-
Notifications
You must be signed in to change notification settings - Fork 9.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Missing validation that CloudFront SSL method is required #10861
Comments
Not sure what it means, but I received a notification from GitHub about a failed action after creating this issue:
|
The error log is quite clear If you are using the acm_certificate_arn you also need to add the following attribute It is clearly written in the docs: Also, it requires the following attribute Check details here. https://www.terraform.io/docs/providers/aws/r/cloudfront_distribution.html#viewer-certificate-arguments |
@taragurung, I am aware that the error message from The opportunity here is to fail faster, giving developers feedback that they've missed a requirement at the All I'm proposing here is that there should be a I have confirmed that this behavior still exists in Terraform 0.14.10 with AWS provider 3.36.0. |
I totally agree with @meustrus, this behavior is really annoying. One easy option could be to set Probably I'm wrong, but I think the validateFunc cannot resolve completely this behaviour: theoretically, we should make this field mandatory only if acm_certificate_arn is specified. To accomplish this, we should organize fields inside blocks differently, isn't it? |
Reproducible with Terraform v1.2.4 and provider registry.terraform.io/hashicorp/aws v3.75.1. |
Ran into this, where this conditional required arg didn't show up until it errored on I Agree with @lomluca that this ought to default to |
When creating a
aws_cloudfront_distribution
resource with aviewer_certificate
, thessl_support_method
is required. If it is missing, however, theterraform plan
succeeds and theterraform apply
fails with an error from AWS.Community Note
Terraform Version
Affected Resource(s)
Terraform Configuration Files
Debug Output
(skipping because this is purely a validation issue, and with the
ssl_support_method
in place my infrastructure is already stood up; if it turns out to be necessary, I can attempt to create another one to get debug output)Expected Behavior
terraform plan
should fail with a message like so:Actual Behavior
terraform plan
succeeds, andterraform apply
fails with the following message:Steps to Reproduce
terraform plan -out=tfplan
terraform apply tfplan
The text was updated successfully, but these errors were encountered: