API tools faq
paste
Guest User

Untitled

a guest
Nov 26th, 2018
133
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 27.72 KB | None | 0 0
raw download clone embed print report
  1. $ terraform apply
  2. data.aws_ami.dba-ami: Refreshing state...
  3. data.aws_iam_policy_document.monitoring_rds_assume_role: Refreshing state...
  4.  
  5. An execution plan has been generated and is shown below.
  6. Resource actions are indicated with the following symbols:
  7. + create
  8.  
  9. Terraform will perform the following actions:
  10.  
  11. + module.aurora.aws_rds_cluster.this
  12. id: <computed>
  13. apply_immediately: "true"
  14. arn: <computed>
  15. backup_retention_period: "7"
  16. cluster_identifier: "aurora-dba"
  17. cluster_identifier_prefix: <computed>
  18. cluster_members.#: <computed>
  19. cluster_resource_id: <computed>
  20. database_name: <computed>
  21. db_cluster_parameter_group_name: <computed>
  22. db_subnet_group_name: "us-west-2-private"
  23. endpoint: <computed>
  24. engine: "aurora-postgresql"
  25. engine_mode: "provisioned"
  26. engine_version: "9.6.3"
  27. final_snapshot_identifier: "${var.final_snapshot_identifier_prefix}-${var.name}-${random_id.snapshot_identifier.hex}"
  28. hosted_zone_id: <computed>
  29. iam_database_authentication_enabled: "true"
  30. kms_key_id: <computed>
  31. master_password: <sensitive>
  32. master_username: "zdba"
  33. port: "5432"
  34. preferred_backup_window: "02:00-03:00"
  35. preferred_maintenance_window: "sun:05:00-sun:06:00"
  36. reader_endpoint: <computed>
  37. skip_final_snapshot: "true"
  38. storage_encrypted: "true"
  39. vpc_security_group_ids.#: <computed>
  40.  
  41. + module.aurora.aws_rds_cluster_instance.this
  42. id: <computed>
  43. apply_immediately: "true"
  44. arn: <computed>
  45. auto_minor_version_upgrade: "true"
  46. availability_zone: <computed>
  47. cluster_identifier: "${aws_rds_cluster.this.id}"
  48. db_parameter_group_name: <computed>
  49. db_subnet_group_name: "us-west-2-private"
  50. dbi_resource_id: <computed>
  51. endpoint: <computed>
  52. engine: "aurora-postgresql"
  53. engine_version: "9.6.3"
  54. identifier: "aurora-dba-1"
  55. identifier_prefix: <computed>
  56. instance_class: "db.r4.large"
  57. kms_key_id: <computed>
  58. monitoring_interval: "0"
  59. monitoring_role_arn: <computed>
  60. performance_insights_enabled: "false"
  61. performance_insights_kms_key_id: <computed>
  62. port: <computed>
  63. preferred_backup_window: <computed>
  64. preferred_maintenance_window: "sun:05:00-sun:06:00"
  65. promotion_tier: "1"
  66. publicly_accessible: "false"
  67. storage_encrypted: <computed>
  68. writer: <computed>
  69.  
  70. + module.aurora.random_id.snapshot_identifier
  71. id: <computed>
  72. b64: <computed>
  73. b64_std: <computed>
  74. b64_url: <computed>
  75. byte_length: "4"
  76. dec: <computed>
  77. hex: <computed>
  78. keepers.%: "1"
  79. keepers.id: "aurora-dba"
  80.  
  81. + module.service.aws_iam_access_key.zdba_key
  82. id: <computed>
  83. encrypted_secret: <computed>
  84. key_fingerprint: <computed>
  85. secret: <computed>
  86. ses_smtp_password: <computed>
  87. status: <computed>
  88. user: "app-zdba"
  89.  
  90. + module.service.aws_iam_instance_profile.service-ec2-role
  91. id: <computed>
  92. arn: <computed>
  93. create_date: <computed>
  94. name: "service-ec2-role"
  95. path: "/"
  96. role: "service-ec2-dba-role"
  97. roles.#: <computed>
  98. unique_id: <computed>
  99.  
  100. + module.service.aws_iam_role.service-ec2-dba-role
  101. id: <computed>
  102. arn: <computed>
  103. assume_role_policy: "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": \"sts:AssumeRole\",\n \"Principal\": {\n \"Service\": \"ec2.amazonaws.com\"\n },\n \"Effect\": \"Allow\",\n \"Sid\": \"\"\n }\n ]\n}\n"
  104. create_date: <computed>
  105. force_detach_policies: "true"
  106. max_session_duration: "3600"
  107. name: "service-ec2-dba-role"
  108. path: "/"
  109. unique_id: <computed>
  110.  
  111. + module.service.aws_iam_role_policy_attachment.ec2-dba-role-login-attach
  112. id: <computed>
  113. policy_arn: "arn:aws:iam::111111111111:policy/_database_access"
  114. role: "service-ec2-dba-role"
  115.  
  116. + module.service.aws_iam_user.zdba
  117. id: <computed>
  118. arn: <computed>
  119. force_destroy: "false"
  120. name: "app-zdba"
  121. path: "/"
  122. unique_id: <computed>
  123.  
  124. + module.service.aws_iam_user_policy_attachment.zdba_policy_attach
  125. id: <computed>
  126. policy_arn: "arn:aws:iam::11111111111:policy/_database_access"
  127. user: "app-zdba"
  128.  
  129. + module.service.aws_instance.dba-admin
  130. id: <computed>
  131. ami: "ami-0c1f840a7e42b73f9"
  132. arn: <computed>
  133. associate_public_ip_address: <computed>
  134. availability_zone: <computed>
  135. cpu_core_count: <computed>
  136. cpu_threads_per_core: <computed>
  137. ebs_block_device.#: <computed>
  138. ephemeral_block_device.#: <computed>
  139. get_password_data: "false"
  140. iam_instance_profile: "service-ec2-role"
  141. instance_state: <computed>
  142. instance_type: "t2.micro"
  143. ipv6_address_count: <computed>
  144. ipv6_addresses.#: <computed>
  145. key_name: "ianhar-sandbox"
  146. network_interface.#: <computed>
  147. network_interface_id: <computed>
  148. password_data: <computed>
  149. placement_group: <computed>
  150. primary_network_interface_id: <computed>
  151. private_dns: <computed>
  152. private_ip: <computed>
  153. public_dns: <computed>
  154. public_ip: <computed>
  155. root_block_device.#: <computed>
  156. security_groups.#: <computed>
  157. source_dest_check: "true"
  158. subnet_id: "subnet-11111111"
  159. tags.%: "6"
  160. tags.Description: "Database administration tools"
  161. tags.Environment: "sandbox"
  162. tags.Name: "DBA Admin"
  163. tags.Owner: "zdba@asdf.com"
  164. tags.Service: "zdba"
  165. tags.Team: "zdba"
  166. tenancy: <computed>
  167. volume_tags.%: <computed>
  168. vpc_security_group_ids.#: "2"
  169. vpc_security_group_ids.2023015885: "sg-11111111"
  170. vpc_security_group_ids.4069303782: "sg-11111111"
  171.  
  172. + module.service.aws_s3_bucket.db-backups
  173. id: <computed>
  174. acceleration_status: <computed>
  175. acl: "private"
  176. arn: <computed>
  177. bucket: "db-backups-sandbox"
  178. bucket_domain_name: <computed>
  179. bucket_regional_domain_name: <computed>
  180. force_destroy: "true"
  181. hosted_zone_id: <computed>
  182. lifecycle_rule.#: "1"
  183. lifecycle_rule.0.enabled: "true"
  184. lifecycle_rule.0.expiration.#: "1"
  185. lifecycle_rule.0.expiration.3023609085.date: ""
  186. lifecycle_rule.0.expiration.3023609085.days: "7"
  187. lifecycle_rule.0.expiration.3023609085.expired_object_delete_marker: ""
  188. lifecycle_rule.0.id: "backup"
  189. lifecycle_rule.0.prefix: "daily/"
  190. lifecycle_rule.0.tags.%: "2"
  191. lifecycle_rule.0.tags.autoclean: "true"
  192. lifecycle_rule.0.tags.rule: "daily"
  193. region: <computed>
  194. request_payer: <computed>
  195. tags.%: "6"
  196. tags.Description: "Database administration tools"
  197. tags.Environment: "sandbox"
  198. tags.Name: "DB Backups"
  199. tags.Owner: "zdba@asdf.com"
  200. tags.Service: "zdba"
  201. tags.Team: "zdba"
  202. versioning.#: <computed>
  203. website_domain: <computed>
  204. website_endpoint: <computed>
  205.  
  206. + module.service.aws_s3_bucket_policy.db-backups-policy
  207. id: <computed>
  208. bucket: "${aws_s3_bucket.db-backups.id}"
  209. policy: "{\n \"Version\": \"2012-10-17\",\n \"Id\": \"DBBACKUPBUCKETPOLICY\",\n \"Statement\": [\n {\n \"Sid\": \"DBAAllow\",\n \"Effect\": \"Allow\",\n \"Principal\": {\"AWS\": \"${aws_iam_user.zdba.arn}\"},\n \"Action\": \"s3:*\",\n \"Resource\": \"${aws_s3_bucket.db-backups.arn}/*\"\n } \n ]\n}\n"
  210.  
  211.  
  212. Plan: 12 to add, 0 to change, 0 to destroy.
  213.  
  214. Do you want to perform these actions?
  215. Terraform will perform the actions described above.
  216. Only 'yes' will be accepted to approve.
  217.  
  218. Enter a value: yes
  219.  
  220. module.aurora.random_id.snapshot_identifier: Creating...
  221. b64: "" => "<computed>"
  222. b64_std: "" => "<computed>"
  223. b64_url: "" => "<computed>"
  224. byte_length: "" => "4"
  225. dec: "" => "<computed>"
  226. hex: "" => "<computed>"
  227. keepers.%: "" => "1"
  228. keepers.id: "" => "aurora-dba"
  229. module.aurora.random_id.snapshot_identifier: Creation complete after 0s (ID: JxeJqw)
  230. module.service.aws_iam_role.service-ec2-dba-role: Creating...
  231. arn: "" => "<computed>"
  232. assume_role_policy: "" => "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": \"sts:AssumeRole\",\n \"Principal\": {\n \"Service\": \"ec2.amazonaws.com\"\n },\n \"Effect\": \"Allow\",\n \"Sid\": \"\"\n }\n ]\n}\n"
  233. create_date: "" => "<computed>"
  234. force_detach_policies: "" => "true"
  235. max_session_duration: "" => "3600"
  236. name: "" => "service-ec2-dba-role"
  237. path: "" => "/"
  238. unique_id: "" => "<computed>"
  239. module.service.aws_iam_user.zdba: Creating...
  240. arn: "" => "<computed>"
  241. force_destroy: "" => "false"
  242. name: "" => "app-zdba"
  243. path: "" => "/"
  244. unique_id: "" => "<computed>"
  245. module.service.aws_s3_bucket.db-backups: Creating...
  246. acceleration_status: "" => "<computed>"
  247. acl: "" => "private"
  248. arn: "" => "<computed>"
  249. bucket: "" => "db-backups-sandbox"
  250. bucket_domain_name: "" => "<computed>"
  251. bucket_regional_domain_name: "" => "<computed>"
  252. force_destroy: "" => "true"
  253. hosted_zone_id: "" => "<computed>"
  254. lifecycle_rule.#: "" => "1"
  255. lifecycle_rule.0.enabled: "" => "true"
  256. lifecycle_rule.0.expiration.#: "" => "1"
  257. lifecycle_rule.0.expiration.3023609085.date: "" => ""
  258. lifecycle_rule.0.expiration.3023609085.days: "" => "7"
  259. lifecycle_rule.0.expiration.3023609085.expired_object_delete_marker: "" => ""
  260. lifecycle_rule.0.id: "" => "backup"
  261. lifecycle_rule.0.prefix: "" => "daily/"
  262. lifecycle_rule.0.tags.%: "" => "2"
  263. lifecycle_rule.0.tags.autoclean: "" => "true"
  264. lifecycle_rule.0.tags.rule: "" => "daily"
  265. region: "" => "<computed>"
  266. request_payer: "" => "<computed>"
  267. tags.%: "" => "6"
  268. tags.Description: "" => "Database administration tools"
  269. tags.Environment: "" => "sandbox"
  270. tags.Name: "" => "DB Backups"
  271. tags.Owner: "" => "zdba@asdf.com"
  272. tags.Service: "" => "zdba"
  273. tags.Team: "" => "zdba"
  274. versioning.#: "" => "<computed>"
  275. website_domain: "" => "<computed>"
  276. website_endpoint: "" => "<computed>"
  277. module.aurora.aws_rds_cluster.this: Creating...
  278. apply_immediately: "" => "true"
  279. arn: "" => "<computed>"
  280. backup_retention_period: "" => "7"
  281. cluster_identifier: "" => "aurora-dba"
  282. cluster_identifier_prefix: "" => "<computed>"
  283. cluster_members.#: "" => "<computed>"
  284. cluster_resource_id: "" => "<computed>"
  285. database_name: "" => "<computed>"
  286. db_cluster_parameter_group_name: "" => "<computed>"
  287. db_subnet_group_name: "" => "us-west-2-private"
  288. endpoint: "" => "<computed>"
  289. engine: "" => "aurora-postgresql"
  290. engine_mode: "" => "provisioned"
  291. engine_version: "" => "9.6.3"
  292. final_snapshot_identifier: "" => "final-aurora-dba-1111111"
  293. hosted_zone_id: "" => "<computed>"
  294. iam_database_authentication_enabled: "" => "true"
  295. kms_key_id: "" => "<computed>"
  296. master_password: "<sensitive>" => "<sensitive>"
  297. master_username: "" => "zdba"
  298. port: "" => "5432"
  299. preferred_backup_window: "" => "02:00-03:00"
  300. preferred_maintenance_window: "" => "sun:05:00-sun:06:00"
  301. reader_endpoint: "" => "<computed>"
  302. skip_final_snapshot: "" => "true"
  303. storage_encrypted: "" => "true"
  304. vpc_security_group_ids.#: "" => "<computed>"
  305. module.service.aws_iam_role.service-ec2-dba-role: Creation complete after 1s (ID: service-ec2-dba-role)
  306. module.service.aws_iam_role_policy_attachment.ec2-dba-role-login-attach: Creating...
  307. policy_arn: "" => "arn:aws:iam::11111111111:policy/_database_access"
  308. role: "" => "service-ec2-dba-role"
  309. module.service.aws_iam_instance_profile.service-ec2-role: Creating...
  310. arn: "" => "<computed>"
  311. create_date: "" => "<computed>"
  312. name: "" => "service-ec2-role"
  313. path: "" => "/"
  314. role: "" => "service-ec2-dba-role"
  315. roles.#: "" => "<computed>"
  316. unique_id: "" => "<computed>"
  317. module.service.aws_iam_user.zdba: Creation complete after 1s (ID: app-zdba)
  318. module.service.aws_iam_access_key.zdba_key: Creating...
  319. encrypted_secret: "" => "<computed>"
  320. key_fingerprint: "" => "<computed>"
  321. secret: "" => "<computed>"
  322. ses_smtp_password: "" => "<computed>"
  323. status: "" => "<computed>"
  324. user: "" => "app-zdba"
  325. module.service.aws_iam_user_policy_attachment.zdba_policy_attach: Creating...
  326. policy_arn: "" => "arn:aws:iam::1111111111:policy/_database_access"
  327. user: "" => "app-zdba"
  328. module.service.aws_iam_access_key.zdba_key: Creation complete after 1s (ID: AKIAIAHUDSWPW4PVOYVA)
  329. module.service.aws_iam_role_policy_attachment.ec2-dba-role-login-attach: Creation complete after 2s (ID: service-ec2-dba-role-20181126174544930000000002)
  330. module.service.aws_iam_user_policy_attachment.zdba_policy_attach: Creation complete after 2s (ID: app-zdba-20181126174544865400000001)
  331. module.service.aws_iam_instance_profile.service-ec2-role: Creation complete after 2s (ID: service-ec2-role)
  332. module.service.aws_instance.dba-admin: Creating...
  333. ami: "" => "ami-11111111111111"
  334. arn: "" => "<computed>"
  335. associate_public_ip_address: "" => "<computed>"
  336. availability_zone: "" => "<computed>"
  337. cpu_core_count: "" => "<computed>"
  338. cpu_threads_per_core: "" => "<computed>"
  339. ebs_block_device.#: "" => "<computed>"
  340. ephemeral_block_device.#: "" => "<computed>"
  341. get_password_data: "" => "false"
  342. iam_instance_profile: "" => "service-ec2-role"
  343. instance_state: "" => "<computed>"
  344. instance_type: "" => "t2.micro"
  345. ipv6_address_count: "" => "<computed>"
  346. ipv6_addresses.#: "" => "<computed>"
  347. key_name: "" => "ianhar-sandbox"
  348. network_interface.#: "" => "<computed>"
  349. network_interface_id: "" => "<computed>"
  350. password_data: "" => "<computed>"
  351. placement_group: "" => "<computed>"
  352. primary_network_interface_id: "" => "<computed>"
  353. private_dns: "" => "<computed>"
  354. private_ip: "" => "<computed>"
  355. public_dns: "" => "<computed>"
  356. public_ip: "" => "<computed>"
  357. root_block_device.#: "" => "<computed>"
  358. security_groups.#: "" => "<computed>"
  359. source_dest_check: "" => "true"
  360. subnet_id: "" => "subnet-1111111"
  361. tags.%: "" => "6"
  362. tags.Description: "" => "Database administration tools"
  363. tags.Environment: "" => "sandbox"
  364. tags.Name: "" => "DBA Admin"
  365. tags.Owner: "" => "zdba@asdf.com"
  366. tags.Service: "" => "zdba"
  367. tags.Team: "" => "zdba"
  368. tenancy: "" => "<computed>"
  369. volume_tags.%: "" => "<computed>"
  370. vpc_security_group_ids.#: "" => "2"
  371. vpc_security_group_ids.2023015885: "" => "sg-1111111"
  372. vpc_security_group_ids.4069303782: "" => "sg-1111111"
  373. module.service.aws_s3_bucket.db-backups: Creation complete after 4s (ID: db-backups-zillow-sandbox)
  374. module.service.aws_s3_bucket_policy.db-backups-policy: Creating...
  375. bucket: "" => "db-backups-zillow-sandbox"
  376. policy: "" => "{\n \"Version\": \"2012-10-17\",\n \"Id\": \"DBBACKUPBUCKETPOLICY\",\n \"Statement\": [\n {\n \"Sid\": \"DBAAllow\",\n \"Effect\": \"Allow\",\n \"Principal\": {\"AWS\": \"arn:aws:iam::135340994361:user/app-zdba\"},\n \"Action\": \"s3:*\",\n \"Resource\": \"arn:aws:s3:::db-backups-zillow-sandbox/*\"\n } \n ]\n}\n"
  377. module.service.aws_instance.dba-admin: Still creating... (10s elapsed)
  378. module.service.aws_s3_bucket_policy.db-backups-policy: Creation complete after 9s (ID: db-backups-zillow-sandbox)
  379. module.service.aws_instance.dba-admin: Still creating... (20s elapsed)
  380. module.service.aws_instance.dba-admin: Still creating... (30s elapsed)
  381. module.service.aws_instance.dba-admin: Still creating... (40s elapsed)
  382. module.service.aws_instance.dba-admin: Creation complete after 41s (ID: i-0013d0958b8f3b325)
  383.  
  384. Error: Error applying plan:
  385.  
  386. 1 error(s) occurred:
  387.  
  388. * module.aurora.aws_rds_cluster.this: 1 error(s) occurred:
  389.  
  390. * aws_rds_cluster.this: error creating RDS cluster: InvalidParameterCombination: IAM Database Authentication is not supported for this configuration.
  391. status code: 400, request id: c0760769-5887-45c8-bbd0-c0ebfe6afaf5
  392.  
  393. Terraform does not automatically rollback in the face of errors.
  394. Instead, your Terraform state file has been partially updated with
  395. any resources that successfully completed. Please address the error
  396. above and apply again to incrementally change your infrastructure.
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!