failure configuring LB attributes: InvalidConfigurationRequest: S3Bucket validation transient issue

[edouardbe]

Hi team,

I can't figure out how to resolve this error when I enable the logs on S3 : Error: failure configuring LB attributes: InvalidConfigurationRequest: S3Bucket validation transient issue

I would be wonderful if you could also add the AWS Permissions required to execute the module.

module "ecs-fargate" {
    source  = "cn-terraform/ecs-fargate/aws"

    version = "2.0.41"
    name_prefix        = "test"

    vpc_id              = module.vpc.vpc_id
    container_image     = "${docker_registry_image.test-tf-ecr-dk-samplenodejs.name}"
    container_name = "test"
    public_subnets_ids  = module.vpc.public_subnets_ids
    private_subnets_ids = module.vpc.private_subnets_ids
    enable_s3_logs = true
    lb_https_ports = {}
    lb_http_ports = {
        "default_http": {
            "listener_port": 80,
            "target_group_port": 80,
            "type": "forward"
        }
    }
}

terraform apply error :

module.ecs-fargate.module.ecs-fargate-service.module.ecs-alb.module.lb_logs_s3[0].random_string.random: Creating...
module.ecs-fargate.module.ecs-fargate-service.module.ecs-alb.module.lb_logs_s3[0].random_string.random: Creation complete after 0s [id=wopuocg]
module.ecs-fargate.module.ecs-fargate-service.module.ecs-alb.module.lb_logs_s3[0].aws_s3_bucket.logs: Creating...
module.ecs-fargate.module.ecs-fargate-service.module.ecs-alb.module.lb_logs_s3[0].aws_s3_bucket.logs: Creation complete after 3s [id=test-lb-logs-wopuocg]
module.ecs-fargate.module.ecs-fargate-service.module.ecs-alb.module.lb_logs_s3[0].aws_s3_bucket_server_side_encryption_configuration.logs[0]: Creating...
module.ecs-fargate.module.ecs-fargate-service.module.ecs-alb.module.lb_logs_s3[0].data.aws_iam_policy_document.logs_access_policy_document: Reading...
module.ecs-fargate.module.ecs-fargate-service.module.ecs-alb.module.lb_logs_s3[0].aws_s3_bucket_acl.logs: Creating...
module.ecs-fargate.module.ecs-fargate-service.module.ecs-alb.module.lb_logs_s3[0].data.aws_iam_policy_document.logs_access_policy_document: Read complete after 0s [id=1766990919]
module.ecs-fargate.module.ecs-fargate-service.module.ecs-alb.aws_lb.lb: Modifying... [id=arn:aws:elasticloadbalancing:us-east-1:265192744256:loadbalancer/app/test-lb/ffd7fd026d909527]
module.ecs-fargate.module.ecs-fargate-service.module.ecs-alb.module.lb_logs_s3[0].aws_s3_bucket_policy.logs_access_policy: Creating...
module.ecs-fargate.module.ecs-fargate-service.module.ecs-alb.module.lb_logs_s3[0].aws_s3_bucket_server_side_encryption_configuration.logs[0]: Creation complete after 0s [id=test-lb-logs-wopuocg]
module.ecs-fargate.module.ecs-fargate-service.module.ecs-alb.module.lb_logs_s3[0].aws_s3_bucket_acl.logs: Creation complete after 0s [id=test-lb-logs-wopuocg,log-delivery-write]
module.ecs-fargate.module.ecs-fargate-service.module.ecs-alb.module.lb_logs_s3[0].aws_s3_bucket_policy.logs_access_policy: Creation complete after 0s [id=test-lb-logs-wopuocg]
module.ecs-fargate.module.ecs-fargate-service.module.ecs-alb.module.lb_logs_s3[0].aws_s3_bucket_public_access_block.logs_block_public_access[0]: Creating...
module.ecs-fargate.module.ecs-fargate-service.module.ecs-alb.module.lb_logs_s3[0].aws_s3_bucket_public_access_block.logs_block_public_access[0]: Creation complete after 1s [id=test-lb-logs-wopuocg]
╷
│ Error: failure configuring LB attributes: InvalidConfigurationRequest: S3Bucket validation transient issue
│       status code: 400, request id: d29a65d3-9a07-430a-b61e-599d1a165793
│ 
│   with module.ecs-fargate.module.ecs-fargate-service.module.ecs-alb.aws_lb.lb,
│   on .terraform/modules/ecs-fargate.ecs-fargate-service.ecs-alb/main.tf line 26, in resource "aws_lb" "lb":
│   26: resource "aws_lb" "lb" {
│ 

Regards Ed

[jnonino]

This issue is related with this one: terraform-aws-ecs-alb issue #28. I will work on that as soon as possible.

[jnonino]

In regards to:

I would be wonderful if you could also add the AWS Permissions required to execute the module.

Which permissions do you mean?

[jnonino]

Hi, how are you? Can you check if change in latest version fixed the issue?

[ricardf]

I'm getting exactly the same error with latest version.

Also the bucket s3 arn should be provided as output so lifecycle can be configured.

[troydieter]

Hi @jnonino - also facing this:

it seems there needs to be a depends_on condition.. per this post