Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Is account_customizations_name mandatory now? #496

Open
PeterBengtson opened this issue Sep 19, 2024 · 0 comments
Open

Is account_customizations_name mandatory now? #496

PeterBengtson opened this issue Sep 19, 2024 · 0 comments
Labels
bug Something isn't working pending investigation Issue needs further investigation

Comments

@PeterBengtson
Copy link

Terraform Version & Prov:
oss 1.9.6

AFT Version:
1.13.1

Terraform Version & Provider Versions
Please provide the outputs of terraform version and terraform providers from within your AFT environment

terraform version

{Terraform v1.9.6
on darwin_amd64

terraform providers

{Providers required by configuration:
.
└── module.aft
    ├── provider[registry.terraform.io/hashicorp/aws] >= 5.11.0, < 6.0.0
    ├── provider[registry.terraform.io/hashicorp/local]
    ├── module.aft_backend
    │   └── provider[registry.terraform.io/hashicorp/aws] >= 4.27.0
    ├── module.aft_iam_roles
    │   ├── provider[registry.terraform.io/hashicorp/aws] >= 4.27.0
    │   ├── module.aft_exec_role
    │       └── provider[registry.terraform.io/hashicorp/aws] >= 5.11.0, < 6.0.0
    │   ├── module.aft_service_role
    │       └── provider[registry.terraform.io/hashicorp/aws] >= 5.11.0, < 6.0.0
    │   ├── module.audit_exec_role
    │       └── provider[registry.terraform.io/hashicorp/aws] >= 5.11.0, < 6.0.0
    │   ├── module.audit_service_role
    │       └── provider[registry.terraform.io/hashicorp/aws] >= 5.11.0, < 6.0.0
    │   ├── module.ct_management_exec_role
    │       └── provider[registry.terraform.io/hashicorp/aws] >= 5.11.0, < 6.0.0
    │   ├── module.ct_management_service_role
    │       └── provider[registry.terraform.io/hashicorp/aws] >= 5.11.0, < 6.0.0
    │   ├── module.log_archive_exec_role
    │       └── provider[registry.terraform.io/hashicorp/aws] >= 5.11.0, < 6.0.0
    │   └── module.log_archive_service_role
    │       └── provider[registry.terraform.io/hashicorp/aws] >= 5.11.0, < 6.0.0
    ├── module.aft_account_request_framework
    │   ├── provider[registry.terraform.io/hashicorp/time]
    │   └── provider[registry.terraform.io/hashicorp/aws] >= 4.9.0
    ├── module.aft_customizations
    │   ├── provider[registry.terraform.io/hashicorp/time]
    │   ├── provider[registry.terraform.io/hashicorp/local]
    │   └── provider[registry.terraform.io/hashicorp/aws] >= 5.11.0, < 6.0.0
    ├── module.aft_code_repositories
    │   ├── provider[registry.terraform.io/hashicorp/aws] >= 5.11.0, < 6.0.0
    │   ├── provider[registry.terraform.io/hashicorp/time]
    │   └── provider[registry.terraform.io/hashicorp/local]
    ├── module.aft_feature_options
    │   └── provider[registry.terraform.io/hashicorp/aws] >= 4.27.0
    ├── module.aft_ssm_parameters
    │   ├── provider[registry.terraform.io/hashicorp/aws] >= 5.11.0, < 6.0.0
    │   └── provider[registry.terraform.io/hashicorp/random]
    ├── module.aft_lambda_layer
    │   ├── provider[registry.terraform.io/hashicorp/aws] >= 5.11.0, < 6.0.0
    │   ├── provider[registry.terraform.io/hashicorp/random]
    │   └── provider[registry.terraform.io/hashicorp/local]
    ├── module.packaging
    │   └── provider[registry.terraform.io/hashicorp/archive]
    └── module.aft_account_provisioning_framework
        └── provider[registry.terraform.io/hashicorp/aws] >= 5.11.0, < 6.0.0

Providers required by state:

    provider[registry.terraform.io/hashicorp/aws]

    provider[registry.terraform.io/hashicorp/archive]

    provider[registry.terraform.io/hashicorp/local]

    provider[registry.terraform.io/hashicorp/random]

    provider[registry.terraform.io/hashicorp/time]}

Bug Description
The AWS documentation says that account_customizations_name is optional, and so it has been every time I've deployed AFT for a client, but now leaving it out yields an error message.

To Reproduce
Steps to reproduce the behavior:

  1. Submit an account provisioning request not containing account_customizations_name

Expected behavior
I expect an account to be created or updated.

Related Logs
This is the log from ct-aft-account-request, step terraform-apply:

[Container] 2024/09/19 11:41:10.336878 Phase complete: PRE_BUILD State: SUCCEEDED
343 | [Container] 2024/09/19 11:41:10.336901 Phase context status code:  Message:
344 | [Container] 2024/09/19 11:41:10.389621 Entering phase BUILD
345 | [Container] 2024/09/19 11:41:10.390509 Running command if [ $TF_DISTRIBUTION = "oss" ]; then
346 | terraform apply -no-color --auto-approve
347 | fi
348 |  
349 |  
350 | Error: Invalid format of "item": unexpected raw attribute type (<nil>) for data type descriptor: S
351 |  
352 | with module.Security-Adm.aws_dynamodb_table_item.account-request,
353 | on modules/aft-account-request/ddb.tf line 5, in resource "aws_dynamodb_table_item" "account-request":
354 | 5:   item = jsonencode({
355 | 6:     id = { S = lookup(var.control_tower_parameters, "AccountEmail") }
356 | 7:     control_tower_parameters = { M = {
357 | 8:       AccountEmail              = { S = lookup(var.control_tower_parameters, "AccountEmail") }
358 | 9:       AccountName               = { S = lookup(var.control_tower_parameters, "AccountName") }
359 | 10:       ManagedOrganizationalUnit = { S = lookup(var.control_tower_parameters, "ManagedOrganizationalUnit") }
360 | 11:       SSOUserEmail              = { S = lookup(var.control_tower_parameters, "SSOUserEmail") }
361 | 12:       SSOUserFirstName          = { S = lookup(var.control_tower_parameters, "SSOUserFirstName") }
362 | 13:       SSOUserLastName           = { S = lookup(var.control_tower_parameters, "SSOUserLastName") }
363 | 14:       }
364 | 15:     }
365 | 16:     change_management_parameters = { M = {
366 | 17:       change_reason       = { S = lookup(var.change_management_parameters, "change_reason") }
367 | 18:       change_requested_by = { S = lookup(var.change_management_parameters, "change_requested_by") }
368 | 19:       }
369 | 20:     }
370 | 21:     account_tags                = { S = jsonencode(var.account_tags) }
371 | 22:     account_customizations_name = { S = var.account_customizations_name }
372 | 23:     custom_fields               = { S = jsonencode(var.custom_fields) }
373 | 24:   })
374 |  
375 |  
376 | [Container] 2024/09/19 11:41:14.312700 Command did not exit successfully if [ $TF_DISTRIBUTION = "oss" ]; then
377 | terraform apply -no-color --auto-approve
378 | fi
379 | exit status 1
380 | [Container] 2024/09/19 11:41:14.318628 Phase complete: BUILD State: FAILED
381

Additional context
Line 350 above refers to account_customizations_name. Unless it is provided, the pipeline step fails.
@PeterBengtson PeterBengtson added bug Something isn't working pending investigation Issue needs further investigation labels Sep 19, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working pending investigation Issue needs further investigation
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@PeterBengtson