terraform beginner: where is my EC2 instance gone?

1
votes

I created a brand new (free) AWS account.

Using terraform, I created an EC2 instance but can't see it in aws console.

My terraform script is very simple

provider "aws" {
  region = "us-east-2"
}

resource "aws_instance" "example" {
  ami           = "ami-0c55b159cbfafe1f0"
  instance_type = "t2.micro"
  tags = {
    Name = "terraform-example"
  }
}

terraform apply completes successfully but when going to EC2 on the AWS Console, it tells me that there are no instances...

Even if I login as the AWS root account.

Out of curiosity, I created an EC2 instance manually through the AWS Console. I can see this one created manually.

If I run terraform plan again, it's still says everything is fine...

Should not it try to remove this new manual instance instead?

Does that confirm that my terraform instance is not looking at the account I think it is???

Later, I took the exact same credentials and main.tf file to another laptop

Initially terraform plan did not recognise my EC2 (or anything) created before (I suppose this is because i did not copy across the Terraform state file...).

Ran terraform apply which recreated the items... and this time I can see the instances I create...

Next step: try to find out whether this initial EC2 instance has been created in another region... which I am hoping to find out through billing / or activity...

2
amazon-ec2terraformterraform-provider-aws
Hi Eric - I can imagine that the TF state-file is misaligned as the managed-state from the actual state, so it is worth to try to run an a show info to fetch the instanceId or maybe run a destroy and plan/apply. Alternatively - Not sure if you have multiple accounts, but it is worth to doublecheck if the API Keys set for your terraform is actually for the same account and if you're console points to the same region.muratiakos
first check the secret key and access key used for terraform belong to which AWS account and then check the correct region on the console. It's a software which always has a logic, not magic which will eat your instance :)Mahattam
I set the AWS_ACCESS_KEY and AWS_SECRET_ACCESS_KEY through environment variables and they AWS_ACCESS_KEY looks fineEric Mamet
For the TF state, it seems ok because terraform plan recognizes the instance. It even gives me the instance id but not sure what I can do with thatEric Mamet

2 Answers

2
votes

It was because I was not using the credentials I thought...

I thought I had setup the 2 env variables AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY but I had made a typo when assigning AWS_SECRET_ACCESS_KEY and it was not set.

It happened that I had a "credentials" file hanging around in my ~/.aws folder with tests I had done on a different AWS account about a year ago (which I had all forgotten about).

Once I removed the .aws/credentials file AND assigned AWS_SECRET_ACCESS_KEY properly, everything behaved as expected.

I used a trick given to me by Laura M. (thanks) to show which user details were used by terraform

data "aws_caller_identity" "current" {}

output "account_id" {
  value = "${data.aws_caller_identity.current.account_id}"
}

output "caller_arn" {
  value = "${data.aws_caller_identity.current.arn}"
}

output "caller_user" {
  value = "${data.aws_caller_identity.current.user_id}"
}
1
votes

Do you have the us-east-2 region (Ohio) selected in the AWS Console. By default I think it defaults to us-east-1 (Virginia) for new US accounts but your TF AWS provider is configured to deploy to us-east-2.