#terraform-aws-modules (2018-11)

@Erik Osterman (Cloud Posse) has joined the channel

@joshmyers has joined the channel

@solairerove has joined the channel

@maarten has joined the channel

@Nikola Velkovski has joined the channel

I know we’ve been pretty focused on CloudPosse modules, but I want to see if we could enable some a group collaboration for other projects

@rms1000watt has joined the channel

@endofcake has joined the channel

I’m in the middle of a TF module for a serverless AWS photo gallery driven by dumping images into S3 :D

@Andy has joined the channel

@Steven has joined the channel

@Andriy Knysh (Cloud Posse) has joined the channel

@nian has joined the channel

@Yoann has joined the channel

@mmarseglia has joined the channel

@davidvasandani has joined the channel

@Pablo Costa has joined the channel

@g0nz0 has joined the channel

@pecigonzalo has joined the channel

@antonbabenko has joined the channel

I should join this channel, though don’t expect a lot of attention from me unless you mention my username

Hi @antonbabenko , nice to have you here :)

Ya no worries Anton - don’t expect much activity right now

@antonbabenko Hi Anton, I’ve always used this as egress with your modules, since updating last terraform I’m getting continuous updates. Just to check with you.. this is alright correct ?

  egress_with_cidr_blocks = [
      {
        rule        = "all-all"
        cidr_blocks = "0.0.0.0/0"
      },
    ]

@jonboulle has joined the channel

Maybe AWS changed something ? This is how it’s defined in the module and has always been working: all-all = [-1, -1, “-1”, “All protocols”]

Now it seems that with -1 protocol aws still wants from_port and to_port to be both 0

oops

@maarten yeah I ran into something similar last week with a different API

99.9% sure it’s an AWS change

https://www.terraform.io/docs/providers/aws/r/security_group.html#protocol

looks like it does require ports be set to 0 if protocol=-1

Hi guys. I can’t verify this now, but I saw very recently a PR in terraform aws provider which is very much related to this. Maybe there is a breaking change.

https://github.com/terraform-providers/terraform-provider-aws/pull/6407 - @maarten

doh

@Gabe has joined the channel

hey

• aws_elasticsearch_domain_policy.default: InvalidTypeException: Error setting policy: [{ “Version”: “2012-10-17”, “Statement”: [ { “Sid”: “”, “Effect”: “Allow”, “Action”: [ “es:ESHttpPut”, “es:ESHttpPost”, “es:ESHttpGet” ], “Resource”: [ “arnesXXXXX:domain/new-test-es/*”, “arnesXXXXX:domain/new-test-es” ], “Principal”: { “AWS”: “arniam:XXXXXXinstance-profile/kasun-role” } } ] }] status code: 409, request id: b46c5087-e7ee-11e8-8ec7-21744bcecad8

after running terraform

Hey Kasun, maybe explain what the problem is and with which Module of terraform-aws-modules and then maybe someone can help you out.

i use https://github.com/cloudposse/terraform-aws-elasticsearch

ecs already created

but i could access it publicly

seems that dns resolve the vpc ip address .. anyway to access kibana in publicly

Ah ok, move it to #terraform , this channel was specifically made for modules of https://github.com/terraform-aws-modules/