AWS re:Post을(를) 사용하면 다음에 동의하게 됩니다. AWS re:Post 이용 약관
AWS re:Postre:Post

Racing condition of IAM role creation and AWS resources

0

Customer who is using Terraform, encountered issues with racing condition of IAM role and AWS Resources creation.

For example, in their TF creation of a Step Function and IAM role, the Step Function failed due to missing IAM role dependencies.

I don't recall encounter similar issue in Cloudformation. can I ask if Cloudformation has internal dependencies check on such eventual consistency such as IAM role prior to other resources creation, and that is missing in Terraform?

Also, they have raised a ticket to Terraform (https://github.com/terraform-providers/terraform-provider-aws/issues/7893), is there any stop gap? One option I can think of is to pre-create the IAM role prior to the AWS resources.

주제
보안, 신원 및 규정 준수관리 및 거버넌스
태그
AWS 자격 증명 및 액세스 관리AWS CloudFormation
언어
English
AWS-User-6849600
질문됨 5년 전499회 조회
1개 답변
0
수락된 답변

You'll need to await Terraform maintainers to comment on the bug that has been raised but in essence, CFN checks for resources to be 'stable' before continuing onto dependent items. It's happened before too - see https://github.com/terraform-providers/terraform-provider-aws/issues/838 for example.

This is a great opportunity to talk about the advantages of CFN.

AWS-User-8827288
답변함 5년 전

로그인하지 않았습니다. 로그인해야 답변을 게시할 수 있습니다.

좋은 답변은 질문에 명확하게 답하고 건설적인 피드백을 제공하며 질문자의 전문적인 성장을 장려합니다.

질문 답변하기에 대한 가이드라인

관련 콘텐츠