Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Issue with public S3 bucket HTTPS source #3139

Closed
marcocaberletti opened this issue May 16, 2024 · 2 comments · Fixed by #3146
Closed

Issue with public S3 bucket HTTPS source #3139

marcocaberletti opened this issue May 16, 2024 · 2 comments · Fixed by #3146
Assignees
@levkohimins
Labels
bug Something isn't working

Comments

@marcocaberletti
Copy link

Describe the bug

I'm using a module from 3rd party vendor. The source is a public S3 bucket, used as a HTTP repository.
The module is public: testing with curl and wget I can download it without credentials.
But using Terragrunt, I see the URL is resolved using the s3::https protocol, so it's failing asking for the credentials.

Steps To Reproduce

Here the code

terraform {
  source = "https://s3-us-east-2.amazonaws.com/wizio-public/deployment-v2/aws/wiz-aws-cloud-events-terraform-module.zip"
}

inputs = {
  integration_type      = <redacted_value>
  cloudtrail_bucket_arn = <redacted_value>
  cloudtrail_kms_arn    = <redacted_value>
  wiz_access_role_arn   = <redacted_value>
}

When running the plan I get:

INFO[0000] Downloading Terraform configurations from s3::https://s3-us-east-2.amazonaws.com/wizio-public/deployment-v2/aws/wiz-aws-cloud-events-terraform-module.zip into /Users/marco/.terragrunt-cache/bj1DtPSzfD2L7xtoscLsClD9TJ4/J5rSBBFtvLMrstC7CVu_4ibhzvo
ERRO[0005] downloading source url s3::https://s3-us-east-2.amazonaws.com/wizio-public/deployment-v2/aws/wiz-aws-cloud-events-terraform-module.zip
1 error occurred:
	* NoCredentialProviders: no valid providers in chain
caused by: EnvAccessKeyNotFound: AWS_ACCESS_KEY_ID or AWS_ACCESS_KEY not found in environment
SharedCredsAccessKey: shared credentials ... in /Users/marco/.aws/credentials did not contain aws_access_key_id
EC2RoleRequestError: no EC2 instance role found
caused by: RequestError: send request failed

As you can see, Terragrunt downloads the module using s3::https protocol.

Expected behavior

I'm expecting that Terragrunt download the module using the HTTPS protocol, instead of "redirecting" to s3::https protocol.

Versions

  • Terragrunt version: 0.58.3
  • Terraform version: 1.5.7
  • Environment details: laptop OSX darwin_arm64

Additional context

To apply the changes in AWS, i'm using the AWS SSO and the CLI profile, so I don't have neither the AWS_ACCESS_KEY_ID/AWS_ACCESS_KEY exported, nor the credentials file in ~/.aws/credentials
@marcocaberletti marcocaberletti added the bug Something isn't working label May 16, 2024
@levkohimins levkohimins self-assigned this May 20, 2024
@levkohimins levkohimins mentioned this issue May 20, 2024
Merged
4 tasks
@levkohimins
Copy link
Contributor

Resolved in v0.58.8 release.

@marcocaberletti
Copy link
Author

marcocaberletti commented May 21, 2024
edited

Confirmed that upgrading to v0.58.8 it works.
Thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@levkohimins levkohimins

Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Fixed S3 bucket URL modifying gruntwork-io/terragrunt
2 participants
@marcocaberletti @levkohimins