search

outscale / terraform-provider-outscale

Mozilla Public License 2.0
28 stars 31 forks source link

Using OOS for Terraform Backend State File #359

Open cvedia-mdsol opened 1 year ago

cvedia-mdsol commented 1 year ago

Summary

Attempting to communicate with Remote State through OOS but unable to successfully connect through use of Terraform. I've been able to connect fine using the same access and secret key as specified in my (.aws) profile; example of a successful command is included below. 

aws s3api list-buckets --profile outscale --endpoint="https://oos.us-east-2.outscale.com"

Terraform Version

Terraform v1.4.6
on windows_amd64

Terraform Configuration Files

// 'main.tf' configuration
terraform {
    backend "s3" {
        region = "us-east-2"
        endpoint = "https://oos.us-east-2.outscale.com" 
        bucket = "bucket_name"
        access_key = "my_accesskey"
        secret_key = "my_secretkey"
        key = "terraform"
    }
    required_version = ">= 0.13"
    required_providers {
        outscale = {
            source = "outscale/outscale"
            version = "0.9.1"
        }
    }
}

provider "outscale" {
    access_key_id = "my_accesskey"
    secret_key_id = "my_secretkey"
    region = "us-east-2"
}

Debug Output

TRACE log level set but no additional logging was created based was is included in the 'Actual Behavior' section.

Crash Output

No crash output generated. Error message only returned.

Expected Behavior

Expecting to see a successful connection on [init] with remote backend.

Actual Behavior

When attempting to run [terraform init] I receive the following message in response.

Error: error configuring S3 Backend: error validating provider credentials: error calling sts:GetCallerIdentity: InvalidClientTokenId: The security token included in the request is invalid.
        status code: 403, request id: 5102beb7-41d3-48f3-b480-ab6010fd2464

Steps to Reproduce

1.) Set 'main.tf' file to use a remote backend for your state file.

terraform {
    backend "s3 "{
        //config
    }
}

2.) Run command [terraform init] to validate backend configuration.

Additional Context

Besides hard-coding the values for 'access_key' and 'secret_key', tried referencing my profile which has this information included but it does not appear to pull the details. Reconfirm this since my profile configuration file also has the region included yet I am still asked to provide the region in the 'main.tf' file.

I am able to use the same profile and endpoint to connect to OOS fine through. Command line such as 'aws s3' and 'aws s3api'.

References

No reference in Github but following the configuration as specified in Terraform Registry.

https://registry.terraform.io/providers/FlexibleEngineCloud/flexibleengine/latest/docs/guides/remote-state-backend

outscale-toa commented 1 year ago

Hello @cvedia-mdsol, Thanks for reaching us, The upstream provider s3 is not fully compatible with our OOS implementation. However we have a fork of AWS with a patch terraform-oos-examples that can help you.

Best Regards

cvedia-mdsol commented 1 year ago

Hi @outscale-toa. Thank you for sharing would you be able to help clarify what process I would need to follow if I have a Windows OS so that I can make use of the (patched terraform-provider-aws module)? Saw comments about the following platform 'linux_amd64' and 'darwin_amd64'.

Also, is there a place you would recommend me to add comments to in order to request the feature of us being able to use OOS as a means of a remote state source?