-
Notifications
You must be signed in to change notification settings - Fork 9.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Terraform crash while changing s3 bucket #6600
Comments
From the crash log:
This is the relevant code: https://github.com/terraform-providers/terraform-provider-aws/blob/v1.46.0/aws/resource_aws_s3_bucket.go#L1832-L1838 if f, ok := rr["filter"].([]interface{}); ok && len(f) > 0 {
// XML schema V2.
rcRule.Priority = aws.Int64(int64(rr["priority"].(int)))
rcRule.Filter = &s3.ReplicationRuleFilter{}
filter := f[0].(map[string]interface{})
tags := filter["tags"].(map[string]interface{})
if len(tags) > 0 { |
@davidcox67 Do you have the HCL for the resource before the update (i.e. last known good configuration)? Thanks. |
This looks very similar to #7427. @davidcox67 are you able to provide any additional information about how this occurred? |
…ation rules filter References: * #7427 * #6600 This is a best effort fix given this may be caused by a manual console update and we do not have a replicating Terraform configuration. The previous code was missing a `nil` check before type assertion. Output from acceptance testing: ``` --- PASS: TestAccAWSS3Bucket_shouldFailNotFound (17.44s) --- PASS: TestAccAWSS3Bucket_Cors_EmptyOrigin (29.29s) --- PASS: TestAccAWSS3Bucket_enableDefaultEncryption_whenAES256IsUsed (29.94s) --- PASS: TestAccAWSS3Bucket_Cors_Delete (31.64s) --- PASS: TestAccAWSS3Bucket_importBasic (33.49s) --- PASS: TestAccAWSS3Bucket_ReplicationExpectVersioningValidationError (41.70s) --- PASS: TestAccAWSS3Bucket_Logging (47.80s) --- PASS: TestAccAWSS3Bucket_LifecycleExpireMarkerOnly (52.04s) --- PASS: TestAccAWSS3Bucket_disableDefaultEncryption_whenDefaultEncryptionIsEnabled (52.96s) --- PASS: TestAccAWSS3Bucket_Cors_Update (53.36s) --- PASS: TestAccAWSS3Bucket_objectLock (53.81s) --- PASS: TestAccAWSS3Bucket_enableDefaultEncryption_whenTypical (58.86s) --- PASS: TestAccAWSS3Bucket_WebsiteRoutingRules (48.75s) --- PASS: TestAccAWSS3Bucket_ReplicationWithoutStorageClass (70.75s) --- PASS: TestAccAWSS3Bucket_Policy (70.96s) --- PASS: TestAccAWSS3Bucket_ReplicationWithoutPrefix (72.03s) --- PASS: TestAccAWSS3Bucket_Versioning (72.13s) --- PASS: TestAccAWSS3Bucket_Lifecycle (73.01s) --- PASS: TestAccAWSS3Bucket_RequestPayer (47.45s) --- PASS: TestAccAWSS3Bucket_basic (24.91s) --- PASS: TestAccAWSS3Bucket_namePrefix (24.41s) --- PASS: TestAccAWSS3Bucket_region (31.70s) --- PASS: TestAccAWSS3Bucket_generatedName (26.78s) --- PASS: TestAccAWSS3Bucket_acceleration (49.96s) --- PASS: TestAccAWSS3Bucket_importWithPolicy (35.90s) --- PASS: TestAccAWSS3Bucket_UpdateAcl (48.55s) --- PASS: TestAccAWSS3Bucket_WebsiteRedirect (70.34s) --- PASS: TestAccAWSS3Bucket_Website_Simple (70.38s) --- PASS: TestAccAWSS3Bucket_ReplicationConfiguration_Rule_Destination_AccessControlTranslation (148.13s) --- PASS: TestAccAWSS3Bucket_ReplicationSchemaV2 (216.56s) --- PASS: TestAccAWSS3Bucket_Replication (225.08s) ```
Best effort fix submitted due to lack of issue replication: #7887 |
The fix mentioned above has been merged and will release with version 2.2.0 of the Terraform AWS Provider, likely later today. |
This has been released in version 2.2.0 of the Terraform AWS provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading. |
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thanks! |
This issue was originally opened by @davidcox67 as hashicorp/terraform#19463. It was migrated here as a result of the provider split. The original body of the issue is below.
Terraform v0.11.10
provider "aws" {
region = "us-east-1"
}
variable "bucket" {
default = "???"
}
terraform {
backend "s3" {
bucket = "???"
key = "???"
region = "us-east-1"
}
}
resource "aws_s3_bucket" "bucket" {
bucket = "${var.bucket}"
acl = ""
}
resource "aws_s3_bucket_policy" "bucket" {
bucket = "${aws_s3_bucket.bucket.id}"
policy = <<POLICY
{
"Version": "2008-10-17",
"Id": "PolicyForCloudFrontPrivateContent",
"Statement": [{
"Sid":"1",
"Effect":"Allow",
"Principal":{
"AWS": "arn:aws:iam::cloudfront:user/CloudFront Origin Access Identity ???"
},
"Action": "s3:GetObject",
"Resource":"arn:aws:s3:::???/*"
}]
}
POLICY
}
crash.log
The text was updated successfully, but these errors were encountered: