Terraform remote state with OCI bucket failing to save state file in OCI bucket

[Calebache]

Terraform OCI Object Storage failing to save terraform remote state

terraform v1.11.3

• provider registry.terraform.io/oracle/oci v6.32.0

Affected Resource(s)

terraform remote backend, the s3 remote state was working and suddenly stopped working with the error Error: Failed to save state. The state is initialized properly but fails to save it even with the right permission in place.

Terraform Configuration Files

terraform {
backend “s3” {
bucket = "terraform-states"
region = "us-ashburn-1"
key = "terraform-state/tf.tfstate"
access_key = ""
secret_key = ""
skip_region_validation = true
skip_credentials_validation = true
skip_requesting_account_id = true
use_path_style = true
skip_s3_checksum = true
skip_metadata_api_check = true
endpoints = {
s3 = ""
}
}
}

### Debug Output

Error: Failed to save state
│
│ Error saving state: failed to upload state: operation error S3: PutObject, https response error StatusCode: 400, RequestID:
│ iad-1:0BBy1KcxkQWIHV23yOGenzbYUYqiA3EC12limtTcauUD6WSU7rAQY33U3SKlTvdy, HostID: , api error InvalidArgument: x-amz-content-sha256 must be UNSIGNED-PAYLOAD or a valid
│ sha256 value.
╵
╷
│ Error: Failed to persist state to backend
│
│ The error shown above has prevented Terraform from writing the updated state to the configured backend. To allow for recovery, the state has been written to the file
│ “errored.tfstate” in the current working directory.
│
│ Running “terraform apply” again at this point will create a forked state, making it harder to recover.
│
│ To retry writing this state, use the following command:
│     terraform state push errored.tfstate


### Expected Behavior

Terraform state should be successfully saved to OCI bucket

### Actual Behavior

Terraform is unable to save the state to OCI bucket, this was working before and recently starts popping this error affecting all my pipeline

### Steps to Reproduce

<!--- Please list the steps required to reproduce the issue. --->

1. `terraform apply`

### Important Factoids

<!--- Is there anything atypical about your environment that we should know? For example: Is the issue specific to a region? --->

### References

<!---
This issue occured last year in terraform v1.6.3 https://github.com/hashicorp/terraform/issues/34053 which is currently closed.
--->

[tf-oci-pub]

Thank you for reporting the issue. We have raised an internal ticket to track this. Our service engineers will get back to you.

[0Zusu]

the same issue is been happening since terraform version 1.11.2, as to add further info into the issue, regards.

[Calebache]

I was able to resolve this by adding these environment variables

export AWS_REQUEST_CHECKSUM_CALCULATION=when_required
export AWS_RESPONSE_CHECKSUM_VALIDATION=when_required

link to issue on hashicorp that resolved it: hashicorp/terraform#36704

[0Zusu]

is there a way to do this through flags instead? i would have imagine that the flag "skip_s3_checksum = true" would have us skip this altogether

[dhoogfr]

Don't know about the configuration flags, but I found at setting the following in the ini file containing the access and secret keys works

request_checksum_calculation=when_required
response_checksum_validation=when_required

[prime4567]

Don't know about the configuration flags, but I found at setting the following in the ini file containing the access and secret keys works

request_checksum_calculation=when_required
response_checksum_validation=when_required

I confirm that this works. The default file in Ubuntu is ~/.aws/credentials. Here is my copy"

[default]
aws_access_key_id=<your-access-key>
aws_secret_access_key=<your-secret-access-key>
request_checksum_calculation=when_required
response_checksum_validation=when_required