cors_rule problem

Question

cors_rule problem

sancha18 opened this issue 3 years ago · comments

Alex commented 3 years ago

Description

I wan't to create one S3 bucket with cors_rule rule information, but getting error.

Versions

Terraform:Terraform v0.12.7
Terragrunt: terragrunt version v0.28.18
Provider(s): don't have idia, bevause installet only terraform and terragrunt using brew install
Module: source = "git::git@github.com:terraform-aws-modules/terraform-aws-s3-bucket.git?ref=v1.6.0"

Reproduction

Steps to reproduce the behavior:

create aws test account
create user for s3 without any roles assing as wit application access
copy arn ot the user
save my code and replace user arnin ${dependency.apple-iam.outputs.s3-user-ui_arn}
try run terragrun apply in . with my code

Code Snippet to Reproduce

terraform {
  source = "git::git@github.com:terraform-aws-modules/terraform-aws-s3-bucket.git?ref=v1.6.0"
}

dependencies {
  paths = ["../aws-data" , "../apple-iam"]
}

dependency "apple-iam" {
  config_path = "../apple-iam"
}

include {
  path = find_in_parent_folders()
}

###########################################################
# View all available inputs for this module:
# https://registry.terraform.io/modules/terraform-aws-modules/s3-bucket/aws/1.6.0?tab=inputs
###########################################################
inputs = {
  # (Optional, Forces new resource) The name of the bucket. If omitted, Terraform will assign a random, unique name.
  # type: string
  bucket = "terraform-apple-ui"
  

  # (Optional) If specified, the AWS region this bucket should reside in. Otherwise, the region used by the callee.
  # type: string
  #region = "eu-central-1"

  block_public_acls = false

  block_public_policy  = false

  ignore_public_acls = false

  restrict_public_buckets = false

  attach_policy = true

  #example of json:
  # jsonencode("${variable}/text bla bla bla") 
   policy = jsonencode({
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "",
            "Effect": "Allow",
            "Principal": {
                "AWS": "${dependency.apple-iam.outputs.s3-user-ui_arn}"
            },
            "Action": "s3:*",
            "Resource": [
                "arn:aws:s3:::terraform-apple-ui/*",
                "arn:aws:s3:::terraform-apple-ui"
            ]
        },
        {
            "Sid": "",
            "Effect": "Allow",
            "Principal": "*",
            "Action": "s3:GetObject",
            "Resource": [
                "arn:aws:s3:::terraform-apple-ui/*",
                "arn:aws:s3:::terraform-apple-ui"
            ]
        }
    ]
})

cors_rule = [
    {
      allowed_methods = ["PUT", "POST"]
      allowed_origins = ["https://modules.tf", "https://terraform-aws-modules.modules.tf"]
      allowed_headers = ["*"]
      expose_headers  = ["ETag"]
      max_age_seconds = 3000
      }, {
      allowed_methods = ["PUT"]
      allowed_origins = ["https://example.com"]
      allowed_headers = ["*"]
      expose_headers  = ["ETag"]
      max_age_seconds = 3000
    }
  ]

}

Expected behavior

should create S3 with filled cors_rule from field cors_rule in terracgrunthcl

Actual behavior

error on terragrunt apply or\and terragrunt apply-all

Error: Invalid function argument

on main.tf line 25, in resource "aws_s3_bucket" "this":
25: for_each = length(keys(var.cors_rule)) == 0 ? [] : [var.cors_rule]
|----------------
| var.cors_rule is tuple with 2 elements

Invalid value for "inputMap" parameter: must have map or object type.

ERRO[0014] Hit multiple errors:
Hit multiple errors:
exit status 1

Additional context

thanks

Anton Babenko · Answer 1 · Fri Apr 09 2021 21:33:42 GMT+0800 (China Standard Time)

v1.24.0 has been just released.

Alex · Answer 2 · Sat Apr 10 2021 04:00:57 GMT+0800 (China Standard Time)

Additional information only after todays Anton stream, i realized that i can try migrate to terraform 13.1, i've done it and with jsonencode() this part start wokring fine.

part of the code for cors_rule:

cors_rule = jsonencode([
    {
      allowed_methods = ["PUT", "POST"]
      allowed_origins = ["https://modules.tf", "https://terraform-aws-modules.modules.tf"]
      allowed_headers = ["*"]
      expose_headers  = ["ETag"]
      max_age_seconds = 3000
      }, {
      allowed_methods = ["PUT"]
      allowed_origins = ["https://example.com"]
      allowed_headers = ["*"]
      expose_headers  = ["ETag"]
      max_age_seconds = 3000
    }
  ])

anyway, thanks Anton for the new release and today's stream on youtube on your channel.

Anton Babenko · Answer 3 · Sat Apr 10 2021 04:44:48 GMT+0800 (China Standard Time)

I am glad that it works for you now.

Here is the link to the stream where I was fixing this - https://youtu.be/hDRjCDsnyYI?t=3333

github-actions · Answer 4 · Sat Oct 29 2022 10:33:35 GMT+0800 (China Standard Time)

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.