search

hashicorp / terraform-aws-vault

A Terraform Module for how to run Vault on AWS using Terraform and Packer
Apache License 2.0
656 stars 465 forks source link

Failed Deployment in Cloud9 with default VPC. #218

Closed queglay closed 4 years ago

queglay commented 4 years ago

When I attempt to deploy this in cloud9 I get the following error:

757]
module.consul_cluster.module.security_group_rules.module.client_security_group_rules.aws_security_group_rule.allow_serf_lan_tcp_inbound_from_self: Creation complete after 19s [id=sgrule-2299989618]
module.consul_cluster.module.security_group_rules.module.client_security_group_rules.aws_security_group_rule.allow_serf_lan_tcp_inbound[0]: Creation complete after 19s [id=sgrule-3791999916]

Error: Error creating IAM Role vault-example20200912011216504400000001: InvalidClientTokenId: The security token included in the request is invalid
        status code: 403, request id: 5615dbb2-447c-47ef-b330-6be736885f99

Error: Error creating IAM Role consul-example20200912011216505000000002: InvalidClientTokenId: The security token included in the request is invalid
        status code: 403, request id: d852c9ec-64e0-4e29-858c-b68bc4fcf100

Steps to reproduce:

  1. In the AWS console, create a default vpc.
  2. Follow this quickstart to create a cloud9 deployment in a new vpc using cloudformation https://aws-quickstart.s3.amazonaws.com/quickstart-cloud9-ide/doc/aws-cloud9-cloud-based-ide.pdf
  3. In the cloud 9 IDE Install terrraform .12.29
  4. Clone this terraform-aws-vault and apply. The error above will result.

I am using region ap-southeast-2.

brikis98 commented 4 years ago

I'm not familiar with cloud9, but it sounds like an issue with how it handles credentials, and not this repo. See here for similar errors:

https://docs.aws.amazon.com/cloud9/latest/user-guide/troubleshooting.html#troubleshooting-cli-invalid-token https://github.com/aws/chalice/issues/807 https://github.com/aws-samples/aws-workshop-for-kubernetes/issues/391