Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

cors_rule problem #78

Closed
sancha18 opened this issue Apr 7, 2021 · 4 comments · Fixed by #79
Closed

cors_rule problem #78

sancha18 opened this issue Apr 7, 2021 · 4 comments · Fixed by #79

Comments

@sancha18
Copy link

sancha18 commented Apr 7, 2021

Description

I wan't to create one S3 bucket with cors_rule rule information, but getting error.

Versions

  • Terraform:Terraform v0.12.7
  • Terragrunt: terragrunt version v0.28.18
  • Provider(s): don't have idia, bevause installet only terraform and terragrunt using brew install
  • Module: source = "git::git@github.com:terraform-aws-modules/terraform-aws-s3-bucket.git?ref=v1.6.0"

Reproduction

Steps to reproduce the behavior:

  1. create aws test account
  2. create user for s3 without any roles assing as wit application access
  3. copy arn ot the user
  4. save my code and replace user arnin ${dependency.apple-iam.outputs.s3-user-ui_arn}
  5. try run terragrun apply in . with my code

Code Snippet to Reproduce

terraform {
  source = "git::git@github.com:terraform-aws-modules/terraform-aws-s3-bucket.git?ref=v1.6.0"
}

dependencies {
  paths = ["../aws-data" , "../apple-iam"]
}

dependency "apple-iam" {
  config_path = "../apple-iam"
}

include {
  path = find_in_parent_folders()
}

###########################################################
# View all available inputs for this module:
# https://registry.terraform.io/modules/terraform-aws-modules/s3-bucket/aws/1.6.0?tab=inputs
###########################################################
inputs = {
  # (Optional, Forces new resource) The name of the bucket. If omitted, Terraform will assign a random, unique name.
  # type: string
  bucket = "terraform-apple-ui"
  

  # (Optional) If specified, the AWS region this bucket should reside in. Otherwise, the region used by the callee.
  # type: string
  #region = "eu-central-1"

  block_public_acls = false

  block_public_policy  = false

  ignore_public_acls = false

  restrict_public_buckets = false

  attach_policy = true

  #example of json:
  # jsonencode("${variable}/text bla bla bla") 
   policy = jsonencode({
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "",
            "Effect": "Allow",
            "Principal": {
                "AWS": "${dependency.apple-iam.outputs.s3-user-ui_arn}"
            },
            "Action": "s3:*",
            "Resource": [
                "arn:aws:s3:::terraform-apple-ui/*",
                "arn:aws:s3:::terraform-apple-ui"
            ]
        },
        {
            "Sid": "",
            "Effect": "Allow",
            "Principal": "*",
            "Action": "s3:GetObject",
            "Resource": [
                "arn:aws:s3:::terraform-apple-ui/*",
                "arn:aws:s3:::terraform-apple-ui"
            ]
        }
    ]
})

cors_rule = [
    {
      allowed_methods = ["PUT", "POST"]
      allowed_origins = ["https://modules.tf", "https://terraform-aws-modules.modules.tf"]
      allowed_headers = ["*"]
      expose_headers  = ["ETag"]
      max_age_seconds = 3000
      }, {
      allowed_methods = ["PUT"]
      allowed_origins = ["https://example.com"]
      allowed_headers = ["*"]
      expose_headers  = ["ETag"]
      max_age_seconds = 3000
    }
  ]

}

Expected behavior

should create S3 with filled cors_rule from field cors_rule in terracgrunthcl

Actual behavior

error on terragrunt apply or\and terragrunt apply-all

Error: Invalid function argument

on main.tf line 25, in resource "aws_s3_bucket" "this":
25: for_each = length(keys(var.cors_rule)) == 0 ? [] : [var.cors_rule]
|----------------
| var.cors_rule is tuple with 2 elements

Invalid value for "inputMap" parameter: must have map or object type.

ERRO[0014] Hit multiple errors:
Hit multiple errors:
exit status 1

Additional context

thanks
@antonbabenko antonbabenko mentioned this issue Apr 9, 2021
Merged
@antonbabenko
Copy link
Member

v1.24.0 has been just released.

@sancha18
Copy link
Author

sancha18 commented Apr 9, 2021
edited by antonbabenko
Loading

Additional information only after todays Anton stream, i realized that i can try migrate to terraform 13.1, i've done it and with jsonencode() this part start wokring fine.

part of the code for cors_rule:

cors_rule = jsonencode([
    {
      allowed_methods = ["PUT", "POST"]
      allowed_origins = ["https://modules.tf", "https://terraform-aws-modules.modules.tf"]
      allowed_headers = ["*"]
      expose_headers  = ["ETag"]
      max_age_seconds = 3000
      }, {
      allowed_methods = ["PUT"]
      allowed_origins = ["https://example.com"]
      allowed_headers = ["*"]
      expose_headers  = ["ETag"]
      max_age_seconds = 3000
    }
  ])

anyway, thanks Anton for the new release and today's stream on youtube on your channel.

@antonbabenko
Copy link
Member

I am glad that it works for you now.

Here is the link to the stream where I was fixing this - https://youtu.be/hDRjCDsnyYI?t=3333

@github-actions
Copy link

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Oct 29, 2022
# for free to subscribe to this conversation on GitHub. Already have an account? #.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

feat: Added workaround for variable type any terraform-aws-modules/terraform-aws-s3-bucket
2 participants
@antonbabenko @sancha18