I'm new to Terraform so I may be missing something, but I did quiet a research and I didnt find a solution. We have companies AWS account with somw instances running already on region eu-west-1. I decided to test Terraform so we can start using it. I created IAM user with appropriate permissions and made this tf file:
resource "aws_instance" "test" {
ami = "ami-21abf052"
instance_type = "t2.small"
}
terraform apply failed with the following error:
* aws_instance.test: Error launching source instance: timeout while waiting for state to become 'success' (timeout: 15s)
At first I thought it's the credentials problem, so I tried running the same from awscli:
aws ec2 run-instances --image-id ami-21abf052 --count 1 --instance-type t2.small
It worked like a charm. After that I tried many things including: using different IAM user, changing the permissions (giving "Allow" to ec2:*), using different AMIs, setting different VPCs, setting names, tags, different instance types, hardcoding the access_key and secret_key in .tf file, setting the region explicitly in the file (for awscli the default is eu-west-1). Anything I was doing the awscli was working and terraform failing.
After loosing one day I tried in region eu-central-1 and it just worked.
Am my missing something? Should I somehow add permissions for regions separately? Isn't awscli using the same ~/.aws/credentials file if I don't define it in .tf file?
aha, my current permissions in AWS:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"ec2:*",
"iam:GetUser",
"sts:GetCallerIdentity",
"iam:ListRoles"
],
"Resource": "*"
}
]
}
EDIT:
I tested more regions:
- us-west-1 works
- us-east-1 fails
- sa-east-1 works
My AMIs:
variable "amis" {
default = {
eu-west-1 = "ami-21abf052"
eu-central-1 = "ami-b0db1ddf"
us-east-1 = "ami-e6d5d2f1"
us-west-1 = "ami-bcb9eedc"
sa-east-1 = "ami-ec811880"
}
}
And versions Terraform v0.7.13 aws-cli/1.11.28 Python/2.7.12+ Linux/4.8.0-30-generic botocore/1.4.85
