Closed boris-ait closed 4 years ago
@boris-ait Thanks for raising this. It seems to be the same problem as #13014, #12106 and should be fixed by https://github.com/terraform-providers/terraform-provider-aws/pull/13024, which is scheduled for v2.60.0, coming soon.
As mentioned above, the fix for this went out yesterday in version 2.60.0 of the Terraform AWS Provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading.
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.
If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thanks!
WAF regional (aws_wafregional_web_acl) with rules for ipset, sql injection, and cross-site scripting failed with crash.log after updating aws-provider to terraform-provider-aws_v2.59.0_x4
It does work with terraform-provider-aws_v2.58.0_x4 In release notes of terraform-provider-aws_v2.59.0_x4 I do see fixes related to aws_wafregional_web_acl so it can cause the issue.
Community Note
Terraform Version
020/05/01 00:11:37 [WARN] Log levels other than TRACE are currently unreliable, and are supported only for backward compatibility. Use TF_LOG=TRACE to see Terraform's internal logs.
2020/05/01 00:11:37 [INFO] Terraform version: 0.12.24
2020/05/01 00:11:37 [INFO] Go runtime version: go1.13.8 2020/05/01 00:11:37 [INFO] CLI args: []string{"/usr/local/bin/terraform", "--version"} 2020/05/01 00:11:37 [DEBUG] Attempting to open CLI config file: /Users/borisp/.terraformrc 2020/05/01 00:11:37 [DEBUG] File doesn't exist, but doesn't need to. Ignoring. 2020/05/01 00:11:37 [INFO] CLI command args: []string{"version", "--version"} Terraform v0.12.24 2020/05/01 00:11:37 [DEBUG] checking for provider in "." 2020/05/01 00:11:37 [DEBUG] checking for provider in "/usr/local/bin" 2020/05/01 00:11:37 [DEBUG] checking for provider in ".terraform/plugins/darwin_amd64" 2020/05/01 00:11:37 [DEBUG] found provider "terraform-provider-aws_v2.59.0_x4" 2020/05/01 00:11:37 [DEBUG] found valid plugin: "aws", "2.59.0", "/Users/borisp/SPC/waf-automation/waf-automations-module/.terraform/plugins/darwin_amd64/terraform-provider-aws_v2.59.0_x4"
Affected Resource(s)
aws_wafregional_web_acl aws_wafregional_rule aws_wafregional_sql_injection_match_set aws_wafregional_ipset aws_wafregional_xss_match_set
Terraform Configuration Files
Debug Output
crash.log link: https://gist.github.com/boris-ait/8bb3b0330a2fe1ac197686206682539a
Panic Output
2020-04-30T23:36:09.120+0300 [DEBUG] plugin.terraform-provider-aws_v2.59.0_x4: 2020/04/30 23:36:09 [DEBUG] [aws-sdk-go] {"ChangeToken":"518df000-181c-4cc3-8949-a1af6ed3fa43"} 2020-04-30T23:36:09.123+0300 [DEBUG] plugin.terraform-provider-aws_v2.59.0_x4: panic: interface conversion: interface {} is schema.Set, not []interface {} 2020-04-30T23:36:09.123+0300 [DEBUG] plugin.terraform-provider-aws_v2.59.0_x4: 2020-04-30T23:36:09.123+0300 [DEBUG] plugin.terraform-provider-aws_v2.59.0_x4: goroutine 568 [running]: 2020-04-30T23:36:09.123+0300 [DEBUG] plugin.terraform-provider-aws_v2.59.0_x4: github.com/terraform-providers/terraform-provider-aws/aws.diffWafXssMatchSetTuples(0xa225a98, 0x0, 0x0, 0xc000153000, 0x8, 0x8, 0x16af359, 0x0, 0x0) 2020-04-30T23:36:09.123+0300 [DEBUG] plugin.terraform-provider-aws_v2.59.0_x4: /opt/teamcity-agent/work/5d79fe75d4460a2f/src/github.com/terraform-providers/terraform-provider-aws/aws/resource_aws_waf_xss_match_set.go:245 +0xcb2 2020-04-30T23:36:09.123+0300 [DEBUG] plugin.terraform-provider-aws_v2.59.0_x4: github.com/terraform-providers/terraform-provider-aws/aws.updateXssMatchSetResourceWR.func1(0xc000a8fa20, 0xa225a98, 0xc00000e790, 0x0, 0x0) 2020-04-30T23:36:09.123+0300 [DEBUG] plugin.terraform-provider-aws_v2.59.0_x4: /opt/teamcity-agent/work/5d79fe75d4460a2f/src/github.com/terraform-providers/terraform-provider-aws/aws/resource_aws_wafregional_xss_match_set.go:167 +0xcc 2020-04-30T23:36:09.123+0300 [DEBUG] plugin.terraform-provider-aws_v2.59.0_x4: github.com/terraform-providers/terraform-provider-aws/aws.(WafRegionalRetryer).RetryWithToken.func1(0xc000bbf8c0) 2020-04-30T23:36:09.123+0300 [DEBUG] plugin.terraform-provider-aws_v2.59.0_x4: /opt/teamcity-agent/work/5d79fe75d4460a2f/src/github.com/terraform-providers/terraform-provider-aws/aws/wafregionl_token_handlers.go:34 +0x17b 2020-04-30T23:36:09.123+0300 [DEBUG] plugin.terraform-provider-aws_v2.59.0_x4: github.com/hashicorp/terraform-plugin-sdk/helper/resource.Retry.func1(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 2020-04-30T23:36:09.123+0300 [DEBUG] plugin.terraform-provider-aws_v2.59.0_x4: /opt/teamcity-agent/work/5d79fe75d4460a2f/src/github.com/terraform-providers/terraform-provider-aws/vendor/github.com/hashicorp/terraform-plugin-sdk/helper/resource/wait.go:22 +0x51 2020-04-30T23:36:09.123+0300 [DEBUG] plugin.terraform-provider-aws_v2.59.0_x4: github.com/hashicorp/terraform-plugin-sdk/helper/resource.(StateChangeConf).WaitForState.func1(0xc000f029c0, 0xc0001640e0, 0xc000a98400, 0xc000d04e40, 0xc000a964d8, 0xc000a964d0) 2020-04-30T23:36:09.123+0300 [DEBUG] plugin.terraform-provider-aws_v2.59.0_x4: /opt/teamcity-agent/work/5d79fe75d4460a2f/src/github.com/terraform-providers/terraform-provider-aws/vendor/github.com/hashicorp/terraform-plugin-sdk/helper/resource/state.go:103 +0x29d 2020-04-30T23:36:09.123+0300 [DEBUG] plugin.terraform-provider-aws_v2.59.0_x4: created by github.com/hashicorp/terraform-plugin-sdk/helper/resource.(StateChangeConf).WaitForState 2020-04-30T23:36:09.123+0300 [DEBUG] plugin.terraform-provider-aws_v2.59.0_x4: /opt/teamcity-agent/work/5d79fe75d4460a2f/src/github.com/terraform-providers/terraform-provider-aws/vendor/github.com/hashicorp/terraform-plugin-sdk/helper/resource/state.go:80 +0x1bf 2020/04/30 23:36:09 [DEBUG] aws_wafregional_rule.WAFBlacklistRule: apply errored, but we're indicating that via the Error pointer rather than returning it: rpc error: code = Unavailable desc = transport is closing 2020/04/30 23:36:09 [TRACE]: eval: terraform.EvalMaybeTainted
2020/04/30 23:36:09 [DEBUG] aws_wafregional_sql_injection_match_set.WAFSqlInjectionDetection: apply errored, but we're indicating that via the Error pointer rather than returning it: rpc error: code = Unavailable desc = transport is closing
2020/04/30 23:36:09 [TRACE] : eval: terraform.EvalMaybeTainted
2020/04/30 23:36:09 [TRACE] EvalMaybeTainted: aws_wafregional_sql_injection_match_set.WAFSqlInjectionDetection encountered an error during creation, so it is now marked as tainted
2020/04/30 23:36:09 [TRACE] : eval: terraform.EvalWriteState
2020/04/30 23:36:09 [DEBUG] aws_wafregional_rule.WAFScannersProbesRule: apply errored, but we're indicating that via the Error pointer rather than returning it: rpc error: code = Unavailable desc = transport is closing
2020/04/30 23:36:09 [TRACE] : eval: terraform.EvalMaybeTainted
2020/04/30 23:36:09 [TRACE] EvalMaybeTainted: aws_wafregional_rule.WAFBlacklistRule encountered an error during creation, so it is now marked as tainted
2020/04/30 23:36:09 [TRACE] EvalWriteState: removing state object for aws_wafregional_sql_injection_match_set.WAFSqlInjectionDetection
2020/04/30 23:36:09 [TRACE] : eval: terraform.EvalApplyProvisioners
2020/04/30 23:36:09 [DEBUG] aws_wafregional_rule.WAFIPReputationListsRule: apply errored, but we're indicating that via the Error pointer rather than returning it: rpc error: code = Unavailable desc = transport is closing
2020/04/30 23:36:09 [DEBUG] aws_wafregional_xss_match_set.WAFXssDetection: apply errored, but we're indicating that via the Error pointer rather than returning it: rpc error: code = Unavailable desc = transport is closing
2020/04/30 23:36:09 [TRACE] EvalApplyProvisioners: aws_wafregional_sql_injection_match_set.WAFSqlInjectionDetection has no state, so skipping provisioners
2020/04/30 23:36:09 [TRACE] : eval: terraform.EvalMaybeTainted
2020/04/30 23:36:09 [TRACE] EvalMaybeTainted: aws_wafregional_sql_injection_match_set.WAFSqlInjectionDetection encountered an error during creation, so it is now marked as tainted
2020/04/30 23:36:09 [TRACE] : eval: terraform.EvalWriteState
2020/04/30 23:36:09 [TRACE] EvalWriteState: removing state object for aws_wafregional_sql_injection_match_set.WAFSqlInjectionDetection
2020/04/30 23:36:09 [TRACE] : eval: terraform.EvalIf
2020/04/30 23:36:09 [TRACE] : eval: terraform.EvalIf
2020/04/30 23:36:09 [TRACE] : eval: terraform.EvalWriteDiff
2020/04/30 23:36:09 [TRACE] : eval: terraform.EvalApplyPost
2020-04-30T23:36:09.133+0300 [DEBUG] plugin: plugin process exited: path=/Users/borisp/SPC/waf-automation/waf-automations-module/.terraform/plugins/darwin_amd64/terraform-provider-aws_v2.59.0_x4 pid=42461 error="exit status 2"
2020/04/30 23:36:09 [ERROR] : eval: terraform.EvalApplyPost, err: rpc error: code = Unavailable desc = transport is closing
Expected Behavior
create resources without errors
Actual Behavior
failing with crash.log
Steps to Reproduce
terraform apply
Important Factoids
References
0000