#terraform-0_12 (2019-12)
Discuss upgrading to terraform 0.12
Archive: https://archive.sweetops.com/terraform-0_12/
2019-12-10
Hello, I am trying to install nginx-ingress helm chart to a fresh EKS cluster using TF, but the apply times out everytime with the error Error: timeout while waiting for state to become 'Running' (last state: 'Pending', timeout: 5m0s). I have tried increasing the timeout to 3000 but seems to have no effect.
You don’t have nodes in the cluster
kubectl get nodes
Try that ^
thanks @Andriy Knysh (Cloud Posse) .. tiller wasn’t deployed to the cluster..should have checked that..my bad
In case of issues, you can also try:
kubectl cluster-info dump
Kubectl describe pod xxxxxx
sure..thank you
2019-12-12
Does anyone know if it’s possible to use for_each or dynamic values for a provider block? If not, do you have a way to make the same resource across many accounts?
dynamic blocks are supported inside resource, data, provider, and provisioner blocks
we use assume_role to re-use code for diff accounts https://www.terraform.io/docs/providers/aws/index.html#assume-role
yeah that’s what we have for our providers… in this case we want to make an AWS Config rule across all of our accounts so we need to make the same resource with each provider
it seems like we need to either have X number of modules with a different provider or one module with X number of resources that reference a list of providers
was wondering if there is a way to clean this up using a loop in TF 12
you can have one module that accepts a list of account IDs (or a map, if you want to use for_each)
in it, you use provider block with count or for_each (for which you need to provide a map)
in each resource in the module, you use count (or for_each) and specify the provider by index
ah okay… let me give that a try
The user that executes the code must have permissions to assume all those roles that are generated in the provider assume_role block
Seems like they haven’t implemented this functionality yet. Using this config:
provider "aws" {
for_each = var.aws_account_ids
dynamic "assume_role" {
for_each = var.aws_account_ids
content {
role_arn = "arn:aws:iam::${each.value}:role/super-user"
session_name = "terraform"
}
}
profile = "sts"
region = "us-west-2"
version = "2.41.0"
}
Returns :
Error: Reserved argument name in provider block
on ../../../modules/site/all-accounts-aws-config-rule/v3/main.tf line 14, in provider "aws":
14: for_each = var.aws_account_ids
The provider argument name "for_each" is reserved for use by Terraform in a
future version.
I also tried the for_each or the provider block as well with the same result
what about count in provider block?
Same
Error: Reserved argument name in provider block
on ../../../modules/site/all-accounts-aws-config-rule/v3/main.tf line 14, in provider "aws":
14: count = length(var.aws_account_ids)
The provider argument name "count" is reserved for use by Terraform in a
future version.
So realized there was a mistake in my attempt with for_each, I needed to delete the resource level for_each statement. However, this still doesn’t seem possible because you can’t dynamically specify the provider in a resource or the alias in a provider
2019-12-16
also using terraform 0.12.18 which is the newest