Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Activity
    alterEgo123
    @alterEgo123
    Hello all
    I'm trying to add an ECR lifecycle policy to my repository but Terraform is returning Error: RepositoryNotFoundException: The repository with name 'XXXXXXXXXX' does not exist in the registry with id 'YYYYYYYYYYY' even though the repository exists
    Any idea why?
    ryansquared
    @ryansquared:beeper.com
    [m]
    When I have lifecycle { prevent_destroy = true } turned on, it makes it impossible to see what change in my Terraform code would cause it to be recreated. How can I show what makes Terraform want to recreate it, without commenting out the lifecycle block?
    SoaAlex
    @SoaAlex
    Hello, I would like to develop on the terraform provider for Cloud Foundry.
    I'm new and having trouble setting up the environment.
    I have my CF instance, TF installed, Go installed and repository cloned.
    But I don't manage to override the setting of Terraform so that it uses the provider I built rather than fetching it from the registry.
    Can you help me ?
    6 replies
    Nishant
    @nishantn3__twitter
    Hey guys,
    I want to know if we have a way to read sensitive environment variables stored in terraform cloud workspace variables specifically the aws access keys? I need to use it in the terraform code.
    1 reply
    Jeremy Huylebroeck
    @mimizone
    hello. Is there such a thing as providers for physical network switches? I don't find any in the registry but maybe it's out there somewhere?
    3 replies
    magodo
    @magodo
    Share a provider for any platform that exposes restful api: https://github.com/magodo/terraform-provider-restful
    Mondineitor
    @mondineitor

    hi guys, i will try deploy a composer with a custom network. But when i using the tag ip_allocation_policy, i receive an error: Blocks of type "ip_allocation_policy" are not expected here.

    resource "google_composer_environment" "composer" {
    project = var.project
    name = var.name
    region = var.region

    config {
    node_count = 4

    node_config {
  zone         = var.zone
  machine_type = var.machine_type

  network    = var.network
  subnetwork = var.subnetwork

  /* service_account = var.service_account */
}
ip_allocation_policy {
  use_ip_aliases = true
}

database_config {
  machine_type = var.db_machine_type
}

web_server_config {
  machine_type = var.web_machine_type
}

    any idea what is wrong in my manifest?

    Pger-Y
    @Pger-Y
    Hi everyone,I'm new to terraform and i'm wondering is there any project wrap terraform as a platform so anyone can operate terraform via web ui rather than run cli in term,I have been searching github for a while and found nothing,if it's not suggested,can u explain the philosophy behind this:) thx
    c0debreaker
    @c0debreaker

    Good morning all. I'm using provider aws alias so I can reference Route53 priv zone. However, I am getting an error saying 

    Error: no matching Route53Zone found

    Do you see anything wrong with my tf file?

    variable "stage_account" {
  description = "Blah"
  default     = "stage"
}

variable "s_number" {
  description = "The account number of the AWS account we want to pull zone id from"
  default     = "222222222222B"
}

provider "aws" {
  alias = "dns"
  profile = var.stage_account
  region  = "us-east-1"

  assume_role {
      ....
  }
}

data "aws_route53_zone" "example" {
  provider = aws.dns
  name = "example.com"
  private_zone = true
  vpc_id = "vpc-BBBBBBBB"     # This is vpc-id in AWS ACCOUNT B where the private zone example.com exist
}

resource "aws_route53_zone_association" "example" {
  vpc_id  = "vpc-AAAAAAAA"    # This is vpc-id in AWS ACCOUNT A
  zone_id = data.aws_route53_zone.example.zone_id
  vpc_region = "us-east-1"
}
    The above code is in our DEV aws account and I'm trying to reference hosted zone in our stage account
    Is the error happening because it is still looking it up in DEV account?
    Rajesh Peta
    @rajeshpeta:matrix.org
    [m]
    Hello All, Can some one help me on "how to associate multiple subnets with single route table using terraform"
    Rajesh Peta
    @rajeshpeta_gitlab
    this is my code
    resource "aws_route_table_association" "private_route_table_association" {
    for_each = [aws_subnet.provider_subnet_app_3.id, aws_subnet.provider_subnet_nlb_2.id, aws_subnet.provider_subnet_nlb_1.id]
    subnet_id = each.key
    route_table_id = aws_route_table.provider_route_table.id
    }
    frazor97
    @frazor97

    Can anyone help me out with the bellow error:|
    Error: Unsupported block type

    │ on main.tf line 65, in resource "google_composer_environment" "test":
    │ 65: database_config {

    │ Blocks of type "database_config" are not expected here.


    │ Error: Unsupported block type

    │ on main.tf line 69, in resource "google_composer_environment" "test":
    │ 69: web_server_config {

    │ Blocks of type "web_server_config" are not expected here.

    Below is the code:
    terraform {
    required_providers {
    google = {
    source = "hashicorp/google"
    version = "3.90.1"
    }
    }
    }

    variable "gcp_region" {
    type = string
    description = "Region to use for GCP provider"
    default = "us-central1"
    }

    variable "gcp_project" {
    type = string
    description = "Project to use for this config"
    default = "aayush-terraform"
    }

    provider "google" {
    region = var.gcp_region
    project = var.gcp_project
    }

    resource "google_service_account" "test" {
    account_id = "composer-env-account"
    display_name = "Test Service Account for Composer Environment"
    }

    resource "google_project_iam_member" "composer-worker" {
    role = "roles/composer.worker"
    member = "serviceAccount:${google_service_account.test.email}"
    }

    resource "google_compute_network" "test" {
    name = "composer-test-network"
    auto_create_subnetworks = false
    }

    resource "google_compute_subnetwork" "test" {
    name = "composer-test-subnetwork"
    ip_cidr_range = "10.2.0.0/16"
    region = "us-central1"
    network = google_compute_network.test.id
    }

    resource "google_composer_environment" "test" {
    name = "example-composer-env"
    region = "us-central1"
    config {
    node_count = 3

    node_config {
  zone         = "us-central1-a"
  machine_type = "n1-standard-1"

  network    = google_compute_network.test.id
  subnetwork = google_compute_subnetwork.test.id

  service_account = google_service_account.test.name
}

database_config {
  machine_type = "db-n1-standard-2"
}

web_server_config {
  machine_type = "composer-n1-webserver-2"
}

    }
    }

    Michael Klatsky
    @mklatsky
    Hello- I am trying to add a provisioner block to terraform, which adds a file when an ec2 instance is launched. My .tf file can be found here: https://pastebin.com/Rk1uK001. The result when I run "terraform validate" is:
    Error: Unsupported block type
    on ec2.tf line 23:
    23: provisioner "file" {
    Blocks of type "provisioner" are not expected here.
    How can I use a provisioner in this case?
    Michael Klatsky
    @mklatsky
    I used to be able to do this before I used modules.
    racingferret
    @racingferret

    Hi all, I have a question about the TF "try" function. My understanding is that it will try an option and if it fails, will go on to the next. I have a module to create S3 buckets and I have to the following:

    resource "aws_s3_bucket_versioning" "versioning" {
  bucket = aws_s3_bucket.s3_bucket.id

  versioning_configuration {
    status = var.enable_versioning ? "Enabled" : try("Disabled", "Suspended")
  }
}

    This is to cover the idea of a new bucket being created vs someone wanting to turn off versioning after a bucket has been created. However, I get the following error:

    Error: expected versioning_configuration.0.status to be one of [Enabled Suspended], got Disabled

   with module.bucket.aws_s3_bucket_versioning.versioning,
   on .terraform/modules/bucket/main.tf line 86, in resource "aws_s3_bucket_versioning" "versioning":
   86:     status = var.enable_versioning ? "Enabled" : try("Disabled", "Suspended")

    Am I misinterpreting what the try() function is for?

    racingferret
    @racingferret
    @mklatsky, You might need to take a look at this: https://www.terraform.io/language/resources/provisioners/connection
    Michael Klatsky
    @mklatsky
    Ah- thank you. Believe it or not- I just solved it.
    racingferret
    @racingferret
    Ah, good stuff!
    Michael Klatsky
    @mklatsky
    Needed the connection info- but also needed to put the provisioner block inside a resource block. The resource block is null_resource.
    I was trying to pit it in a ec2_instance block, which just errored because it thought i was trying to instantiate a new ec2 instance.
    racingferret
    @racingferret
    Yeah, for a cluster I was building I had this config:
    # Deploy setup and cluster configuration to the worker hosts
resource "null_resource" "config" {
  count = var.instance_count
  triggers = {
    id = openstack_compute_instance_v2.vtm[count.index].id
  }

  connection {
    type         = "ssh"
    host         = openstack_compute_instance_v2.vtm[count.index].access_ip_v4
    user         = "admin"
    bastion_host = var.bastion_host
    bastion_user = var.bastion_user
  }

  provisioner "file" {
    source      = "${path.module}/certs/${var.site}-server.crt"
    destination = "/root/setup_vsd_cert"
  }
    Kanthi
    @subkanthi
    Has someone experienced this problem where the resource policy for eventbus throws an error
    hashicorp/terraform-provider-aws#25510
    Im trying with a partner event source and so the event bus will be the same name.
    Maarten Vanden Branden
    @firefixmaarten
    Can someone help me with a silly question, this seems not to work, and I don't want to repeat my kubernetes config in the helm provider if possible:
    provider "kubernetes" {
  host                   = var.aks_host
  client_certificate     = var.admin_client_certificate
  client_key             = var.admin_client_key
  cluster_ca_certificate = var.admin_cluster_ca_certificate
}

provider "helm" {
  kubernetes = provider.kubernetes
}
    Maarten Vanden Branden
    @firefixmaarten
    I guess it used to work in the past as I see it here => https://github.com/haf/terraform-provider-sealedsecrets
    Basile Chandesris
    @good92
    Hi, I am facing an issue with AWS S3 logging probably (TF 1.2.2 and 1.2.3):
    │ Error: Provider produced inconsistent final plan

    │ When expanding the plan for module.alb_external.aws_lb.this[0] to include
    │ new values learned so far during apply, provider
    │ "registry.terraform.io/hashicorp/aws" produced an invalid new value for
    │ .access_logs[0].bucket: was cty.StringVal(""), but now
    │ cty.StringVal("###-cluster-elbs-access-logs").

    │ This is a bug in the provider, which should be reported in the provider's
    │ own issue tracker.
    I am using source = "terraform-aws-modules/s3-bucket/aws"
    version = ">= 3.3.0"
    https://github.com/terraform-aws-modules/terraform-aws-s3-bucket
    https://github.com/terraform-aws-modules/terraform-aws-s3-bucket/blob/master/main.tf#L43
    Basile Chandesris
    @good92
    logging = {
    target_bucket = module.logging_for_buckets.s3_bucket_id
    target_prefix = "log/${local.name_hyphened}-elbs-access-logs"
    }
    target_bucket - (Required) The name of the bucket where you want Amazon S3 to store server access logs.
    id - The name of the bucket.
    Basile Chandesris
    @good92
    s3_bucket_id The name of the bucket.
    Basile Chandesris
    @good92
    adding a depends_on for s3 in the elb code does not solve the issue
    Basile Chandesris
    @good92
    added a / at the end of target_prefix : same behavious
    r
    Basile Chandesris
    @good92
    hashicorp/terraform-provider-aws#25558
    sara.hann
    @sara.hann_gitlab

    @rajeshpeta_gitlab
    resource "aws_subnet" "RdsSubnets" {
    count = var.RdsCreate ? length(var.RdsSubnets) : 0
    vpc_id = aws_vpc.VPC.id
    cidr_block = var.RdsSubnets[count.index]
    availability_zone = data.aws_availability_zones.AZs.names[count.index]
    map_public_ip_on_launch = false
    depends_on = [aws_eip.NATEIP]
    tags = {
    Name = "X360RdsPrivateSubnet${1+count.index}"
    }
    }
    resource "aws_route_table" "PrivateRT" {
    vpc_id = aws_vpc.VPC.id
    count = var.RdsCreate ? length(var.RdsSubnets) : 0
    route {
    cidr_block = "0.0.0.0/0"
    nat_gateway_id = aws_nat_gateway.NAT[count.index].id
    }
    tags = {
    Name = "X360PrivateRT"
    }
    }

    resource "aws_route_table_association" "PrivateRTA" {
    count = var.RdsCreate ? length(var.RdsSubnets) : 0
    subnet_id = aws_subnet.RdsSubnets[count.index].id
    route_table_id = aws_route_table.PrivateRT[count.index].id #aws_route_table.PrivateRT.id
    }

    deathscythe272
    @deathscythe272
    Hello everyone I am having a question about how to populate this variable type from this https://github.com/terraform-aws-modules/terraform-aws-eks/blob/master/modules/eks-managed-node-group/variables.tf
    variable "cluster_encryption_config" {
    description = "Configuration block with encryption configuration for the cluster"
    type = list(object({
    provider_key_arn = string
    resources = list(string)
    }))
    default = []
    }
    Iwan Aucamp
    @aucampia
    Does terraform refresh state from remote on every run?