Last active
October 18, 2019 11:37
-
-
Save Siebjee/20b88457cd312dce5ee0828df4b6063c to your computer and use it in GitHub Desktop.
Terraform bug
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| resource "aws_launch_template" "example" { | |
| name_prefix = "example" | |
| image_id = "ami-0ce71448843cb18a1" | |
| instance_type = "t2.nano" | |
| } | |
| resource "aws_autoscaling_group" "bar" { | |
| name = "foobar3-terraform-test" | |
| max_size = 2 | |
| min_size = 0 | |
| health_check_grace_period = 300 | |
| desired_capacity = 0 | |
| force_delete = true | |
| vpc_zone_identifier = [ | |
| "${data.aws_subnet.az_a.id}", | |
| "${data.aws_subnet.az_b.id}" | |
| ] | |
| launch_template { | |
| id = "${aws_launch_template.example.id}" | |
| version = "$Latest" | |
| } | |
| tag { | |
| key = "CHANGEME5" | |
| value = "bar" | |
| propagate_at_launch = true | |
| } | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| data "aws_vpc" "active_vpc" { | |
| id = "${var.vpc_id}" | |
| } | |
| data "aws_subnet" "az_a" { | |
| vpc_id = "${var.vpc_id}" | |
| tags = { | |
| Name = "${var.subnet_a_filter}" | |
| } | |
| } | |
| data "aws_subnet" "az_b" { | |
| vpc_id = "${var.vpc_id}" | |
| tags = { | |
| Name = "${var.subnet_b_filter}" | |
| } | |
| } | |
| data "aws_caller_identity" "current" {} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [Container] 2019/10/18 11:08:55 Waiting for agent ping | |
| [Container] 2019/10/18 11:08:57 Waiting for DOWNLOAD_SOURCE | |
| [Container] 2019/10/18 11:08:57 Phase is DOWNLOAD_SOURCE | |
| [Container] 2019/10/18 11:08:57 CODEBUILD_SRC_DIR=/codebuild/output/src971872627/src | |
| [Container] 2019/10/18 11:08:57 YAML location is /codebuild/output/src971872627/src/buildspec.yaml | |
| [Container] 2019/10/18 11:08:57 Processing environment variables | |
| [Container] 2019/10/18 11:08:57 Moving to directory /codebuild/output/src971872627/src | |
| [Container] 2019/10/18 11:08:57 Registering with agent | |
| [Container] 2019/10/18 11:08:57 Phases found in YAML: 2 | |
| [Container] 2019/10/18 11:08:57 PRE_BUILD: 2 commands | |
| [Container] 2019/10/18 11:08:57 BUILD: 2 commands | |
| [Container] 2019/10/18 11:08:57 Phase complete: DOWNLOAD_SOURCE State: SUCCEEDED | |
| [Container] 2019/10/18 11:08:57 Phase context status code: Message: | |
| [Container] 2019/10/18 11:08:57 Entering phase INSTALL | |
| [Container] 2019/10/18 11:08:57 Phase complete: INSTALL State: SUCCEEDED | |
| [Container] 2019/10/18 11:08:57 Phase context status code: Message: | |
| [Container] 2019/10/18 11:08:57 Entering phase PRE_BUILD | |
| [Container] 2019/10/18 11:08:57 Running command terraform init | |
| ·[0m·[1mInitializing the backend...·[0m | |
| ·[0m·[32m | |
| Successfully configured the backend "s3"! Terraform will automatically | |
| use this backend unless the backend configuration changes.·[0m | |
| ·[0m·[1mInitializing provider plugins...·[0m | |
| - Checking for available provider plugins... | |
| - Downloading plugin for provider "aws" (hashicorp/aws) 2.33.0... | |
| The following providers do not have any version constraints in configuration, | |
| so the latest version was installed. | |
| To prevent automatic upgrades to new major versions that may contain breaking | |
| changes, it is recommended to add version = "..." constraints to the | |
| corresponding provider blocks in configuration, with the constraint strings | |
| suggested below. | |
| * provider.aws: version = "~> 2.33" | |
| ·[0m·[1m·[32mTerraform has been successfully initialized!·[0m·[32m·[0m | |
| ·[0m·[32m | |
| You may now begin working with Terraform. Try running "terraform plan" to see | |
| any changes that are required for your infrastructure. All Terraform commands | |
| should now work. | |
| If you ever set or change modules or backend configuration for Terraform, | |
| rerun this command to reinitialize your working directory. If you forget, other | |
| commands will detect it and remind you to do so if necessary.·[0m | |
| [Container] 2019/10/18 11:09:01 Running command terraform workspace new tf-bug || terraform workspace select tf-bug | |
| ·[31mWorkspace "tf-bug" already exists·[0m·[0m | |
| ·[0m·[32mSwitched to workspace "tf-bug".·[0m | |
| [Container] 2019/10/18 11:09:04 Phase complete: PRE_BUILD State: SUCCEEDED | |
| [Container] 2019/10/18 11:09:04 Phase context status code: Message: | |
| [Container] 2019/10/18 11:09:04 Entering phase BUILD | |
| [Container] 2019/10/18 11:09:04 Running command terraform plan -no-color -out tf.plan | |
| Refreshing Terraform state in-memory prior to plan... | |
| The refreshed state will be used to calculate this plan, but will not be | |
| persisted to local or remote state storage. | |
| data.aws_subnet.az_b: Refreshing state... | |
| data.aws_caller_identity.current: Refreshing state... | |
| data.aws_vpc.active_vpc: Refreshing state... | |
| data.aws_subnet.az_a: Refreshing state... | |
| aws_launch_template.example: Refreshing state... [id=lt-063cade30d453a7f5] | |
| aws_autoscaling_group.bar: Refreshing state... [id=foobar3-terraform-test] | |
| ------------------------------------------------------------------------ | |
| An execution plan has been generated and is shown below. | |
| Resource actions are indicated with the following symbols: | |
| ~ update in-place | |
| Terraform will perform the following actions: | |
| # aws_autoscaling_group.bar will be updated in-place | |
| ~ resource "aws_autoscaling_group" "bar" { | |
| arn = "arn:aws:autoscaling:eu-west-1:REDACTED:autoScalingGroup:714810dd-e98b-482d-8d42-ef0f18684e7d:autoScalingGroupName/foobar3-terraform-test" | |
| availability_zones = [ | |
| "eu-west-1a", | |
| "eu-west-1b", | |
| ] | |
| default_cooldown = 300 | |
| desired_capacity = 0 | |
| enabled_metrics = [] | |
| force_delete = true | |
| health_check_grace_period = 300 | |
| health_check_type = "EC2" | |
| id = "foobar3-terraform-test" | |
| load_balancers = [] | |
| max_size = 2 | |
| metrics_granularity = "1Minute" | |
| min_size = 0 | |
| name = "foobar3-terraform-test" | |
| protect_from_scale_in = false | |
| service_linked_role_arn = "arn:aws:iam::REDACTED:role/aws-service-role/autoscaling.amazonaws.com/AWSServiceRoleForAutoScaling" | |
| suspended_processes = [] | |
| target_group_arns = [] | |
| termination_policies = [] | |
| vpc_zone_identifier = [ | |
| "subnet-0924499ccca023acb", | |
| "subnet-09c853f65b95bde5f", | |
| ] | |
| wait_for_capacity_timeout = "10m" | |
| launch_template { | |
| id = "lt-063cade30d453a7f5" | |
| name = "example20191018085733335400000001" | |
| version = "$Latest" | |
| } | |
| - tag { | |
| - key = "CHANGEME4" -> null | |
| - propagate_at_launch = true -> null | |
| - value = "bar" -> null | |
| } | |
| + tag { | |
| + key = "CHANGEME5" | |
| + propagate_at_launch = true | |
| + value = "bar" | |
| } | |
| } | |
| Plan: 0 to add, 1 to change, 0 to destroy. | |
| ------------------------------------------------------------------------ | |
| This plan was saved to: tf.plan | |
| To perform exactly these actions, run the following command to apply: | |
| terraform apply "tf.plan" | |
| [Container] 2019/10/18 11:09:09 Running command terraform apply -no-color tf.plan | |
| aws_autoscaling_group.bar: Modifying... [id=foobar3-terraform-test] | |
| Error: AccessDenied: User: arn:aws:sts::REDACTED:assumed-role/tf-asg-test-fail/AWSCodeBuild-16b45243-b7b7-48c2-b556-37f945074689 is not authorized to perform: autoscaling:DeleteTags on resource: arn:aws:autoscaling:eu-west-1:REDACTED:autoScalingGroup:714810dd-e98b-482d-8d42-ef0f18684e7d:autoScalingGroupName/foobar3-terraform-test | |
| status code: 403, request id: b7a155ae-f197-11e9-8746-676337ba15a8 | |
| on asg.tf line 7, in resource "aws_autoscaling_group" "bar": | |
| 7: resource "aws_autoscaling_group" "bar" { | |
| [Container] 2019/10/18 11:09:13 Command did not exit successfully terraform apply -no-color tf.plan exit status 1 | |
| [Container] 2019/10/18 11:09:13 Phase complete: BUILD State: FAILED | |
| [Container] 2019/10/18 11:09:13 Phase context status code: COMMAND_EXECUTION_ERROR Message: Error while executing command: terraform apply -no-color tf.plan. Reason: exit status 1 | |
| [Container] 2019/10/18 11:09:13 Entering phase POST_BUILD | |
| [Container] 2019/10/18 11:09:13 Phase complete: POST_BUILD State: SUCCEEDED | |
| [Container] 2019/10/18 11:09:13 Phase context status code: Message: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [Container] 2019/10/18 11:09:58 Waiting for agent ping | |
| [Container] 2019/10/18 11:10:01 Waiting for DOWNLOAD_SOURCE | |
| [Container] 2019/10/18 11:10:01 Phase is DOWNLOAD_SOURCE | |
| [Container] 2019/10/18 11:10:01 CODEBUILD_SRC_DIR=/codebuild/output/src417933702/src | |
| [Container] 2019/10/18 11:10:01 YAML location is /codebuild/output/src417933702/src/buildspec.yaml | |
| [Container] 2019/10/18 11:10:01 Processing environment variables | |
| [Container] 2019/10/18 11:10:01 Moving to directory /codebuild/output/src417933702/src | |
| [Container] 2019/10/18 11:10:01 Registering with agent | |
| [Container] 2019/10/18 11:10:01 Phases found in YAML: 2 | |
| [Container] 2019/10/18 11:10:01 PRE_BUILD: 2 commands | |
| [Container] 2019/10/18 11:10:01 BUILD: 2 commands | |
| [Container] 2019/10/18 11:10:01 Phase complete: DOWNLOAD_SOURCE State: SUCCEEDED | |
| [Container] 2019/10/18 11:10:01 Phase context status code: Message: | |
| [Container] 2019/10/18 11:10:02 Entering phase INSTALL | |
| [Container] 2019/10/18 11:10:02 Phase complete: INSTALL State: SUCCEEDED | |
| [Container] 2019/10/18 11:10:02 Phase context status code: Message: | |
| [Container] 2019/10/18 11:10:03 Entering phase PRE_BUILD | |
| [Container] 2019/10/18 11:10:03 Running command terraform init | |
| ·[0m·[1mInitializing the backend...·[0m | |
| ·[0m·[32m | |
| Successfully configured the backend "s3"! Terraform will automatically | |
| use this backend unless the backend configuration changes.·[0m | |
| ·[0m·[1mInitializing provider plugins...·[0m | |
| - Checking for available provider plugins... | |
| - Downloading plugin for provider "aws" (hashicorp/aws) 2.33.0... | |
| The following providers do not have any version constraints in configuration, | |
| so the latest version was installed. | |
| To prevent automatic upgrades to new major versions that may contain breaking | |
| changes, it is recommended to add version = "..." constraints to the | |
| corresponding provider blocks in configuration, with the constraint strings | |
| suggested below. | |
| * provider.aws: version = "~> 2.33" | |
| ·[0m·[1m·[32mTerraform has been successfully initialized!·[0m·[32m·[0m | |
| ·[0m·[32m | |
| You may now begin working with Terraform. Try running "terraform plan" to see | |
| any changes that are required for your infrastructure. All Terraform commands | |
| should now work. | |
| If you ever set or change modules or backend configuration for Terraform, | |
| rerun this command to reinitialize your working directory. If you forget, other | |
| commands will detect it and remind you to do so if necessary.·[0m | |
| [Container] 2019/10/18 11:10:06 Running command terraform workspace new tf-bug || terraform workspace select tf-bug | |
| ·[31mWorkspace "tf-bug" already exists·[0m·[0m | |
| ·[0m·[32mSwitched to workspace "tf-bug".·[0m | |
| [Container] 2019/10/18 11:10:09 Phase complete: PRE_BUILD State: SUCCEEDED | |
| [Container] 2019/10/18 11:10:09 Phase context status code: Message: | |
| [Container] 2019/10/18 11:10:09 Entering phase BUILD | |
| [Container] 2019/10/18 11:10:09 Running command terraform plan -no-color -out tf.plan | |
| Refreshing Terraform state in-memory prior to plan... | |
| The refreshed state will be used to calculate this plan, but will not be | |
| persisted to local or remote state storage. | |
| aws_launch_template.example: Refreshing state... [id=lt-063cade30d453a7f5] | |
| data.aws_subnet.az_a: Refreshing state... | |
| data.aws_caller_identity.current: Refreshing state... | |
| data.aws_subnet.az_b: Refreshing state... | |
| data.aws_vpc.active_vpc: Refreshing state... | |
| aws_autoscaling_group.bar: Refreshing state... [id=foobar3-terraform-test] | |
| ------------------------------------------------------------------------ | |
| An execution plan has been generated and is shown below. | |
| Resource actions are indicated with the following symbols: | |
| ~ update in-place | |
| Terraform will perform the following actions: | |
| # aws_autoscaling_group.bar will be updated in-place | |
| ~ resource "aws_autoscaling_group" "bar" { | |
| arn = "arn:aws:autoscaling:eu-west-1:REDACTED:autoScalingGroup:714810dd-e98b-482d-8d42-ef0f18684e7d:autoScalingGroupName/foobar3-terraform-test" | |
| availability_zones = [ | |
| "eu-west-1a", | |
| "eu-west-1b", | |
| ] | |
| default_cooldown = 300 | |
| desired_capacity = 0 | |
| enabled_metrics = [] | |
| force_delete = true | |
| health_check_grace_period = 300 | |
| health_check_type = "EC2" | |
| id = "foobar3-terraform-test" | |
| load_balancers = [] | |
| max_size = 2 | |
| metrics_granularity = "1Minute" | |
| min_size = 0 | |
| name = "foobar3-terraform-test" | |
| protect_from_scale_in = false | |
| service_linked_role_arn = "arn:aws:iam::REDACTED:role/aws-service-role/autoscaling.amazonaws.com/AWSServiceRoleForAutoScaling" | |
| suspended_processes = [] | |
| target_group_arns = [] | |
| termination_policies = [] | |
| vpc_zone_identifier = [ | |
| "subnet-0924499ccca023acb", | |
| "subnet-09c853f65b95bde5f", | |
| ] | |
| wait_for_capacity_timeout = "10m" | |
| launch_template { | |
| id = "lt-063cade30d453a7f5" | |
| name = "example20191018085733335400000001" | |
| version = "$Latest" | |
| } | |
| + tag { | |
| + key = "CHANGEME5" | |
| + propagate_at_launch = true | |
| + value = "bar" | |
| } | |
| } | |
| Plan: 0 to add, 1 to change, 0 to destroy. | |
| ------------------------------------------------------------------------ | |
| This plan was saved to: tf.plan | |
| To perform exactly these actions, run the following command to apply: | |
| terraform apply "tf.plan" | |
| [Container] 2019/10/18 11:10:15 Running command terraform apply -no-color tf.plan | |
| aws_autoscaling_group.bar: Modifying... [id=foobar3-terraform-test] | |
| aws_autoscaling_group.bar: Modifications complete after 1s [id=foobar3-terraform-test] | |
| Apply complete! Resources: 0 added, 1 changed, 0 destroyed. | |
| [Container] 2019/10/18 11:10:19 Phase complete: BUILD State: SUCCEEDED | |
| [Container] 2019/10/18 11:10:19 Phase context status code: Message: | |
| [Container] 2019/10/18 11:10:19 Entering phase POST_BUILD | |
| [Container] 2019/10/18 11:10:19 Phase complete: POST_BUILD State: SUCCEEDED | |
| [Container] 2019/10/18 11:10:19 Phase context status code: Message: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| variable "subnet_a_filter" { | |
| description = "Filter for subnet A" | |
| type = "string" | |
| default = "Private AZ-A*" | |
| } | |
| variable "subnet_b_filter" { | |
| description = "Filter for subnet A" | |
| type = "string" | |
| default = "Private AZ-B*" | |
| } | |
| variable "vpc_id" { | |
| description = "The VPC we deploy in" | |
| type = "string" | |
| default = "REDACTED" | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment