I'm writing AWS CodePipeLine using Terraform. While defining stage for CodeDeploy as below, I get error :
Action configuration for action 'Deploy' contains unknown configuration 'DeploymentGroup'
stage {
name = "Deploy"
action {
name = "Deploy"
category = "Deploy"
owner = "AWS"
provider = "CodeDeploy"
version = "1"
input_artifacts = ["SourceArtifact"]
configuration = {
ApplicationName = "windowsappdeployment"
DeploymentGroup = "windowsapp"
}
}
}
I checked documentation on Terraform but i didn't find anything related to configuration for CodeDeploy provider.
I think configuration parameter "DeploymentGroup" is not correct here.
What should I mention instead of DeploymentGroup.
It should probably be DeploymentGroupName instead of "DeploymentGroup".
https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/codepipeline links to https://docs.aws.amazon.com/codepipeline/latest/userguide/reference-pipeline-structure.html#action-requirements which mentions ApplicationName and DeploymentGroupName for CodeDeploy.
Related
I am creating an AWS CodePipeline via Terraform but I am stuck at the Deployment Stage.
I would like to deploy my application to the AWS Elastic Beanstalk, but I cannot find the correct ActionType here.
What is the provider and the configuration parameters needed for a Beanstalk deployment?
stage {
name = "Deploy"
action {
category = "Deploy"
name = "Deploy"
output_artifacts = []
owner = "AWS"
provider = var.deploy_provider
run_order = 1
version = "1"
configuration = {}
}
I am sure there is one, because I can manually configure it via web:
Not sure about terraform, but for Cloudformation, it should be:
Provider: "ElasticBeanstalk"
Configuration:
ApplicationName: !Ref ApplicationName
EnvironmentName: !Ref EnvironmentName
Try "ElasticBeanstalk" for provider and add ApplicationName and EnvironmentName keys in configuration.
I'm attempting to use AWS CodePipeline to deploy an app to an EC2 instance using CodeDeploy agent, but it's failing with this frustratingly vague
"InternalError":
I can't find any other meaningful error.
I'm using terraform to define the CodePipeline. This is the "Deploy" section:
stage {
name = "Deploy"
action {
name = "Deploy"
category = "Deploy"
owner = "AWS"
provider = "CodeDeploy"
input_artifacts = ["buildOut"]
run_order = 1
version = "1"
configuration = {
ApplicationName = aws_codedeploy_app.my-codedeploy-app.id
DeploymentGroupName = aws_codedeploy_deployment_group.my-codedeploy-group.id
}
}
}
What am I doing wrong?
There are two small problems with your deployment definition.
ApplicationName should reference app.name, not app.id
DeploymentGroupName should reference deployment_group_name, not group.id
Try this:
stage {
name = "Deploy"
action {
name = "Deploy"
category = "Deploy"
owner = "AWS"
provider = "CodeDeploy"
input_artifacts = ["buildOut"]
run_order = 1
version = "1"
configuration = {
ApplicationName = aws_codedeploy_app.my-codedeploy-app.name // This should be name, not id
DeploymentGroupName = aws_codedeploy_deployment_group.my-codedeploy-group.deployment_group_name // this should be deployment_group_name, not id
}
}
}
I am using Hashicorp Terraform to define an AWS API Gateway to hit a Lambda function. I have a requirement that I need to tag my AWS resources with a particular tag so that costs can be tracked. Terraform seems to allow this for most resources. However, when creating an API Gateway stage using aws_api_gateway_deployment I do not have the option to specify tags.
I see that Terraform recently added the resource aws_api_gateway_stage. This one does allow tags to be specified. But, aws_api_gateway_stage requires an aws_api_gateway_deployment. If I give them the same "stage_name" as so:
resource "aws_api_gateway_stage" "PlayLambdaApiGatewayStage" {
stage_name = "${environment}"
rest_api_id = "${aws_api_gateway_rest_api.PlayLambdaApiGateway.id}"
deployment_id = "${aws_api_gateway_deployment.PlayLambdaApiGatewayDeployment.id}"
tags = {
cost-allocation = "play-${var.environment}"
}
}
resource "aws_api_gateway_deployment" "PlayLambdaApiGatewayDeployment" {
depends_on = [
"aws_api_gateway_integration.PlayLambdaApiLambdaIntegration",
"aws_api_gateway_integration.PlayLambdaApiLambdaIntegrationRoot"
]
rest_api_id = "${aws_api_gateway_rest_api.PlayLambdaApiGateway.id}"
stage_name = "${var.environment}"
}
Then they both resources try to create the stage and I get an error:
aws_api_gateway_stage.PlayLambdaApiGatewayStage: Error creating API Gateway Stage: ConflictException: Stage already exists
status code: 409, request id: f67a10c4-8aad-11e8-b486-c337ea2d214f
Here it would seem that the aws_api_gateway_deployment already created the stage, so the aws_api_gateway_stage resource failed to create it also. If I add the stage to the deployment's "depends_on" so that the stage gets created first, it complains about there being a cycle between the two.
So, it seems like:
aws_api_gateway_stage is only intended to add additional stages to a deployment, rather than creating a stage to use for the deployment
aws_api_gateway_deployment does not allow tags to be specified when it creates the stage.
Any ideas? What am I missing?
It seems that the stage_name field in the api_gateway_deployment should actually be optional. There is a PR open to fix the fact that its not at the moment. A workaround is at the moment to set stage_name to an empty string like this:
resource "aws_api_gateway_deployment" "PlayLambdaApiGatewayDeployment" {
depends_on = [
"aws_api_gateway_integration.PlayLambdaApiLambdaIntegration",
"aws_api_gateway_integration.PlayLambdaApiLambdaIntegrationRoot"
]
rest_api_id = "${aws_api_gateway_rest_api.PlayLambdaApiGateway.id}"
stage_name = ""
}
Like this there will be no additional stage created other than the one you specify in your aws_api_gateway_stage which you can set your tags for.
Trying to create AWS CodePipeline using Terraform. While applying resource aws_codepipeline > Deploy action, I'm getting below error:
* module.pipeline.aws_codepipeline.pipeline: 1 error(s) occurred:
* aws_codepipeline.pipeline: [ERROR] Error creating CodePipeline: InvalidActionDeclarationException: ActionType (Category: 'Deploy', Provider: 'ECS', Owner: 'AWS', Version: '1') in action 'Deploy' is not available
status code: 400, request id: 276a85b8-60f0-11e8-8152-6160c01dc881
The terraform configuration is:
resource "aws_codepipeline" "pipeline" {
name = "${var.cluster_name}-pipeline"
role_arn = "${aws_iam_role.codepipeline_role.arn}"
artifact_store {
location = "${aws_s3_bucket.source.bucket}"
type = "S3"
}
stage {
name = "Production"
action {
name = "Deploy"
category = "Deploy"
owner = "AWS"
provider = "ECS"
input_artifacts = ["imagedefinitions"]
version = "1"
configuration {
ClusterName = "${var.cluster_name}"
ServiceName = "${var.app_service_name}"
FileName = "imagedefinitions.json"
}
}
}
}
AWS region is 'ap-south-1'.
Any pointer's on what's wrong here?
Figured it out.
The issue is from provider end.
AWS CodePipeline doesn't support deployments to Amazon ECS in region ap-south-1 as of yet.
https://aws.amazon.com/about-aws/whats-new/2017/12/aws-codepipeline-adds-support-for-amazon-ecs-and-aws-fargate/
I need to create a pipeline with a buildstep with terraform. I need to get the source from the artifact but the Terraform documentation is not very clear. This is my code so far:
resource "aws_codebuild_project" "authorization" {
name = "authorization"
description = "BuildProject for authrorization service"
build_timeout = "5"
service_role = "${aws_iam_role.codebuild_role.arn}"
artifacts {
type = "CODEPIPELINE"
}
environment {
compute_type = "BUILD_GENERAL1_SMALL"
image = "aws/codebuild/docker:17.09.0"
type = "LINUX_CONTAINER"
privileged_mode = true
environment_variable {
"name" = "SOME_KEY1"
"value" = "SOME_VALUE1"
}
environment_variable {
"name" = "SOME_KEY2"
"value" = "SOME_VALUE2"
}
}
source {
type = "CODEPIPELINE"
buildspec = "buildspecs.yml"
}
tags {
"Environment" = "alpha"
}
}
The problem is that pointing to file gets me this error during pipeline execution of that step:
DOWNLOAD_SOURCE Failed
[Container] 2018/03/29 11:15:31 Waiting for agent ping
[Container] 2018/03/29 11:15:31 Waiting for DOWNLOAD_SOURCE
Message: Access Denied
This is how my Pipeline looks like:
resource "aws_codepipeline" "foo" {
name = "tf-test-pipeline"
role_arn = "${aws_iam_role.codepipeline_role.arn}"
artifact_store {
location = "${aws_s3_bucket.foo.bucket}"
type = "S3"
encryption_key {
id = "${aws_kms_key.a.arn}"
type = "KMS"
}
}
stage {
name = "Source"
action {
name = "Source"
category = "Source"
owner = "AWS"
provider = "CodeCommit"
version = "1"
output_artifacts = ["src"]
configuration {
RepositoryName = "authorization"
BranchName = "master"
}
}
}
stage {
name = "Build"
action {
name = "Build"
category = "Build"
owner = "AWS"
provider = "CodeBuild"
input_artifacts = ["src"]
version = "1"
configuration {
ProjectName = "${aws_codebuild_project.authorization.name}"
}
}
}
}
I guess i did something wrong but i can't seem to find my case described somewhere.
Source needs to be received from the Source step in CodePipeline and this step is ok. I know how the pipeline works but the terraform implementation is pretty confusing.
EDIT: I've checked the S3 bucket and i can confirm that the Source step is successfully uploading the artifacts there. So the problem remains that i cannot access the source when i am in the second step. Role is allowing all access on all resources. Console version of the pipeline looks normal and nothing not filled. Role is fine.
This generally happens when you have a CodeBuild project already and you integrate it to the CodePipeline project. The Codebuild now does not download the sources from CodeCommit/Github repo. Instead, it will try to download the source artifact created in the codepipeline bucket in S3. So, you will need to provide permissions to the CodeBuild role to access the codepipline bucket in S3.