I've recently started using Terraform and I love it. However in migrating an application to use terraform I have encountered an AWS service that doesn't appear to be implemented using terraforms aws provider.
What does one do in such a situation? Is there a way i can hack this in to my terraform code to call this api?
https://docs.aws.amazon.com/ses/latest/APIReference/API_CreateCustomVerificationEmailTemplate.html
I'm using the latest aws provider.
terraform {
required_providers {
aws = {
source = "hashicorp/aws"
version = "4.5.0"
}
}
}
The only possibility I could imagine is to run using local-exec and call the missing API manually.
E.g. you can use null_resource (https://www.terraform.io/language/resources/provisioners/null_resource) and execute a bash script or aws cli directly.
Like mentioned before, search https://github.com/hashicorp/terraform-provider-aws/issues for your issue, vote for it or create a new feature request.
Related
As par hashicorp hashicorp aws provider, rotation_lambda_arn is a required field.
However, AWS UI shows the option to which creates a rotator lambda on your behalf and uses it. I don't see any such option in the terraform provider. Am I missing anything? Is this a missing feature or bug in the terraform provider?
I am trying to avoid creating a lambda by myself or using terraform here and I am wondering why does the provider doesn't have option corresponding to "Create a rotation function"?
As far as I can tell, terraform doesn't have any support for Sagemaker Ground Truth. However AWS CLI does support it.
I don't want to create a whole new provider as a plugin, especially as this falls under aws.
How do I create my own resource within the existing aws provider?
You have a couple options here (and in general, when something isn't supported by the Terraform AWS provider).
If the resource in question is supported by CloudFormation, you can use the aws_cloudformation_stack Terraform resource to create a custom CloudFormation stack that creates and tracks the state of the resource. Here's the CloudFormation documentation for SageMaker; see if you can find the resource you want in there anywhere.
If it's only supported by the CLI (not by CloudFormation), you can use the CLI in your Terraform configuration. This is the module I like to use for doing CLI work in Terraform. The downside is that you must have the AWS CLI installed on whatever machine you're doing the terraform apply on.
I am trying to install Grafana with TimescaleDB using Terraform. Everything with TimescaleDB worked flawlessly, however the Grafana block seems to be completely ignored by Terraform. This is the code I am using to enable Grafana:
provider "grafana" {
url = "http://localhost:3000/"
auth = "test:test"
}
I am on Terraform 0.13.4 and my required_providers block includes Grafana:
grafana = {
source = "grafana/grafana"
}
Unlike when I install Grafana through the console, no grafana files are created, grafana-cli is not installed, and I get errors trying to use grafana with subsequent resource blocks in Terraform so it seems to me that the only issue is with Terraform, and it is just choosing not to install Grafana at all.
What is going on here? I am pretty new to Terraform so it could be that I am missing something obvious...
I am using terraform(terraform) and localstack(localstack) and trying to create a aws_cloudwatch_event_rule. I get an error:
Error: Updating CloudWatch Event Rule failed: UnrecognizedClientException: The security token included in the request is invalid.
status code: 400, request id: 2d0671b9-cb55-4872-8e8c-82e26f4336cb
Im not sure why im getting this error because this works to create the resource in AWS but not on localstack 🤷♂️. Does anybody have any suggestions as to how to fix this? Thanks.
Its a large terraform project so I cant share all the code. This is the relevant section.
resource "aws_cloudwatch_event_rule" "trigger" {
name = "trigger-event"
description = "STUFF"
schedule_expression = "cron(0 */1 * * ? *)"
}
resource "aws_cloudwatch_event_target" "trigger_target" {
rule = "${aws_cloudwatch_event_rule.trigger.name}"
arn = "${trigger.arn}"
}
I realize this is an old question, but I just ran into this problem. I wanted to share what resolved it for me, in case it helps others who end up here. This works for me with terraform 0.12 (should work for 0.13 as well) and AWS provider 3.x.
When you get the The security token included in the request is invalid error, it usually means terraform attempted to perform the operation against real AWS rather than localstack.
The following should resolve the issue with creating CloudWatch Event rules.
Make sure you're running the events service in localstack. It's this service, and not cloudwatch, that provides the CloudWatch Events interface. E.g. if you're running localstack from the command line:
SERVICES=cloudwatch,events localstack start
Make sure the AWS provider in the terraform config is pointed to localstack. Like from step (1), we need to make sure to have a setting specifically for CloudWatch Events. In the AWS provider config, that's cloudwatchevents.
provider "aws" {
version = "~> 3.0"
profile = "<profile used for localstack>"
region = "<region configured for localstack>"
skip_credentials_validation = true
skip_metadata_api_check = true
skip_requesting_account_id = true
endpoints {
# Update the urls below if you've e.g. customized localstack's port
cloudwatch = "http://localhost:4566"
cloudwatchevents = "http://localhost:4566"
iam = "http://localhost:4566"
sts = "http://localhost:4566"
}
}
Now, the terraform apply should successfully run against localstack.
One more gotcha to be aware of is that localstack currently doesn't persist CloudWatch or CloudWatch Events data, even if you enable persistence. So when you kill or restart localstack, any CloudWatch Events rules will be lost.
I am working in a project that will be deployed at my client's Microsoft Azure. Thus I am currently testing terraform to assist me when the time comes.
create a azure function with terraform that will trigger on blob storage input data
My question is about how to add the azure functions's javascript/c# code into the terraform script so it will be automatically deployed ?
I checked the terraform docs, but it wasn't of much help:
https://www.terraform.io/docs/providers/azurerm/r/function_app.html
Any ideas?
Terraform doesn't handle pushing code to Azure resources, that's usually done in a following step in the pipeline (e.g. 1- execute terraform 2- deploy code).
However, the Azure Function App does have the ability to connect directly to your repo, and the Terraform azurerm_function_app module exposes the source_control property.
Terraform's azurerm_function_app documentation
So with Terraform you can configure the function app to pull the code directly from the repo when a change is detected.
Microsoft's Azure Function Continuous Deployment documentation