Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Invalid AWS region error when using providers.tf #14

Open
3 tasks done
andylamp opened this issue Oct 31, 2023 · 0 comments
Open
3 tasks done

Invalid AWS region error when using providers.tf #14

andylamp opened this issue Oct 31, 2023 · 0 comments
Labels
bug Something isn't working triage

Comments

@andylamp
Copy link
Contributor

Is there an existing issue for this?

  • I have searched the existing Issues

Current Behavior

Current behavior has a regression when you use the module and create a terraform plan with a providers.tf and a non-specific AWS region in the credentials used causes an invalid AWS region error as is shown in the output of terraform plan:

var.deploy-env
  The domain name to use.

  Enter a value: staging

module.opennext.module.cloudfront_logs.data.archive_file.cloudfront_logs_zip: Reading...
module.opennext.module.cloudfront_logs.data.archive_file.cloudfront_logs_zip: Read complete after 0s [id=36462a90b27335319e6d9356845c763c29fc07ba]
module.opennext.module.cloudfront_logs.data.aws_canonical_user_id.current: Reading...
module.opennext.module.cloudfront_logs.data.aws_region.current: Reading...
module.opennext.module.cloudfront_logs.data.aws_caller_identity.current: Reading...
module.opennext.module.cloudfront_logs.data.aws_iam_policy_document.cloudfront_logs_assume_role: Reading...
module.opennext.module.cloudfront_logs.data.aws_region.current: Read complete after 0s [id=eu-west-1]
data.aws_route53_zone.zone: Reading...
module.opennext.module.cloudfront_logs.data.aws_iam_policy_document.cloudfront_logs_assume_role: Read complete after 0s [id=2690255455]
module.opennext.data.aws_region.current: Reading...
module.opennext.data.aws_caller_identity.current: Reading...
module.opennext.data.aws_region.current: Read complete after 0s [id=eu-west-1]
module.opennext.module.cloudfront_logs.data.aws_canonical_user_id.current: Read complete after 1s [id=ca48308bbee5e7392497917a400b3819ccdf5c429a1bd4b26d81dd97f0ab1c7f]
module.opennext.data.aws_caller_identity.current: Read complete after 1s [id=161132967934]
module.opennext.module.cloudfront_logs.data.aws_caller_identity.current: Read complete after 1s [id=161132967934]
module.opennext.module.cloudfront_logs.data.aws_iam_policy_document.cloudwatch_logs_key_policy[0]: Reading...
module.opennext.module.cloudfront_logs.data.aws_iam_policy_document.cloudwatch_logs_key_policy[0]: Read complete after 0s [id=3898385926]
data.aws_route53_zone.zone: Read complete after 2s [id=Z3060VNZRGFCJY]

Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
  + create
 <= read (data resources)

Terraform planned the following actions, but then encountered a problem:
.... more stuff here

Plan: 19 to add, 0 to change, 0 to destroy.
╷
│ Error: Invalid AWS Region: 
│ 
│   with module.opennext.module.assets.provider["registry.terraform.io/hashicorp/aws"],
│   on .terraform/modules/opennext/modules/opennext-assets/main.tf line 12, in provider "aws":
│   12: provider "aws" {
│ 
╵
╷
│ Error: Invalid AWS Region: 
│ 
│   with module.opennext.module.cloudfront.provider["registry.terraform.io/hashicorp/aws"],
│   on .terraform/modules/opennext/modules/opennext-cloudfront/main.tf line 12, in provider "aws":
│   12: provider "aws" {
│ 
╵
╷
│ Error: Invalid AWS Region: 
│ 
│   with module.opennext.module.revalidation_function.provider["registry.terraform.io/hashicorp/aws"],
│   on .terraform/modules/opennext/modules/opennext-lambda/main.tf line 16, in provider "aws":
│   16: provider "aws" {
│ 
╵
╷
│ Error: Invalid AWS Region: 
│ 
│   with module.opennext.module.warmer_function.provider["registry.terraform.io/hashicorp/aws"],
│   on .terraform/modules/opennext/modules/opennext-lambda/main.tf line 16, in provider "aws":
│   16: provider "aws" {
│ 
╵
╷
│ Error: Invalid AWS Region: 
│ 
│   with module.opennext.module.server_function.provider["registry.terraform.io/hashicorp/aws"],
│   on .terraform/modules/opennext/modules/opennext-lambda/main.tf line 16, in provider "aws":
│   16: provider "aws" {
│ 
╵
╷
│ Error: Invalid AWS Region: 
│ 
│   with module.opennext.module.image_optimization_function.provider["registry.terraform.io/hashicorp/aws"],
│   on .terraform/modules/opennext/modules/opennext-lambda/main.tf line 16, in provider "aws":
│   16: provider "aws" {
│ 
╵
╷
│ Error: Invalid AWS Region: 
│ 
│   with module.opennext.module.revalidation_queue.provider["registry.terraform.io/hashicorp/aws"],
│   on .terraform/modules/opennext/modules/opennext-revalidation-queue/main.tf line 12, in provider "aws":
│   12: provider "aws" {
│

Expected Behavior

To pass without an error.

Steps To Reproduce

Use the project as a resource within a project. The acm.tf are taken verbatim whereas the providers are put in providers.tf.

providers.tf:

provider "aws" {
  region = var.region
  default_tags {
    tags = local.default_tags
  }
}

provider "aws" {
  alias  = "global"
  region = "us-east-1"

  default_tags {
    tags = local.default_tags
  }
}

main.tf

# The main file that provisions the infra for the open-next cloudfront distributions

locals {
  domain_name = join(".", [var.deploy-env, var.domain-suffix])
  default_tags = {
    Project     = "my-next"
    Environment = var.deploy-env
    ManagedBy   = "Terraform"
  }
}

module "opennext" {
  source  = "nhs-england-tools/opennext/aws"
  version = "1.0.3"

  prefix              = "opennext"
  default_tags        = local.default_tags
  opennext_build_path = "../.open-next"
  hosted_zone_id      = data.aws_route53_zone.zone.zone_id

  cloudfront = {
    aliases             = [local.domain_name]
    acm_certificate_arn = aws_acm_certificate_validation.ssl_certificate.certificate_arn
    assets_paths        = ["/images/*"]
  }
}

Output

The error output provided above.

Code of Conduct

  • I agree to follow this project's Code of Conduct

Sensitive Information Declaration

  • I confirm that neither PII/PID nor sensitive data are included in this form
@andylamp andylamp added bug Something isn't working triage labels Oct 31, 2023
@andylamp andylamp mentioned this issue Oct 31, 2023
Merged
10 tasks
github-merge-queue bot pushed a commit that referenced this issue Jan 26, 2024
@andylamp @Tomdango
Feature: add region explicitly in aws provider to avoid regressions (#15
f8e81a7 
)

<!-- markdownlint-disable-next-line first-line-heading -->
## Description

This addresses the regression observed in certain configurations as
described in issue #14.

<!-- Describe your changes in detail. -->

The PR refactors the project to take the `region` from variables but
only _if and only if provided explicitly_. If not, the current behavior
is maintained. This refactor means that all modules within the project
take the provider region as a parameter which is used for all non
aliased (_i.e._ non-global) ones.

## Context

<!-- Why is this change required? What problem does it solve? -->

Resolves regressions observed in #14.

## Type of changes

<!-- What types of changes does your code introduce? Put an `x` in all
the boxes that apply. -->

- [x] Refactoring (non-breaking change)
- [x] New feature (non-breaking change which adds functionality)
- [ ] Breaking change (fix or feature that would change existing
functionality)
- [x] Bug fix (non-breaking change which fixes an issue)

## Checklist

<!-- Go over all the following points, and put an `x` in all the boxes
that apply. -->

- [x] I am familiar with the [contributing
guidelines](../docs/CONTRIBUTING.md)
- [x] I have followed the code style of the project
- [ ] I have added tests to cover my changes
- [ ] I have updated the documentation accordingly
- [ ] This PR is a result of pair or mob programming

---

## Sensitive Information Declaration

To ensure the utmost confidentiality and protect your and others
privacy, we kindly ask you to NOT including [PII (Personal Identifiable
Information) / PID (Personal Identifiable
Data)](https://digital.nhs.uk/data-and-information/keeping-data-safe-and-benefitting-the-public)
or any other sensitive data in this PR (Pull Request) and the codebase
changes. We will remove any PR that do contain any sensitive
information. We really appreciate your cooperation in this matter.

- [x] I confirm that neither PII/PID nor sensitive data are included in
this PR and the codebase changes.

---------

Signed-off-by: Thomas Judd-Cooper <[email protected]>
Co-authored-by: Thomas Judd-Cooper <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working triage
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@andylamp