Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[BUG] #98

Open
obouchta opened this issue Oct 11, 2023 · 1 comment
Open

[BUG] #98

obouchta opened this issue Oct 11, 2023 · 1 comment
Labels
bug Something isn't working good first issue Good for newcomers

Comments

@obouchta
Copy link

obouchta commented Oct 11, 2023
edited
Loading

What is the bug?

Assuming role work only with aws_profile variable.
When passing aws_access_key and aws_secret_key, the role is not assumed.
Error:
HTTP 403 Forbidden: Permission denied. Please ensure that the correct credentials are being used to access the cluster.

How can one reproduce the bug?

Working case :

provider "opensearch" {
  url                         = "https://${aws_opensearch_domain.this.endpoint}"
  aws_region                  = var.region
  aws_assume_role_arn         = local.role_arn
  aws_assume_role_external_id = "terraform"
  sign_aws_requests           = true
  healthcheck                 = false
  aws_profile                 = var.aws_profile
}

Not working case:

provider "opensearch" {
  url                         = "https://${aws_opensearch_domain.this.endpoint}"
  aws_region                  = var.region
  aws_assume_role_arn         = local.role_arn
  aws_assume_role_external_id = "terraform"
  sign_aws_requests           = true
  healthcheck                 = false
  aws_access_key = var.aws_access_key
  aws_secret_key = var.aws_secret_key
}

What is the expected behavior?

The role should be assumed when passing aws_access_key and aws_secret_key or when passing environment variables AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY

What is your host/environment?

Amazon Linux AMI 2018.03
Terraform v1.3.9
Provider 2.0.0

Do you have any screenshots?

image
@obouchta obouchta added bug Something isn't working untriaged labels Oct 11, 2023
@prudhvigodithi prudhvigodithi added the good first issue Good for newcomers label Oct 23, 2023
@peterzhuamazon
Copy link
Member

peterzhuamazon commented Oct 24, 2023
edited
Loading

Simliar to

@getsaurabh02 getsaurabh02 moved this from 🆕 New to Later (6 months plus) in Engineering Effectiveness Board Jul 18, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working good first issue Good for newcomers
Projects
Engineering Effectiveness Board
Status: 📦 Backlog
Milestone
No milestone
Development

No branches or pull requests
3 participants
@obouchta @prudhvigodithi @peterzhuamazon