Incompatibility between fe provider and terraform 1.6.X
Closed this issue · 3 comments
xfrancois commented
Hello,
It seems that flexible-engine provider is broken with terraform 1.6.X
Tested with :
- Terraform 1.6.0, 1.6.1, 1.6.2, 1.6.4, 1.6.4
- Flexible engine provider 1.42.0, 1.43.0
- S3 Backend
backend "s3" {
bucket = "terraform-bucket-cce-tools-ext-itg"
key = "terraform-itg.tfstate"
region = "eu-west-0"
endpoint = "https://oss.eu-west-0.prod-cloud-ocb.orange-business.com"
skip_region_validation = true
skip_credentials_validation = true
skip_metadata_api_check = true
}
A terraform init with terraform 1.6.X is failing with the following error :
Initializing the backend...
│ Warning: Deprecated Parameter
│
│ on required_providers.tf line 9, in terraform:
│ 9: endpoint = "https://oss.eu-west-0.prod-cloud-ocb.orange-business.com"
│
│ The parameter "endpoint" is deprecated. Use parameter "endpoints.s3" instead.
╵
│ Error: Retrieving AWS account details: AWS account ID not previously found and failed retrieving via all available methods.
│
│ See https://www.terraform.io/docs/providers/aws/index.html#skip_requesting_account_id for workaround and implications.
│ Errors: 2 errors occurred:
│ * retrieving caller identity from STS: operation error STS: GetCallerIdentity, https response error StatusCode: 0, RequestID: , request send failed, Post "https://sts.eu-west-0.amazonaws.com/": dial tcp: lookup sts.eu-west-0.amazonaws.com on <ip>:53: no such host
│ * retrieving account information via iam:ListRoles: operation error IAM: ListRoles, https response error StatusCode: 403, RequestID: 3206fee4-1f32-4d09-9b55-c29b9a165a18, api error InvalidClientTokenId: The security token included in the request is invalid.
Steps to Reproduce
- Install terraform 1.6.4
- Use flexibleengine provider with version 1.43.0
- Do a terraform init
xfrancois commented
It seems to be related to this issue : hashicorp/terraform#33981
A workaround is to have this configuration :
backend "s3" {
bucket = "terraform-bucket-cce-tools-ext-itg"
key = "terraform-itg.tfstate"
region = "eu-west-0"
endpoints = { s3 = "https://oss.eu-west-0.prod-cloud-ocb.orange-business.com" }
skip_requesting_account_id = true
skip_s3_checksum = true
skip_region_validation = true
skip_credentials_validation = true
skip_metadata_api_check = true
}
After more investigation, it seems to be related to evolution on s3 backend since terraform 1.6.X more than flexible engine provider. Feel free to close this issue in this case.
ShiChangkuo commented
@xfrancois Thank you for reporting, we will update the backend guide according to terraform 1.6.X.
irishgordo commented
@xfrancois thank you so much for linking that work-around - I was struggling to get this to work but with that workaround it seems to be good - ty!