stackoom
  简体   繁体   中英

Terraform AWS not accessing localstack

 原文  2020-10-28 14:33:50       amazon-web-services/ terraform/ localstack

Question

I'm having trouble getting a terraform AWS provider to talk to localstack . Whatever I try I just get the same error:

Error: error configuring Terraform AWS Provider: error validating provider credentials: error calling sts:GetCallerIdentity: InvalidClientTokenId: The security token included in the request is invalid.
    status code: 403, request id: dc96c65d-84a7-4e64-947d-833195464538

This error suggest that the provider is making contact with a HTTP server but the credentials are being rejected (as per any 403 ). You might imagine the problem is that I'm feeding in the wrong credentials (through environment variables).

However the hostname local-aws exists in my /etc/hosts file, but blahblahblah does not. If I swap the endpoint to point to http://blahblahblah:4566 I still get the same 403. So I think the problem is that the provider isn't using my local endpoint. I can't work out why.

resource "aws_secretsmanager_secret_version" "foo" {
  secret_id = aws_secretsmanager_secret.foo.id
  secret_string = "bar"
}

resource "aws_secretsmanager_secret" "foo" {
    name = "rabbitmq_battery_emulator"
}

provider "aws" {
  region = "eu-west-2"
  endpoints {
    secretsmanager = "http://local-aws:4566"
  }
}

2 answers

solution1
 1  2020-10-28 15:42:01

I'm having trouble getting a terraform AWS provider to talk to localstack . Whatever I try I just get the same error:

Error: error configuring Terraform AWS Provider: error validating provider credentials: error calling sts:GetCallerIdentity: InvalidClientTokenId: The security token included in the request is invalid.
    status code: 403, request id: dc96c65d-84a7-4e64-947d-833195464538

This error suggest that the provider is making contact with a HTTP server but the credentials are being rejected (as per any 403 ). You might imagine the problem is that I'm feeding in the wrong credentials (through environment variables).

However the hostname local-aws exists in my /etc/hosts file, but blahblahblah does not. If I swap the endpoint to point to http://blahblahblah:4566 I still get the same 403. So I think the problem is that the provider isn't using my local endpoint. I can't work out why.

resource "aws_secretsmanager_secret_version" "foo" {
  secret_id = aws_secretsmanager_secret.foo.id
  secret_string = "bar"
}

resource "aws_secretsmanager_secret" "foo" {
    name = "rabbitmq_battery_emulator"
}

provider "aws" {
  region = "eu-west-2"
  endpoints {
    secretsmanager = "http://local-aws:4566"
  }
}

solution2
 0  2022-12-29 21:10:01

In addition to the SERVICES and sts endpoint config mentioned by @philip-couling, I also had to remove a terraform block from my main.tf:

#terraform {
#  backend "s3" {
#    bucket = "valid-bucket"
#    key    = "terraform/state/account/terraform.tfstate"
#    region = "eu-west-1"
#  }
#  required_providers {
#    local = {
#      version = "~> 2.1"
#    }
#  }
#}

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Terraform localstack for aws elasticsearch not creating Creating aws_dynamodb_table with terraform and localstack takes forever How to integrate terraform with atlassian/localstack? Localstack AWS endpoint in application How to create EC2 instance on LocalStack with terraform? Cant get terraform and localstack to run a simple example Testing Localstack AWS with Apache Camel AWS SAM Local vs Localstack Terraform with AWS Switch between AWS and localstack on network level
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM