[Bug]: Issue with multiple AWS providers on the same state when one of them are using a proxy or a custom endpoint url

[othmane399]

Terraform Core Version

1.7.2

AWS Provider Version

5.47.0

Affected Resource(s)

No response

Expected Behavior

Both providers should works respectively but only the one with the custom endpoint_url works

Actual Behavior

The provider with the custom endpoint_url works, the classic one send http request but never get an awsner (except for the first sts getCallerIdentity request)

Relevant Error/Panic Output Snippet

No response

Terraform Configuration Files

~/.aws/config

[default]
region                = eu-central-1
aws_access_key_id     = 124fb9d8-4ef0-4c95-a95b-73989a9c43fb
aws_secret_access_key = 4490915d-6ef8-41d1-8177-c9360a04eded
endpoint_url          = https://127.0.0.1:64483
ca_bundle             = /xyz/aws-master-account-localca.pem

[profile security-aws-global] # This can be any valid profile (the only condition is that there's no custom endpoint_url)
sso_session    = sso
sso_account_id = 99999999999
sso_role_name  = SecurityAdministrator
region         = eu-central-1
output         = json

[sso-session sso]
sso_region              = eu-central-1
sso_start_url           = https://sso.awsapps.com/start
sso_registration_scopes = sso:account:access

providers.tf

provider "aws" {
  region = "eu-central-1"
}
provider "aws" {
  region  = "eu-central-1"
  alias   = "security-aws-global"
  profile = "security-aws-global"
}

test.tf

data "aws_kms_key" "kinesis_kms_key" {
  provider = aws.security-aws-global
  key_id   = "alias/kinesis_cloudtrail"
}

backend.tf

terraform {
  backend "s3" {
    bucket = "terraform-master"
    key    = "test"
    region = "eu-central-1"
  }
}

version.tf

terraform {
  required_version = ">= 0.14.11, < 2.0.0"

  required_providers {
    aws = {
      source  = "hashicorp/aws"
      version = "= 5.42.0"
    }
  }
}

Steps to Reproduce

the terraform plan will never succeed to fetch the datasource using the security-aws-global profile

Debug Output

$> terraform plan                                                                                                                                                                                                                                                             
2024-03-27T17:42:51.422+0100 [INFO]  Terraform version: 1.7.5
2024-03-27T17:42:51.422+0100 [DEBUG] using github.com/hashicorp/go-tfe v1.41.0
2024-03-27T17:42:51.422+0100 [DEBUG] using github.com/hashicorp/hcl/v2 v2.19.1
2024-03-27T17:42:51.422+0100 [DEBUG] using github.com/hashicorp/terraform-svchost v0.1.1
2024-03-27T17:42:51.422+0100 [DEBUG] using github.com/zclconf/go-cty v1.14.1
2024-03-27T17:42:51.422+0100 [INFO]  Go runtime version: go1.21.8
2024-03-27T17:42:51.422+0100 [INFO]  CLI args: []string{"terraform", "plan"}
2024-03-27T17:42:51.422+0100 [DEBUG] Attempting to open CLI config file: /Users/otch/.terraformrc
2024-03-27T17:42:51.422+0100 [DEBUG] File doesn't exist, but doesn't need to. Ignoring.
2024-03-27T17:42:51.423+0100 [INFO]  Loading CLI configuration from /Users/otch/.terraform.d/credentials.tfrc.json
2024-03-27T17:42:51.423+0100 [DEBUG] ignoring non-existing provider search directory terraform.d/plugins
2024-03-27T17:42:51.423+0100 [DEBUG] ignoring non-existing provider search directory /Users/otch/.terraform.d/plugins
2024-03-27T17:42:51.423+0100 [DEBUG] ignoring non-existing provider search directory /Users/otch/Library/Application Support/io.terraform/plugins
2024-03-27T17:42:51.423+0100 [DEBUG] ignoring non-existing provider search directory /Library/Application Support/io.terraform/plugins
2024-03-27T17:42:51.423+0100 [INFO]  CLI command args: []string{"plan"}
2024-03-27T17:42:51.430+0100 [DEBUG] backend-s3.aws-base: Resolving credentials provider: tf_backend.operation=Configure tf_backend.req_id=d6655cd8-127d-f32b-6922-1b6e014c2894 tf_backend.s3.bucket=terraform-master tf_backend.s3.path=test2
2024-03-27T17:42:51.431+0100 [DEBUG] backend-s3.aws-base: Using profile: tf_backend.operation=Configure tf_backend.req_id=d6655cd8-127d-f32b-6922-1b6e014c2894 tf_backend.s3.bucket=terraform-master tf_backend.s3.path=test2 tf_aws.profile=master-account tf_aws.profile.source=envvar
2024-03-27T17:42:51.431+0100 [DEBUG] backend-s3.aws-base: Loading configuration: tf_backend.operation=Configure tf_backend.req_id=d6655cd8-127d-f32b-6922-1b6e014c2894 tf_backend.s3.bucket=terraform-master tf_backend.s3.path=test2
2024-03-27T17:42:51.432+0100 [DEBUG] backend-s3.aws-base: Retrieving credentials: tf_backend.operation=Configure tf_backend.req_id=d6655cd8-127d-f32b-6922-1b6e014c2894 tf_backend.s3.bucket=terraform-master tf_backend.s3.path=test2
2024-03-27T17:42:51.433+0100 [INFO]  backend-s3.aws-base: Retrieved credentials: tf_backend.operation=Configure tf_backend.req_id=d6655cd8-127d-f32b-6922-1b6e014c2894 tf_backend.s3.bucket=terraform-master tf_backend.s3.path=test2 tf_aws.credentials_source="SharedConfigCredentials: /Users/otch/.aws/config.teleport"
2024-03-27T17:42:51.433+0100 [DEBUG] backend-s3.aws-base: Loading configuration: tf_backend.operation=Configure tf_backend.req_id=d6655cd8-127d-f32b-6922-1b6e014c2894 tf_backend.s3.bucket=terraform-master tf_backend.s3.path=test2
2024-03-27T17:42:51.434+0100 [DEBUG] backend-s3.aws-base: Retrieving caller identity from STS: tf_backend.operation=Configure tf_backend.req_id=d6655cd8-127d-f32b-6922-1b6e014c2894 tf_backend.s3.bucket=terraform-master tf_backend.s3.path=test2
2024-03-27T17:42:51.437+0100 [DEBUG] backend-s3.aws-base: HTTP Request Sent: aws.region=eu-central-1 rpc.method=GetCallerIdentity rpc.service=STS rpc.system=aws-api tf_aws.sdk=aws-sdk-go-v2 tf_aws.signing_region="" tf_backend.operation=Configure tf_backend.req_id=d6655cd8-127d-f32b-6922-1b6e014c2894 tf_backend.s3.bucket=terraform-master tf_backend.s3.path=test2 http.request.header.amz_sdk_request="attempt=1; max=5" http.request.header.amz_sdk_invocation_id=c593455f-14e5-4ba6-a584-cf6dfa093367
  http.request.body=
  | Action=GetCallerIdentity&Version=2011-06-15
   net.peer.name=127.0.0.1 http.request.header.authorization="AWS4-HMAC-SHA256 Credential=124fb9d8-4ef0-4c95-a95b-73989a9c43fb/20240327/eu-central-1/sts/aws4_request, SignedHeaders=amz-sdk-invocation-id;amz-sdk-request;content-length;content-type;host;x-amz-date, Signature=*****" net.peer.port=64483 http.user_agent="APN/1.0 HashiCorp/1.0 Terraform/1.7.5 (+https://www.terraform.io) aws-sdk-go-v2/1.25.3 os/macos lang/go#1.21.8 md/GOOS#darwin md/GOARCH#arm64 api/sts#1.28.4" http.request_content_length=43 http.request.header.x_amz_date=20240327T164251Z http.request.header.content_type=application/x-www-form-urlencoded http.method=POST http.url=https://127.0.0.1:64483/
2024-03-27T17:42:52.224+0100 [DEBUG] backend-s3.aws-base: HTTP Response Received: aws.region=eu-central-1 rpc.method=GetCallerIdentity rpc.service=STS rpc.system=aws-api tf_aws.sdk=aws-sdk-go-v2 tf_aws.signing_region="" tf_backend.operation=Configure tf_backend.req_id=d6655cd8-127d-f32b-6922-1b6e014c2894 tf_backend.s3.bucket=terraform-master tf_backend.s3.path=test2 http.response.header.content_type=text/xml http.response.header.date="Wed, 27 Mar 2024 16:42:51 GMT"
  http.response.body=
  | <GetCallerIdentityResponse xmlns="https://sts.amazonaws.com/doc/2011-06-15/">
  |   <GetCallerIdentityResult>
  |     <Arn>arn:aws:sts::012345678901:assumed-role/teleport-aws-master-superadministrator/othmane.elmassari@xyz.com</Arn>
  |     <UserId>AROA*************NQQG:othmane.elmassari@xyz.com</UserId>
  |     <Account>012345678901</Account>
  |   </GetCallerIdentityResult>
  |   <ResponseMetadata>
  |     <RequestId>d60a1891-1f34-4d70-b106-3df5749d6f8f</RequestId>
  |   </ResponseMetadata>
  | </GetCallerIdentityResponse>
   http.duration=786 http.status_code=200 http.response_content_length=505 http.response.header.x_amzn_requestid=d60a1891-1f34-4d70-b106-3df5749d6f8f
2024-03-27T17:42:52.225+0100 [INFO]  backend-s3.aws-base: Retrieved caller identity from STS: tf_backend.operation=Configure tf_backend.req_id=d6655cd8-127d-f32b-6922-1b6e014c2894 tf_backend.s3.bucket=terraform-master tf_backend.s3.path=test2
2024-03-27T17:42:52.225+0100 [DEBUG] backend-s3.aws-base: Retrieving caller identity from STS: tf_backend.operation=Configure tf_backend.req_id=d6655cd8-127d-f32b-6922-1b6e014c2894 tf_backend.s3.bucket=terraform-master tf_backend.s3.path=test2
2024-03-27T17:42:52.226+0100 [DEBUG] backend-s3.aws-base: HTTP Request Sent: aws.region=eu-central-1 rpc.method=GetCallerIdentity rpc.service=STS rpc.system=aws-api tf_aws.sdk=aws-sdk-go-v2 tf_aws.signing_region="" tf_backend.operation=Configure tf_backend.req_id=d6655cd8-127d-f32b-6922-1b6e014c2894 tf_backend.s3.bucket=terraform-master tf_backend.s3.path=test2 http.method=POST net.peer.port=64483 http.request_content_length=43 http.request.header.authorization="AWS4-HMAC-SHA256 Credential=124fb9d8-4ef0-4c95-a95b-73989a9c43fb/20240327/eu-central-1/sts/aws4_request, SignedHeaders=amz-sdk-invocation-id;amz-sdk-request;content-length;content-type;host;x-amz-date, Signature=*****" http.request.header.x_amz_date=20240327T164252Z http.request.header.content_type=application/x-www-form-urlencoded
  http.request.body=
  | Action=GetCallerIdentity&Version=2011-06-15
   http.url=https://127.0.0.1:64483/ net.peer.name=127.0.0.1 http.user_agent="APN/1.0 HashiCorp/1.0 Terraform/1.7.5 (+https://www.terraform.io) aws-sdk-go-v2/1.25.3 os/macos lang/go#1.21.8 md/GOOS#darwin md/GOARCH#arm64 api/sts#1.28.4" http.request.header.amz_sdk_request="attempt=1; max=5" http.request.header.amz_sdk_invocation_id=afbbe4f7-a856-4167-8a03-11b2605c3f7e
2024-03-27T17:42:52.361+0100 [DEBUG] backend-s3.aws-base: HTTP Response Received: aws.region=eu-central-1 rpc.method=GetCallerIdentity rpc.service=STS rpc.system=aws-api tf_aws.sdk=aws-sdk-go-v2 tf_aws.signing_region="" tf_backend.operation=Configure tf_backend.req_id=d6655cd8-127d-f32b-6922-1b6e014c2894 tf_backend.s3.bucket=terraform-master tf_backend.s3.path=test2 http.duration=134 http.status_code=200 http.response_content_length=505 http.response.header.content_type=text/xml http.response.header.date="Wed, 27 Mar 2024 16:42:51 GMT" http.response.header.x_amzn_requestid=8a2a460d-8c6b-4d1a-b4a9-54e4f0a6f985
  http.response.body=
  | <GetCallerIdentityResponse xmlns="https://sts.amazonaws.com/doc/2011-06-15/">
  |   <GetCallerIdentityResult>
  |     <Arn>arn:aws:sts::012345678901:assumed-role/teleport-aws-master-superadministrator/othmane.elmassari@xyz.com</Arn>
  |     <UserId>AROA*************NQQG:othmane.elmassari@xyz.com</UserId>
  |     <Account>012345678901</Account>
  |   </GetCallerIdentityResult>
  |   <ResponseMetadata>
  |     <RequestId>8a2a460d-8c6b-4d1a-b4a9-54e4f0a6f985</RequestId>
  |   </ResponseMetadata>
  | </GetCallerIdentityResponse>

2024-03-27T17:42:52.362+0100 [INFO]  backend-s3.aws-base: Retrieved caller identity from STS: tf_backend.operation=Configure tf_backend.req_id=d6655cd8-127d-f32b-6922-1b6e014c2894 tf_backend.s3.bucket=terraform-master tf_backend.s3.path=test2
2024-03-27T17:42:52.676+0100 [DEBUG] checking for provisioner in "."
2024-03-27T17:42:52.676+0100 [DEBUG] checking for provisioner in "/Users/otch/bin"
2024-03-27T17:42:52.678+0100 [INFO]  backend/local: starting Plan operation
2024-03-27T17:42:52.684+0100 [DEBUG] backend-s3: HTTP Request Sent: aws.region=eu-central-1 aws.s3.bucket=terraform-master rpc.method=ListObjectsV2 rpc.service=S3 rpc.system=aws-api tf_aws.sdk=aws-sdk-go-v2 tf_aws.signing_region="" tf_backend.operation=Workspaces tf_backend.req_id=5ec00071-1194-c2cf-ca2e-cbc411a8519d tf_backend.s3.bucket=terraform-master tf_backend.workspace-prefix=env:/ http.url="https://127.0.0.1:64483/terraform-master?list-type=2&max-keys=1000&prefix=env%3A%2F" net.peer.port=64483 http.request.header.authorization="AWS4-HMAC-SHA256 Credential=124fb9d8-4ef0-4c95-a95b-73989a9c43fb/20240327/eu-central-1/s3/aws4_request, SignedHeaders=accept-encoding;amz-sdk-invocation-id;amz-sdk-request;host;x-amz-content-sha256;x-amz-date, Signature=*****" http.request.header.x_amz_date=20240327T164252Z http.request.header.x_amz_content_sha256=e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 http.request.header.amz_sdk_invocation_id=044c1bda-4014-4f4e-ab79-3c405c81b4d7 http.request.body="" http.method=GET http.user_agent="APN/1.0 HashiCorp/1.0 Terraform/1.7.5 (+https://www.terraform.io) aws-sdk-go-v2/1.25.3 os/macos lang/go#1.21.8 md/GOOS#darwin md/GOARCH#arm64 api/s3#1.51.4" http.request.header.accept_encoding=identity http.request.header.amz_sdk_request="attempt=1; max=5" net.peer.name=127.0.0.1
2024-03-27T17:42:52.789+0100 [DEBUG] backend-s3: HTTP Response Received: aws.region=eu-central-1 aws.s3.bucket=terraform-master rpc.method=ListObjectsV2 rpc.service=S3 rpc.system=aws-api tf_aws.sdk=aws-sdk-go-v2 tf_aws.signing_region="" tf_backend.operation=Workspaces tf_backend.req_id=5ec00071-1194-c2cf-ca2e-cbc411a8519d tf_backend.s3.bucket=terraform-master tf_backend.workspace-prefix=env:/ http.response.header.server=AmazonS3 http.status_code=200 http.response.header.date="Wed, 27 Mar 2024 16:42:53 GMT" http.response.header.x_amz_id_2="NUzr2u3PaL7haQRAUnPn7P7ZUEd/+nCT+7ONCJdaYxg49Trr4qfjV5hG2lYurf+su0xL5kee7hg=" http.response.header.x_amz_request_id=R6JCMGEQQTG7NPJ9 http.response.header.content_type=application/xml
  http.response.body=
  | <?xml version="1.0" encoding="UTF-8"?>
  | <ListBucketResult xmlns="http://s3.amazonaws.com/doc/2006-03-01/"><Name>terraform-master</Name><Prefix>env:/</Prefix><KeyCount>0</KeyCount><MaxKeys>1000</MaxKeys><IsTruncated>false</IsTruncated></ListBucketResult>
   http.duration=104 http.response.header.x_amz_bucket_region=eu-central-1
2024-03-27T17:42:52.790+0100 [INFO]  backend-s3: Downloading remote state: tf_backend.operation=Get tf_backend.req_id=9d9e1393-dd41-2d00-b382-fcbb99ba7115 tf_backend.s3.bucket=terraform-master tf_backend.s3.path=test2
2024-03-27T17:42:52.791+0100 [DEBUG] backend-s3: HTTP Request Sent: aws.region=eu-central-1 aws.s3.bucket=terraform-master aws.s3.key=test2 rpc.method=HeadObject rpc.service=S3 rpc.system=aws-api tf_aws.sdk=aws-sdk-go-v2 tf_aws.signing_region="" tf_backend.operation=Get tf_backend.req_id=9d9e1393-dd41-2d00-b382-fcbb99ba7115 tf_backend.s3.bucket=terraform-master tf_backend.s3.path=test2 http.request.header.amz_sdk_invocation_id=6c87ce67-9f78-4306-9197-45881c568c80 http.request.body="" http.url=https://127.0.0.1:64483/terraform-master/test2 http.user_agent="APN/1.0 HashiCorp/1.0 Terraform/1.7.5 (+https://www.terraform.io) aws-sdk-go-v2/1.25.3 os/macos lang/go#1.21.8 md/GOOS#darwin md/GOARCH#arm64 api/s3#1.51.4" http.request.header.authorization="AWS4-HMAC-SHA256 Credential=124fb9d8-4ef0-4c95-a95b-73989a9c43fb/20240327/eu-central-1/s3/aws4_request, SignedHeaders=accept-encoding;amz-sdk-invocation-id;amz-sdk-request;host;x-amz-content-sha256;x-amz-date, Signature=*****" http.request.header.x_amz_date=20240327T164252Z http.request.header.accept_encoding=identity http.request.header.x_amz_content_sha256=e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 http.method=HEAD net.peer.name=127.0.0.1 net.peer.port=64483 http.request.header.amz_sdk_request="attempt=1; max=5"
2024-03-27T17:42:52.853+0100 [DEBUG] backend-s3: HTTP Response Received: aws.region=eu-central-1 aws.s3.bucket=terraform-master aws.s3.key=test2 rpc.method=HeadObject rpc.service=S3 rpc.system=aws-api tf_aws.sdk=aws-sdk-go-v2 tf_aws.signing_region="" tf_backend.operation=Get tf_backend.req_id=9d9e1393-dd41-2d00-b382-fcbb99ba7115 tf_backend.s3.bucket=terraform-master tf_backend.s3.path=test2 http.duration=61 http.response.header.x_amz_version_id=Tbi7MRm.sB.QUEsR3SJGfQjwNKksyn9O http.response.header.x_amz_server_side_encryption=aws:kms http.response.body="" http.status_code=200 http.response.header.content_encoding="" http.response.header.etag="\"6bba3740025edb3135b319a0d135b90c\"" http.response.header.server=AmazonS3 http.response.header.x_amz_id_2="WOOv0xHU6lhRBBorwLxZ/LyK+NcPWqX6+3sEVQz7csBnR+tGQLACFe5tqRfRBpwagsQP9qxltpE=" http.response.header.date="Wed, 27 Mar 2024 16:42:53 GMT" http.response.header.content_type=application/json http.response.header.x_amz_request_id=R6J7FA7JEZN16THK http.response_content_length=180 http.response.header.x_amz_server_side_encryption_aws_kms_key_id=arn:aws:kms:eu-central-1:012345678901:key/be60c2b5-06cf-47db-84e8-1adefbd40c98 http.response.header.accept_ranges=bytes http.response.header.last_modified="Wed, 27 Mar 2024 12:38:47 GMT"
2024-03-27T17:42:52.856+0100 [DEBUG] backend-s3: HTTP Request Sent: aws.region=eu-central-1 aws.s3.bucket=terraform-master aws.s3.key=test2 rpc.method=GetObject rpc.service=S3 rpc.system=aws-api tf_aws.sdk=aws-sdk-go-v2 tf_aws.signing_region="" tf_backend.operation=Get tf_backend.req_id=9d9e1393-dd41-2d00-b382-fcbb99ba7115 tf_backend.s3.bucket=terraform-master tf_backend.s3.path=test2 http.method=GET http.url=https://127.0.0.1:64483/terraform-master/test2?x-id=GetObject http.user_agent="APN/1.0 HashiCorp/1.0 Terraform/1.7.5 (+https://www.terraform.io) aws-sdk-go-v2/1.25.3 os/macos lang/go#1.21.8 md/GOOS#darwin md/GOARCH#arm64 api/s3#1.51.4 ft/s3-transfer" http.request.header.amz_sdk_invocation_id=654677d1-8c03-4915-a67b-058541fd92ae http.request.header.amz_sdk_request="attempt=1; max=5" http.request.body="" http.request.header.authorization="AWS4-HMAC-SHA256 Credential=124fb9d8-4ef0-4c95-a95b-73989a9c43fb/20240327/eu-central-1/s3/aws4_request, SignedHeaders=accept-encoding;amz-sdk-invocation-id;amz-sdk-request;host;range;x-amz-content-sha256;x-amz-date, Signature=*****" http.request.header.x_amz_content_sha256=e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 http.request.header.range=bytes=0-5242879 http.request.header.accept_encoding=identity net.peer.name=127.0.0.1 net.peer.port=64483 http.request.header.x_amz_date=20240327T164252Z
2024-03-27T17:42:52.943+0100 [DEBUG] backend-s3: HTTP Response Received: aws.region=eu-central-1 aws.s3.bucket=terraform-master aws.s3.key=test2 rpc.method=GetObject rpc.service=S3 rpc.system=aws-api tf_aws.sdk=aws-sdk-go-v2 tf_aws.signing_region="" tf_backend.operation=Get tf_backend.req_id=9d9e1393-dd41-2d00-b382-fcbb99ba7115 tf_backend.s3.bucket=terraform-master tf_backend.s3.path=test2 http.response.header.content_encoding="" http.response.header.date="Wed, 27 Mar 2024 16:42:53 GMT" http.response.header.x_amz_id_2="bvAW54XfG7STDjS2rH8R/HCXtpXrpJxkXGM0kjBr+TrWK198bTfmhbGaluOUx6zniJNx6FUJqSc=" http.response.header.content_type=application/json http.response.header.accept_ranges=bytes http.response.body="[Redacted: 180 bytes, Type: application/json]" http.response.header.server=AmazonS3 http.response.header.etag="\"6bba3740025edb3135b319a0d135b90c\"" http.response.header.x_amz_request_id=R6JBT716HN7K9CMJ http.response.header.content_range="bytes 0-179/180" http.status_code=206 http.response.header.last_modified="Wed, 27 Mar 2024 12:38:47 GMT" http.response.header.x_amz_version_id=Tbi7MRm.sB.QUEsR3SJGfQjwNKksyn9O http.duration=85 http.response_content_length=180 http.response.header.x_amz_server_side_encryption=aws:kms http.response.header.x_amz_server_side_encryption_aws_kms_key_id=arn:aws:kms:eu-central-1:012345678901:key/be60c2b5-06cf-47db-84e8-1adefbd40c98
2024-03-27T17:42:52.945+0100 [DEBUG] created provider logger: level=debug
2024-03-27T17:42:52.946+0100 [INFO]  provider: configuring client automatic mTLS
2024-03-27T17:42:52.960+0100 [DEBUG] provider: starting plugin: path=.terraform/providers/registry.terraform.io/hashicorp/aws/5.42.0/darwin_arm64/terraform-provider-aws_v5.42.0_x5 args=[".terraform/providers/registry.terraform.io/hashicorp/aws/5.42.0/darwin_arm64/terraform-provider-aws_v5.42.0_x5"]
2024-03-27T17:42:52.981+0100 [DEBUG] provider: plugin started: path=.terraform/providers/registry.terraform.io/hashicorp/aws/5.42.0/darwin_arm64/terraform-provider-aws_v5.42.0_x5 pid=85320
2024-03-27T17:42:52.981+0100 [DEBUG] provider: waiting for RPC address: path=.terraform/providers/registry.terraform.io/hashicorp/aws/5.42.0/darwin_arm64/terraform-provider-aws_v5.42.0_x5
2024-03-27T17:42:53.111+0100 [INFO]  provider.terraform-provider-aws_v5.42.0_x5: configuring server automatic mTLS: timestamp="2024-03-27T17:42:53.111+0100"
2024-03-27T17:42:53.117+0100 [DEBUG] provider: using plugin: version=5
2024-03-27T17:42:53.118+0100 [DEBUG] provider.terraform-provider-aws_v5.42.0_x5: plugin address: address=/var/folders/n1/lg_3qghd0270crzmqq6wnms80000gn/T/plugin1321115192 network=unix timestamp="2024-03-27T17:42:53.117+0100"
2024-03-27T17:42:53.521+0100 [DEBUG] provider.stdio: received EOF, stopping recv loop: err="rpc error: code = Unavailable desc = error reading from server: EOF"
2024-03-27T17:42:53.524+0100 [DEBUG] provider: plugin process exited: path=.terraform/providers/registry.terraform.io/hashicorp/aws/5.42.0/darwin_arm64/terraform-provider-aws_v5.42.0_x5 pid=85320
2024-03-27T17:42:53.524+0100 [DEBUG] provider: plugin exited
2024-03-27T17:42:53.525+0100 [DEBUG] Building and walking validate graph
2024-03-27T17:42:53.525+0100 [DEBUG] ProviderTransformer: "data.aws_kms_key.kinesis_kms_key" (*terraform.NodeValidatableResource) needs provider["registry.terraform.io/hashicorp/aws"].security-aws-global
2024-03-27T17:42:53.525+0100 [DEBUG] pruning unused provider["registry.terraform.io/hashicorp/aws"]
2024-03-27T17:42:53.525+0100 [DEBUG] ReferenceTransformer: "data.aws_kms_key.kinesis_kms_key" references: []
2024-03-27T17:42:53.525+0100 [DEBUG] ReferenceTransformer: "provider[\"registry.terraform.io/hashicorp/aws\"].security-aws-global" references: []
2024-03-27T17:42:53.525+0100 [DEBUG] Starting graph walk: walkValidate
2024-03-27T17:42:53.530+0100 [DEBUG] created provider logger: level=debug
2024-03-27T17:42:53.530+0100 [INFO]  provider: configuring client automatic mTLS
2024-03-27T17:42:53.532+0100 [DEBUG] provider: starting plugin: path=.terraform/providers/registry.terraform.io/hashicorp/aws/5.42.0/darwin_arm64/terraform-provider-aws_v5.42.0_x5 args=[".terraform/providers/registry.terraform.io/hashicorp/aws/5.42.0/darwin_arm64/terraform-provider-aws_v5.42.0_x5"]
2024-03-27T17:42:53.544+0100 [DEBUG] provider: plugin started: path=.terraform/providers/registry.terraform.io/hashicorp/aws/5.42.0/darwin_arm64/terraform-provider-aws_v5.42.0_x5 pid=85321
2024-03-27T17:42:53.545+0100 [DEBUG] provider: waiting for RPC address: path=.terraform/providers/registry.terraform.io/hashicorp/aws/5.42.0/darwin_arm64/terraform-provider-aws_v5.42.0_x5
2024-03-27T17:42:53.630+0100 [INFO]  provider.terraform-provider-aws_v5.42.0_x5: configuring server automatic mTLS: timestamp="2024-03-27T17:42:53.629+0100"
2024-03-27T17:42:53.636+0100 [DEBUG] provider: using plugin: version=5
2024-03-27T17:42:53.636+0100 [DEBUG] provider.terraform-provider-aws_v5.42.0_x5: plugin address: address=/var/folders/n1/lg_3qghd0270crzmqq6wnms80000gn/T/plugin2402959462 network=unix timestamp="2024-03-27T17:42:53.636+0100"
2024-03-27T17:42:53.700+0100 [DEBUG] provider.stdio: received EOF, stopping recv loop: err="rpc error: code = Unavailable desc = error reading from server: EOF"
2024-03-27T17:42:53.702+0100 [DEBUG] provider: plugin process exited: path=.terraform/providers/registry.terraform.io/hashicorp/aws/5.42.0/darwin_arm64/terraform-provider-aws_v5.42.0_x5 pid=85321
2024-03-27T17:42:53.702+0100 [DEBUG] provider: plugin exited
2024-03-27T17:42:53.702+0100 [INFO]  backend/local: plan calling Plan
2024-03-27T17:42:53.702+0100 [DEBUG] Building and walking plan graph for NormalMode
2024-03-27T17:42:53.702+0100 [DEBUG] ProviderTransformer: "data.aws_kms_key.kinesis_kms_key (expand)" (*terraform.nodeExpandPlannableResource) needs provider["registry.terraform.io/hashicorp/aws"].security-aws-global
2024-03-27T17:42:53.702+0100 [DEBUG] pruning unused provider["registry.terraform.io/hashicorp/aws"]
2024-03-27T17:42:53.702+0100 [DEBUG] ReferenceTransformer: "data.aws_kms_key.kinesis_kms_key (expand)" references: []
2024-03-27T17:42:53.702+0100 [DEBUG] ReferenceTransformer: "provider[\"registry.terraform.io/hashicorp/aws\"].security-aws-global" references: []
2024-03-27T17:42:53.703+0100 [DEBUG] Starting graph walk: walkPlan
2024-03-27T17:42:53.703+0100 [DEBUG] created provider logger: level=debug
2024-03-27T17:42:53.703+0100 [INFO]  provider: configuring client automatic mTLS
2024-03-27T17:42:53.705+0100 [DEBUG] provider: starting plugin: path=.terraform/providers/registry.terraform.io/hashicorp/aws/5.42.0/darwin_arm64/terraform-provider-aws_v5.42.0_x5 args=[".terraform/providers/registry.terraform.io/hashicorp/aws/5.42.0/darwin_arm64/terraform-provider-aws_v5.42.0_x5"]
2024-03-27T17:42:53.719+0100 [DEBUG] provider: plugin started: path=.terraform/providers/registry.terraform.io/hashicorp/aws/5.42.0/darwin_arm64/terraform-provider-aws_v5.42.0_x5 pid=85322
2024-03-27T17:42:53.719+0100 [DEBUG] provider: waiting for RPC address: path=.terraform/providers/registry.terraform.io/hashicorp/aws/5.42.0/darwin_arm64/terraform-provider-aws_v5.42.0_x5
2024-03-27T17:42:53.801+0100 [INFO]  provider.terraform-provider-aws_v5.42.0_x5: configuring server automatic mTLS: timestamp="2024-03-27T17:42:53.800+0100"
2024-03-27T17:42:53.807+0100 [DEBUG] provider: using plugin: version=5
2024-03-27T17:42:53.807+0100 [DEBUG] provider.terraform-provider-aws_v5.42.0_x5: plugin address: address=/var/folders/n1/lg_3qghd0270crzmqq6wnms80000gn/T/plugin1472196651 network=unix timestamp="2024-03-27T17:42:53.807+0100"
2024-03-27T17:42:53.873+0100 [DEBUG] provider.terraform-provider-aws_v5.42.0_x5: Configuring Terraform AWS Provider: tf_mux_provider="*schema.GRPCProviderServer" tf_provider_addr=registry.terraform.io/hashicorp/aws tf_rpc=ConfigureProvider @module=aws tf_req_id=69bb6d5b-40ed-223f-bc98-c23a0e0fcbbc @caller=github.com/hashicorp/terraform-provider-aws/internal/conns/config.go:134 timestamp="2024-03-27T17:42:53.873+0100"
2024-03-27T17:42:53.873+0100 [DEBUG] provider.terraform-provider-aws_v5.42.0_x5: Resolving credentials provider: @module=aws.aws-base tf_provider_addr=registry.terraform.io/hashicorp/aws tf_rpc=ConfigureProvider @caller=github.com/hashicorp/aws-sdk-go-base/v2@v2.0.0-beta.50/logging/tf_logger.go:47 tf_mux_provider="*schema.GRPCProviderServer" tf_req_id=69bb6d5b-40ed-223f-bc98-c23a0e0fcbbc timestamp="2024-03-27T17:42:53.873+0100"
2024-03-27T17:42:53.873+0100 [DEBUG] provider.terraform-provider-aws_v5.42.0_x5: Setting profile: tf_aws.profile=security-aws-global tf_aws.profile.source=provider tf_provider_addr=registry.terraform.io/hashicorp/aws tf_req_id=69bb6d5b-40ed-223f-bc98-c23a0e0fcbbc @caller=github.com/hashicorp/aws-sdk-go-base/v2@v2.0.0-beta.50/logging/tf_logger.go:47 @module=aws.aws-base tf_mux_provider="*schema.GRPCProviderServer" tf_rpc=ConfigureProvider timestamp="2024-03-27T17:42:53.873+0100"
2024-03-27T17:42:53.873+0100 [DEBUG] provider.terraform-provider-aws_v5.42.0_x5: Loading configuration: @module=aws.aws-base tf_mux_provider="*schema.GRPCProviderServer" tf_req_id=69bb6d5b-40ed-223f-bc98-c23a0e0fcbbc @caller=github.com/hashicorp/aws-sdk-go-base/v2@v2.0.0-beta.50/logging/tf_logger.go:47 tf_provider_addr=registry.terraform.io/hashicorp/aws tf_rpc=ConfigureProvider timestamp="2024-03-27T17:42:53.873+0100"
2024-03-27T17:42:53.873+0100 [DEBUG] provider.terraform-provider-aws_v5.42.0_x5: Retrieving credentials: @module=aws.aws-base @caller=github.com/hashicorp/aws-sdk-go-base/v2@v2.0.0-beta.50/logging/tf_logger.go:47 tf_mux_provider="*schema.GRPCProviderServer" tf_provider_addr=registry.terraform.io/hashicorp/aws tf_req_id=69bb6d5b-40ed-223f-bc98-c23a0e0fcbbc tf_rpc=ConfigureProvider timestamp="2024-03-27T17:42:53.873+0100"
2024-03-27T17:42:53.981+0100 [INFO]  provider.terraform-provider-aws_v5.42.0_x5: Retrieved credentials: tf_aws.credentials_source=ProcessProvider tf_req_id=69bb6d5b-40ed-223f-bc98-c23a0e0fcbbc @module=aws.aws-base tf_mux_provider="*schema.GRPCProviderServer" tf_provider_addr=registry.terraform.io/hashicorp/aws tf_rpc=ConfigureProvider @caller=github.com/hashicorp/aws-sdk-go-base/v2@v2.0.0-beta.50/logging/tf_logger.go:39 timestamp="2024-03-27T17:42:53.980+0100"
2024-03-27T17:42:53.982+0100 [DEBUG] provider.terraform-provider-aws_v5.42.0_x5: Loading configuration: tf_req_id=69bb6d5b-40ed-223f-bc98-c23a0e0fcbbc @caller=github.com/hashicorp/aws-sdk-go-base/v2@v2.0.0-beta.50/logging/tf_logger.go:47 tf_provider_addr=registry.terraform.io/hashicorp/aws tf_mux_provider="*schema.GRPCProviderServer" tf_rpc=ConfigureProvider @module=aws.aws-base timestamp="2024-03-27T17:42:53.980+0100"
2024-03-27T17:42:53.982+0100 [DEBUG] provider.terraform-provider-aws_v5.42.0_x5: Creating AWS SDK v1 session: @caller=github.com/hashicorp/terraform-provider-aws/internal/conns/config.go:158 tf_mux_provider="*schema.GRPCProviderServer" tf_rpc=ConfigureProvider @module=aws tf_provider_addr=registry.terraform.io/hashicorp/aws tf_req_id=69bb6d5b-40ed-223f-bc98-c23a0e0fcbbc timestamp="2024-03-27T17:42:53.982+0100"
2024-03-27T17:42:53.987+0100 [DEBUG] provider.terraform-provider-aws_v5.42.0_x5: Retrieving AWS account details: tf_provider_addr=registry.terraform.io/hashicorp/aws tf_req_id=69bb6d5b-40ed-223f-bc98-c23a0e0fcbbc @caller=github.com/hashicorp/terraform-provider-aws/internal/conns/config.go:173 @module=aws tf_mux_provider="*schema.GRPCProviderServer" tf_rpc=ConfigureProvider timestamp="2024-03-27T17:42:53.986+0100"
2024-03-27T17:42:53.987+0100 [DEBUG] provider.terraform-provider-aws_v5.42.0_x5: Retrieving caller identity from STS: tf_provider_addr=registry.terraform.io/hashicorp/aws tf_req_id=69bb6d5b-40ed-223f-bc98-c23a0e0fcbbc @module=aws.aws-base tf_mux_provider="*schema.GRPCProviderServer" tf_rpc=ConfigureProvider @caller=github.com/hashicorp/aws-sdk-go-base/v2@v2.0.0-beta.50/logging/tf_logger.go:47 timestamp="2024-03-27T17:42:53.986+0100"
2024-03-27T17:42:53.987+0100 [DEBUG] provider.terraform-provider-aws_v5.42.0_x5: HTTP Request Sent: http.method=POST http.request.header.x_amz_date=20240327T164253Z tf_req_id=69bb6d5b-40ed-223f-bc98-c23a0e0fcbbc net.peer.name=sts.eu-central-1.amazonaws.com tf_mux_provider="*schema.GRPCProviderServer" tf_aws.signing_region="" http.request.header.amz_sdk_invocation_id=a296b1e9-7ca3-4c67-91f7-991f81e5e722 http.request.header.authorization="AWS4-HMAC-SHA256 Credential=ASIA************OCHY/20240327/eu-central-1/sts/aws4_request, SignedHeaders=amz-sdk-invocation-id;amz-sdk-request;content-length;content-type;host;x-amz-date;x-amz-security-token, Signature=*****" http.request.header.x_amz_security_token="*****" tf_rpc=ConfigureProvider @module=aws.aws-base aws.region=eu-central-1 rpc.service=STS tf_provider_addr=registry.terraform.io/hashicorp/aws @caller=github.com/hashicorp/aws-sdk-go-base/v2@v2.0.0-beta.50/logging/tf_logger.go:47 http.user_agent="APN/1.0 HashiCorp/1.0 Terraform/1.7.5 (+https://www.terraform.io) terraform-provider-aws/5.42.0 (+https://registry.terraform.io/providers/hashicorp/aws) aws-sdk-go-v2/1.26.0 os/macos lang/go#1.21.8 md/GOOS#darwin md/GOARCH#arm64 api/sts#1.28.5" rpc.method=GetCallerIdentity tf_aws.sdk=aws-sdk-go-v2
  http.request.body=
  | Action=GetCallerIdentity&Version=2011-06-15
   http.request.header.amz_sdk_request="attempt=1; max=25" http.request.header.content_type=application/x-www-form-urlencoded http.request_content_length=43 http.url=https://sts.eu-central-1.amazonaws.com/ rpc.system=aws-api timestamp="2024-03-27T17:42:53.987+0100"
2024-03-27T17:42:54.244+0100 [DEBUG] provider.terraform-provider-aws_v5.42.0_x5: HTTP Response Received:
  http.response.body=
  | <GetCallerIdentityResponse xmlns="https://sts.amazonaws.com/doc/2011-06-15/">
  |   <GetCallerIdentityResult>
  |     <Arn>arn:aws:sts::99999999999:assumed-role/AWSReservedSSO_SecurityAdministrator_2851005d414a8f55/othmane.elmassari@xyz.com</Arn>
  |     <UserId>AROA*************HVLF:othmane.elmassari@xyz.com</UserId>
  |     <Account>99999999999</Account>
  |   </GetCallerIdentityResult>
  |   <ResponseMetadata>
  |     <RequestId>da10abfd-eb9b-4bbc-8084-e7b3a1a1be0e</RequestId>
  |   </ResponseMetadata>
  | </GetCallerIdentityResponse>
   http.response.header.date="Wed, 27 Mar 2024 16:42:54 GMT" http.response.header.x_amzn_requestid=da10abfd-eb9b-4bbc-8084-e7b3a1a1be0e http.response_content_length=520 http.status_code=200 rpc.method=GetCallerIdentity tf_aws.sdk=aws-sdk-go-v2 rpc.service=STS rpc.system=aws-api tf_provider_addr=registry.terraform.io/hashicorp/aws tf_req_id=69bb6d5b-40ed-223f-bc98-c23a0e0fcbbc tf_rpc=ConfigureProvider http.duration=256 aws.region=eu-central-1 tf_aws.signing_region="" @module=aws.aws-base http.response.header.content_type=text/xml tf_mux_provider="*schema.GRPCProviderServer" @caller=github.com/hashicorp/aws-sdk-go-base/v2@v2.0.0-beta.50/logging/tf_logger.go:47 timestamp="2024-03-27T17:42:54.243+0100"
2024-03-27T17:42:54.244+0100 [INFO]  provider.terraform-provider-aws_v5.42.0_x5: Retrieved caller identity from STS: tf_req_id=69bb6d5b-40ed-223f-bc98-c23a0e0fcbbc tf_rpc=ConfigureProvider @caller=github.com/hashicorp/aws-sdk-go-base/v2@v2.0.0-beta.50/logging/tf_logger.go:39 @module=aws.aws-base tf_mux_provider="*schema.GRPCProviderServer" tf_provider_addr=registry.terraform.io/hashicorp/aws timestamp="2024-03-27T17:42:54.244+0100"
2024-03-27T17:42:54.245+0100 [DEBUG] Resource instance state not found for node "data.aws_kms_key.kinesis_kms_key", instance data.aws_kms_key.kinesis_kms_key
2024-03-27T17:42:54.245+0100 [DEBUG] ReferenceTransformer: "data.aws_kms_key.kinesis_kms_key" references: []
data.aws_kms_key.kinesis_kms_key: Reading...
2024-03-27T17:42:54.254+0100 [DEBUG] provider.terraform-provider-aws_v5.42.0_x5: HTTP Request Sent: @caller=github.com/hashicorp/aws-sdk-go-base/v2/awsv1shim/v2@v2.0.0-beta.51/logger.go:109 http.request.header.authorization="AWS4-HMAC-SHA256 Credential=ASIA************OCHY/20240327/eu-central-1/kms/aws4_request, SignedHeaders=content-length;content-type;host;x-amz-date;x-amz-security-token;x-amz-target, Signature=*****" net.peer.name=kms.eu-central-1.amazonaws.com http.request.header.x_amz_target=TrentService.DescribeKey http.flavor=1.1 http.request.header.content_type=application/x-amz-json-1.1 rpc.method=DescribeKey tf_rpc=ReadDataSource @module=aws http.method=POST rpc.system=aws-api tf_mux_provider="*schema.GRPCProviderServer" tf_provider_addr=registry.terraform.io/hashicorp/aws aws.region=eu-central-1 http.url=https://kms.eu-central-1.amazonaws.com/ http.request.header.x_amz_date=20240327T164254Z http.request.header.x_amz_security_token="*****" http.user_agent="APN/1.0 HashiCorp/1.0 Terraform/1.7.5 (+https://www.terraform.io) terraform-provider-aws/5.42.0 (+https://registry.terraform.io/providers/hashicorp/aws) aws-sdk-go/1.51.4 (go1.21.8; darwin; arm64)" tf_data_source_type=aws_kms_key rpc.service=KMS tf_aws.sdk=aws-sdk-go
  http.request.body=
  | {"KeyId":"alias/kinesis_cloudtrail"}
   http.request_content_length=36 tf_req_id=f192440b-3d65-f583-f492-f2e2d09dec8b timestamp="2024-03-27T17:42:54.254+0100"
2024-03-27T17:42:54.422+0100 [DEBUG] provider.terraform-provider-aws_v5.42.0_x5: HTTP Request Sent: tf_provider_addr=registry.terraform.io/hashicorp/aws tf_req_id=f192440b-3d65-f583-f492-f2e2d09dec8b aws.region=eu-central-1 http.flavor=1.1 http.request_content_length=36 net.peer.name=kms.eu-central-1.amazonaws.com tf_mux_provider="*schema.GRPCProviderServer" @caller=github.com/hashicorp/aws-sdk-go-base/v2/awsv1shim/v2@v2.0.0-beta.51/logger.go:109 http.request.header.authorization="AWS4-HMAC-SHA256 Credential=ASIA************OCHY/20240327/eu-central-1/kms/aws4_request, SignedHeaders=content-length;content-type;host;x-amz-date;x-amz-security-token;x-amz-target, Signature=*****" http.request.header.x_amz_security_token="*****" http.url=https://kms.eu-central-1.amazonaws.com/ http.user_agent="APN/1.0 HashiCorp/1.0 Terraform/1.7.5 (+https://www.terraform.io) terraform-provider-aws/5.42.0 (+https://registry.terraform.io/providers/hashicorp/aws) aws-sdk-go/1.51.4 (go1.21.8; darwin; arm64)" tf_data_source_type=aws_kms_key http.method=POST http.request.header.x_amz_date=20240327T164254Z http.request.header.x_amz_target=TrentService.DescribeKey rpc.service=KMS
  http.request.body=
  | {"KeyId":"alias/kinesis_cloudtrail"}
   http.request.header.content_type=application/x-amz-json-1.1 rpc.system=aws-api @module=aws tf_aws.sdk=aws-sdk-go tf_rpc=ReadDataSource rpc.method=DescribeKey timestamp="2024-03-27T17:42:54.422+0100"
2024-03-27T17:42:54.543+0100 [DEBUG] provider.terraform-provider-aws_v5.42.0_x5: HTTP Request Sent: http.flavor=1.1 http.method=POST http.url=https://kms.eu-central-1.amazonaws.com/ tf_rpc=ReadDataSource http.user_agent="APN/1.0 HashiCorp/1.0 Terraform/1.7.5 (+https://www.terraform.io) terraform-provider-aws/5.42.0 (+https://registry.terraform.io/providers/hashicorp/aws) aws-sdk-go/1.51.4 (go1.21.8; darwin; arm64)" net.peer.name=kms.eu-central-1.amazonaws.com tf_mux_provider="*schema.GRPCProviderServer" http.request.header.content_type=application/x-amz-json-1.1 http.request.header.x_amz_target=TrentService.DescribeKey http.request_content_length=36 @caller=github.com/hashicorp/aws-sdk-go-base/v2/awsv1shim/v2@v2.0.0-beta.51/logger.go:109 aws.region=eu-central-1 tf_data_source_type=aws_kms_key tf_req_id=f192440b-3d65-f583-f492-f2e2d09dec8b http.request.header.x_amz_date=20240327T164254Z
  http.request.body=
  | {"KeyId":"alias/kinesis_cloudtrail"}
   rpc.method=DescribeKey rpc.system=aws-api tf_aws.sdk=aws-sdk-go @module=aws http.request.header.authorization="AWS4-HMAC-SHA256 Credential=ASIA************OCHY/20240327/eu-central-1/kms/aws4_request, SignedHeaders=content-length;content-type;host;x-amz-date;x-amz-security-token;x-amz-target, Signature=*****" rpc.service=KMS http.request.header.x_amz_security_token="*****" tf_provider_addr=registry.terraform.io/hashicorp/aws timestamp="2024-03-27T17:42:54.543+0100"
2024-03-27T17:42:54.800+0100 [DEBUG] provider.terraform-provider-aws_v5.42.0_x5: HTTP Request Sent: http.user_agent="APN/1.0 HashiCorp/1.0 Terraform/1.7.5 (+https://www.terraform.io) terraform-provider-aws/5.42.0 (+https://registry.terraform.io/providers/hashicorp/aws) aws-sdk-go/1.51.4 (go1.21.8; darwin; arm64)"
  http.request.body=
  | {"KeyId":"alias/kinesis_cloudtrail"}
   http.request.header.content_type=application/x-amz-json-1.1 http.request.header.x_amz_date=20240327T164254Z rpc.service=KMS tf_data_source_type=aws_kms_key aws.region=eu-central-1 tf_aws.sdk=aws-sdk-go tf_req_id=f192440b-3d65-f583-f492-f2e2d09dec8b tf_rpc=ReadDataSource http.method=POST http.request.header.authorization="AWS4-HMAC-SHA256 Credential=ASIA************OCHY/20240327/eu-central-1/kms/aws4_request, SignedHeaders=content-length;content-type;host;x-amz-date;x-amz-security-token;x-amz-target, Signature=*****" http.flavor=1.1 @module=aws http.request.header.x_amz_security_token="*****" http.request.header.x_amz_target=TrentService.DescribeKey http.url=https://kms.eu-central-1.amazonaws.com/ net.peer.name=kms.eu-central-1.amazonaws.com rpc.method=DescribeKey @caller=github.com/hashicorp/aws-sdk-go-base/v2/awsv1shim/v2@v2.0.0-beta.51/logger.go:109 rpc.system=aws-api tf_mux_provider="*schema.GRPCProviderServer" tf_provider_addr=registry.terraform.io/hashicorp/aws http.request_content_length=36 timestamp="2024-03-27T17:42:54.799+0100"
2024-03-27T17:42:55.306+0100 [DEBUG] provider.terraform-provider-aws_v5.42.0_x5: HTTP Request Sent: tf_aws.sdk=aws-sdk-go http.request.header.authorization="AWS4-HMAC-SHA256 Credential=ASIA************OCHY/20240327/eu-central-1/kms/aws4_request, SignedHeaders=content-length;content-type;host;x-amz-date;x-amz-security-token;x-amz-target, Signature=*****" http.request_content_length=36 tf_req_id=f192440b-3d65-f583-f492-f2e2d09dec8b http.request.header.x_amz_security_token="*****" @module=aws http.flavor=1.1 http.request.header.content_type=application/x-amz-json-1.1 http.request.header.x_amz_target=TrentService.DescribeKey rpc.method=DescribeKey tf_data_source_type=aws_kms_key tf_mux_provider="*schema.GRPCProviderServer" tf_provider_addr=registry.terraform.io/hashicorp/aws aws.region=eu-central-1 http.url=https://kms.eu-central-1.amazonaws.com/ tf_rpc=ReadDataSource
  http.request.body=
  | {"KeyId":"alias/kinesis_cloudtrail"}
   @caller=github.com/hashicorp/aws-sdk-go-base/v2/awsv1shim/v2@v2.0.0-beta.51/logger.go:109 rpc.system=aws-api http.request.header.x_amz_date=20240327T164255Z http.user_agent="APN/1.0 HashiCorp/1.0 Terraform/1.7.5 (+https://www.terraform.io) terraform-provider-aws/5.42.0 (+https://registry.terraform.io/providers/hashicorp/aws) aws-sdk-go/1.51.4 (go1.21.8; darwin; arm64)" net.peer.name=kms.eu-central-1.amazonaws.com rpc.service=KMS http.method=POST timestamp="2024-03-27T17:42:55.305+0100"
2024-03-27T17:42:56.165+0100 [DEBUG] provider.terraform-provider-aws_v5.42.0_x5: HTTP Request Sent: aws.region=eu-central-1 http.request.header.x_amz_security_token="*****" http.request_content_length=36
  http.request.body=
  | {"KeyId":"alias/kinesis_cloudtrail"}
   http.request.header.x_amz_target=TrentService.DescribeKey http.url=https://kms.eu-central-1.amazonaws.com/ tf_req_id=f192440b-3d65-f583-f492-f2e2d09dec8b @module=aws net.peer.name=kms.eu-central-1.amazonaws.com rpc.method=DescribeKey tf_mux_provider="*schema.GRPCProviderServer" http.flavor=1.1 http.request.header.content_type=application/x-amz-json-1.1 tf_rpc=ReadDataSource @caller=github.com/hashicorp/aws-sdk-go-base/v2/awsv1shim/v2@v2.0.0-beta.51/logger.go:109 http.request.header.authorization="AWS4-HMAC-SHA256 Credential=ASIA************OCHY/20240327/eu-central-1/kms/aws4_request, SignedHeaders=content-length;content-type;host;x-amz-date;x-amz-security-token;x-amz-target, Signature=*****" http.user_agent="APN/1.0 HashiCorp/1.0 Terraform/1.7.5 (+https://www.terraform.io) terraform-provider-aws/5.42.0 (+https://registry.terraform.io/providers/hashicorp/aws) aws-sdk-go/1.51.4 (go1.21.8; darwin; arm64)" rpc.service=KMS tf_aws.sdk=aws-sdk-go tf_data_source_type=aws_kms_key http.method=POST http.request.header.x_amz_date=20240327T164256Z rpc.system=aws-api tf_provider_addr=registry.terraform.io/hashicorp/aws timestamp="2024-03-27T17:42:56.165+0100"
2024-03-27T17:42:58.071+0100 [DEBUG] provider.terraform-provider-aws_v5.42.0_x5: HTTP Request Sent: aws.region=eu-central-1 http.request.header.authorization="AWS4-HMAC-SHA256 Credential=ASIA************OCHY/20240327/eu-central-1/kms/aws4_request, SignedHeaders=content-length;content-type;host;x-amz-date;x-amz-security-token;x-amz-target, Signature=*****" net.peer.name=kms.eu-central-1.amazonaws.com rpc.service=KMS tf_rpc=ReadDataSource http.method=POST http.request.header.x_amz_security_token="*****" tf_aws.sdk=aws-sdk-go
  http.request.body=
  | {"KeyId":"alias/kinesis_cloudtrail"}
   rpc.system=aws-api @caller=github.com/hashicorp/aws-sdk-go-base/v2/awsv1shim/v2@v2.0.0-beta.51/logger.go:109 http.request.header.content_type=application/x-amz-json-1.1 http.url=https://kms.eu-central-1.amazonaws.com/ rpc.method=DescribeKey tf_provider_addr=registry.terraform.io/hashicorp/aws http.request.header.x_amz_target=TrentService.DescribeKey http.request_content_length=36 tf_data_source_type=aws_kms_key tf_mux_provider="*schema.GRPCProviderServer" @module=aws http.user_agent="APN/1.0 HashiCorp/1.0 Terraform/1.7.5 (+https://www.terraform.io) terraform-provider-aws/5.42.0 (+https://registry.terraform.io/providers/hashicorp/aws) aws-sdk-go/1.51.4 (go1.21.8; darwin; arm64)" tf_req_id=f192440b-3d65-f583-f492-f2e2d09dec8b http.flavor=1.1 http.request.header.x_amz_date=20240327T164258Z timestamp="2024-03-27T17:42:58.071+0100"
2024-03-27T17:43:01.140+0100 [DEBUG] provider.terraform-provider-aws_v5.42.0_x5: HTTP Request Sent: http.user_agent="APN/1.0 HashiCorp/1.0 Terraform/1.7.5 (+https://www.terraform.io) terraform-provider-aws/5.42.0 (+https://registry.terraform.io/providers/hashicorp/aws) aws-sdk-go/1.51.4 (go1.21.8; darwin; arm64)" tf_data_source_type=aws_kms_key tf_req_id=f192440b-3d65-f583-f492-f2e2d09dec8b http.url=https://kms.eu-central-1.amazonaws.com/ http.request.header.x_amz_security_token="*****" http.request.header.content_type=application/x-amz-json-1.1 rpc.system=aws-api tf_provider_addr=registry.terraform.io/hashicorp/aws
  http.request.body=
  | {"KeyId":"alias/kinesis_cloudtrail"}
   http.flavor=1.1 http.request.header.x_amz_date=20240327T164301Z rpc.service=KMS http.method=POST @module=aws http.request.header.x_amz_target=TrentService.DescribeKey http.request_content_length=36 net.peer.name=kms.eu-central-1.amazonaws.com tf_rpc=ReadDataSource aws.region=eu-central-1 http.request.header.authorization="AWS4-HMAC-SHA256 Credential=ASIA************OCHY/20240327/eu-central-1/kms/aws4_request, SignedHeaders=content-length;content-type;host;x-amz-date;x-amz-security-token;x-amz-target, Signature=*****" rpc.method=DescribeKey tf_aws.sdk=aws-sdk-go tf_mux_provider="*schema.GRPCProviderServer" @caller=github.com/hashicorp/aws-sdk-go-base/v2/awsv1shim/v2@v2.0.0-beta.51/logger.go:109 timestamp="2024-03-27T17:43:01.140+0100"
data.aws_kms_key.kinesis_kms_key: Still reading... [10s elapsed]

Panic Output

No response

Important Factoids

On logs we can clearly see the following

• A successful authentication using the default profile (the one that use an endpoint_url)

  
  2024-03-27T17:42:51.437+0100 [DEBUG] backend-s3.aws-base: HTTP Request Sent: aws.region=eu-central-1 rpc.method=GetCallerIdentity rpc.service=STS rpc.system=aws-api tf_aws.sdk=aws-sdk-go-v2 tf_aws.signing_region="" tf_backend.operation=Configure tf_backend.req_id=d6655cd8-127d-f32b-6922-1b6e014c2894 tf_backend.s3.bucket=terraform-master tf_backend.s3.path=test2 http.request.header.amz_sdk_request="attempt=1; max=5" http.request.header.amz_sdk_invocation_id=c593455f-14e5-4ba6-a584-cf6dfa093367
  http.request.body=
  | Action=GetCallerIdentity&Version=2011-06-15
  net.peer.name=127.0.0.1 http.request.header.authorization="AWS4-HMAC-SHA256 Credential=124fb9d8-4ef0-4c95-a95b-73989a9c43fb/20240327/eu-central-1/sts/aws4_request, SignedHeaders=amz-sdk-invocation-id;amz-sdk-request;content-length;content-type;host;x-amz-date, Signature=*****" net.peer.port=64483 http.user_agent="APN/1.0 HashiCorp/1.0 Terraform/1.7.5 (+https://www.terraform.io) aws-sdk-go-v2/1.25.3 os/macos lang/go#1.21.8 md/GOOS#darwin md/GOARCH#arm64 api/sts#1.28.4" http.request_content_length=43 http.request.header.x_amz_date=20240327T164251Z http.request.header.content_type=application/x-www-form-urlencoded http.method=POST http.url=https://127.0.0.1:64483/

2024-03-27T17:42:52.224+0100 [DEBUG] backend-s3.aws-base: HTTP Response Received: aws.region=eu-central-1 rpc.method=GetCallerIdentity rpc.service=STS rpc.system=aws-api tf_aws.sdk=aws-sdk-go-v2 tf_aws.signing_region="" tf_backend.operation=Configure tf_backend.req_id=d6655cd8-127d-f32b-6922-1b6e014c2894 tf_backend.s3.bucket=terraform-master tf_backend.s3.path=test2 http.response.header.content_type=text/xml http.response.header.date="Wed, 27 Mar 2024 16:42:51 GMT" http.response.body= | | | Arn>arn:aws:sts::012345678901:assumed-role/teleport-aws-master-superadministrator/othmane.elmassari@xyz.com</Arn | UserId>AROA*************NQQG:othmane.elmassari@xyz.com</UserId | 012345678901 | | | d60a1891-1f34-4d70-b106-3df5749d6f8f | | http.duration=786 http.status_code=200 http.response_content_length=505 http.response.header.x_amzn_requestid=d60a1891-1f34-4d70-b106-3df5749d6f8f

- A successful authentication using the security-aws-global profile (the one that doesn't have the custom endpoint_url)

2024-03-27T17:42:53.987+0100 [DEBUG] provider.terraform-provider-aws_v5.42.0_x5: HTTP Request Sent: http.method=POST http.request.header.x_amz_date=20240327T164253Z tf_req_id=69bb6d5b-40ed-223f-bc98-c23a0e0fcbbc net.peer.name=sts.eu-central-1.amazonaws.com tf_mux_provider="*schema.GRPCProviderServer" tf_aws.signing_region="" http.request.header.amz_sdk_invocation_id=a296b1e9-7ca3-4c67-91f7-991f81e5e722 http.request.header.authorization="AWS4-HMAC-SHA256 Credential=ASIA****OCHY/20240327/eu-central-1/sts/aws4_request, SignedHeaders=amz-sdk-invocation-id;amz-sdk-request;content-length;content-type;host;x-amz-date;x-amz-security-token, Signature=" http.request.header.x_amz_security_token="" tf_rpc=ConfigureProvider @module=aws.aws-base aws.region=eu-central-1 rpc.service=STS tf_provider_addr=registry.terraform.io/hashicorp/aws @caller=github.com/hashicorp/aws-sdk-go-base/v2@v2.0.0-beta.50/logging/tf_logger.go:47 http.user_agent="APN/1.0 HashiCorp/1.0 Terraform/1.7.5 (+https://www.terraform.io) terraform-provider-aws/5.42.0 (+https://registry.terraform.io/providers/hashicorp/aws) aws-sdk-go-v2/1.26.0 os/macos lang/go#1.21.8 md/GOOS#darwin md/GOARCH#arm64 api/sts#1.28.5" rpc.method=GetCallerIdentity tf_aws.sdk=aws-sdk-go-v2 http.request.body= | Action=GetCallerIdentity&Version=2011-06-15 http.request.header.amz_sdk_request="attempt=1; max=25" http.request.header.content_type=application/x-www-form-urlencoded http.request_content_length=43 http.url=https://sts.eu-central-1.amazonaws.com/ rpc.system=aws-api timestamp="2024-03-27T17:42:53.987+0100" 2024-03-27T17:42:54.244+0100 [DEBUG] provider.terraform-provider-aws_v5.42.0_x5: HTTP Response Received: http.response.body= | | | Arn>arn:aws:sts::99999999999:assumed-role/AWSReservedSSO_SecurityAdministrator_2851005d414a8f55/othmane.elmassari@xyz.com</Arn | UserId>AROA*************HVLF:othmane.elmassari@xyz.com</UserId | 99999999999 | | | da10abfd-eb9b-4bbc-8084-e7b3a1a1be0e | | http.response.header.date="Wed, 27 Mar 2024 16:42:54 GMT" http.response.header.x_amzn_requestid=da10abfd-eb9b-4bbc-8084-e7b3a1a1be0e http.response_content_length=520 http.status_code=200 rpc.method=GetCallerIdentity tf_aws.sdk=aws-sdk-go-v2 rpc.service=STS rpc.system=aws-api tf_provider_addr=registry.terraform.io/hashicorp/aws tf_req_id=69bb6d5b-40ed-223f-bc98-c23a0e0fcbbc tf_rpc=ConfigureProvider http.duration=256 aws.region=eu-central-1 tf_aws.signing_region="" @module=aws.aws-base http.response.header.content_type=text/xml tf_mux_provider="*schema.GRPCProviderServer" @caller=github.com/hashicorp/aws-sdk-go-base/v2@v2.0.0-beta.50/logging/tf_logger.go:47 timestamp="2024-03-27T17:42:54.243+0100"

- A non ending loop trying to Describe the KMS key to return the datasource, using the security-aws-global, we can see that there's only the request but any response get back

2024-03-27T17:42:54.254+0100 [DEBUG] provider.terraform-provider-aws_v5.42.0_x5: HTTP Request Sent: @caller=github.com/hashicorp/aws-sdk-go-base/v2/awsv1shim/v2@v2.0.0-beta.51/logger.go:109 http.request.header.authorization="AWS4-HMAC-SHA256 Credential=ASIA****OCHY/20240327/eu-central-1/kms/aws4_request, SignedHeaders=content-length;content-type;host;x-amz-date;x-amz-security-token;x-amz-target, Signature=" net.peer.name=kms.eu-central-1.amazonaws.com http.request.header.x_amz_target=TrentService.DescribeKey http.flavor=1.1 http.request.header.content_type=application/x-amz-json-1.1 rpc.method=DescribeKey tf_rpc=ReadDataSource @module=aws http.method=POST rpc.system=aws-api tf_mux_provider="schema.GRPCProviderServer" tf_provider_addr=registry.terraform.io/hashicorp/aws aws.region=eu-central-1 http.url=https://kms.eu-central-1.amazonaws.com/ http.request.header.x_amz_date=20240327T164254Z http.request.header.x_amz_security_token="" http.user_agent="APN/1.0 HashiCorp/1.0 Terraform/1.7.5 (+https://www.terraform.io) terraform-provider-aws/5.42.0 (+https://registry.terraform.io/providers/hashicorp/aws) aws-sdk-go/1.51.4 (go1.21.8; darwin; arm64)" tf_data_source_type=aws_kms_key rpc.service=KMS tf_aws.sdk=aws-sdk-go http.request.body= | {"KeyId":"alias/kinesis_cloudtrail"} http.request_content_length=36 tf_req_id=f192440b-3d65-f583-f492-f2e2d09dec8b timestamp="2024-03-27T17:42:54.254+0100" 2024-03-27T17:42:54.422+0100 [DEBUG] provider.terraform-provider-aws_v5.42.0_x5: HTTP Request Sent: tf_provider_addr=registry.terraform.io/hashicorp/aws tf_req_id=f192440b-3d65-f583-f492-f2e2d09dec8b aws.region=eu-central-1 http.flavor=1.1 http.request_content_length=36 net.peer.name=kms.eu-central-1.amazonaws.com tf_mux_provider="schema.GRPCProviderServer" @caller=github.com/hashicorp/aws-sdk-go-base/v2/awsv1shim/v2@v2.0.0-beta.51/logger.go:109 http.request.header.authorization="AWS4-HMAC-SHA256 Credential=ASIA****OCHY/20240327/eu-central-1/kms/aws4_request, SignedHeaders=content-length;content-type;host;x-amz-date;x-amz-security-token;x-amz-target, Signature=" http.request.header.x_amz_security_token="" http.url=https://kms.eu-central-1.amazonaws.com/ http.user_agent="APN/1.0 HashiCorp/1.0 Terraform/1.7.5 (+https://www.terraform.io) terraform-provider-aws/5.42.0 (+https://registry.terraform.io/providers/hashicorp/aws) aws-sdk-go/1.51.4 (go1.21.8; darwin; arm64)" tf_data_source_type=aws_kms_key http.method=POST http.request.header.x_amz_date=20240327T164254Z http.request.header.x_amz_target=TrentService.DescribeKey rpc.service=KMS http.request.body= | {"KeyId":"alias/kinesis_cloudtrail"} http.request.header.content_type=application/x-amz-json-1.1 rpc.system=aws-api @module=aws tf_aws.sdk=aws-sdk-go tf_rpc=ReadDataSource rpc.method=DescribeKey timestamp="2024-03-27T17:42:54.422+0100" 2024-03-27T17:42:54.543+0100 [DEBUG] provider.terraform-provider-aws_v5.42.0_x5: HTTP Request Sent: http.flavor=1.1 http.method=POST http.url=https://kms.eu-central-1.amazonaws.com/ tf_rpc=ReadDataSource http.user_agent="APN/1.0 HashiCorp/1.0 Terraform/1.7.5 (+https://www.terraform.io) terraform-provider-aws/5.42.0 (+https://registry.terraform.io/providers/hashicorp/aws) aws-sdk-go/1.51.4 (go1.21.8; darwin; arm64)" net.peer.name=kms.eu-central-1.amazonaws.com tf_mux_provider="*schema.GRPCProviderServer" http.request.header.content_type=application/x-amz-json-1.1 http.request.header.x_amz_target=TrentService.DescribeKey http.request_content_length=36 @caller=github.com/hashicorp/aws-sdk-go-base/v2/awsv1shim/v2@v2.0.0-beta.51/logger.go:109 aws.region=eu-central-1 tf_data_source_type=aws_kms_key tf_req_id=f192440b-3d65-f583-f492-f2e2d09dec8b http.request.header.x_amz_date=20240327T164254Z http.request.body= | {"KeyId":"alias/kinesis_cloudtrail"} rpc.method=DescribeKey rpc.system=aws-api tf_aws.sdk=aws-sdk-go @module=aws http.request.header.authorization="AWS4-HMAC-SHA256 Credential=ASIA****OCHY/20240327/eu-central-1/kms/aws4_request, SignedHeaders=content-length;content-type;host;x-amz-date;x-amz-security-token;x-amz-target, Signature=" rpc.service=KMS http.request.header.x_amz_security_token="" tf_provider_addr=registry.terraform.io/hashicorp/aws timestamp="2024-03-27T17:42:54.543+0100"

I can also mention that using two provider/profiles with different custom endpoint_url for both works, the issue is only where there's one provider that have an endpoint_url and the other not.

### References

_No response_

### Would you like to implement a fix?

None

[github-actions[bot]]

Community Note

Voting for Prioritization

• Please vote on this issue by adding a 👍 reaction to the original post to help the community and maintainers prioritize this request.
• Please see our prioritization guide for information on how we prioritize.
• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request.

Volunteering to Work on This Issue

• If you are interested in working on this issue, please leave a comment.
• If this would be your first contribution, please review the contribution guide.