dynamic "condition_threshold" {
for_each = conditions.value.metric_absence != true ? [conditions.value] : []
content {
filter = condition_threshold.value.filter
comparison = condition_threshold.value.comparison
threshold_value = condition_threshold.value.threshold_value
duration = condition_threshold.value.duration
trigger {
count = conditions.value.trigger_percentage == null ? conditions.value.trigger_count : null
percent = conditions.value.trigger_percentage
}
aggregations {
alignment_period = condition_threshold.value.alignment_period
per_series_aligner = condition_threshold.value.per_series_aligner
cross_series_reducer = condition_threshold.value.cross_series_reducer
group_by_fields = condition_threshold.value.group_by_fields
}
evaluation_missing_data = "EVALUATION_MISSING_DATA_INACTIVE"
}
}
I am trying to run this terraform code and i keep getting an error which says An argument named "evaluation_missing_data" is not expected here.
I looked at the documentation and I am doing exactly as it says there and yet it giving out an error.
Any clues on what might the issue be?
I tried giving evaluation_missing_data a constant value instead of dynamic that I did before, yet it did not work.
I tried changing the terraform versions and yet it keeps giving me an error that this argument is not expected here.
google = ">= 3.1" is very old. Please use the latest version of a google provider witch is 4.43. Most likely, the evaluation_missing_data was added after version 3.1.
Related
I am creating a resource by using count in it. When I use split function in the output it gives me error while normal output where split is not used just works fine.
I am running on stack=dev right now. I expect the same resource to not get created on dev stack but it should get created in prod stack. I am trying to write a code in such a way
Below is the piece of code which gives error
data "aws_cloudformation_stack" "some_name" {
count = (local.stack == "dev" ? 0 : 1)
name = "${local.stack}_some_name"
}
output "public_alb_subnets" {
value = split(",", "${data.aws_cloudformation_stack.some_name[*].outputs["PublicElbSubnets"]}")
}
It gives me error
Error: Invalid function argument
on managed_alb.tf line 138, in output "public_alb_subnets":
138: value = split(",", "${data.aws_cloudformation_stack.some_name[*].outputs["PublicElbSubnets"]}")
|----------------
| data.aws_cloudformation_stack.some_name is empty tuple
Invalid value for "str" parameter: string required.
However below works
output "public_alb_security_groups" {
value = [
data.aws_cloudformation_stack.some_name[*].outputs["PublicElbSecurityGroup"],
data.aws_cloudformation_stack.some_name[*].outputs["InternalElbSecurityGroup"]
]
}
I tried many different options on the web but none of them worked. What I am doing wrong here. Even using count.index or 0 in place of * doesn't work
You have to make your output also conditional, based on your dev or prod environments:
output "public_alb_subnets" {
value = length(data.aws_cloudformation_stack.some_name) > 0 ? split(",", "${data.aws_cloudformation_stack.some_name[*].outputs["PublicElbSubnets"]}") : null
}
I am trying to get the value of function name from local.tf but I am not able to get it. I have terraform,tfvars in which I am giving the function name then it is passed to variable.tf. From varibale.tf I pass it to local.tf then to main.tf. I am not able to get the function name in main.tf. Any help would be appreciated.
terraform.tfvars
config = {
s3= {
//s3 configurations
}
s3_notifications = {
function_name = "test-lambda-mary"
}
}
variable.tf
variable "config" {
type = any
description = "S3 configuration block"
}
local.tf
function_name = {
for k, v in var.config :
k => lookup(v, "function_name", "")
}
module "all_notifications" {
source = "terraform-aws-modules/s3-bucket/aws//modules/notification"
for_each = var.config
bucket = module.s3_bucket[each.key].this_s3_bucket_id
lambda_notifications = {
lambda = {
function_name = local.function_name[each.key]
function_arn = "arn:aws:lambda:${data.aws_region.current.name}:${data.aws_caller_identity.current.account_id}:function:${local.function_name[each.key]}"
events = ["s3:ObjectCreated:*"]
}
}
}
error
"function_name" doesn't comply with restrictions ("^(arn:[\\w-]+:lambda:)?([a-z]{2}-(?:[a-z]+-){1,2}\\d{1}:)?(\\d{12}:)?(function:)?([a-zA-Z0-9-_]+)(:(\\$LATEST|[a-zA-Z0-9-_]+))?$"): ""
│
│ with module.all_notifications["s3"].aws_lambda_permission.allow["lambda"],
│ on .terraform/modules/all_notifications/modules/notification/main.tf line 63, in resource "aws_lambda_permission" "allow":
│ 63: function_name = each.value.function_name
If I put the function_name inside s3 braces it works absolutely fine but I need to have the fucntion name in s3_notification
That looks like a great hint. You're iterating over var.config which has 2 keys and only 1 of them has function_name defined. So when module is requested with s3 as a key, the function_value for that key will be empty string and AWS will fail the request as expected.
You can filter for_each = var.config to exclude such case, something like:
for_each = { for k, v in var.config: k => v if local.function_name[each.key] != ""}
Little nitpick: seems like the source of the module could be incorrectly written. Instead of terraform-aws-modules/s3-bucket/aws//modules/notification potentially it should be terraform-aws-modules/terraform-aws-s3-bucket//modules/notification. See https://github.com/terraform-aws-modules/terraform-aws-s3-bucket
A stab in the dark as I haven't used that module before.
But by looking at your error message:
"function_name" doesn't comply with restrictions ("^(arn:[\\w-]+:lambda:)?
it looks like for function_name you should pass Lambda's ARN, not name (contrary to what the variable name says).
BTW, is function_arn even a parameter here?
This error is coming since terraform module is expecting a valid and mandatory function name to create [aws_lambda_permission][1] resource using terraform-aws-modules/s3-bucket/aws//modules/notification module.
In your case you are looping the module on var.config which consist s3 and s3_notifications part and while first iteration its getting function name as null therefore its throwing this error.
"function_name" doesn't comply with restrictions ("^(arn:[\\w-]+:lambda:)?([a-z]{2}-(?:[a-z]+-){1,2}\\d{1}:)?(\\d{12}:)?(function:)?([a-zA-Z0-9-_]+)(:(\\$LATEST|[a-zA-Z0-9-_]+))?$"): ""
Better split the variable specific to s3_notification as list and iterate the module as below using count.
variable "s3_config" {
type = any
default = {
s3 = {
}
}
}
variable "s3_notify_lambda_func" {
type = list
default = ["test-lambda-mary","test"]. #N Numbers of functions
}
data "aws_region" "current" {}
data "aws_caller_identity" "current" {}
module "all_notifications" {
source = "terraform-aws-modules/s3-bucket/aws//modules/notification"
count = length(var.s3_notify_lambda_func) > 0 ? length(var.s3_notify_lambda_func) : 0
bucket = module.s3_bucket[count.index].this_s3_bucket_id
lambda_notifications = {
lambda = {
function_name = var.s3_notify_lambda_func[count.index]
function_arn = "arn:aws:lambda:${data.aws_region.current.name}:${data.aws_caller_identity.current.account_id}:function:${var.s3_notify_lambda_func[count.index]}"
events = ["s3:ObjectCreated:*"]
}
}
}
I have written the script to change the origin path" of a specific origin on a specific distribution in CloudFront. After changing the path I am getting errors when trying to update the distribution with the changes. I do not want to change anything else on the distribution besides the "origin path", so how do I call Update-CFDistribution to make these changes ideally without having to set every parameter (future updates to the API may cause this script to fail or even worst make incomplete modifications)?
$distributions = Get-CFDistributionList
foreach($distribution in $distributions) {
if($distribution.Id -eq "$CloudfrontDistributionId") {
foreach ($origin in $distribution.Origins) {
foreach($item in $origin.Items) {
if($item.Id -eq "OriginName") {
$item.OriginPath = "/$($S3BucketPrefix)"
Update-CFDistribution -Id $CloudfrontDistributionId -Origins_Item #($item)
}
}
}
}
}
Error
InvalidOperation: 5 validation errors detected: Value null at
'distributionConfig.defaultCacheBehavior' failed to satisfy
constraint: Member must not be null; Value null at
'distributionConfig.enabled' failed to satisfy constraint: Member must
not be null; Value null at 'distributionConfig.callerReference' failed
to satisfy constraint: Member must not be null; Value null at
'distributionConfig.origins.quantity' failed to satisfy constraint:
Member must not be null; Value at 'distributionConfig.comment' failed
to satisfy constraint: Member must not be null
I don't have the reputation to add just a comment so I'm having to put this as an answer, but it's better suited as a comment.
According to the documentation, there are a number of required fields when you issue an update, even if you're only trying to update one thing:
https://docs.aws.amazon.com/powershell/latest/reference/items/Update-CFDistribution.html
When you update a distribution, there are more required fields than
when you create a distribution. When you update your distribution by
using this API action, follow the steps here to get the current
configuration and then make your updates, to make sure that you
include all of the required fields.
I had the same issue and asked about it on the aws-tools-for-powershell Q&A. As far as I can tell, the answer is you just have to map all the properties. I took the time to do that today. In other PowerShell module contexts, I would expect you'd be able to just pipe in the object from a Get call with changes into an Update call and it would handle the parameter bindings. That doesn't work in this context. This is a known issue for a lot of aws-tools-for-powershell cmdlets according to aws-tools-for-powershell Issue #214.
Below is a snippet of the 66 mappings required to ensure you're updating all properties exactly as they were handed to you in the original Get call. It's possible fewer are actually required, but given I want an exact copy it felt safer to ensure all the data was available and let the API decide what could be dropped.
The etag thing is from: AWS PowerShell update CloudFront distribution
$distribution = Get-CFDistribution -Id $distributionFromList.Id
$etag = $AWSHistory.LastServiceResponse.ETag
$params = #{
Id = $distribution.Id
Verbose = $true
IfMatch = $etag
Aliases_Item = $distribution.DistributionConfig.Aliases.Items
Aliases_Quantity = $distribution.DistributionConfig.Aliases.Quantity
AllowedMethods_Item = $distribution.DistributionConfig.DefaultCacheBehavior.AllowedMethods.Items
AllowedMethods_Quantity = $distribution.DistributionConfig.DefaultCacheBehavior.AllowedMethods.Quantity
CacheBehaviors_Item = $distribution.DistributionConfig.CacheBehaviors.Items
CacheBehaviors_Quantity = $distribution.DistributionConfig.CacheBehaviors.Quantity
CachedMethods_Item = $distribution.DistributionConfig.DefaultCacheBehavior.AllowedMethods.CachedMethods.Items
CachedMethods_Quantity = $distribution.DistributionConfig.DefaultCacheBehavior.AllowedMethods.CachedMethods.Quantity
Cookies_Forward = $distribution.DistributionConfig.DefaultCacheBehavior.ForwardedValues.Cookies.Forward
CustomErrorResponses_Item = $distribution.DistributionConfig.CustomErrorResponses.Items
CustomErrorResponses_Quantity = $distribution.DistributionConfig.CustomErrorResponses.Quantity
DefaultCacheBehavior_CachePolicyId = $distribution.DistributionConfig.DefaultCacheBehavior.CachePolicyId
DefaultCacheBehavior_Compress = $distribution.DistributionConfig.DefaultCacheBehavior.Compress
DefaultCacheBehavior_DefaultTTL = $distribution.DistributionConfig.DefaultCacheBehavior.DefaultTTL
DefaultCacheBehavior_FieldLevelEncryptionId = $distribution.DistributionConfig.DefaultCacheBehavior.FieldLevelEncryptionId
DefaultCacheBehavior_MaxTTL = $distribution.DistributionConfig.DefaultCacheBehavior.MaxTTL
DefaultCacheBehavior_MinTTL = $distribution.DistributionConfig.DefaultCacheBehavior.MinTTL
DefaultCacheBehavior_OriginRequestPolicyId = $distribution.DistributionConfig.DefaultCacheBehavior.OriginRequestPolicyId
DefaultCacheBehavior_RealtimeLogConfigArn = $distribution.DistributionConfig.DefaultCacheBehavior.RealtimeLogConfigArn
DefaultCacheBehavior_ResponseHeadersPolicyId = $distribution.DistributionConfig.DefaultCacheBehavior.ResponseHeadersPolicyId
DefaultCacheBehavior_SmoothStreaming = $distribution.DistributionConfig.DefaultCacheBehavior.SmoothStreaming
DefaultCacheBehavior_TargetOriginId = $distribution.DistributionConfig.DefaultCacheBehavior.TargetOriginId
DefaultCacheBehavior_ViewerProtocolPolicy = $distribution.DistributionConfig.DefaultCacheBehavior.ViewerProtocolPolicy
DistributionConfig_CallerReference = $distribution.DistributionConfig.CallerReference
DistributionConfig_Comment = $distribution.DistributionConfig.Comment
DistributionConfig_DefaultRootObject = $distribution.DistributionConfig.DefaultRootObject
DistributionConfig_Enabled = $distribution.DistributionConfig.Enabled
DistributionConfig_HttpVersion = $distribution.DistributionConfig.HttpVersion
DistributionConfig_IsIPV6Enabled = $distribution.DistributionConfig.IsIPV6Enabled
DistributionConfig_PriceClass = $distribution.DistributionConfig.PriceClass
DistributionConfig_WebACLId = $distribution.DistributionConfig.WebACLId
ForwardedValues_QueryString = $distribution.DistributionConfig.DefaultCacheBehavior.ForwardedValues.QueryString
FunctionAssociations_Item = $distribution.DistributionConfig.DefaultCacheBehavior.FunctionAssociations.Items
FunctionAssociations_Quantity = $distribution.DistributionConfig.DefaultCacheBehavior.FunctionAssociations.Quantity
GeoRestriction_Item = $distribution.DistributionConfig.Restrictions.GeoRestriction.Items
GeoRestriction_Quantity = $distribution.DistributionConfig.Restrictions.GeoRestriction.Quantity
GeoRestriction_RestrictionType = $distribution.DistributionConfig.Restrictions.GeoRestriction.RestrictionType
Headers_Item = $distribution.DistributionConfig.DefaultCacheBehavior.ForwardedValues.Headers.Items
Headers_Quantity = $distribution.DistributionConfig.DefaultCacheBehavior.ForwardedValues.Headers.Quantity
LambdaFunctionAssociations_Item = $distribution.DistributionConfig.DefaultCacheBehavior.LambdaFunctionAssociations.Items
LambdaFunctionAssociations_Quantity = $distribution.DistributionConfig.DefaultCacheBehavior.LambdaFunctionAssociations.Quantity
Logging_Bucket = $distribution.DistributionConfig.Logging.Bucket
Logging_Enabled = $distribution.DistributionConfig.Logging.Enabled
Logging_IncludeCookie = $distribution.DistributionConfig.Logging.IncludeCookies
Logging_Prefix = $distribution.DistributionConfig.Logging.Prefix
OriginGroups_Item = $distribution.DistributionConfig.OriginGroups.Items
OriginGroups_Quantity = $distribution.DistributionConfig.OriginGroups.Quantity
Origins_Item = $distribution.DistributionConfig.Origins.Items
Origins_Quantity = $distribution.DistributionConfig.Origins.Quantity
QueryStringCacheKeys_Item = $distribution.DistributionConfig.DefaultCacheBehavior.ForwardedValues.QueryStringCacheKeys.Items
QueryStringCacheKeys_Quantity = $distribution.DistributionConfig.DefaultCacheBehavior.ForwardedValues.QueryStringCacheKeys.Quantity
TrustedKeyGroups_Enabled = $distribution.DistributionConfig.DefaultCacheBehavior.TrustedKeyGroups.Enabled
TrustedKeyGroups_Item = $distribution.DistributionConfig.DefaultCacheBehavior.TrustedKeyGroups.Items
TrustedKeyGroups_Quantity = $distribution.DistributionConfig.DefaultCacheBehavior.TrustedKeyGroups.Quantity
TrustedSigners_Enabled = $distribution.DistributionConfig.DefaultCacheBehavior.TrustedSigners.Enabled
TrustedSigners_Item = $distribution.DistributionConfig.DefaultCacheBehavior.TrustedSigners.Items
TrustedSigners_Quantity = $distribution.DistributionConfig.DefaultCacheBehavior.TrustedSigners.Quantity
ViewerCertificate_ACMCertificateArn = $distribution.DistributionConfig.ViewerCertificate.ACMCertificateArn
ViewerCertificate_Certificate = $distribution.DistributionConfig.ViewerCertificate.Certificate
ViewerCertificate_CertificateSource = $distribution.DistributionConfig.ViewerCertificate.CertificateSource
ViewerCertificate_CloudFrontDefaultCertificate = $distribution.DistributionConfig.ViewerCertificate.CloudFrontDefaultCertificate
ViewerCertificate_IAMCertificateId = $distribution.DistributionConfig.ViewerCertificate.IAMCertificateId
ViewerCertificate_MinimumProtocolVersion = $distribution.DistributionConfig.ViewerCertificate.MinimumProtocolVersion
ViewerCertificate_SSLSupportMethod = $distribution.DistributionConfig.ViewerCertificate.SSLSupportMethod
WhitelistedNames_Item = $distribution.DistributionConfig.DefaultCacheBehavior.ForwardedValues.Cookies.WhitelistedNames.Items
WhitelistedNames_Quantity = $distribution.DistributionConfig.DefaultCacheBehavior.ForwardedValues.Cookies.WhitelistedNames.Quantity
}
Update-CFDistribution #params -WhatIf
I have a bunch of aws_ecr_repositories defined in my Terraform code:
resource "aws_ecr_repository" "nginx_images" {
name = "nginx-test"
}
resource "aws_ecr_repository" "oracle_images" {
name = "oracle-test"
}
I want to be able to have an output that can list all the aws_ecr_repository resources into one output. This is what I tried:
output "ecr_repository_urls" {
value = "[${aws_ecr_repository.*.repository_url}]"
}
This does not work because Terraform does not seem to allow wildcards on the resource names. Is it possible to have an output like this? My current solution is to just list outputs for every resource defined.
Terraform's splat syntax is for keeping track of each thing created by a resource using the count meta parameter.
If you want to be able to get at all of the respoitory URLs you could have a single aws_ecr_repository resource and use the count meta parameter with something like this:
variable "images" {
default = [
"nginx-test",
"oracle-test",
]
}
resource "aws_ecr_repository" "images" {
count = "${length(var.images)}"
name = "${var.images[count.index]}"
}
output "ecr_repository_urls" {
value = "[${aws_ecr_repository.images.*.repository_url}]"
}
You can combine them manually as a list:
output "ecr_repository_urls" {
value = ["${aws_ecr_repository.nginx_images.repository_url}", "${aws_ecr_repository.oracle_images.repository_url}"]
}
Although it probably won't be pretty in code.
You could also do something like this:
variable "ecr_repos" {
default = {
"0" = "foo"
"1" = "bar"
}
}
resource "aws_ecr_repository" "images" {
count = "${length(var.ecr_repos)}"
name = "${lookup(var.ecr_repos,count.index)}-test"
}
output "ecr_repository_urls" {
value = "${aws_ecr_repository.images.*.repository_url}"
}
But the problem is if the list order changes it's going to recreate resources and get really ugly really fast since each repo is assigned to an index number.
I am trying to create device pool for a project using AWS DeviceFarm sdk in C#. I use the following command:
var createDevicePoolResponse = client.CreateDevicePool (new CreateDevicePoolRequest {
Name = "CustomDevicePool",
ProjectArn = projectArn,
Rules = new List<Rule> {
new Rule {
Attribute = DeviceAttribute.ARN,
Operator = RuleOperator.EQUALS_TO,
Value = "arn:aws:devicefarm:us-west-2::device:577DC08D6B964346B86610CFF090CD59"
}
}
});
It thinks for about a minute then I receive the following exception:
Error making request with Error Code InternalFailure and Http Status
Code InternalServerError. No further error information was returned by
the service.
ProjectArn is valid. I also tried different rules and get the same error every time.
Figured it out. Value needs to be surrounded with square brackets like so
var createDevicePoolResponse = client.CreateDevicePool (new CreateDevicePoolRequest {
Name = "CustomDevicePool",
ProjectArn = projectArn,
Rules = new List<Rule> {
new Rule {
Attribute = DeviceAttribute.ARN,
Operator = RuleOperator.IN,
Value = "[\"arn:aws:devicefarm:us-west-2::device:D45C750161314335924CE0B9B7D2558E\"]"
}
}
});