Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: config syntax of service connect tls #226

Open
wants to merge 1 commit into
base: wip/v6
Choose a base branch
from
Open

fix: config syntax of service connect tls #226

wants to merge 1 commit into from

Conversation

willscripted
Copy link

@willscripted willscripted commented Sep 5, 2024
edited
Loading

Description

Rebound on #216's tls config change.

Motivation and Context

With the #216 patch I needed to specify a config like this (note double aws_pca_authority_arn keys):

module "example" {
  source = "terraform-aws-modules/ecs/aws"
  
  # ...
  service_connect_configuration = {
      # ...
      tls = {
        issuer_cert_authority = {
          "aws_pca_authority_arn" = {
            "aws_pca_authority_arn = aws_acmpca_certificate_authority.this.arn
          }
        }
        role_arn = aws_iam_role.service_connect_tls.arn
      }
    }
  }
}

But I would expect it to look more like this:

module "example" {
  source = "terraform-aws-modules/ecs/aws"
  
  # ...
  service_connect_configuration = {
      # ...
      tls = {
        issuer_cert_authority = {
          "aws_pca_authority_arn" = aws_acmpca_certificate_authority.this.arn
        }
        role_arn = aws_iam_role.service_connect_tls.arn
      }
    }
  }
}

But a configuration like the above with the #216 patch yields:

Planning failed. Terraform encountered an error while generating this plan.

╷
│ Error: Unsupported attribute
│ 
│   on ../../modules/terraform-aws-ecs/modules/service/main.tf line 180, in resource "aws_ecs_service" "this":
│  180:                   aws_pca_authority_arn = issuer_cert_authority.value.aws_pca_authority_arn
│     ├────────────────
│     │ issuer_cert_authority.value is "arn:aws:acm-pca:us-east-1:xxxxxxxxxxxx:certificate-authority/6c2a379a-xxxx-yyyy-zzzz-498531b3dec0"
│ 
│ Can't access attributes on a primitive-typed value (string).

Breaking Changes

The original tls change has only landed in wip/v6.

How Has This Been Tested?

It has not.

Sorry about the brevity, I can't give this the attention it deserves to drive it all the way home right now. But hopefully, this will help save someone some time down the line. Appreciate you guys building this module -- and for the original TLS change 🙌

@willscripted willscripted changed the title Fix config syntax of service connect tls fix: config syntax of service connect tls Sep 5, 2024
@github-actions GitHub Actions
Copy link

github-actions bot commented Oct 6, 2024

This PR has been automatically marked as stale because it has been open 30 days
with no activity. Remove stale label or comment or this PR will be closed in 10 days

@github-actions github-actions bot added the stale label Oct 6, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
stale
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@willscripted