idealo / terraform-provider-controltower

Use AWS Control Tower from Terraform
https://registry.terraform.io/providers/idealo/controltower
Mozilla Public License 2.0
21 stars 10 forks source link

Provider Permission Error with new AWS SSO Setup #211

Open Phylu opened 6 months ago

Phylu commented 6 months ago

Hi there,

after switching the AWS SSO setup to the new session based configuration, the provider does not work anymore.

Terraform Version

Terraform v1.8.3 on darwin_amd64

Affected Resource(s)

Terraform Configuration Files

provider "controltower" {
  region = "eu-central-1"
}

AWS Configuration

[sso-session session]
sso_start_url = https://[REDACTED].awsapps.com/start#/
sso_region = eu-central-1
sso_registration_scopes = sso:account:access
[default]
sso_session = session
sso_account_id = [REDACTED]
sso_role_name = [REDACTED]
region = eu-central-1

Expected Behavior

The resource is planned and can be applied

Actual Behavior

│ Error: error configuring Terraform ControlTower Provider: Error creating AWS session: profile "default" is configured to use SSO but is missing required configuration: sso_region, sso_start_url

Steps to Reproduce

  1. terraform plan

Important Factoids

I assume that this could be solved by updating the aws-sdk-go to v2: https://aws.github.io/aws-sdk-go-v2/docs/migrating/

Phylu commented 5 months ago

@sjvaiz @sneben @theurichde Sorry to bother you. Is there any chance that this will be picked up, or is your provider outdated/deprecated and won't be further maintained?