Example fail if added HTTPS listeners
AlmogCohen opened this issue · 2 comments
When running the example exactly as it is (with fixed stack solution name as I mentioned in the other issue) with the additional loadbalancer_certificate_arn = "arn:aws:acm:us-east-1:SOME_REAL_ARN_ID" it fails with:
Error: Error applying plan:
1 error(s) occurred:
* module.elastic_beanstalk_environment.aws_elastic_beanstalk_environment.default: 1 error(s) occurred:
* aws_elastic_beanstalk_environment.default: Error waiting for Elastic Beanstalk Environment (e-d3ep2ub5md) to become ready: 3 errors occurred:
* 2019-04-14 01:35:27.327 +0000 UTC (e-d3ep2ub5md) : Stack named 'awseb-e-d3ep2ub5md-stack' aborted operation. Current state: 'CREATE_FAILED' Reason: The following resource(s) failed to create: [AWSEBV2LoadBalancerListener443, AWSEBInstanceLaunchWaitCondition].
* 2019-04-14 01:35:27.498 +0000 UTC (e-d3ep2ub5md) : Creating Load Balancer listener failed Reason: An SSL policy must be specified for HTTPS listeners (Service: AmazonElasticLoadBalancingV2; Status Code: 400; Error Code: ValidationError; Request ID: 8d9f505c-5e55-11e9-b45a-6b32a0fd16fd)
* 2019-04-14 01:35:27.576 +0000 UTC (e-d3ep2ub5md) : The EC2 instances failed to communicate with AWS Elastic Beanstalk, either because of configuration problems with the VPC or a failed EC2 instance. Check your VPC configuration and try launching the environment again.
Any clues? Is it something wrong with the module or should I make some changes to other resources (VPC/subnets)?
Thanks!
I've tried many times in different variations trying to fix it...always with the same error :)
It seems like this issue #78 is due to the same error.
According to this I use the recommended setting as loadbalancer_ssl_policy = "ELBSecurityPolicy-2016-08" and it all works.
I think we should set as the default value of loadbalancer_ssl_policy anyway to this value. I can create the PR if you agree about this.