Open jarrettj opened 5 years ago
Hi @jarrettj , thanks for reporting the issue. It seems the error happed because 0.0.1 was designed for Terraform 0.11 or lower.
I've pushed a new version(0.1.1) which upgraded codebase to Terraform 0.12+, could you try again?
Cool, I tried the updated version, new error:
Error: "name" must match [\w+=,.@-]
on .terraform/modules/vpc.secure-vpc/nozaq-terraform-aws-secure-vpc-485afb2/flow_log.tf line 50, in resource "aws_iam_role" "flow_logs_publisher":
50: resource "aws_iam_role" "flow_logs_publisher" {
Hi @jarrettj,
The error indicates the IAM role name contains invalid characters(something doesn't match [\w+=,.@-]
). It is defined here using flow_logs_iam_role_name
variable passed to secure-vpc
module.
Could you check the value you set to flow_logs_iam_role_name
?
Thanks, I read the description wrong, thought it required an arn. Added a name and it has progressed to the following:
Error: Creating CloudWatch Log Group failed: AccessDeniedException: The specified KMS key does not exist or is not allowed to be used with LogGroup 'arn:aws:logs:eu-west-1:579906027743:log-group:vpc_deepracer_flow_logs'
status code: 400, request id: 7ce485af-b4e5-48fb-8090-09f4cfff80d9 'vpc_deepracer_flow_logs'
on .terraform/modules/vpc.secure-vpc/nozaq-terraform-aws-secure-vpc-485afb2/flow_log.tf line 43, in resource "aws_cloudwatch_log_group" "flow_logs":
43: resource "aws_cloudwatch_log_group" "flow_logs" {
Error: Error creating route: MissingParameter: The request must contain exactly one of gatewayId, natGatewayId, networkInterfaceId, vpcPeeringConnectionId, egressOnlyInternetGatewayId, transitGatewayId or instanceId
status code: 400, request id: 3338b2cb-083d-4cbd-80cd-bfb3ba8ba759
on .terraform/modules/vpc.secure-vpc/nozaq-terraform-aws-secure-vpc-485afb2/private.tf line 5, in resource "aws_route_table" "private":
5: resource "aws_route_table" "private" {
@jarrettj I'm not sure why the first error occurred though, it might be the case that the KMS key creation was still in progress when the log group was being created. Could you try again and see if the same error still happens?
Second one said you need to specify nat_subnet_cidr_blocks
variable, otherwise your instances in private subnets can not connect outside this VPC.
Hi,
Good day.
Not sure if I should create resources before this?
This is my code:
Error:
Thanks for the help thus far.
Regards.