Comments (8)
chadgeary
commented on August 19, 2024
I get the feeling this something to do with macos + possibly file permissions - can you try chown $USER ../playbooks/*?
from cloudblock.
chadgeary
commented on August 19, 2024
Also can you share the output of:
terraform plan -var-file=aws.tfvars
Remove/obscure any values you feel are sensitive (mgmt_cidr, etc.)
from cloudblock.
NeckBeardPrince
commented on August 19, 2024
I get the feeling this something to do with macos + possibly file permissions - can you try
chown $USER ../playbooks/*?
Permissions are correct.
from cloudblock.
NeckBeardPrince
commented on August 19, 2024
Also can you share the output of:
terraform plan -var-file=aws.tfvarsRemove/obscure any values you feel are sensitive (mgmt_cidr, etc.)
❯ tf plan
Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
+ create
Terraform will perform the following actions:
# module.cloudblock.aws_ami_copy.ph-latest-vendor-ami-with-cmk will be created
+ resource "aws_ami_copy" "ph-latest-vendor-ami-with-cmk" {
+ architecture = (known after apply)
+ arn = (known after apply)
+ description = "KMS CMK-encrypted AMI of latest official vendor AMI"
+ ena_support = (known after apply)
+ encrypted = true
+ hypervisor = (known after apply)
+ id = (known after apply)
+ image_location = (known after apply)
+ image_owner_alias = (known after apply)
+ image_type = (known after apply)
+ kernel_id = (known after apply)
+ kms_key_id = (known after apply)
+ manage_ebs_snapshots = (known after apply)
+ name = "cloudblock-encrypted-ami"
+ owner_id = (known after apply)
+ platform = (known after apply)
+ platform_details = (known after apply)
+ public = (known after apply)
+ ramdisk_id = (known after apply)
+ root_device_name = (known after apply)
+ root_snapshot_id = (known after apply)
+ source_ami_id = "ami-0b5cb7048c06279ae"
+ source_ami_region = "us-east-1"
+ sriov_net_support = (known after apply)
+ tags = {
+ "Name" = "cloudblock-encrypted-ami"
}
+ tags_all = {
+ "Name" = "cloudblock-encrypted-ami"
}
+ usage_operation = (known after apply)
+ virtualization_type = (known after apply)
+ ebs_block_device {
+ delete_on_termination = (known after apply)
+ device_name = (known after apply)
+ encrypted = (known after apply)
+ iops = (known after apply)
+ snapshot_id = (known after apply)
+ throughput = (known after apply)
+ volume_size = (known after apply)
+ volume_type = (known after apply)
}
+ ephemeral_block_device {
+ device_name = (known after apply)
+ virtual_name = (known after apply)
}
+ timeouts {
+ create = "120m"
+ delete = "5m"
}
}
# module.cloudblock.aws_eip.ph-eip-1 will be created
+ resource "aws_eip" "ph-eip-1" {
+ allocation_id = (known after apply)
+ associate_with_private_ip = "10.10.12.5"
+ association_id = (known after apply)
+ carrier_ip = (known after apply)
+ customer_owned_ip = (known after apply)
+ domain = (known after apply)
+ id = (known after apply)
+ instance = (known after apply)
+ network_border_group = (known after apply)
+ network_interface = (known after apply)
+ private_dns = (known after apply)
+ private_ip = (known after apply)
+ public_dns = (known after apply)
+ public_ip = (known after apply)
+ public_ipv4_pool = (known after apply)
+ tags_all = (known after apply)
+ vpc = true
}
# module.cloudblock.aws_iam_instance_profile.ph-instance-profile will be created
+ resource "aws_iam_instance_profile" "ph-instance-profile" {
+ arn = (known after apply)
+ create_date = (known after apply)
+ id = (known after apply)
+ name = (known after apply)
+ path = "/"
+ role = (known after apply)
+ tags_all = (known after apply)
+ unique_id = (known after apply)
}
# module.cloudblock.aws_iam_policy.ph-instance-policy-s3 will be created
+ resource "aws_iam_policy" "ph-instance-policy-s3" {
+ arn = (known after apply)
+ description = "Provides ph instances access to s3 objects/bucket"
+ id = (known after apply)
+ name = "ph-instance-policy-s3"
+ path = "/"
+ policy = (known after apply)
+ policy_id = (known after apply)
+ tags_all = (known after apply)
}
# module.cloudblock.aws_iam_policy.ph-instance-policy-ssmparameter will be created
+ resource "aws_iam_policy" "ph-instance-policy-ssmparameter" {
+ arn = (known after apply)
+ description = "Provides ph instances access to ssm parameter(s)"
+ id = (known after apply)
+ name = "ph-instance-policy-ssmparameter"
+ path = "/"
+ policy = (known after apply)
+ policy_id = (known after apply)
+ tags_all = (known after apply)
}
# module.cloudblock.aws_iam_role.ph-instance-iam-role will be created
+ resource "aws_iam_role" "ph-instance-iam-role" {
+ arn = (known after apply)
+ assume_role_policy = jsonencode(
{
+ Statement = [
+ {
+ Action = "sts:AssumeRole"
+ Effect = "Allow"
+ Principal = {
+ Service = "ec2.amazonaws.com"
}
+ Sid = ""
},
]
+ Version = "2012-10-17"
}
)
+ create_date = (known after apply)
+ force_detach_policies = false
+ id = (known after apply)
+ managed_policy_arns = (known after apply)
+ max_session_duration = 3600
+ name = (known after apply)
+ path = "/"
+ tags_all = (known after apply)
+ unique_id = (known after apply)
+ inline_policy {
+ name = (known after apply)
+ policy = (known after apply)
}
}
# module.cloudblock.aws_iam_role_policy_attachment.ph-iam-attach-s3 will be created
+ resource "aws_iam_role_policy_attachment" "ph-iam-attach-s3" {
+ id = (known after apply)
+ policy_arn = (known after apply)
+ role = (known after apply)
}
# module.cloudblock.aws_iam_role_policy_attachment.ph-iam-attach-ssm will be created
+ resource "aws_iam_role_policy_attachment" "ph-iam-attach-ssm" {
+ id = (known after apply)
+ policy_arn = "arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore"
+ role = (known after apply)
}
# module.cloudblock.aws_iam_role_policy_attachment.ph-iam-attach-ssmparameter will be created
+ resource "aws_iam_role_policy_attachment" "ph-iam-attach-ssmparameter" {
+ id = (known after apply)
+ policy_arn = (known after apply)
+ role = (known after apply)
}
# module.cloudblock.aws_instance.ph-instance will be created
+ resource "aws_instance" "ph-instance" {
+ ami = (known after apply)
+ arn = (known after apply)
+ associate_public_ip_address = (known after apply)
+ availability_zone = (known after apply)
+ cpu_core_count = (known after apply)
+ cpu_threads_per_core = (known after apply)
+ get_password_data = false
+ host_id = (known after apply)
+ iam_instance_profile = (known after apply)
+ id = (known after apply)
+ instance_initiated_shutdown_behavior = (known after apply)
+ instance_state = (known after apply)
+ instance_type = "t4g.micro"
+ ipv6_address_count = (known after apply)
+ ipv6_addresses = (known after apply)
+ key_name = (known after apply)
+ outpost_arn = (known after apply)
+ password_data = (known after apply)
+ placement_group = (known after apply)
+ primary_network_interface_id = (known after apply)
+ private_dns = (known after apply)
+ private_ip = "10.10.12.5"
+ public_dns = (known after apply)
+ public_ip = (known after apply)
+ secondary_private_ips = (known after apply)
+ security_groups = (known after apply)
+ source_dest_check = true
+ subnet_id = (known after apply)
+ tags = {
+ "Name" = "cloudblock-cloudblock"
+ "cloudblock" = "True"
}
+ tags_all = {
+ "Name" = "cloudblock-cloudblock"
+ "cloudblock" = "True"
}
+ tenancy = (known after apply)
+ user_data = "<removed>"
+ vpc_security_group_ids = (known after apply)
+ capacity_reservation_specification {
+ capacity_reservation_preference = (known after apply)
+ capacity_reservation_target {
+ capacity_reservation_id = (known after apply)
}
}
+ ebs_block_device {
+ delete_on_termination = (known after apply)
+ device_name = (known after apply)
+ encrypted = (known after apply)
+ iops = (known after apply)
+ kms_key_id = (known after apply)
+ snapshot_id = (known after apply)
+ tags = (known after apply)
+ throughput = (known after apply)
+ volume_id = (known after apply)
+ volume_size = (known after apply)
+ volume_type = (known after apply)
}
+ enclave_options {
+ enabled = (known after apply)
}
+ ephemeral_block_device {
+ device_name = (known after apply)
+ no_device = (known after apply)
+ virtual_name = (known after apply)
}
+ metadata_options {
+ http_endpoint = (known after apply)
+ http_put_response_hop_limit = (known after apply)
+ http_tokens = (known after apply)
}
+ network_interface {
+ delete_on_termination = (known after apply)
+ device_index = (known after apply)
+ network_interface_id = (known after apply)
}
+ root_block_device {
+ delete_on_termination = true
+ device_name = (known after apply)
+ encrypted = true
+ iops = (known after apply)
+ kms_key_id = (known after apply)
+ throughput = (known after apply)
+ volume_id = (known after apply)
+ volume_size = 10
+ volume_type = "standard"
}
}
# module.cloudblock.aws_internet_gateway.ph-gw will be created
+ resource "aws_internet_gateway" "ph-gw" {
+ arn = (known after apply)
+ id = (known after apply)
+ owner_id = (known after apply)
+ tags = {
+ "Name" = "ph-gw"
}
+ tags_all = {
+ "Name" = "ph-gw"
}
+ vpc_id = (known after apply)
}
# module.cloudblock.aws_key_pair.ph-instance-key will be created
+ resource "aws_key_pair" "ph-instance-key" {
+ arn = (known after apply)
+ fingerprint = (known after apply)
+ id = (known after apply)
+ key_name = (known after apply)
+ key_pair_id = (known after apply)
+ public_key = "<removed>"
+ tags = {
+ "Name" = "ph-ssh-key"
}
+ tags_all = {
+ "Name" = "ph-ssh-key"
}
}
# module.cloudblock.aws_kms_alias.ph-kmscmk-ec2-alias will be created
+ resource "aws_kms_alias" "ph-kmscmk-ec2-alias" {
+ arn = (known after apply)
+ id = (known after apply)
+ name = "alias/ph-ksmcmk-ec2"
+ target_key_arn = (known after apply)
+ target_key_id = (known after apply)
}
# module.cloudblock.aws_kms_alias.ph-kmscmk-s3-alias will be created
+ resource "aws_kms_alias" "ph-kmscmk-s3-alias" {
+ arn = (known after apply)
+ id = (known after apply)
+ name = "alias/ph-ksmcmk-s3"
+ target_key_arn = (known after apply)
+ target_key_id = (known after apply)
}
# module.cloudblock.aws_kms_alias.ph-kmscmk-ssm-alias will be created
+ resource "aws_kms_alias" "ph-kmscmk-ssm-alias" {
+ arn = (known after apply)
+ id = (known after apply)
+ name = "alias/ph-ksmcmk-ssm"
+ target_key_arn = (known after apply)
+ target_key_id = (known after apply)
}
# module.cloudblock.aws_kms_key.ph-kmscmk-ec2 will be created
+ resource "aws_kms_key" "ph-kmscmk-ec2" {
+ arn = (known after apply)
+ customer_master_key_spec = "SYMMETRIC_DEFAULT"
+ description = "Key for ph ec2/ebs"
+ enable_key_rotation = true
+ id = (known after apply)
+ is_enabled = true
+ key_id = (known after apply)
+ key_usage = "ENCRYPT_DECRYPT"
+ policy = (known after apply)
+ tags = {
+ "Name" = "ph-kmscmk-ec2"
}
+ tags_all = {
+ "Name" = "ph-kmscmk-ec2"
}
}
# module.cloudblock.aws_kms_key.ph-kmscmk-s3 will be created
+ resource "aws_kms_key" "ph-kmscmk-s3" {
+ arn = (known after apply)
+ customer_master_key_spec = "SYMMETRIC_DEFAULT"
+ description = "Key for ph s3"
+ enable_key_rotation = true
+ id = (known after apply)
+ is_enabled = true
+ key_id = (known after apply)
+ key_usage = "ENCRYPT_DECRYPT"
+ policy = (known after apply)
+ tags = {
+ "Name" = "ph-kmscmk-s3"
}
+ tags_all = {
+ "Name" = "ph-kmscmk-s3"
}
}
# module.cloudblock.aws_kms_key.ph-kmscmk-ssm will be created
+ resource "aws_kms_key" "ph-kmscmk-ssm" {
+ arn = (known after apply)
+ customer_master_key_spec = "SYMMETRIC_DEFAULT"
+ description = "Key for ph ssm"
+ enable_key_rotation = true
+ id = (known after apply)
+ is_enabled = true
+ key_id = (known after apply)
+ key_usage = "ENCRYPT_DECRYPT"
+ policy = (known after apply)
+ tags = {
+ "Name" = "ph-kmscmk-ssm"
}
+ tags_all = {
+ "Name" = "ph-kmscmk-ssm"
}
}
# module.cloudblock.aws_route_table.ph-pubrt will be created
+ resource "aws_route_table" "ph-pubrt" {
+ arn = (known after apply)
+ id = (known after apply)
+ owner_id = (known after apply)
+ propagating_vgws = (known after apply)
+ route = [
+ {
+ carrier_gateway_id = ""
+ cidr_block = "0.0.0.0/0"
+ destination_prefix_list_id = ""
+ egress_only_gateway_id = ""
+ gateway_id = (known after apply)
+ instance_id = ""
+ ipv6_cidr_block = ""
+ local_gateway_id = ""
+ nat_gateway_id = ""
+ network_interface_id = ""
+ transit_gateway_id = ""
+ vpc_endpoint_id = ""
+ vpc_peering_connection_id = ""
},
]
+ tags = {
+ "Name" = "ph-pubrt"
}
+ tags_all = {
+ "Name" = "ph-pubrt"
}
+ vpc_id = (known after apply)
}
# module.cloudblock.aws_route_table_association.rt-assoc-pubnet will be created
+ resource "aws_route_table_association" "rt-assoc-pubnet" {
+ id = (known after apply)
+ route_table_id = (known after apply)
+ subnet_id = (known after apply)
}
# module.cloudblock.aws_s3_bucket.ph-bucket will be created
+ resource "aws_s3_bucket" "ph-bucket" {
+ acceleration_status = (known after apply)
+ acl = "private"
+ arn = (known after apply)
+ bucket = (known after apply)
+ bucket_domain_name = (known after apply)
+ bucket_regional_domain_name = (known after apply)
+ force_destroy = true
+ hosted_zone_id = (known after apply)
+ id = (known after apply)
+ policy = (known after apply)
+ region = (known after apply)
+ request_payer = (known after apply)
+ tags_all = (known after apply)
+ website_domain = (known after apply)
+ website_endpoint = (known after apply)
+ server_side_encryption_configuration {
+ rule {
+ apply_server_side_encryption_by_default {
+ kms_master_key_id = (known after apply)
+ sse_algorithm = "aws:kms"
}
}
}
+ versioning {
+ enabled = true
+ mfa_delete = false
}
}
# module.cloudblock.aws_s3_bucket_public_access_block.ph-bucket-pubaccessblock will be created
+ resource "aws_s3_bucket_public_access_block" "ph-bucket-pubaccessblock" {
+ block_public_acls = true
+ block_public_policy = true
+ bucket = (known after apply)
+ id = (known after apply)
+ ignore_public_acls = true
+ restrict_public_buckets = true
}
# module.cloudblock.aws_security_group.ph-pubsg will be created
+ resource "aws_security_group" "ph-pubsg" {
+ arn = (known after apply)
+ description = "Security group for public traffic"
+ egress = (known after apply)
+ id = (known after apply)
+ ingress = (known after apply)
+ name = "ph-pubsg"
+ name_prefix = (known after apply)
+ owner_id = (known after apply)
+ revoke_rules_on_delete = false
+ tags = {
+ "Name" = "ph-pubsg"
}
+ tags_all = {
+ "Name" = "ph-pubsg"
}
+ vpc_id = (known after apply)
}
# module.cloudblock.aws_security_group_rule.ph-pubsg-mgmt-dnstcp-in[0] will be created
+ resource "aws_security_group_rule" "ph-pubsg-mgmt-dnstcp-in" {
+ cidr_blocks = [
+ "<removed>",
]
+ description = "IN FROM MGMT - DNS TCP"
+ from_port = 53
+ id = (known after apply)
+ protocol = "tcp"
+ security_group_id = (known after apply)
+ self = false
+ source_security_group_id = (known after apply)
+ to_port = 53
+ type = "ingress"
}
# module.cloudblock.aws_security_group_rule.ph-pubsg-mgmt-dnsudp-in[0] will be created
+ resource "aws_security_group_rule" "ph-pubsg-mgmt-dnsudp-in" {
+ cidr_blocks = [
+ "<removed>",
]
+ description = "IN FROM MGMT - DNS UDP"
+ from_port = 53
+ id = (known after apply)
+ protocol = "udp"
+ security_group_id = (known after apply)
+ self = false
+ source_security_group_id = (known after apply)
+ to_port = 53
+ type = "ingress"
}
# module.cloudblock.aws_security_group_rule.ph-pubsg-mgmt-https-in will be created
+ resource "aws_security_group_rule" "ph-pubsg-mgmt-https-in" {
+ cidr_blocks = [
+ "<removed>",
]
+ description = "IN FROM MGMT - HTTPS"
+ from_port = 443
+ id = (known after apply)
+ protocol = "tcp"
+ security_group_id = (known after apply)
+ self = false
+ source_security_group_id = (known after apply)
+ to_port = 443
+ type = "ingress"
}
# module.cloudblock.aws_security_group_rule.ph-pubsg-mgmt-ssh-in will be created
+ resource "aws_security_group_rule" "ph-pubsg-mgmt-ssh-in" {
+ cidr_blocks = [
+ "<removed>",
]
+ description = "IN FROM MGMT - SSH MGMT"
+ from_port = 22
+ id = (known after apply)
+ protocol = "tcp"
+ security_group_id = (known after apply)
+ self = false
+ source_security_group_id = (known after apply)
+ to_port = 22
+ type = "ingress"
}
# module.cloudblock.aws_security_group_rule.ph-pubsg-mgmt-wireguard-in will be created
+ resource "aws_security_group_rule" "ph-pubsg-mgmt-wireguard-in" {
+ cidr_blocks = [
+ "0.0.0.0/0",
]
+ description = "IN FROM WORLD - WIREGUARD"
+ from_port = 51820
+ id = (known after apply)
+ protocol = "udp"
+ security_group_id = (known after apply)
+ self = false
+ source_security_group_id = (known after apply)
+ to_port = 51820
+ type = "ingress"
}
# module.cloudblock.aws_security_group_rule.ph-pubsg-out-tcp will be created
+ resource "aws_security_group_rule" "ph-pubsg-out-tcp" {
+ cidr_blocks = [
+ "0.0.0.0/0",
]
+ description = "OUT TO WORLD - TCP"
+ from_port = 0
+ id = (known after apply)
+ protocol = "tcp"
+ security_group_id = (known after apply)
+ self = false
+ source_security_group_id = (known after apply)
+ to_port = 65535
+ type = "egress"
}
# module.cloudblock.aws_security_group_rule.ph-pubsg-out-udp will be created
+ resource "aws_security_group_rule" "ph-pubsg-out-udp" {
+ cidr_blocks = [
+ "0.0.0.0/0",
]
+ description = "OUT TO WORLD - UDP"
+ from_port = 0
+ id = (known after apply)
+ protocol = "udp"
+ security_group_id = (known after apply)
+ self = false
+ source_security_group_id = (known after apply)
+ to_port = 65535
+ type = "egress"
}
# module.cloudblock.aws_ssm_association.ph-ssm-assoc will be created
+ resource "aws_ssm_association" "ph-ssm-assoc" {
+ apply_only_at_cron_interval = false
+ association_id = (known after apply)
+ association_name = "cloudblock-ssm-assoc"
+ document_version = (known after apply)
+ id = (known after apply)
+ name = "cloudblock-ssm-doc"
+ parameters = (known after apply)
+ output_location {
+ s3_bucket_name = (known after apply)
+ s3_key_prefix = "ssm"
}
+ targets {
+ key = "tag:cloudblock"
+ values = [
+ "True",
]
}
}
# module.cloudblock.aws_ssm_document.ph-ssm-doc will be created
+ resource "aws_ssm_document" "ph-ssm-doc" {
+ arn = (known after apply)
+ content = jsonencode(
{
+ description = "Ansible Playbooks via SSM for Ubuntu 18.04 ARM, installs Ansible properly."
+ mainSteps = [
+ {
+ action = "aws:downloadContent"
+ inputs = {
+ SourceInfo = "{{ SourceInfo }}"
+ SourceType = "{{ SourceType }}"
}
+ name = "downloadContent"
},
+ {
+ action = "aws:runShellScript"
+ inputs = {
+ runCommand = [
+ "#!/bin/bash",
+ "# Ensure ansible is installed",
+ "apt-get update",
+ "DEBIAN_FRONTEND=noninteractive apt-get -y install python3-pip git",
+ "pip3 install --upgrade pip",
+ "pip3 install --upgrade ansible",
+ "echo \"Running Ansible in `pwd`\"",
+ "#this section locates files and unzips them",
+ "for zip in $(find -iname '*.zip'); do",
+ " unzip -o $zip",
+ "done",
+ "PlaybookFile=\"{{PlaybookFile}}\"",
+ "if [ ! -f \"${PlaybookFile}\" ] ; then",
+ " echo \"The specified Playbook file doesn't exist in the downloaded bundle. Please review the relative path and file name.\" >&2",
+ " exit 2",
+ "fi",
+ "ansible-playbook -i \"localhost,\" -c local -e \"{{ExtraVariables}}\" \"{{Verbose}}\" \"${PlaybookFile}\"",
]
}
+ name = "runShellScript"
},
]
+ parameters = {
+ ExtraVariables = {
+ allowedPattern = "^$|^\\w+\\=[^\\s|:();&]+(\\s\\w+\\=[^\\s|:();&]+)*$"
+ default = "SSM=True"
+ description = "(Optional) Additional variables to pass to Ansible at runtime. Enter key/value pairs separated by a space. For example: color=red flavor=cherry"
+ displayType = "textarea"
+ type = "String"
}
+ PlaybookFile = {
+ allowedPattern = "[(a-z_A-Z0-9\\-)/]+(.yml|.yaml)$"
+ default = "hello-world-playbook.yml"
+ description = "(Optional) The Playbook file to run (including relative path). If the main Playbook file is located in the ./automation directory, then specify automation/playbook.yml."
+ type = "String"
}
+ SourceInfo = {
+ default = {}
+ description = "Specify 'path'. Important: If you specify S3, then the IAM instance profile on your managed instances must be configured with read access to Amazon S3."
+ displayType = "textarea"
+ type = "StringMap"
}
+ SourceType = {
+ allowedValues = [
+ "GitHub",
+ "S3",
]
+ description = "(Optional) Specify the source type."
+ type = "String"
}
+ Verbose = {
+ allowedValues = [
+ "-v",
+ "-vv",
+ "-vvv",
+ "-vvvv",
]
+ default = "-v"
+ description = "(Optional) Set the verbosity level for logging Playbook executions. Specify -v for low verbosity, -vv or vvv for medium verbosity, and -vvvv for debug level."
+ type = "String"
}
}
+ schemaVersion = "2.2"
}
)
+ created_date = (known after apply)
+ default_version = (known after apply)
+ description = (known after apply)
+ document_format = "JSON"
+ document_type = "Command"
+ document_version = (known after apply)
+ hash = (known after apply)
+ hash_type = (known after apply)
+ id = (known after apply)
+ latest_version = (known after apply)
+ name = "cloudblock-ssm-doc"
+ owner = (known after apply)
+ parameter = (known after apply)
+ platform_types = (known after apply)
+ schema_version = (known after apply)
+ status = (known after apply)
+ tags_all = (known after apply)
}
# module.cloudblock.aws_ssm_parameter.ph-ssm-param-pass will be created
+ resource "aws_ssm_parameter" "ph-ssm-param-pass" {
+ arn = (known after apply)
+ data_type = (known after apply)
+ id = (known after apply)
+ key_id = (known after apply)
+ name = "cloudblock-pihole-web-password"
+ tags_all = (known after apply)
+ tier = "Standard"
+ type = "SecureString"
+ value = (sensitive value)
+ version = (known after apply)
}
# module.cloudblock.aws_subnet.ph-pubnet will be created
+ resource "aws_subnet" "ph-pubnet" {
+ arn = (known after apply)
+ assign_ipv6_address_on_creation = false
+ availability_zone = "us-east-1a"
+ availability_zone_id = (known after apply)
+ cidr_block = "10.10.12.0/26"
+ id = (known after apply)
+ ipv6_cidr_block_association_id = (known after apply)
+ map_public_ip_on_launch = false
+ owner_id = (known after apply)
+ tags = {
+ "Name" = "ph-pubnet"
}
+ tags_all = {
+ "Name" = "ph-pubnet"
}
+ vpc_id = (known after apply)
}
# module.cloudblock.aws_vpc.ph-vpc will be created
+ resource "aws_vpc" "ph-vpc" {
+ arn = (known after apply)
+ assign_generated_ipv6_cidr_block = false
+ cidr_block = "10.10.12.0/24"
+ default_network_acl_id = (known after apply)
+ default_route_table_id = (known after apply)
+ default_security_group_id = (known after apply)
+ dhcp_options_id = (known after apply)
+ enable_classiclink = (known after apply)
+ enable_classiclink_dns_support = (known after apply)
+ enable_dns_hostnames = true
+ enable_dns_support = true
+ id = (known after apply)
+ instance_tenancy = "default"
+ ipv6_association_id = (known after apply)
+ ipv6_cidr_block = (known after apply)
+ main_route_table_id = (known after apply)
+ owner_id = (known after apply)
+ tags = {
+ "Name" = "ph-vpc"
}
+ tags_all = {
+ "Name" = "ph-vpc"
}
}
# module.cloudblock.random_string.ph-random will be created
+ resource "random_string" "ph-random" {
+ id = (known after apply)
+ length = 5
+ lower = true
+ min_lower = 0
+ min_numeric = 0
+ min_special = 0
+ min_upper = 0
+ number = true
+ result = (known after apply)
+ special = false
+ upper = false
}
Plan: 36 to add, 0 to change, 0 to destroy.
from cloudblock.
chadgeary
commented on August 19, 2024
Well, that is odd! I've just booted up my mac (VM, x86_64, catalina) and I have:
Plan: 51 to add, 0 to change, 0 to destroy
including:
# aws_s3_bucket_object.ph-files["README.md"] will be created
# aws_s3_bucket_object.ph-files["cloudblock_amd64.yml"] will be created
# aws_s3_bucket_object.ph-files["cloudblock_arm64.yml"] will be created
# aws_s3_bucket_object.ph-files["cloudblock_aws_amd64.yml"] will be created
# aws_s3_bucket_object.ph-files["cloudblock_aws_arm.yml"] will be created
# aws_s3_bucket_object.ph-files["cloudblock_azure.yml"] will be created
# aws_s3_bucket_object.ph-files["cloudblock_do.yml"] will be created
# aws_s3_bucket_object.ph-files["cloudblock_do_bootstrap.yml"] will be created
# aws_s3_bucket_object.ph-files["cloudblock_gcp.yml"] will be created
# aws_s3_bucket_object.ph-files["cloudblock_oci.yml"] will be created
# aws_s3_bucket_object.ph-files["cloudblock_oci_no_encryption.yml"] will be created
# aws_s3_bucket_object.ph-files["cloudblock_raspbian.yml"] will be created
# aws_s3_bucket_object.ph-files["cloudblock_scw.yml"] will be created
# aws_s3_bucket_object.ph-files["httpd-ssl.conf"] will be created
# aws_s3_bucket_object.ph-files["httpd.conf"] will be created
with terraform:
terraform version
Terraform v1.0.1
on darwin_amd64
+ provider registry.terraform.io/hashicorp/aws v3.47.0
+ provider registry.terraform.io/hashicorp/random v3.1.0
from cloudblock.
chadgeary
commented on August 19, 2024
With all of the above said, if you have not already - I suggest performing terraform destroy -var-file=aws.tfvars, grabbing a copy of your aws.tfvars file, then wiping the git folder and re-cloning. Replace the cloned aws.tfvars re-run terraform plan -var-file=aws.tfvars checking for 51 resources to add.
from cloudblock.
chadgeary
commented on August 19, 2024
Have you had any luck? I've been unable to reproduce this problem.
from cloudblock.
chadgeary
commented on August 19, 2024
Closing, unable to replicate and gone stale.
from cloudblock.
Related Issues (20)
- Ubuntu 22 Support HOT 2
- apt-key deprecated, ansible fails installing docker
- Exponential (GCP) CloudStorage growth HOT 1
- AMD Architecture?
- The bucket does not allow ACLs
- Azure pb is failing to get ph_password from Vault HOT 2
- Create a dictionary file for DOH_PROVIDER HOT 1
- Another issue with Get ph_password from Azure Vault Secret - The error was: KeyError: 'credential' HOT 11
- azurerm_key_vault_access_policy Error on new pull HOT 3
- New/Same Issue with Azure Deployment HOT 5
- AttributeError: module 'lib' has no attribute 'X509_V_FLAG_CB_ISSUER_CHECK' | Azure HOT 8
- Site-to-Site Wireguard? HOT 1
- Lots of key_permissions errors on fresh clone - Azure HOT 2
- Upgrade to Python 3.8 HOT 1
- Support for DoT / DoH directly with Android 9+ HOT 2
- systemd-resolve --status no longer exists in Ubuntu 22.04, replace w/ resolvectl HOT 2
- Question on DNS HOT 1
- Error running ansible in Ubuntu linux container (LXC) in proxmox HOT 1
- Errors in Azure deployment HOT 1
- DigitalOcean: Error creating SSH key HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from cloudblock.