main.tf のコード例
terraform {
# AWSプロバイダーのバージョン指定
required_providers {
aws = {
source = "hashicorp/aws"
version = "~> 4.51.0"
}
}
# tfstateファイルをS3に配置する(配置先のS3は事前に作成済み)
backend s3 {
bucket = "terraform-yumainaura" # S3バケット名
region = "ap-northeast-1"
key = "tf-test.tfstate"
}
}
# AWSプロバイダーの定義
provider aws {
region = "ap-northeast-1"
}
# EC2の作成
resource aws_instance ec2 {
ami = "ami-0bba69335379e17f8" # Amazon マシンイメージ
instance_type = "t2.micro"
tags = {
Name = "tf-test"
}
}
AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY を認識できていない場合 (init)
オフラインでも起こるエラー
main.tf に直接 KEY / SECRET を書くやり方だとこのエラーが起きていた
$ terraform init
Initializing the backend...
╷
│ Error: error configuring S3 Backend: no valid credential sources for S3 Backend found.
│
│ Please see https://www.terraform.io/docs/language/settings/backends/s3.html
│ for more information about providing credentials.
│
│ Error: NoCredentialProviders: no valid providers in chain. Deprecated.
│ For verbose messaging see aws.Config.CredentialsChainVerboseErrors
│
│
│
╵
AWS S3でバケットが存在しない場合 (init)
AWS_ACCESS_KEY_ID=xxx AWS_SECRET_ACCESS_KEY=yyy AWS_DEFAULT_REGION=ap-northeast-1 terraform init --migrate-state
Initializing the backend...
Backend configuration changed!
Terraform has detected that the configuration specified for the backend
has changed. Terraform will now check for existing state in the backends.
╷
│ Error: Error inspecting states in the "s3" backend:
│ S3 bucket does not exist.
│
│ The referenced S3 bucket must have been previously created. If the S3 bucket
│ was created within the last minute, please wait for a minute or two and try
│ again.
│
│ Error: NoSuchBucket: The specified bucket does not exist
│ status code: 404, request id: XSR798EMBAG06B70, host id: 2Pq7S6nh04co2JuD5bvpQfAe6kNnOTcYxoyEDubL32iQfu6WTFxxS5LTv7qtQZe5kGZL8Qh/w/k=
│
│
│ Prior to changing backends, Terraform inspects the source and destination
│ states to determine what kind of migration steps need to be taken, if any.
│ Terraform failed to load the states. The data in both the source and the
│ destination remain unmodified. Please resolve the above error and try again.
│
│
╵
AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY の認証情報が間違っている場合 (init)
AWS_ACCESS_KEY_ID=xxx AWS_SECRET_ACCESS_KEY=yyy AWS_DEFAULT_REGION=ap-northeast-1 terraform init
Initializing the backend...
╷
│ Error: error configuring S3 Backend: error validating provider credentials: error calling sts:GetCallerIdentity: InvalidClientTokenId: The security token included in the request is invalid.
│ status code: 403, request id: 6997596f-6935-4323-b732-498833c01f0f
│
│
AWSでS3権限がない場合 (init)
AWS_ACCESS_KEY_ID=xxx AWS_SECRET_ACCESS_KEY=yyy AWS_DEFAULT_REGION=ap-northeast-1 terraform init
Initializing the backend...
Error refreshing state: AccessDenied: Access Denied
status code: 403, request id: QEFSBRJ21TZCYTYH, host id: 72Qe8Vfz8mwzaCPil9yBAwFSBgomqccKgs+e7kftuXYDcoZqzOmRlFv3HeowawLejCJbEXBcBIw=
AWSでEC2権限がない場合 (apply)
$ AWS_ACCESS_KEY_ID=xxxY AWS_SECRET_ACCESS_KEY=yyy AWS_DEFAULT_REGION=ap-northeast-1 terraform apply
aws_instance.ec2: Refreshing state... [id=i-07fa99fc63ad81002]
╷
│ Error: reading EC2 Instance (i-07fa99fc63ad81002): UnauthorizedOperation: You are not authorized to perform this operation.
│ status code: 403, request id: f8df261f-6205-49a3-8585-f6d74adbc4ef
│
│ with aws_instance.ec2,
│ on main.tf line 26, in resource "aws_instance" "ec2":
│ 26: resource aws_instance ec2 {
│
╵
環境
Terraform v1.3.7
on darwin_amd64
+ provider registry.terraform.io/hashicorp/aws v4.51.0
参考
tfファイルの例を参考にした(というかほとんど例そのままで試した)
チャットメンバー募集
何か質問、悩み事、相談などあればLINEオープンチャットもご利用ください。