getmoto
Can't create elbv2
Reporting Bugs
Hi, hoping that every body is well
I'm using Moto has stand alone mock server to test my terraform IaC. here is my provider.tf
provider "aws" {
region = var.region
access_key = "test"
secret_key = "test"
profile = "mock-aws"
s3_use_path_style = true
skip_credentials_validation = true
skip_metadata_api_check = true
skip_requesting_account_id = true
### Endpoints {
ec2 = "http://localhost:4566"
iam = "http://localhost:4566"
kms = "http://localhost:4566"
lambda = "http://localhost:4566"
sts = "http://localhost:4566"
elbv2 = "http://localhost:4566"
}
}
and here is my terraform for the load balencer
resource "aws_alb" "backend-load-balancer" {
load_balancer_type = "application"
name = "Dev-Backend-LoadBalancer"
internal = true
security_groups = [aws_security_group.alb_security_group.id]
subnets = [
"aws_subnet.private-subnet-1.id",
"aws_subnet.private-subnet-2.id"
]
tags = {
Environment = "dev"
}
}
and here is the output of the Moto-Server an infinite list of
127.0.0.1 - - [02/Aug/2022 07:56:38] "POST / HTTP/1.1" 400 - 127.0.0.1 - - [02/Aug/2022 07:56:38] "POST / HTTP/1.1" 400 - 127.0.0.1 - - [02/Aug/2022 07:56:38] "POST / HTTP/1.1" 400 - 127.0.0.1 - - [02/Aug/2022 07:56:38] "POST / HTTP/1.1" 400 - 127.0.0.1 - - [02/Aug/2022 07:56:39] "POST / HTTP/1.1" 400 - 127.0.0.1 - - [02/Aug/2022 07:56:41] "POST / HTTP/1.1" 400 - 127.0.0.1 - - [02/Aug/2022 07:56:43] "POST / HTTP/1.1" 400 - 127.0.0.1 - - [02/Aug/2022 07:56:51] "POST / HTTP/1.1" 400 - 127.0.0.1 - - [02/Aug/2022 07:57:01] "POST / HTTP/1.1" 400 - 127.0.0.1 - - [02/Aug/2022 07:57:18] "POST / HTTP/1.1" 400 - 127.0.0.1 - - [02/Aug/2022 07:58:09] "POST / HTTP/1.1" 400 - 127.0.0.1 - - [02/Aug/2022 08:00:06] "POST / HTTP/1.1" 400 - 127.0.0.1 - - [02/Aug/2022 08:02:46] "POST / HTTP/1.1" 400 - 127.0.0.1 - - [02/Aug/2022 08:07:16] "POST / HTTP/1.1" 400 - 127.0.0.1 - - [02/Aug/2022 08:10:46] "POST / HTTP/1.1" 400 - 127.0.0.1 - - [02/Aug/2022 08:15:46] "POST / HTTP/1.1" 400 - 127.0.0.1 - - [02/Aug/2022 08:19:21] "POST / HTTP/1.1" 400 -
and from terraform output
module.infra.aws_alb.backend-load-balancer: Still creating... [16m0s elapsed] module.infra.aws_alb.backend-load-balancer: Still creating... [16m10s elapsed] module.infra.aws_alb.backend-load-balancer: Still creating... [16m20s elapsed] module.infra.aws_alb.backend-load-balancer: Still creating... [16m30s elapsed] module.infra.aws_alb.backend-load-balancer: Still creating... [16m40s elapsed] module.infra.aws_alb.backend-load-balancer: Still creating... [16m50s elapsed] module.infra.aws_alb.backend-load-balancer: Still creating... [17m0s elapsed] module.infra.aws_alb.backend-load-balancer: Still creating... [17m10s elapsed] module.infra.aws_alb.backend-load-balancer: Still creating... [17m20s elapsed] module.infra.aws_alb.backend-load-balancer: Still creating... [17m30s elapsed] module.infra.aws_alb.backend-load-balancer: Still creating... [17m40s elapsed] module.infra.aws_alb.backend-load-balancer: Still creating... [17m50s elapsed] module.infra.aws_alb.backend-load-balancer: Still creating... [18m0s elapsed] module.infra.aws_alb.backend-load-balancer: Still creating... [18m10s elapsed] module.infra.aws_alb.backend-load-balancer: Still creating... [18m20s elapsed] module.infra.aws_alb.backend-load-balancer: Still creating... [18m30s elapsed] module.infra.aws_alb.backend-load-balancer: Still creating... [18m40s elapsed] module.infra.aws_alb.backend-load-balancer: Still creating... [18m50s elapsed]
As per the documentation elbv2 is well supported
But when creating on a real AWS account every thing is OK
Best regards to all of you
Steph
Hi @stephanedesjardins-qc, thanks for raising this. Could you post a minimum reproducible example, so a TF that also includes the security groups/subnets?
Yep no problem
################################################
# VPC
resource "aws_vpc" "dev-vpc" {
cidr_block = var.vpc_cidr
enable_dns_hostnames = true
tags = {
Name = "Dev-VPC"
}
}
resource "aws_subnet" "public-subnet-1" {
cidr_block = var.public_subnet_1_cidr
vpc_id = aws_vpc.dev-vpc.id
availability_zone = "${var.region}a"
tags = {
Name = "Public-Subnet-1"
}
}
resource "aws_subnet" "public-subnet-2" {
cidr_block = var.public_subnet_2_cidr
vpc_id = aws_vpc.dev-vpc.id
availability_zone = "${var.region}b"
tags = {
Name = "Public-Subnet-2"
}
}
resource "aws_subnet" "private-subnet-1" {
cidr_block = var.private_subnet_1_cidr
vpc_id = aws_vpc.dev-vpc.id
availability_zone = "${var.region}a"
tags = {
Name = "Private-Subnet-1"
}
}
resource "aws_subnet" "private-subnet-2" {
cidr_block = var.private_subnet_2_cidr
vpc_id = aws_vpc.dev-vpc.id
availability_zone = "${var.region}b"
tags = {
Name = "Private-Subnet-2"
}
}
resource "aws_route_table" "public-route-table" {
vpc_id = aws_vpc.dev-vpc.id
tags = {
Name = "Public-Route-Table"
}
}
resource "aws_route_table" "private-route-table" {
vpc_id = aws_vpc.dev-vpc.id
tags = {
Name = "Private-Route-Table"
}
}
resource "aws_route_table_association" "public-route-1-association" {
route_table_id = aws_route_table.public-route-table.id
subnet_id = aws_subnet.public-subnet-1.id
}
resource "aws_route_table_association" "public-route-2-association" {
route_table_id = aws_route_table.public-route-table.id
subnet_id = aws_subnet.public-subnet-2.id
}
resource "aws_route_table_association" "private-route-1-association" {
route_table_id = aws_route_table.private-route-table.id
subnet_id = aws_subnet.private-subnet-1.id
}
resource "aws_route_table_association" "private-route-2-association" {
route_table_id = aws_route_table.private-route-table.id
subnet_id = aws_subnet.private-subnet-2.id
}
resource "aws_eip" "elastic-ip-for-nat-gw" {
vpc = true
associate_with_private_ip = "10.0.0.5"
tags = {
Name = "Dev-EIP"
}
depends_on = [aws_internet_gateway.dev-igw]
}
resource "aws_nat_gateway" "nat-gw" {
allocation_id = aws_eip.elastic-ip-for-nat-gw.id
subnet_id = aws_subnet.public-subnet-1.id
tags = {
Name = "Production-NAT-GW"
}
depends_on = [aws_eip.elastic-ip-for-nat-gw]
}
resource "aws_route" "nat-gw-route" {
route_table_id = aws_route_table.private-route-table.id
nat_gateway_id = aws_nat_gateway.nat-gw.id
destination_cidr_block = "0.0.0.0/0"
}
resource "aws_internet_gateway" "dev-igw" {
vpc_id = aws_vpc.dev-vpc.id
tags = {
Name = "Dev-IGW"
}
}
resource "aws_route" "public-internet-igw-route" {
route_table_id = aws_route_table.public-route-table.id
gateway_id = aws_internet_gateway.dev-igw.id
destination_cidr_block = "0.0.0.0/0"
}
#####################################
# Security Group
resource "aws_security_group" "alb_security_group" {
name = "ELB-SG"
description = "ELB Security Group"
vpc_id = aws_vpc.dev-vpc.id
ingress {
from_port = 0
protocol = "-1"
to_port = 0
cidr_blocks = ["0.0.0.0/0"]
description = "Allow web traffic to load balancer"
}
egress {
from_port = 0
protocol = "-1"
to_port = 0
cidr_blocks = ["0.0.0.0/0"]
}
}
########################################
# ELB
resource "aws_alb" "backend-load-balancer" {
load_balancer_type = "application"
name = "Dev-Backend-LoadBalancer"
internal = true
security_groups = [aws_security_group.alb_security_group.id]
subnets = [
"aws_subnet.private-subnet-1.id",
"aws_subnet.private-subnet-2.id"
]
tags = {
Environment = "dev"
}
}
resource "aws_lb_target_group" "lb-target-group" {
name = "dev-lb-tg"
port = 80
protocol = "HTTP"
vpc_id = aws_vpc.dev-vpc.id
}
resource "aws_lb_listener" "lb-listener" {
load_balancer_arn = aws_alb.backend-load-balancer.arn
port = "80"
protocol = "HTTP"
default_action {
type = "forward"
target_group_arn = aws_lb_target_group.lb-target-group.arn
}
}
Apologies for the delay @stephanedesjardins-qc. It looks like the main issue is that your variables are not properly initialized. I.e., there are string references such as:
"aws_subnet.private-subnet-1.id"
That should be referenced as variables instead:
"${aws_subnet.private-subnet-1.id}"
If you are still having issues, you can enable debugging by enabling logging: TF_LOG=DEBUG terraform apply.
The output should be quite helpful in terms of telling you what's wrong.