkes_twitter
    So there is no longer a not operator?
    1 reply
    kubdev
    @janani2019

    hi, Im getting this error when i upgrade terraform to 0.12.28. ```
    Error: Incorrect attribute value type

    on security_groups.tf line 28, in resource "aws_security_group" "merl-sec-db":
    28: cidr_blocks = ["x.0.0.0/8", local.subnet_cidrs]
    |----------------
    | local.subnet_cidrs is tuple with 10 elements

    Inappropriate value for attribute "cidr_blocks": element 1: string required.

    this is the resource ```resource "aws_security_group" "merl-sec-db" {
      name        = "merl-sec-db"
      description = "Merl DB Security group"
      vpc_id      = data.aws_vpc.vpc_name.id
    
      ingress {
        description = "Oracle (managed by TF)"
        from_port   = xxxx
        to_port     = xxxx
        protocol    = "tcp"
        cidr_blocks = ["x.x.x.x/8", local.subnet_cidrs]
      }
    
      ingress {
        description = "SSH (managed by TF)"
        from_port   = 22
        to_port     = 22
        protocol    = "tcp"
        cidr_blocks = ["x.0.0.0/8", "x.x.0.0/13", local.subnet_cidrs]
      }

    locals {
    subnet_cidrs = [
    data.aws_subnet.subnet_us_east_1a.cidr_block,
    data.aws_subnet.subnet_us_east_1b.cidr_block,
    data.aws_subnet.subnet_mc_kube_e1a.cidr_block,
    data.aws_subnet.subnet_mc_kube_e1b.cidr_block,
    data.aws_subnet.subnet_mc_kube_e1c.cidr_block,
    data.aws_subnet.subnet_mc_kube_e1a2.cidr_block,
    data.aws_subnet.subnet_mc_kube_e1b2.cidr_block,
    data.aws_subnet.subnet_mc_kube_e1c2.cidr_block,
    "x.x.x.x/32", # OP5 polling host
    "x.x.x.x/32",
    ]
    Anyone come across this?

    2 replies
    Kalyan chakravarthy
    @kalyan088_twitter
    how to input a map from a map variable
    I'm creating aws api gateway and using for_each and map to iterate through resources
    It's working fine for normal key and values but when i'm trying to input a map which is used for request parameters, its erroring out
    resource "aws_api_gateway_method" "default" {
        for_each = var.resouces
        authorization                  = lookup(each.value.method, "authorization", "NONE")         #normal key value 
        request_parameters    = lookup(each.value.method, "request_parameters", null)    # expects a map input 
    } 
    
    variable "resources" { 
        resources { 
            authorization = "CUSTOM" 
            request_parameters      = { "method.request.path.proxy" = true }
         }
    }
    
    Error: all map elements must have the same type.
    James Soubry
    @jamessoubry
    Hi all, I'm trying to use template_file with terragrunt.hcl but I've not found any examples online. For example, I'm trying to provide a bucket policy as a template to inputs in terragrunt.hcl
    any help would be appreciated
    Danny Bessems
    @djpbessems

    I'm completely lost when it comes to combining

    clone {
      template_uuid = data.vsphere_virtualmachine.template.id
    }

    with multiple disks.
    I know I can do

    disk {
      label = "disk0"
      unit_number=0
      size = data.vsphere_virtual_machine.template.disks.0.size
      thin_provisioned = data.vsphere_virtual_machine.template.disks.0.thin_provisioned
    }

    and then repeat that block for additional disks (obviously incrementing 0 to 1 and higher). But with templates with 8 disks I rather would want to be able to do a for_each; and that seems beyond me. Is there any examples for this?

    Is there some kind of syntax similar to the following psuedo-code (I know this doesn't work)
    dynamic "disk" {
      for_each = (data.vsphere_virtual_machine.template.disks)
    
      content = {
        label = format("disk%d", each.key)
        size = data.vsphere_virtual_machine.template.disks[each.key].size
      }
    }