Terraform can't find a resource which is declared in the same file where the reference is.
It seems that this line is causing trouble: role_arn = "${aws_iam_role.newsapi_lambda_codepipeline.arn}"
. It can't find newsapi_lambda_codepipeline
which is declared as resource "aws_iam_role" "newsapi_lambda_codepipeline" { ... }
.
This is my main.tf:
resource "aws_s3_bucket" "newsapi_lambda_builds" {
bucket = "newsapi-lambda-builds"
acl = "private"
}
resource "aws_iam_role" "newsapi_lambda_codebuild" {
name = "newsapi-lambda-codebuild"
assume_role_policy = <<EOF
{
"Version": "2012-10-17",
"Statement": [
{
"Action": [
"s3:GetObject",
"s3:GetObjectVersion",
"s3:GetBucketVersioning"
],
"Resource": "arn:aws:s3:::newsapi_lambda_builds",
"Effect": "Allow"
},
{
"Action": [
"s3:PutObject"
],
"Resource": [
"arn:aws:s3:::newsapi_lambda_builds"
],
"Effect": "Allow"
},
{
"Action": [
"lambda:invokefunction",
"lambda:listfunctions"
],
"Resource": "*",
"Effect": "Allow"
},
{
"Effect": "Allow",
"Resource": [
"*"
],
"Action": [
"logs:CreateLogGroup",
"logs:CreateLogStream",
"logs:PutLogEvents"
]
}
]
}
EOF
}
resource "aws_iam_role" "newsapi_lambda_codepipeline" {
name = "newsapi-lambda-codepipeline"
assume_role_policy = <<EOF
{
"Statement": [
{
"Effect": "Allow",
"Principal": {
"Service": "codepipeline.amazonaws.com"
},
"Action": "sts:AssumeRole"
},
{
"Action": [
"s3:GetObject",
"s3:GetObjectVersion",
"s3:GetBucketVersioning"
],
"Resource": "${aws_s3_bucket.newsapi_lambda_builds.arn}",
"Resource": "${aws_s3_bucket.newsapi_lambda_builds.arn}/*"
"Effect": "Allow"
},
{
"Action": [
"s3:PutObject"
],
"Resource": [
"arn:aws:s3:::newsapi_lambda_builds"
],
"Effect": "Allow"
},
{
"Effect": "Allow",
"Action": [
"codebuild:BatchGetBuilds",
"codebuild:StartBuild"
],
"Resource": "*"
}
],
"Version": "2012-10-17"
}
EOF
}
resource "aws_codepipeline" "newsapi_lambda" {
name = "newsapi-lambda"
role_arn = "${aws_iam_role.newsapi_lambda_codepipeline.arn}"
artifact_store {
location = "${aws_s3_bucket.newsapi_lambda_builds.bucket}"
type = "S3"
}
stage {
name = "Source"
action {
name = "Source"
category = "Source"
owner = "ThirdParty"
provider = "GitHub"
version = "1"
output_artifacts = ["newsapi_lambda"]
configuration {
Owner = "Defozo"
Repo = "traceitfor.me_newsapi_lambda"
Branch = "master"
}
}
}
stage {
name = "Build"
action {
name = "Build"
category = "Build"
owner = "AWS"
provider = "CodeBuild"
input_artifacts = ["newsapi_lambda"]
version = "1"
role_arn = "${aws_iam_role.newsapi_lambda_codebuild.arn}"
configuration {
ProjectName = "newsapi-lambda"
}
}
}
}
After executing terraform apply
I get:
Error: Error running plan: 1 error(s) occurred:
* aws_codepipeline.newsapi_lambda: 1 error(s) occurred:
* aws_codepipeline.newsapi_lambda: Resource 'aws_iam_role.newsapi_lambda_codepipeline' not found for variable 'aws_iam_role.newsapi_lambda_codepipeline.arn'
I don't understand why that happens. I have aws_iam_role.newsapi_lambda_codepipeline
declared, haven't I?
my_meta_data, Terraform picks it up as a value change on the description field, which forcefully destroys and then recreates the development-workstation resource.
To prevent destroy operations for specific resources, you can add the prevent_destroy attribute to your resource definition. This lifecycle option prevents Terraform from accidentally removing critical resources. Add prevent_destroy to your EC2 instance. Run terraform destroy to observe the behavior.
Using modules in terraform is similar to using resources except we use module clause for modules instead of resource clause. In modules, we only specify a name, which is used elsewhere in the configuration to reference module outputs. Source parameter is a required field for modules.
During planning, by default Terraform retrieves the latest state of each existing object and compares it with the current configuration, planning actions only against objects whose current state does not match the configuration.
For those experiencing an issue with aws_ecs_task_definition
not finding a variable for the aws_ecs_task_definition.XXX.arn
, there's a good chance your JSON came out malformed. Here's what I did to remedy my issue
task_definition = "[]"
terraform plan
At this point you should get an error. For example, I got
module.tf.aws_ecs_task_definition.sandbox: ECS Task Definition container_definitions is invalid: Error decoding JSON: json: cannot unmarshal string into Go struct field ContainerDefinition.MemoryReservation of type int64
In this case, I had quoted memSize
in my template_file
and it didn't implicitly convert to int64, hence an error.
I changed "memoryReservation": "${mem_size}"
to "memoryReservation": ${mem_size}
, removed the task_definition placeholder, and everything went smoothly.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With