Error when logging_enabled is true

laffey commented 1 year ago

Describe the Bug

When setting var logging_enabled = true, and setting logging_stream_name with a string value, running gives this error:

Error: "name" isn't a valid log group name (alphanumeric characters, underscores, hyphens, slashes, hash signs and dots are allowed): "" │ │ with module.vpn.module.cloudwatch_log.aws_cloudwatch_log_group.default[0], │ on .terraform/modules/vpn.cloudwatch_log/main.tf line 17, in resource "aws_cloudwatch_log_group" "default": │ 17: name = module.log_group_label.id

Expected Behavior

Terraform threw an error because there is no code setting the cloudwatch log group name.

Steps to Reproduce

See description.

Screenshots

No response

Environment

OS: Linux Terraform version: 1.5.6 Module version: 1.0

Additional Context

No response

sarasensible commented 8 months ago

I was confused by this too - I found the answer at https://github.com/cloudposse/terraform-aws-ec2-client-vpn/issues/54 . Basically you have to copy the following into your variables.tf:

variable "context" {
  type = any
  default = {
    enabled             = true
    namespace           = null
    tenant              = null
    environment         = null
    stage               = null
    name                = null
    delimiter           = null
    attributes          = []
    tags                = {}
    additional_tag_map  = {}
    regex_replace_chars = null
    label_order         = []
    id_length_limit     = null
    label_key_case      = null
    label_value_case    = null
    descriptor_formats  = {}
    # Note: we have to use [] instead of null for unset lists due to
    # https://github.com/hashicorp/terraform/issues/28137
    # which was not fixed until Terraform 1.0.0,
    # but we want the default to be all the labels in `label_order`
    # and we want users to be able to prevent all tag generation
    # by setting `labels_as_tags` to `[]`, so we need
    # a different sentinel to indicate "default"
    labels_as_tags = ["unset"]
  }
  description = <<-EOT
    Single object for setting entire context at once.
    See description of individual variables for details.
    Leave string and numeric variables as `null` to use default value.
    Individual variable settings (non-null) override settings in context object,
    except for attributes, tags, and additional_tag_map, which are merged.
  EOT

  validation {
    condition     = lookup(var.context, "label_key_case", null) == null ? true : contains(["lower", "title", "upper"], var.context["label_key_case"])
    error_message = "Allowed values: `lower`, `title`, `upper`."
  }

  validation {
    condition     = lookup(var.context, "label_value_case", null) == null ? true : contains(["lower", "title", "upper", "none"], var.context["label_value_case"])
    error_message = "Allowed values: `lower`, `title`, `upper`, `none`."
  }
}

Then define it in a tfvars file, then pass it into the module:

module "ec2_client_vpn" {
  source  = "cloudposse/ec2-client-vpn/aws"
  # Cloud Posse recommends pinning every module to a specific version
  version = "v1.0.0"
  context                 = var.context
}

Then the label module has what it needs to construct the label.

joe-niland commented 8 months ago

@sarasensible the recommended approach is to drop the file https://github.com/cloudposse/terraform-null-label/blob/main/exports%2Fcontext.tf into your module

0xDones commented 8 months ago

It's not documented but you need to provide at least the name variable that is used by this context module that every Cloudposse module uses. This will make it work, there's no need to copy any file into your module.

module "ec2-client-vpn" {
  source  = "cloudposse/ec2-client-vpn/aws"
  version = "1.0.0"

  name = "client-vpn-example"
  ...
}

cloudposse / terraform-aws-ec2-client-vpn