#terraform-aws-modules (2019-08)
Terraform Modules
Discussions related to https://github.com/terraform-aws-modules
Archive: https://archive.sweetops.com/terraform-aws-modules/
2019-08-01
2019-08-02
![mmarseglia avatar](https://secure.gravatar.com/avatar/c8ab1832c60fbfb4ad8d53b64cbeabc9.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0003-72.png)
i’m using v0.6.1. of the ecr module and get the following error aws_ecr_repository_policy.default: InvalidParameterException: Invalid parameter at 'PolicyText' failed to satisfy constraint: 'Invalid repository policy provided'
i did some searching and it looks like there was a condition where the IAM policy state wasn’t consistent but I thought that was fixed in the terraform aws provider.
2019-08-05
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
@mmarseglia cloudposse module or https://github.com/terraform-aws-modules/ module?
Collection of Terraform AWS modules supported by the community - Terraform AWS modules
2019-08-06
![mmarseglia avatar](https://secure.gravatar.com/avatar/c8ab1832c60fbfb4ad8d53b64cbeabc9.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0003-72.png)
@Erik Osterman (Cloud Posse) cloudposse module. trying https://github.com/cloudposse/terraform-aws-ecr.git?ref=0.6.1 with a basic configuration
module "ecr" {
source = "git::<https://github.com/cloudposse/terraform-aws-ecr.git?ref=0.6.1>"
name = "${var.app_name}"
namespace = "${var.app_name}"
stage = "prod"
}
but it keeps coming up with that policy error. i thought the policy was optional from the module description?
Terraform Module to manage Docker Container Registries on AWS ECR - cloudposse/terraform-aws-ecr
![Andriy Knysh (Cloud Posse) avatar](https://avatars.slack-edge.com/2018-06-13/382332470551_54ed1a5d986e2068fd9c_72.jpg)
@mmarseglia let’s move to #terraform
![mmarseglia avatar](https://secure.gravatar.com/avatar/c8ab1832c60fbfb4ad8d53b64cbeabc9.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0003-72.png)
sure!
2019-08-12
![Vitaliy Lobachev avatar](https://secure.gravatar.com/avatar/80c47ca1343715cec83a6c499004b85b.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0019-72.png)
Hello! I want to share with you resource:for_each and dynamicfor_each construction for terraform 12.6 and AWS S3. Hope this helps you work with large arrays of resources. https://github.com/devops-best-practices/terraform-best-practice/blob/master/s3.tf
Contribute to devops-best-practices/terraform-best-practice development by creating an account on GitHub.
![Sharanya avatar](https://avatars.slack-edge.com/2019-08-28/730147904066_371d42477a79b1177fc2_72.jpg)
Hey people, looking for terraform template on vpc peering ( syntax 0.12) any help plz
2019-08-13
![Blaise Pabon avatar](https://secure.gravatar.com/avatar/6540d57ecbbbebc740a33d507aa085ad.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0004-72.png)
Does anyone else find it strange that https://registry.terraform.io/ rarely work without having to debug intermediate files? I never have them work the first time and sometimes find examples that could have never run at all.
![Blaise Pabon avatar](https://secure.gravatar.com/avatar/6540d57ecbbbebc740a33d507aa085ad.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0004-72.png)
(AWS and GCP, that is. I have not worked with the other platforms.)
![Blaise Pabon avatar](https://secure.gravatar.com/avatar/6540d57ecbbbebc740a33d507aa085ad.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0004-72.png)
Kudos to this guy for at least thinking about testing: https://github.com/npalm/terraform-aws-gitlab-runner/issues/81
Create a test set for example with Terraform Kitchen sink / terratest to verify a deployment
![Blaise Pabon avatar](https://secure.gravatar.com/avatar/6540d57ecbbbebc740a33d507aa085ad.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0004-72.png)
@antonbabenko’s stuff is a notable exception also. Why can’t more people be like him?
![wave](/assets/images/custom_emojis/wave.png)
![Andriy Knysh (Cloud Posse) avatar](https://avatars.slack-edge.com/2018-06-13/382332470551_54ed1a5d986e2068fd9c_72.jpg)
@Blaise Pabon we at CloudPosse are trying to be like him as well
![Andriy Knysh (Cloud Posse) avatar](https://avatars.slack-edge.com/2018-06-13/382332470551_54ed1a5d986e2068fd9c_72.jpg)
for each module we convert to TF 0.12, we are adding tests with bats
and terratests
![Andriy Knysh (Cloud Posse) avatar](https://avatars.slack-edge.com/2018-06-13/382332470551_54ed1a5d986e2068fd9c_72.jpg)
and we actually deploy it to the test AWS account on each PR using Codefresh pipelines
![Andriy Knysh (Cloud Posse) avatar](https://avatars.slack-edge.com/2018-06-13/382332470551_54ed1a5d986e2068fd9c_72.jpg)
S3 bucket with built in IAM policy to allow CloudTrail logs - cloudposse/terraform-aws-cloudtrail-s3-bucket
![Andriy Knysh (Cloud Posse) avatar](https://avatars.slack-edge.com/2018-06-13/382332470551_54ed1a5d986e2068fd9c_72.jpg)
S3 bucket with built in IAM policy to allow CloudTrail logs - cloudposse/terraform-aws-cloudtrail-s3-bucket
![Blaise Pabon avatar](https://secure.gravatar.com/avatar/6540d57ecbbbebc740a33d507aa085ad.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0004-72.png)
Yes, I wasn’t trying to fault the community as much as expect that Hashi could do something to have a quality gate of some sort.
![Andriy Knysh (Cloud Posse) avatar](https://avatars.slack-edge.com/2018-06-13/382332470551_54ed1a5d986e2068fd9c_72.jpg)
S3 bucket with built in IAM policy to allow CloudTrail logs - cloudposse/terraform-aws-cloudtrail-s3-bucket
![Blaise Pabon avatar](https://secure.gravatar.com/avatar/6540d57ecbbbebc740a33d507aa085ad.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0004-72.png)
and I know from talking to @Erik Osterman (Cloud Posse) that you guys try to use bats
and terratest
where possible.
![Andriy Knysh (Cloud Posse) avatar](https://avatars.slack-edge.com/2018-06-13/382332470551_54ed1a5d986e2068fd9c_72.jpg)
in all modules
![Andriy Knysh (Cloud Posse) avatar](https://avatars.slack-edge.com/2018-06-13/382332470551_54ed1a5d986e2068fd9c_72.jpg)
Terraform module to provision an RDS Aurora cluster for MySQL or Postgres - cloudposse/terraform-aws-rds-cluster
![Andriy Knysh (Cloud Posse) avatar](https://avatars.slack-edge.com/2018-06-13/382332470551_54ed1a5d986e2068fd9c_72.jpg)
deploying the examples to real account https://github.com/cloudposse/terraform-aws-rds-cluster/tree/master/examples/complete
Terraform module to provision an RDS Aurora cluster for MySQL or Postgres - cloudposse/terraform-aws-rds-cluster
![Andriy Knysh (Cloud Posse) avatar](https://avatars.slack-edge.com/2018-06-13/382332470551_54ed1a5d986e2068fd9c_72.jpg)
Terraform module to provision an RDS Aurora cluster for MySQL or Postgres - cloudposse/terraform-aws-rds-cluster
![Blaise Pabon avatar](https://secure.gravatar.com/avatar/6540d57ecbbbebc740a33d507aa085ad.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0004-72.png)
OK. well, I think we can all agree that the Cloud Posse is Awesome … I was just wondering why does Hashicorp registry code quality control suck so badly? when they have sooo much money and they own most of the stack. It’s not like they are hosting legacy NetBSD drivers….
2019-08-14
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
The hashicorp registry is a free for all. Anyone can publish modules there working or not. =/
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
However, the registry has been awesome at bringing awareness to modules!
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
we attribute a lot of our growth to this.
2019-08-15
![igeorgopoulos avatar](https://secure.gravatar.com/avatar/4aa8f5486457e8c77a5e841cfa6eb51d.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0015-72.png)
I have an existing aws ecs cluster (made by hand) and would like to update it by using terraform. Is there any documentation for updating existing aws services (alb, ecr, ecs)?
2019-08-16
![github140 avatar](https://secure.gravatar.com/avatar/afcb56b638b9dc7f3541d9d13accee94.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0016-72.png)
There’s an import option, but I think that also depends on the resource https://www.terraform.io/docs/import/ .
Terraform is able to import existing infrastructure. This allows you take resources you’ve created by some other means and bring it under Terraform management.
2019-08-23
![Sharanya avatar](https://avatars.slack-edge.com/2019-08-28/730147904066_371d42477a79b1177fc2_72.jpg)
The variable “lambda_settings” is required, so Terraform cannot proceed without a defined value for it.
[10:50 PM] anyone came across this issues
2019-08-27
![Bertie avatar](https://secure.gravatar.com/avatar/b886127c3cef5fab5e25684dbf4fa7cd.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0009-72.png)
hi, i want to create an aws_iam_role
and aws_iam_policy
resources and link them with an aws_iam_role_policy_attachment
, which module would be best suited for this? does terraform-aws-iam-role
do the job, looks like the policies are defined as json docs using data, does this create the aws_iam_policy
? or does it achieve the same result?
![Bertie avatar](https://secure.gravatar.com/avatar/b886127c3cef5fab5e25684dbf4fa7cd.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0009-72.png)
sorry, just looked at [main.tf](http://main.tf)
yes
![Ryan avatar](https://secure.gravatar.com/avatar/06659a242c1dbcb4f13a143694d5afd3.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0015-72.png)
Using the terraform-aws-named-subnets
(tag 0.3.4
) module, I get errors with Terraform 0.12
. Anyone know off the top if this is a bug or if it’s a 0.12
incompatibility? I’m creating private subnets for resources that don’t need a public subnet or NAT’ing.
Error: Missing resource instance key
on .terraform/modules/data_private_subnets_us_west-2b.public_label/outputs.tf line 29, in output "tags":
29: "Stage", "${null_resource.default.triggers.stage}"
Because null_resource.default has "count" set, its attributes must be accessed
on specific instances.
For example, to correlate with indices of a referring resource, use:
null_resource.default[count.index]
![Andriy Knysh (Cloud Posse) avatar](https://avatars.slack-edge.com/2018-06-13/382332470551_54ed1a5d986e2068fd9c_72.jpg)
the module is not converted to 0.12 yet, but 0.12 is very complaining about accessing resources with count
as a single value
![Andriy Knysh (Cloud Posse) avatar](https://avatars.slack-edge.com/2018-06-13/382332470551_54ed1a5d986e2068fd9c_72.jpg)
try this
![Andriy Knysh (Cloud Posse) avatar](https://avatars.slack-edge.com/2018-06-13/382332470551_54ed1a5d986e2068fd9c_72.jpg)
"Stage", "${join("", null_resource.default.triggers.*.stage)}"
![Ryan avatar](https://secure.gravatar.com/avatar/06659a242c1dbcb4f13a143694d5afd3.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0015-72.png)
Thanks Aknysh. I’ll fork it and play around, see if I can resolve it and open a PR. Completely new to Terraform so the interpolation mechanics + 0.11/0.12 changes are pretty much Greek to me
2019-08-28
![Ryan avatar](https://secure.gravatar.com/avatar/06659a242c1dbcb4f13a143694d5afd3.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0015-72.png)
Ah, realized the issue was the source for terraform-null-label
needed to be updated. I’m not sure if CP is planning to maintain backwards compatibility with 0.11
but I upgraded the module to 0.12
and opened a PR. If backwards compatibility is needed, feel free to point out (or to a reference upgrade) how that might be accomplished and I’d be happy to revise the PR. I am implementing a green field project so I’m starting with 0.12
.
https://github.com/cloudposse/terraform-aws-named-subnets/pull/15
![Sharanya avatar](https://avatars.slack-edge.com/2019-08-28/730147904066_371d42477a79b1177fc2_72.jpg)
Did anyone Come across NPM memory Issues ?
2019-08-29
![Robert avatar](https://secure.gravatar.com/avatar/3fbe136a12776f5be5f78e7fb59d3ce0.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0014-72.png)
@Robert has joined the channel