terraform-aws-airship-ecs-service
terraform-aws-airship-ecs-service copied to clipboard
blinkist
live_task_lookup.data - AccessDeniedException: The role defined for the function cannot be assumed by Lambda.
what
- Describe the problem and how to reproduce it. While using a simple Fargate configuration, with NLB setup I keep getting an error.
Error: Error refreshing state: 1 error(s) occurred:
* module.test.module.ecs-service.module.live_task_lookup.data.aws_lambda_invocation.lambda_lookup: 1 error(s) occurred:
* module.test.module.ecs-service.module.live_task_lookup.data.aws_lambda_invocation.lambda_lookup: data.aws_lambda_invocation.lambda_lookup: AccessDeniedException: The role defined for the function cannot be assumed by Lambda.
status code: 403, request id: e4bc0dff-1a9d-41e3-98b9-6b7e68a00fab
Code being used to setup:
module "ecs-service" {
source = "git::https://github.com/blinkist/terraform-aws-airship-ecs-service.git?ref=0.9.2"
name = "${format("%.10s", var.name)}-service"
ecs_cluster_id = "${module.ecs.cluster_id}"
ecs_cron_tasks = []
region = "eu-west-1"
fargate_enabled = true
awsvpc_enabled = true
awsvpc_subnets = ["${module.aws_vpc_base.private_subnet_ids}"]
awsvpc_security_group_ids = ["${module.aws_fargate_sg.id}"]
load_balancing_type = "network"
load_balancing_properties_lb_arn = "${aws_lb.nlb_fargate.arn}"
load_balancing_properties_lb_vpc_id = "${module.aws_vpc_base.id}"
load_balancing_properties_route53_record_type = "NONE"
container_memory = "512"
container_cpu = "256"
container_port = "80"
bootstrap_container_image = "nginx:stable"
# Initial ENV Variables for the ECS Task definition
container_envvars {
ENV_VARIABLE = "SOMETHING"
}
}
why
- Explain why this is a problem and what is the expected behavior.
Module is not being deployed although it should be deployed.
@tbugfinder in my experience, this happens when AWS creates a role, but it hasn't had time to propagate when Terraform tries to use it in the Lambda. Re-running Terraform gets around the problem.
