terraform-aws-elastic-beanstalk-environment
terraform-aws-elastic-beanstalk-environment copied to clipboard
ssm_activation_error Failing to deploy in the first deployment.
Found a bug? Maybe our Slack Community can help.
Describe the Bug
When i deploy the project for the first time, it seems there is a race condition issue, i have this error Error creating SSM activation: ValidationException: Nonexistent role or missing ssm service principal in trust policy When i re-run terraform apply, the ressource aws_ssm_activation is created
Expected Behavior
Create everything in the first terraform apply
Steps to Reproduce
Terraform apply with last lib version => 0.46.0
Screenshots
might be a missing "depends_on" here !
Found a bug? Maybe our Slack Community can help.
Describe the Bug
When i deploy the project for the first time, it seems there is a race condition issue, i have this error Error creating SSM activation: ValidationException: Nonexistent role or missing ssm service principal in trust policy When i re-run terraform apply, the ressource aws_ssm_activation is created
Expected Behavior
Create everything in the first terraform apply
Steps to Reproduce
Terraform apply with last lib version => 0.46.0
Screenshots
might be a missing "depends_on" here !
I confirm, worse when you have several calls to this module in a single "stack". This is from TFC:
![image](https://user-images.githubusercontent.com/1607385/153126573-1fb53458-2b10-4fd5-ac1a-08acaf7b2525.png)
I concur, this issue is present in my module deployments as well. What I do not understand is if this has any practical impact apart from an error on creation. The environment seems to be provisioned successfully. However, when invoking terraform plan
wants to add the missing resource(s).
So a workaround is two consecutive terraform apply
invocations but am not sure if this works correctly... (appears to be though!)
We are using version 0.39.1 of "cloudposse/elastic-beanstalk-environment/aws" and we get the same error. Fails the first time with this error:
Error creating SSM activation: ValidationException: Nonexistent role or missing ssm service principal in trust policy: arn:aws:iam::
Subsequent Terraform applies succeed.
Seeing the same behavior as others, first apply yields the SSM activation error, further applies are fine. Issue isn't harmful, but should probably be documented, I could see someone stumbling on this for a long time / assuming the module is broken.
Adding depends_on = [aws_elastic_beanstalk_environment.default]
to the aws_ssm_activation resource resolves this issue