New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Terraform Remote State Fails: AuthorizationHeaderMalformed: The authorization header is malformed #18843
Comments
The first think I would check is that your s3 bucket and dynamoDB table are in us-east-1. The error suggests that the s3 bucket you are referencing for terraform remote state is in So, for example, your configuration might look like this (provided that the s3 bucket and dynamoDB table are in us-west-2):
|
Oh. I thought the latest release provides a feature to create the bucket and the table based on the configuration given. This has to be created in advance and then referenced? |
Correct, terraform does not automatically create the resources required for remote state. Those need to be created before use. |
@mildwonkey
Anyways I created the table and bucket in us-east-1 and then tried the script with and without the above entries. But I'm faced with the same error.
Not sure from where the us-west-2 is popping up. |
Sounds like something on your system is telling AWS to point to us-east-1 by default. The AWS CLI can be really helpful for troubleshooting - can you run You might want to check for any unexpected AWS environment variables (AWS_REGION or AWS_DEFAULT_REGION_ And in your credentials file" Are you AWS credentials defaulting to us-east-1? Something like this?
|
I found the problem; I had different credentials in ~/.aws/credentials and in ~/.aws/config. Now that I have cleaned it up it is working fine but still while running the ~/.aws/config
~/.aws/credentials
main.tf
During execution,
It shouldn't be asking right? |
Progress! You need to specify a region or profile in your Hope this helps! |
I believe setting the Admittedly, this is not well documented in the backend/provider documentation and in the future we may consider enabling loading the configuration by default (in a major version upgrade). |
@mildwonkey @bflad |
I ran into this issue when I accidentally set a data block to point at a region that didn't actually contain my state bucket (multi-region configuration). |
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further. |
Hi there,
I'm trying to try the remote state management with s3 and locking using dynamoDB. But it fails with error:
Error inspecting states in the "s3" backend: AuthorizationHeaderMalformed: The authorization header is malformed; the region 'us-east-1' is wrong; expecting 'us-west-2'
Terraform Version
Terraform Configuration Files
Debug Output
Last few lines from the logs
Expected Behavior
Should create security groups and keep the state in s3 and maintain locks using dynamodb
Actual Behavior
Fails to create the backend state
Steps to Reproduce
terraform init -backend-config="access_key=*******" -backend-config="secret_key=************"
References
Similar to #2774 but the bucket name is unique.
The text was updated successfully, but these errors were encountered: