Cannot provision aws_spot_instance via terraform

Question

I am attempting to spin up a spot instance via terraform. When I try to use a provisioner block (either "remote-exec" or "file"), it fails and I see an SSH error in DEBUG level output. When I switch from a spot instance request to a standard aws instance resource declaration, the provisioning works fine.

Code not working:

    resource "aws_spot_instance_request" "worker01" {
      ami           = "ami-0cb95574"
      spot_price    = "0.02"
      instance_type = "m3.medium"
      vpc_security_group_ids = [ "${aws_security_group.ssh_access.id}", "${aws_security_group.tcp_internal_access.id}","${aws_security_group.splunk_access.id}","${aws_security_group.internet_access.id}" ]
      subnet_id     = "..."
      associate_public_ip_address = true

      connection {
        type = "ssh"
        user = "ec2-user"
        private_key = "${file("${var.private_key_path}")}"
      }

       provisioner "remote-exec" {
         inline = [
           "touch foo",
         ]
       }
    }

Error:

    aws_spot_instance_request.worker01 (remote-exec): Connecting to remote host via SSH...
    aws_spot_instance_request.worker01 (remote-exec):   Host:
    aws_spot_instance_request.worker01 (remote-exec):   User: ec2-user
    2017/09/01 16:17:52 [DEBUG] plugin: terraform: remote-exec-provisioner (internal) 2017/09/01 16:17:52 handshaking with SSH
    aws_spot_instance_request.worker01 (remote-exec):   Password: false
    aws_spot_instance_request.worker01 (remote-exec):   Private key: true
    aws_spot_instance_request.worker01 (remote-exec):   SSH Agent: true
    2017/09/01 16:17:52 [DEBUG] plugin: terraform: remote-exec-provisioner (internal) 2017/09/01 16:17:52 handshake error: ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey], no supported methods remain
    2017/09/01 16:17:52 [DEBUG] plugin: terraform: remote-exec-provisioner (internal) 2017/09/01 16:17:52 Retryable error: ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey], no supported methods remain

Working code:

    resource "aws_instance" "worker01" {
      ami           = "ami-0cb95574"
      instance_type = "m3.medium"
      vpc_security_group_ids = [ "${aws_security_group.ssh_access.id}", "${aws_security_group.tcp_internal_access.id}","${aws_security_group.splunk_access.id}","${aws_security_group.internet_access.id}" ]
      subnet_id     = "..."
      associate_public_ip_address = true

      connection {
        type = "ssh"
        user = "ec2-user"
        private_key = "${file("${var.private_key_path}")}"
      }

       provisioner "remote-exec" {
         inline = [
           "touch foo",
         ]
       }
    }

I have tried a few different iterations of the non-working code (including an silly attempt to hard-code a public ip for a spot instance and an attempted self-reference to the spot instances public ip - which gave an no such attribute error). Unfortunately, I could not find anyone with similar issues via google. From what I have read, I should be able to provision a spot instance in this manner.

Thanks for any help you can provide.

Answer 1

You need to add wait_for_fulfillment = true to your spot instance request or the resource will return before the instance is created.