Ask questionsModule cannot find alias AWS provider in 0.12.0
Hi,
I'm having problems upgrading to 0.12.0
. We're running in eu-west-1
but one of my modules requires a cloudfront certificate that is only available in us-east-1
.
The main terraform file defines an additional aws provider running in us-east-1
aliased to a name expected by the module.
When I follow the upgrade instructions, I get an error at the step when I run terraform plan
against v0.12
.
Error: Provider configuration not present
To work with module.sunset_environment.aws_acm_certificate.cloudfront its
original provider configuration at
module.sunset_environment.provider.aws.us_east_1 is required, but it has been
removed. This occurs when a provider configuration is removed while objects
created by that provider still exist in the state. Re-add the provider
configuration to destroy
module.sunset_environment.aws_acm_certificate.cloudfront, after which you can
remove the provider configuration again.
I don't understand what to do about this because provider.aws.us_east_1
is already defined.
Upgrading 0.11.14
to 0.12.0
provider "aws" {
region = local.aws_region
version = "~> 2.12.0"
}
...
provider "aws" {
alias = "us_east_1"
region = "us-east-1"
version = "~> 2.12.0"
}
...
module "sunset_environment" {
source = "git::git@github.com:my-private-repo"
dns_root_zone_id = local.dns_root_zone_id
dns_root_zone_name = local.dns_root_zone_name
stage = local.stage
aws_region = local.aws_region
environment = local.environment
vpc_id = local.vpc_id
dns_public_zone_id = local.dns_public_zone_id
dns_public_zone_name = local.dns_public_zone_name
external_lb_arn = module.environment.external_lb_arn
external_lb_dns_name = module.environment.external_lb_dns_name
external_lb_dns_zone_id = module.environment.external_lb_dns_zone_id
external_lb_http_listener_arn = module.environment.external_lb_http_listener_arn
external_lb_https_listener_arn = module.environment.external_lb_https_listener_arn
cdn_origin_ssl_protocols = ["TLSv1", "TLSv1.1", "TLSv1.2"]
}
... and from the module...
resource "aws_acm_certificate" "cloudfront" {
provider = "aws.us_east_1"
domain_name = "${local.site_cdn_fqdn}"
validation_method = "DNS"
}
https://gist.github.com/npc-adrian/2b1b8e8a93060ea164d57a322baae6ea
N/A
terraform plan
should run successfully and report no changes needed
An error occurred running a plan using 0.12. Same message twice as shown below.
Error: Provider configuration not present
To work with
module.sunset_environment.aws_acm_certificate_validation.cloudfront its
original provider configuration at
module.sunset_environment.provider.aws.us_east_1 is required, but it has been
removed. This occurs when a provider configuration is removed while objects
created by that provider still exist in the state. Re-add the provider
configuration to destroy
module.sunset_environment.aws_acm_certificate_validation.cloudfront, after
which you can remove the provider configuration again.
Error: Provider configuration not present
To work with module.sunset_environment.aws_acm_certificate.cloudfront its
original provider configuration at
module.sunset_environment.provider.aws.us_east_1 is required, but it has been
removed. This occurs when a provider configuration is removed while objects
created by that provider still exist in the state. Re-add the provider
configuration to destroy
module.sunset_environment.aws_acm_certificate.cloudfront, after which you can
remove the provider configuration again.
Following the instructions at https://www.terraform.io/upgrade-guides/0-12.html
Tried running 0.11 syntax (i.e. with interpolated strings) against 0.12 but got the same error.
I tried running the 0.12 upgrade command against the module but it can't resolve the us_east_1 provider. I guess that's expected but I figured it was worth a go.
Looks similar to #21416
Answer
questions
eviltwin
looks like now you have to explicitly pass down the aliased providers to our modules explicitly. From the docs (https://www.terraform.io/docs/configuration/modules.html#passing-providers-explicitly):
Additional provider configurations (those with the alias argument set) are never inherited automatically by child modules, and so must always be passed explicitly using the providers map.
There's an example in the docs that I linked to, but what it comes down to is that in my module that issues certificates I have to declare that it expects to be told about an aliased AWS provider (note that it doesn't need to declare any configuration for this provider, just that it will be there). So, in some-module/main.tf
:
provider "aws" {
alias = "north-virginia"
}
and then when the module is used:
module "root_domain" {
source = "./some-module"
providers = {
aws = aws
aws.north-virginia = aws.north-virginia
}
...other stuff...
}
Related questions