-
Notifications
You must be signed in to change notification settings - Fork 9.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ebs_block_device parameter 'encrypted' evaluated as 'true' even when not set #5360
Comments
just ran into this too, seems related to #1862 in that the api should be passing nil in the launch configuration? Occurs in version 0.6.12 and 0.6.11. |
Last known good in our enterprise was 0.6.8 and the issue does not exist in this version...somewhere between 9-12 is where the error arose. |
👍 working on this with @gilmatic too |
I can provide a bit more information on this issue. Version 0.6.9 works correctly with the aws_launch_configuration seen above from @gilmatic I use the same thing in my code. The ASG Fails to bring an instance in service due to the encrypted pram. Terraform versions 0.6.10+ does the below.
Terraform version 0.6.12 State file:
Terraform version 0.6.9 I see the below and works.
Trace Log:
|
Found a PR #4481 that caused this issue for the Launch config. I could be wrong since I don't know go yet but I don't see a check for snapshot_id. If there is a snapshot_id then the ebs_block_device.2403880458.encrypted should not show up. |
The issue seems also be inconsistent on the AWS side as well. If you specify a spot price in exact same code as above, the problem will go away, and the ASG can spin up an instance fine, even if it has and 'encrypted false' flag. |
is there anyone who knows how to get around of it? |
Going back to an earlier version is what I had to do. Not the best plan. :( On Sunday, March 20, 2016, silverjava notifications@github.com wrote:
|
Checking in to see if there's been any progress or perhaps another work around (besides downgrading) for this problem. |
I was doing downgrade to work around of it :( |
It's what I did. On Wednesday, April 27, 2016, silverjava notifications@github.com wrote:
|
Fixed in #6452. Thanks for the detailed report! |
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further. |
When attempting to include an ebs_block_device with an encrypted snapshot in an aws_launch_configuration, the following error is received no matter how the ebs_block_device is defined:
Parameter encrypted is invalid. You cannot specify the encrypted flag if specifying a snapshot id in a block device mapping. Launching EC2 instance failed.
The ebs_block_device gave the same error whether configured any of the following three ways:
or
or
When set to '0' tfstate reads the following way:
ebs_block_device.#: "" => "1"
ebs_block_device.2403880458.delete_on_termination: "" => "1"
ebs_block_device.2403880458.device_name: "" => "/dev/xvdg"
ebs_block_device.2403880458.encrypted: "" => "0"
ebs_block_device.2403880458.iops: "" => ""
ebs_block_device.2403880458.snapshot_id: "" => "snap-1234567"
ebs_block_device.2403880458.volume_size: "" => "50"
ebs_block_device.2403880458.volume_type: "" => ""
ebs_optimized: "" => ""
When set to '1' or *undefined tfstate shows the encrypted value as '1'.
The AWS API appears to not accept any encrypted value if a snapshot used for the ebs_block_device.
If a snapshot is specified in an ebs_block_device, terraform should ignore the encrypted value and not expose it to the API, which would hopefully allow the autoscaling group to spin up instances successfully.
The text was updated successfully, but these errors were encountered: