Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

aws_acm_certificate_validation does not respect timeout and cannot be interrupted #13031

Open
steinybot opened this issue Apr 27, 2020 · 2 comments
Open

aws_acm_certificate_validation does not respect timeout and cannot be interrupted #13031

steinybot opened this issue Apr 27, 2020 · 2 comments
Labels
bug Addresses a defect in current functionality. service/acm Issues and PRs that pertain to the acm service.

Comments

@steinybot
Copy link

Community Note

  • Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
  • Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
  • If you are interested in working on this issue or have submitted a pull request, please leave a comment

Terraform Version

❯ terraform -v
Terraform v0.12.24
+ provider.aws v2.59.0

Affected Resource(s)

  • aws_acm_certificate_validation

Terraform Configuration Files

resource "aws_acm_certificate" "web" {
  provider = aws.us-east-1

  domain_name       = var.domain
  lifecycle {
    create_before_destroy = true
  }
  tags              = var.tags
  validation_method = "DNS"
}

resource "aws_acm_certificate_validation" "web" {
  provider = aws.us-east-1

  certificate_arn         = aws_acm_certificate.web.arn
  validation_record_fqdns = [
    aws_route53_record.web_cert_validation.fqdn
  ]
}

Debug Output

Panic Output

Expected Behavior

By default the certificate validation should timeout after 45 minutes.

Sending the interrupt signal should stop waiting for the certificate to be validated.

Actual Behavior

It did not timeout after 45 minutes.

It did not shut down gracefully upon receiving the interrupt signal.

...
module.website.aws_acm_certificate_validation.web: Still creating... [1h38m29s elapsed]
module.website.aws_acm_certificate_validation.web: Still creating... [1h38m39s elapsed]
module.website.aws_acm_certificate_validation.web: Still creating... [1h38m49s elapsed]
^CInterrupt received.
Please wait for Terraform to exit or data loss may occur.
Gracefully shutting down...
Stopping operation...
module.website.aws_acm_certificate_validation.web: Still creating... [1h38m59s elapsed]
module.website.aws_acm_certificate_validation.web: Still creating... [1h39m9s elapsed]
module.website.aws_acm_certificate_validation.web: Still creating... [1h39m19s elapsed]
...
module.website.aws_acm_certificate_validation.web: Still creating... [1h41m39s elapsed]
module.website.aws_acm_certificate_validation.web: Still creating... [1h41m49s elapsed]
module.website.aws_acm_certificate_validation.web: Still creating... [1h41m59s elapsed]
^CTwo interrupts received. Exiting immediately. Note that data
loss may have occurred.

Error: operation canceled

Steps to Reproduce

Use a new zone that is using a subdomain which does not have a NS record in the zone for the domain root.

  1. terraform apply

Important Factoids

References
@ghost ghost added the service/acm Issues and PRs that pertain to the acm service. label Apr 27, 2020
@github-actions github-actions bot added the needs-triage Waiting for first response or review from a maintainer. label Apr 27, 2020
@justinretzolk
Copy link
Member

Hey @steinybot 👋 Thank you for taking the time to file this issue. Given that there's been a number of AWS Provider releases since you initially filed it, can you confirm whether you're still experiencing this behavior?

@justinretzolk justinretzolk added waiting-response Maintainers are waiting on response from community or contributor. and removed needs-triage Waiting for first response or review from a maintainer. labels Oct 5, 2021
@github-actions github-actions bot removed the waiting-response Maintainers are waiting on response from community or contributor. label Mar 10, 2022
@justinretzolk justinretzolk added the waiting-response Maintainers are waiting on response from community or contributor. label Mar 18, 2022
@dinoshauer
Copy link

This seems to still be an issue on 4.15.0 at least, I just tried creating a certificate validation in a private zone (never resolved of course), TF ran for 1h10m before I had to cancel the github actions workflow :)

@github-actions github-actions bot removed the waiting-response Maintainers are waiting on response from community or contributor. label Sep 15, 2022
@justinretzolk justinretzolk added the bug Addresses a defect in current functionality. label Nov 10, 2022
@t0yv0 t0yv0 mentioned this issue Mar 29, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Addresses a defect in current functionality. service/acm Issues and PRs that pertain to the acm service.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@dinoshauer @steinybot @justinretzolk