Codebuild running terraform init failing to download bitbucket module

0

I have a terraform project in bitbucket that I want to plan/apply via codebuild and codepipeline. The project has a module that is hosted on the same bitbucket account.

When the codebuild project runs (under codepipeline), the source is available and I can run git commands against it (using the git-credential-helper), but when running the terraform init it fails to download the terraform module from bitbucket:

git@bitbucket.org: Permission denied (publickey). │ fatal: Could not read from remote repository.

Is there a way to use the git credentials already on the codebuild image or do I have to manually add a certificate to the build? It would be a duplication of the credentials, not something I want to do unless I really have to.

Brian
asked 3 months ago200 views
1 Answer
2
Accepted Answer

What is the source of your terraform modules? Are they absolute paths or References to a Git source?

If they are absolute and local modules it will work.

If using a GIT reference to a tag/commit then you will need to auth to bitbucket using something like a SSH key or store the credentials in something like Parameter store and download them during the build so that no credentials are stored in the code.

profile picture
EXPERT
answered 3 months ago
  • I'm using a git reference to a tag. The module source is from the same bitbucket workspace as the source I pulled the terraform code from, so I expected the module to be accessible with the same git credentials.

  • Terraform needs its own git credentials I’m afraid. Or use a terraform registry etc

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions