terraform-aws-ecr icon indicating copy to clipboard operation
terraform-aws-ecr copied to clipboard

Published 20 hours ago β€’ verified publisher icon terraform-aws-modules

Repo does not work with provider in version 5.60.0.

Open Draqun opened this issue 6 months ago β€’ 0 comments

Description

From unknown for me reason this repo does not work with provider in version 5.60.0.

Versions

Provider

terraform {
  required_version = ">= 1.9.0"
  required_providers {
    aws = {
      source  = "hashicorp/aws"
      version = ">= 5.60.0"
    }
  }
}

Reproduction Code [Required]

module "sfe_backend_ecr" {
  source = "terraform-aws-modules/ecr/aws"

  repository_name               = "sfe-backend"

  repository_read_write_access_arns = ["arn:aws:iam::012345678901:role/terraform"]
  repository_lifecycle_policy = jsonencode({
    rules = [
      {
        rulePriority = 1,
        description  = "Keep last 30 images",
        selection = {
          tagStatus     = "tagged",
          tagPrefixList = ["v"],
          countType     = "imageCountMoreThan",
          countNumber   = 30
        },
        action = {
          type = "expire"
        }
      }
    ]
  })
}

Expected behavior

Existing ECR as a result.

Actual behavior

Failing script

Terminal Output Screenshot(s)

Console output.

Plan: 2 to add, 0 to change, 0 to destroy.
Given action will change the cloud state. Press ENTER button if you are agree on that or CTRL+C to Cancel.

module.ecr.module.sfe_backend_ecr.aws_ecr_repository_policy.this[0]: Creating...
module.ecr.module.sfe_frontend_ecr.aws_ecr_repository_policy.this[0]: Creating...
β•·
β”‚ Error: putting ECR Repository Policy (sfe-backend): operation error ECR: SetRepositoryPolicy, https response error StatusCode: 400, RequestID: ca9cf5b8-3863-4a17-bd1b-ee839182ee26, InvalidParameterException: Invalid parameter at 'PolicyText' failed to satisfy constraint: 'Principal not found'
β”‚ 
β”‚   with module.ecr.module.sfe_backend_ecr.aws_ecr_repository_policy.this[0],
β”‚   on .terraform/modules/ecr.sfe_backend_ecr/main.tf line 202, in resource "aws_ecr_repository_policy" "this":
β”‚  202: resource "aws_ecr_repository_policy" "this" {
β”‚ 
β•΅
β•·
β”‚ Error: putting ECR Repository Policy (sfe-frontend): operation error ECR: SetRepositoryPolicy, https response error StatusCode: 400, RequestID: f2df8f0b-928a-425c-8531-74401bc6d110, InvalidParameterException: Invalid parameter at 'PolicyText' failed to satisfy constraint: 'Principal not found'
β”‚ 
β”‚   with module.ecr.module.sfe_frontend_ecr.aws_ecr_repository_policy.this[0],
β”‚   on .terraform/modules/ecr.sfe_frontend_ecr/main.tf line 202, in resource "aws_ecr_repository_policy" "this":
β”‚  202: resource "aws_ecr_repository_policy" "this" {
β”‚ 
β•΅
make: *** [Makefile:45: tf-apply] BΕ‚Δ…d 1

Additional context

Adding flags below resolve the problem, but does not create policy

  repository_image_scan_on_push = false
  attach_repository_policy      = false
  create_repository_policy      = false

Draqun avatar Jul 28 '24 19:07 Draqun