19 messages
Daniel Boothabout 1 year ago
trying to set up atmos and slightly new, I am having difficulty understanding how to use this _defaults.yaml
Daniel Boothabout 1 year ago
I am trying to work out how I can set up my s3 backend without having to put it in each stack yaml...
rssabout 1 year ago(edited)
v1.11.0-alpha20250107
1.11.0-alpha20250107 (January 7, 2025)
ENHANCEMENTS:
init: Provider installation will utilise credentials configured in a .netrc file for the download and shasum URLs returned by provider registries. (https://github.com/hashicorp/terraform/pull/35843)
New command modules -json: Displays a full list of all installed modules in a working directory, including whether each module is currently referenced by the...
1.11.0-alpha20250107 (January 7, 2025)
ENHANCEMENTS:
init: Provider installation will utilise credentials configured in a .netrc file for the download and shasum URLs returned by provider registries. (https://github.com/hashicorp/terraform/pull/35843)
New command modules -json: Displays a full list of all installed modules in a working directory, including whether each module is currently referenced by the...
rssabout 1 year ago(edited)
v1.10.4
1.10.4 (January 8, 2025)
BUG FIXES:
type conversion: Empty map conversions now return correct type information (#36262)
terraform console: Fix crash when printing ephemeral values (<a href="https://github.com/hashicorp/terraform/issues/36267" data-hovercard-type="pull_request"...
1.10.4 (January 8, 2025)
BUG FIXES:
type conversion: Empty map conversions now return correct type information (#36262)
terraform console: Fix crash when printing ephemeral values (<a href="https://github.com/hashicorp/terraform/issues/36267" data-hovercard-type="pull_request"...
Richard Oliver Brayabout 1 year ago
Has anyone messed around with OpenTofu? What are your thoughts?
Paola GMabout 1 year ago
Hi everyone, I don't know if I should post this here but I'm facing an issue when working with Localstack and trying to create some subnets using the dynamic-subnets module, during plan I can see the tags I've added to the module, but affter apply I cannot see the tags. Is this a known issue? or am I doing something wrong with my localstack setup? π
lorenabout 1 year ago
not sure if others have this particular use case, but would appreciate some support via ποΈ on the feature request i opened for a new terraform aws resource to manage invoicing configurations for an aws organization...
https://github.com/hashicorp/terraform-provider-aws/issues/40844
https://github.com/hashicorp/terraform-provider-aws/issues/40844
David Elstonabout 1 year ago
Hi everyone, enjoying using Atmos β€οΈ I just had a quick clarification question regarding setting the
Could someone clarify, this refers to using the remote_state terraform module only and not say if I ran
or if I referenced an output in a stack via a yaml function such as
This is the behavior I'm seeing, just wanting to know if I'm not doing something wrong
remote_state_backend configuration, reading the backend configuration docs it saysWhen working with Terraform backends and writing/updating the state, the terraform-backend-read-write role will be used. But when reading the remote state of components, the terraform-backend-read-only role will be used.Could someone clarify, this refers to using the remote_state terraform module only and not say if I ran
atmos terraform output my_component -s my_stackor if I referenced an output in a stack via a yaml function such as
!terraform.output my_component my_stack my_output_valueThis is the behavior I'm seeing, just wanting to know if I'm not doing something wrong
Michaelabout 1 year ago
The Hashitalks schedule was just released if anyone is interested: https://events.hashicorp.com/hashitalks2025
Justin Evan Belgaabout 1 year ago
Hello. I'm trying to use the
Here's the code I use to call it.
The Cert gets imported to ACM but there is no domain given to it. My understanding is that
cloudposse/ec2-client-vpn/aws module (https://registry.terraform.io/modules/cloudposse/ec2-client-vpn/aws/latest) but whenever I try to run it, it gives me this error.β·
β Error: creating EC2 Client VPN Endpoint: operation error EC2: CreateClientVpnEndpoint, https response error StatusCode: 400, RequestID: c0d897b4-0a1d-405b-aacd-a50ac1e2b993, api error InvalidParameterValue: Certificate arn:aws:acm:us-east-1:REDACTED:certificate/b40a7520-e47a-4d62-9f50-070817e3d129 does not have a domain
β
β with module.ec2_client_vpn.aws_ec2_client_vpn_endpoint.default[0],
β on .terraform/modules/ec2_client_vpn/main.tf line 152, in resource "aws_ec2_client_vpn_endpoint" "default":
β 152: resource "aws_ec2_client_vpn_endpoint" "default" {
β
β΅
Releasing state lock. This may take a few moments...Here's the code I use to call it.
module "ec2_client_vpn" {
source = "cloudposse/ec2-client-vpn/aws"
ca_common_name = "vpn.staging.buff.game"
root_common_name = "vpn_client.staging.buff.game"
server_common_name = "vpn_server.staging.buff.game"
client_cidr = var.vpn_cidr
organization_name = var.organization
logging_enabled = false
logging_stream_name = "${var.environment}-client-vpn"
retention_in_days = 0
associated_subnets = module.staging_vpc.private_subnets
authorization_rules = []
additional_routes = []
associated_security_group_ids = [module.staging_vpc.default_private_sg_id]
export_client_certificate = true
vpc_id = module.staging_vpc.vpc_id
dns_servers = []
split_tunnel = true
}The Cert gets imported to ACM but there is no domain given to it. My understanding is that
common_name is what should have been saved as the name for the certs.
RBabout 1 year ago
iβve rereading terraform module docs and came across (again) this issue https://github.com/terraform-docs/terraform-docs/issues/523 where it will show you the module sources, however, it wonβt show you the resources created within those modules. It would be nice to have this setting as a config to improve the docs.
If you have time, please share an upvote. π
If you have time, please share an upvote. π
rssabout 1 year ago(edited)
v1.11.0-beta1
1.11.0-beta1 (January 16, 2025)
NEW FEATURES:
Add write-only attributes to resources. Providers can specify that certain attributes are write-only. They are not persisted in state. You can use ephemeral values in write-only attributes. (#36031)
terraform test: The -junit-xml option for the terraform test command is now...
1.11.0-beta1 (January 16, 2025)
NEW FEATURES:
Add write-only attributes to resources. Providers can specify that certain attributes are write-only. They are not persisted in state. You can use ephemeral values in write-only attributes. (#36031)
terraform test: The -junit-xml option for the terraform test command is now...
rssabout 1 year ago(edited)
v1.11.0-beta1
1.11.0-beta1 (January 16, 2025)
NEW FEATURES:
Add write-only attributes to resources. Providers can specify that certain attributes are write-only. They are not persisted in state. You can use ephemeral values in write-only attributes. (#36031)
terraform test: The -junit-xml option for the terraform test command is now...
1.11.0-beta1 (January 16, 2025)
NEW FEATURES:
Add write-only attributes to resources. Providers can specify that certain attributes are write-only. They are not persisted in state. You can use ephemeral values in write-only attributes. (#36031)
terraform test: The -junit-xml option for the terraform test command is now...
Juan Pablo Lorierabout 1 year ago
rssabout 1 year ago(edited)
v1.10.5
1.10.5 (January 22, 2025)
BUG FIXES:
element(...): no longer crashes when asked for a negative index into a tuple. (#36376)
Updated dependency github.com/hashicorp/go-slug v0.16.0 => v0.16.3 to integrate latest changes (fix for <a title="CVE-2025-0377" data-hovercard-type="advisory"...
1.10.5 (January 22, 2025)
BUG FIXES:
element(...): no longer crashes when asked for a negative index into a tuple. (#36376)
Updated dependency github.com/hashicorp/go-slug v0.16.0 => v0.16.3 to integrate latest changes (fix for <a title="CVE-2025-0377" data-hovercard-type="advisory"...
Eduardo Silviabout 1 year ago
Hi folks!
I'm trying this terraform module to craete a client VPN to let developers access resources under my private subnets.
But something isn't working, the module creates the server and the client certificate inside AWS certificate manager, but I cannot download them. I suppose I have to manually download them as when I try to download the .ovpn conf file of the client vpn endpoint, it only contains the CA, not the others.
How can I correctly setup my vpn? I think I'm doing something wrong
I'm trying this terraform module to craete a client VPN to let developers access resources under my private subnets.
But something isn't working, the module creates the server and the client certificate inside AWS certificate manager, but I cannot download them. I suppose I have to manually download them as when I try to download the .ovpn conf file of the client vpn endpoint, it only contains the CA, not the others.
How can I correctly setup my vpn? I think I'm doing something wrong
Matt Gowieabout 1 year ago
Hey folks -- I'm rubber ducking / working through a problem over in the OpenTofu slack. It's interesting.
I'm sure Cloud Posse has run into this before... How do you all solve it? I also know you folks have been big users of JSON Schema -- Have you run into (or possibly built) a JSON Schema validation terraform utility that I don't know about? π
I'm sure Cloud Posse has run into this before... How do you all solve it? I also know you folks have been big users of JSON Schema -- Have you run into (or possibly built) a JSON Schema validation terraform utility that I don't know about? π
Val Naipaulabout 1 year ago
Hi gang, has anyone used https://www.speakeasy.com/product/terraform-generation to generate a provider from an OpenAPI spec ? Any experiences to relate ?
jaysunabout 1 year ago
has anyone figured out any ways to properly leverage opentofus provider for_each feature? Iβm trying to think of ways to use it for things like replacing account factory for terraform, or transit gateway stuff but looking for ideas