Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Error during apply of aws_cloudfront_distribution using aws_cloudfront_origin_access_identity #15028

Closed
wweiss opened this issue Jun 2, 2017 · 1 comment

Comments

@wweiss
Copy link

wweiss commented Jun 2, 2017

Terraform Version

0.9.6

Affected Resource(s)

  • aws_cloudfront_distribution

If this issue appears to affect multiple resources, it may be an issue with Terraform's core, so please mention this.

Terraform Configuration Files

data "aws_route53_zone" "hosted_zone" {
  name = "${var.hosted_zone_name}"
}

resource "aws_cloudfront_distribution" "distribution" {
  origin {
    domain_name = "${var.bucket_domain_name}"
    origin_id   = "S3-${var.bucket_name}"

    s3_origin_config {
      origin_access_identity = "${var.origin_access_identity == "" ? "" : "origin-access-identity/cloudfront/${var.origin_access_identity}"}"
    }
  }

  enabled             = true
  is_ipv6_enabled     = true
  comment             = "Distribution for ${var.bucket_name} S3 Bucket."
  default_root_object = "${var.default_object}"

  aliases = ["${var.host_name}.${var.hosted_zone_name}"]

  price_class = "${var.price_class}"

  restrictions {
    geo_restriction {
      restriction_type = "none"
    }
  }

  viewer_certificate {
    cloudfront_default_certificate = false
    acm_certificate_arn            = "${module.ssl_cert.arn}"
    minimum_protocol_version       = "TLSv1"
    ssl_support_method             = "sni-only"
  }

  default_cache_behavior {
    allowed_methods  = ["GET", "HEAD"]
    cached_methods   = ["GET", "HEAD"]
    target_origin_id = "S3-${var.bucket_name}"

    forwarded_values {
      query_string            = true
      query_string_cache_keys = ["version"]

      cookies {
        forward = "none"
      }
    }

    viewer_protocol_policy = "redirect-to-https"
    min_ttl                = 0
    default_ttl            = 3600
    max_ttl                = 86400
  }

  cache_behavior {
    path_pattern     = "/data/*"
    allowed_methods  = ["GET", "HEAD", "OPTIONS"]
    cached_methods   = ["GET", "HEAD"]
    target_origin_id = "S3-${var.bucket_name}"
    trusted_signers  = ["self"]

    forwarded_values {
      query_string            = true
      query_string_cache_keys = ["version"]

      cookies {
        forward = "none"
      }
    }

    viewer_protocol_policy = "redirect-to-https"
    min_ttl                = 0
    default_ttl            = 60
    max_ttl                = 31536000
  }
}

resource "aws_route53_record" "dns_record" {
  zone_id = "${data.aws_route53_zone.hosted_zone.zone_id}"
  name    = "${var.host_name}.${var.hosted_zone_name}"
  type    = "A"

  alias {
    name                   = "${aws_cloudfront_distribution.distribution.domain_name}"
    zone_id                = "Z2FDTNDATAQYW2"
    evaluate_target_health = false
  }
}

Debug Output

https://gist.github.com/billyboingo/73982918f56eba123fd389113cff4455

Panic Output

Remain calm and carry on.

Expected Behavior

A new cloudfront distribution should have been created with restricted access to an S3 bucket via the origin access identity.

Actual Behavior

It blows up with the provided output.

Steps to Reproduce

Please list the steps required to reproduce the issue, for example:

  1. terraform apply

Important Factoids

This looks like it could be a regression of the issue referenced below...

References

Are there any other GitHub issues (open or closed) or Pull Requests that should be linked here? For example:

@wweiss wweiss changed the title Error during apply with cloudfront distribution using origin access identity Error during apply of aws_cloudfront_distribution using aws_cloudfront_origin_access_identity Jun 2, 2017
@ghost
Copy link

ghost commented Apr 9, 2020

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@ghost ghost locked and limited conversation to collaborators Apr 9, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Projects
None yet
Development

No branches or pull requests

3 participants