#terraform-0_12

Discuss upgrading to terraform 0.12

Archive: https://archive.sweetops.com/terraform-0_12/

2019-11-18

chrism

@aknysh https://github.com/cloudposse/terraform-aws-ec2-autoscale-group/pull/17 I redid the mixed type scaling based on what was done for 11. There’s a bug filed on there as well regarding the variable type constraint (which tbh is easier fixed by removal / I didn’t remove it from my repo and PR it due to the existing pr )

Add support for Mixed Instance Spot Policy Autoscaling. by ChrisMcKee · Pull Request #17 · cloudposse/terraform-aws-ec2-autoscale-group

Does as the label says; adds an example using it which I used to test that it works as expected. The "make && make init" keeps trying to install and setup terraform 0.11 which is …

aknysh

thanks @chrism, will review

Add support for Mixed Instance Spot Policy Autoscaling. by ChrisMcKee · Pull Request #17 · cloudposse/terraform-aws-ec2-autoscale-group

Does as the label says; adds an example using it which I used to test that it works as expected. The "make && make init" keeps trying to install and setup terraform 0.11 which is …

2019-11-15

2019-11-14

Hey all, new here and still new to Terraform - I’m trying to use Terraform to configure an AWS CodePipeline. It will plan and apply just fine, but the pipeline fails in the real world every time at the source stage. It seems to need additional S3 permissions and I haven’t yet figured out how to provide them. The error is Insufficient permissions The provided role does not have permissions to perform this action. Underlying error: Access Denied (Service: Amazon S3; Status Code: 403; Error Code: AccessDenied; Request ID:... I’ve tried a blanket S3 allow-all permission policy on both the pipeline’s associated role and the codebuild’s associated role (desperation) to no avail. - anyone got any advice?

mrwacky

Sounds more like an AWS question. Try the IAM policy simulator? https://policysim.aws.amazon.com/ also you can check the access advisor for the policy you have created

aknysh
cloudposse/terraform-aws-ecs-codepipeline

Terraform Module for CI/CD with AWS Code Pipeline and Code Build for ECS https://cloudposse.com/ - cloudposse/terraform-aws-ecs-codepipeline

aknysh
cloudposse/terraform-aws-cicd

Terraform Module for CI/CD with AWS Code Pipeline and Code Build - cloudposse/terraform-aws-cicd

aknysh

those pipelines use GitHub as Source (not S3), but they are working so might be of some help

Thanks @aknysh - it turns out the KMS encryption key was causing the failure, once I disabled that it ran just fine. I’ll keep these handy though! Off to other errors!

2019-11-12

mrwacky

Ok, the documentation for dynamic leaves a lot of useful examples out of the equation. How do I do nested dynamic blocks? We have a module for aws_elasticsearch_domain that takes a cluster_config var. This can have a nested block inside.. https://www.terraform.io/docs/providers/aws/r/elasticsearch_domain.html#cluster_config

AWS: aws_elasticsearch_domain - Terraform by HashiCorp

Terraform resource for managing an AWS Elasticsearch Domain.

loren

I found some good examples on their user forum… https://discuss.hashicorp.com/c/terraform-core

AWS: aws_elasticsearch_domain - Terraform by HashiCorp

Terraform resource for managing an AWS Elasticsearch Domain.

mrwacky

ty

mrwacky

I need to only sometimes supply zone_awareness_config..

mrwacky

The dynamic/for_each syntax in 0.12 is complete trash, and the documentation is complete trash

mrwacky

This is so non-obvious and poorly explained

mrwacky
cloudposse/terraform-aws-elasticsearch

Terraform module to provision an Elasticsearch cluster with built-in integrations with Kibana and Logstash. - cloudposse/terraform-aws-elasticsearch

aknysh
cloudposse/terraform-aws-ec2-autoscale-group

Terraform module to provision Auto Scaling Group and Launch Template on AWS - cloudposse/terraform-aws-ec2-autoscale-group

aknysh
cloudposse/terraform-aws-ec2-autoscale-group

Terraform module to provision Auto Scaling Group and Launch Template on AWS - cloudposse/terraform-aws-ec2-autoscale-group

aknysh

@mrwacky examples of nested dynamic blocks ^

mrwacky

ha. I just gave up and passed a bunch of string variables to the module

mrwacky

thanks though

loren

It was confusing at first, but now I use it for everything

2019-11-08

do you guys know if is possible to extract from a provider alias the region? like aws.secondary.region ?

AWS: aws_region - Terraform by HashiCorp

Provides details about a specific service region

I have two provides for different regions in the same file

so the resource block have a provider = aws.primary

that is on a specific region

joshmyers

Use the provider in a data resource to fetch the region?

I think I’m just going to add an additional variable

this thing runs in one region but spins up multiple dependent resources in multiple regions

joshmyers

What happens if one of those regions is having availability issues? Could you keep each region a separate state?

this is for Aurora Global DBs

so I might not have access to the state but we do not have to touch the state even if the region is down

I think I will separate it later

2019-11-07

2019-11-06

Adding the option to defina an empty ALB SGs by jamengual · Pull Request #40 · cloudposse/terraform-aws-ecs-alb-service-task

This option is for the cases where ECS launch type is EC2 and the network mode is host and there is no alb fronting the application. One could argue that this module has morf so much that the alb i…

left a comment @aknysh

Adding the option to defina an empty ALB SGs by jamengual · Pull Request #40 · cloudposse/terraform-aws-ecs-alb-service-task

This option is for the cases where ECS launch type is EC2 and the network mode is host and there is no alb fronting the application. One could argue that this module has morf so much that the alb i…

2019-11-04

2019-11-02

cytopia

@Erik Osterman latest terraform-docs.awk fix: https://github.com/cloudposse/build-harness/pull/174

terraform-docs should not fail if complex types contain 'description' keyword by cytopia · Pull Request #174 · cloudposse/build-harness

Fix description key inside type This PR fixes a when a key named description is inside the type block of a variable section: variable "ingress_cidr_blocks" { description = "Bzzzzz&…

Erik Osterman

You rock! Thanks

terraform-docs should not fail if complex types contain 'description' keyword by cytopia · Pull Request #174 · cloudposse/build-harness

Fix description key inside type This PR fixes a when a key named description is inside the type block of a variable section: variable "ingress_cidr_blocks" { description = "Bzzzzz&…

Erik Osterman

@aknysh

winter

terraform is replacing the instance while enabling ebs encryption after creation of the instance. Is this expected behaviour?

2019-11-01

I’m working with the git://github.com/cloudposse/terraform-aws-rds-cluster.git?ref=0.17.0> module and when global databases are used Aurora changes the replication_source_identifier of the secondary cluster so every time we apply is trying to do and update in place, is it possible to add some sort of ignore if global databases are configured?

just to clarify, Global cluster in aurora do not allow to be created with replication_source_identifier populated the Global engine changes the replication_source_identifier after the secondary cluster joins the global cluster so that is why TF sees a drift in the state

the workaround is to add the replication_source_identifier after the global cluster is created and the secondary is active

It will be nice if there was some sort of lifestyle event that TF will ignore those changes

Erik Osterman

We haven’t used it in this manner before (awesome that it kind’a works)

Erik Osterman

not sure the best option. i doubt lifecycle blocks support interpolation in 0.12 (they didn’t in 0.11)

yes, I’m not sure either

I will try to create a new cluster an add the replication_source_identifier and see what happens and if I get the same error ( most probably I will) I will file a bug

    keyboard_arrow_up