search

hashicorp / terraform-provider-aws

The AWS Provider enables Terraform to manage AWS resources.
https://registry.terraform.io/providers/hashicorp/aws
Mozilla Public License 2.0
9.87k stars 9.21k forks source link

ResourceId maxLength error when creating route53 alias on aws_vpc_endpoint dns_name #7557

Closed jonathancolby-olx closed 5 years ago

jonathancolby-olx commented 5 years ago

Community Note

Terraform Version

Terraform v0.11.10
+ provider.archive v1.0.3
+ provider.aws v1.33.0
+ provider.datadog v1.2.0
+ provider.external v1.0.0
+ provider.local v1.1.0
+ provider.null v1.0.0
+ provider.random v1.3.1
+ provider.template v1.0.0

Affected Resource(s)

Terraform Configuration Files


resource "aws_vpc_endpoint" "my_service_endpoint" {
  vpc_id            = "${var.vpc.vpc_id}"
  service_name      = "${var.vpc_endpoint_service_name}"
  vpc_endpoint_type = "Interface"

  security_group_ids = [
    "${aws_security_group.my_sg.id}",
  ]

  subnet_ids          = ["${var.private_subnet_ids}"]
  private_dns_enabled = false                          
}

resource "aws_route53_record" "wtf" {
  zone_id = "${aws_route53_zone.private.zone_id}"
  name    =  "service.${aws_route53_zone.private.zone_id}"
  type    = "A"

  alias {
    name                   = "${lookup(aws_vpc_endpoint.my_service_endpoint.dns_entry[0], "hosted_zone_id")}"
    zone_id                = "${lookup(aws_vpc_endpoint.my_service_endpoint.dns_entry[0], "dns_name")}"
    evaluate_target_health = false
  }
}

Actual Behavior

1 error(s) occurred:

* aws_route53_record.wtf: 1 error(s) occurred:

* aws_route53_record.wtf: [ERR]: Error building changeset: InvalidInput: Invalid XML ; cvc-maxLength-valid: Value 'vpce-redacted-for-security-reasons.vpce-svc-redacted-for-security.eu-west-1.vpce.amazonaws.com' with length = '87' is not facet-valid with respect to maxLength '32' for type 'ResourceId'.
        status code: 400, request id: d3f55245-3069-11e9-8158-390c8ebace69

Terraform does not automatically rollback in the face of errors.
Instead, your Terraform state file has been partially updated with
any resources that successfully completed. Please address the error
above and apply again to incrementally change your infrastructure.
bflad commented 5 years ago

Hi @jonathancolby-olx 👋Sorry you ran into trouble here.

Looking at your configuration above, it appears the aws_route53_record alias name and zone_id arguments are swapped:

    name                   = "${lookup(aws_vpc_endpoint.my_service_endpoint.dns_entry[0], "hosted_zone_id")}"
    zone_id                = "${lookup(aws_vpc_endpoint.my_service_endpoint.dns_entry[0], "dns_name")}"

Switching them so they align should correct the error you're seeing:

    name                   = "${lookup(aws_vpc_endpoint.my_service_endpoint.dns_entry[0], "dns_name")}"
    zone_id                = "${lookup(aws_vpc_endpoint.my_service_endpoint.dns_entry[0], "hosted_zone_id")}"

That said, the Terraform resource here could provide a slightly better message here before calling the Route53 API if we implemented length validation for both of those attributes. For example:

        Error applying: 1 error occurred:
            * aws_route53_record.test: expected length of alias.0.zone_id to be in the range (1 - 32), got vpce-0ed0dbc5b2e181289-kr42z80r.vpce-svc-04a7ad6c6da00d525.us-west-2.vpce.amazonaws.com

I have submitted the above validation as a pull request: #7606

Hope this helps!

bflad commented 5 years ago

Validation has been merged and will release with version 1.60.0 of the Terraform AWS Provider, likely later today.

bflad commented 5 years ago

This has been released in version 1.60.0 of the AWS provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading.

ghost commented 4 years ago

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thanks!