-
Notifications
You must be signed in to change notification settings - Fork 9.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
aws_elasticsearch_domain failed with ValidationException: Authentication error status code: 400 #7725
Comments
Note that on July 6th and July 17th our CI had 2 instances of a similar error but with a different error:
|
Has this error been resolved ? I hit the same error today. Anything I can do to get more data ? |
@RohanKurane we are hitting this issue on a regular but not predictable manner. I am currently trying a test in our environment and will submit it later this week if tests are successful. |
One new case occurred today:
|
New case occurred overnight:
|
I also got this one today severeal times, but i didnt get any reason why. I only got |
I experienced the same issue today, after creating an ES cluster from the console I was able to run my TF script with no issue... Here is the code I use to create the cluster resource "aws_elasticsearch_domain" "es" {
domain_name = var.domain_name
elasticsearch_version = "7.1"
node_to_node_encryption {
enabled = true
}
# encrypt_at_rest {
# enabled = true
# }
cluster_config {
instance_type = var.cluster_instance_type
# dedicated_master_count = 3
# dedicated_master_enabled = true
# dedicated_master_type = var.cluster_instance_type
# instance_count = "4"
instance_count = "2"
zone_awareness_enabled = true
}
ebs_options {
ebs_enabled = true
# volume_type = "io1"
volume_type = "gp2"
volume_size = 10
# iops = 300
}
vpc_options {
subnet_ids = list(data.aws_subnet.private_a.id, data.aws_subnet.private_b.id)
security_group_ids = list(aws_security_group.default.id)
}
access_policies = <<CONFIG
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"AWS": [
"*"
]
},
"Action": [
"es:*"
],
"Resource": "arn:aws:es:${data.aws_region.current.name}:${data.aws_caller_identity.current.account_id}:domain/${var.domain_name}/*"
}
]
}
CONFIG
snapshot_options {
automated_snapshot_start_hour = var.cluster_automated_snapshot_start_hour
}
tags = {
Domain = var.domain_name
}
} |
@UrosCvijan on my side as I am using Terraform 0.11.14 I do not think it is related to terraform version but the AWS provider @panilo yesterday, I migrated to 2.45.0 and it seems like the error is becoming more frequent and less "specific" as I also only get the same "truncated" message @UrosCvijan is describing above Please also note that some weeks ago, I had written a reduced test scenario looping over creation and deletion of my ES log domain but strangely enough it never failed |
@UrosCvijan @panilo after looking more closely at the AWS provider code history and doing more debug on this, seems like the new empty message returned with error code |
I have been successfully testing a patch. You can find the corresponding code here |
I've just submitted PR #11663 for that matter. Acceptance tests successfully passed in my working zone |
In Terraform AWS Provider version 2.45.0, an upstream change in the AWS Go SDK introduced a regression where the error messaging of certain error types is no longer returned by the SDK. Created the following provider-wide tracking issue (#11682) and AWS Go SDK issue (aws/aws-sdk-go#3088) for those missing error messages. |
Additional error messages for retry on If there are still issues on creation after the version 2.47.0 release, e.g. where retrying logic is appropriate but not working as expected, please file a new GitHub issue and we'll take a fresh look. |
@bflad many thanks for integrating this |
This has been released in version 2.47.0 of the Terraform AWS provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading. For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template for triage. Thanks! |
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thanks! |
Community Note
Terraform Version
Affected Resource(s)
Terraform Configuration Files
Debug Output
This is a one time issue and we don't have debug outputs
Error Output
Expected Behavior
No error
Actual Behavior
Steps to Reproduce
random
Important Factoids
Usually works well
References
The text was updated successfully, but these errors were encountered: