aws_elb, not useful error message when a wrong SSL cert name is used

[egarbi]

Trying to create a new LB today I passed a non-existent SSL name as argument on "ssl_certificate_id".
As a result terraform returned a timeout message:

 aws_elb.apisvc: timeout while waiting for state to become '[success]' 

Would be possible improve the message given for this case?

[sharmaansh21]

There is already a check here

https://github.com/hashicorp/terraform/blob/master/builtin/providers/aws/resource_aws_elb.go#L256-L270

[vladlosev]

That check does not seem to trigger. This is what I see on 0.6.10:

2016/02/24 12:13:19 [DEBUG] terraform-provider-aws: 2016/02/24 12:13:19 [DEBUG] ELB create configuration: {
2016/02/24 12:13:19 [DEBUG] terraform-provider-aws:   Listeners: [{
2016/02/24 12:13:19 [DEBUG] terraform-provider-aws:       InstancePort: 443,
2016/02/24 12:13:19 [DEBUG] terraform-provider-aws:       InstanceProtocol: "https",
2016/02/24 12:13:19 [DEBUG] terraform-provider-aws:       LoadBalancerPort: 443,
2016/02/24 12:13:19 [DEBUG] terraform-provider-aws:       Protocol: "https",
2016/02/24 12:13:19 [DEBUG] terraform-provider-aws:       SSLCertificateId: "arn:aws:iam::<snip>:server-certificate/invalid"
2016/02/24 12:13:19 [DEBUG] terraform-provider-aws:     }],
2016/02/24 12:13:19 [DEBUG] terraform-provider-aws:   LoadBalancerName: "varnish",
2016/02/24 12:13:19 [DEBUG] terraform-provider-aws:   Scheme: "internal",
2016/02/24 12:13:19 [DEBUG] terraform-provider-aws:   SecurityGroups: ["sg-ea71c48d"],
2016/02/24 12:13:19 [DEBUG] terraform-provider-aws:   Subnets: ["subnet-b20cb1c5"]
2016/02/24 12:13:19 [DEBUG] terraform-provider-aws: }
2016/02/24 12:13:19 [DEBUG] terraform-provider-aws: 2016/02/24 12:13:19 [DEBUG] Waiting for state to become: [success]
2016/02/24 12:13:19 [DEBUG] terraform-provider-aws: 2016/02/24 12:13:19 [TRACE] Waiting 500ms before next try
2016/02/24 12:13:20 [DEBUG] terraform-provider-aws: 2016/02/24 12:13:20 [TRACE] Waiting 500ms before next try
2016/02/24 12:13:21 [DEBUG] terraform-provider-aws: 2016/02/24 12:13:21 [TRACE] Waiting 500ms before next try
2016/02/24 12:13:21 [DEBUG] terraform-provider-aws: 2016/02/24 12:13:21 [TRACE] Waiting 800ms before next try
2016/02/24 12:13:22 [DEBUG] terraform-provider-aws: 2016/02/24 12:13:22 [TRACE] Waiting 1.6s before next try

while the CloudTrail logs show the actual error:

    "eventSource": "elasticloadbalancing.amazonaws.com",
    "eventName": "CreateLoadBalancer",
    "awsRegion": "us-west-2",
    "userAgent": "aws-sdk-go/1.0.11 (go1.5.3; darwin; amd64)",
    "errorCode": "CertificateNotFoundException",
    "errorMessage": "Server Certificate not found for the key: arn:aws:iam::<snip>:server-certificate/invalid",

[catsby]

Hey Friends –

This is a retry/timeout issue we fixed in #5538 and will go out in the next release. Sorry for the trouble!

[ghost]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.