Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

Terraform crashes on trying to apply s3 bucket inventory configs #27396

Closed
emagutu opened this issue Jan 4, 2021 · 2 comments
Closed

Terraform crashes on trying to apply s3 bucket inventory configs #27396

emagutu opened this issue Jan 4, 2021 · 2 comments
Labels
bug provider/aws

Comments

@emagutu
Copy link

emagutu commented Jan 4, 2021

Terraform Version

Terraform v0.14.3
+ provider registry.terraform.io/hashicorp/aws v3.22.0

Terraform Configuration Files

  aws_region = "us-east-1"
  buckets = {
    baas-s3-broker-aws-us-east-1-prod-iac = {
      acl                   = null
      kms_master_key_alias  = null
      logging_target_bucket = "baas-s3-broker-aws-us-east-1-prod-logs-iac"
      logging_target_prefix = "logs/"
      name                  = "baas-s3-broker-aws-us-east-1-prod-iac"
      sse_algorithm         = null
      versioning            = true
    }
    baas-s3-broker-aws-us-east-1-prod-logs-iac = {
      acl                   = "log-delivery-write"
      kms_master_key_alias  = null
      logging_target_bucket = null
      logging_target_prefix = null
      name                  = "baas-s3-broker-aws-us-east-1-prod-logs-iac"
      sse_algorithm         = null
      versioning            = null
    }
    binstore-statistics-use1-iac = {
      acl                   = "private"
      kms_master_key_alias  = null
      logging_target_bucket = null
      logging_target_prefix = null
      name                  = "binstore-statistics-use1-iac"
      sse_algorithm         = null
      versioning            = null
    }
  }
  bucket_policies = {
    baas-s3-broker-aws-us-east-1-prod-iac = {
      name = null
      policy_statements = [{
        actions = ["s3:PutObject"]
        conditions = [{
          test     = "StringNotEquals"
          values   = ["aws:kms"]
          variable = "s3:x-amz-server-side-encryption"
        }]
        effect = "Deny"
        principal = {
          aws     = ["*"]
          service = []
        }
        resources = ["arn:aws:s3:::baas-s3-broker-aws-us-east-1-prod-iac/*"]
        }, {
        actions = ["s3:PutObject"]
        conditions = [{
          test     = "Null"
          values   = ["true"]
          variable = "s3:x-amz-server-side-encryption"
        }]
        effect = "Deny"
        principal = {
          aws     = ["*"]
          service = []
        }
        resources = ["arn:aws:s3:::baas-s3-broker-aws-us-east-1-prod-iac/*"]
        }, {
        actions = ["s3:PutObject"]
        conditions = [{
          test     = "Null"
          values   = ["true"]
          variable = "s3:x-amz-server-side-encryption"
        }]
        effect = "Deny"
        principal = {
          aws     = ["*"]
          service = []
        }
        resources = ["arn:aws:s3:::baas-s3-broker-aws-us-east-1-prod-iac/*"]
      }]
    }
  }
  buckets_analytics = {
    baas-s3-broker-aws-us-east-1-prod-iac = {
      analytics = {
        cloudwiry-analytics = {
          bucket_account_id     = "282711413064"
          bucket_arn            = "arn:aws:s3:::s3-reports-cloudwiry-us-east-1"
          destination_prefix    = "DevFactory"
          filter_prefix         = null
          format                = null
          name                  = "cloudwiry-analytics"
          output_schema_version = null
          tags                  = {}
        }
        rehau = {
          bucket_account_id     = null
          bucket_arn            = null
          destination_prefix    = null
          filter_prefix         = "56ab5129-f171-431a-87ca-4a80568cbeb6"
          format                = null
          name                  = "rehau"
          output_schema_version = null
          tags                  = {}
        }
      }
      name = "baas-s3-broker-aws-us-east-1-prod-iac"
    }
  }
  bucket_notifications = {
    baas-s3-broker-aws-us-east-1-prod-iac = {
      lambda_notification = [{
        events              = ["s3:ObjectCreated:*"]
        filter_prefix       = null
        filter_suffix       = null
        id                  = null
        lambda_function_arn = "arn:aws:lambda:us-east-1:111111111111:function:increment-binstore-size-aws-us-east-1-ms-prod-iac"
        }, {
        events              = ["s3:ObjectRemoved:*"]
        filter_prefix       = null
        filter_suffix       = null
        id                  = null
        lambda_function_arn = "arn:aws:lambda:us-east-1:111111111111:function:increment-binstore-size-aws-us-east-1-ms-prod-iac"
      }]
      name = null
    }
  }
  buckets_inventory = {
    baas-s3-broker-aws-us-east-1-prod-iac = {
      account_id               = null
      bucket_arn               = "arn:aws:s3:::binstore-statistics-use1-iac"
      bucket_encryption        = null
      bucket_format            = "CSV"
      bucket_prefix            = null
      destination_bucket       = null
      enabled                  = null
      encryption_sse_kms       = null
      encryption_sse_s3        = null
      filter_prefix            = null
      included_object_versions = "All"
      name                     = "binstore-statistics-use1"
      optional_fields          = []
      schedule_frequency       = "Daily"
      sse_kms_key_id           = null
    }
  }
}
module "s3" {
  source               = "./../modules/s3/provision"
  buckets_inventory    = local.buckets_inventory
  buckets              = local.buckets
  bucket_policies      = local.bucket_policies
  buckets_analytics    = local.buckets_analytics
  bucket_notifications = local.bucket_notifications
}
output "s3_generated_resources" {
  value = module.s3.generated_resources
}
output "s3_analytics_resources" {
  value = module.s3.analytics_resources
}
output "s3_analytics_resources_list" {
  value = module.s3.analytics_resources_list
}
output "s3_analytics_resources_map" {
  value = module.s3.analytics_resources_map
}

Debug Output

https://gist.github.com/emagutu/062e0cd97b21c7913d11196a3a32c551

Crash Output

https://gist.github.com/emagutu/caa045280e44f9fb8e898fef9af73b16

Expected Behavior

s3 bucket inventory should be configured.

Actual Behavior

terraform crashed

Steps to Reproduce

  1. terraform init
  2. terraform apply

Additional Context

The terraform plan is successful but the terraform apply fails.

References

n/a
@emagutu emagutu added bug new new issue not yet triaged labels Jan 4, 2021
@jbardin jbardin added provider/aws and removed new new issue not yet triaged labels Jan 4, 2021
@ghost ghost mentioned this issue Jan 4, 2021
Closed
@ghost ghost closed this as completed Jan 4, 2021
@ghost
Copy link

ghost commented Jan 4, 2021

This issue has been automatically migrated to hashicorp/terraform-provider-aws#16952 because it looks like an issue with that provider. If you believe this is not an issue with the provider, please reply to hashicorp/terraform-provider-aws#16952.

@ghost
Copy link

ghost commented Feb 4, 2021

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@ghost ghost locked as resolved and limited conversation to collaborators Feb 4, 2021
This issue was closed.
# for free to subscribe to this conversation on GitHub. Already have an account? #.
Assignees
No one assigned
Labels
bug provider/aws
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@jbardin @emagutu