Creation of Kinesis is failing with tls issue

ravi-ssdn · November 7, 2023, 4:28am

HI All,
Working with Terraforms for the first time and deploying it but getting the following exception:-

{"DeliveryStreamName":"terraform-kinesis-firehose-extended-s3-test-stream","DeliveryStreamType":"DirectPut","ExtendedS3DestinationConfiguration":{"BucketARN":"arn:aws:s3:::core-si-archival-kinesis-name","BufferingHints":{"IntervalInSeconds":300,"SizeInMBs":5},"CompressionFormat":"UNCOMPRESSED","DataFormatConversionConfiguration":{"Enabled":false},"EncryptionConfiguration":{"NoEncryptionConfig":"NoEncryption"},"Prefix":"","ProcessingConfiguration":{"Enabled":false,"Processors":[]},"RoleARN":"arn:aws:iam::679627790417:role/firehose_test_role","S3BackupMode":"Disabled"}}
-----------------------------------------------------: timestamp=2023-11-07T02:51:22.175Z
2023-11-07T02:51:22.205Z [INFO]  plugin.terraform-provider-aws_v3.76.1_x5: 2023/11/07 02:51:22 [DEBUG] [aws-sdk-go] DEBUG: Send Request firehose/CreateDeliveryStream failed, attempt 0/25, error RequestError: send request failed
caused by: Post "https://firehose.ap-southeast-2.amazonaws.com/": tls: server chose an unconfigured cipher suite: timestamp=2023-11-07T02:51:22.204Z
2023-11-07T02:51:22.205Z [INFO]  plugin.terraform-provider-aws_v3.76.1_x5: 2023/11/07 02:51:22 [DEBUG] [aws-sdk-go] DEBUG: Response s3/PutBucketAcl Details:
---[ RESPONSE ]--------------------------------------
HTTP/1.1 400 Bad Request
Connection: close
Transfer-Encoding: chunked
Content-Type: application/xml
Date: Tue, 07 Nov 2023 02:51:21 GMT
Server: AmazonS3
X-Amz-Id-2: MwyyDYtGIxnrb2dR31WPj6NBb+a0iibpW4xxYpMKJSgHdEW2+k4zniBNOl/Tp5y2hV5XtClXX+8=
X-Amz-Request-Id: J9FVC17CHNR7XA0A

Here is the content from .tf file.

resource "aws_kinesis_firehose_delivery_stream" "extended_s3_stream" {
  name        = "terraform-kinesis-firehose-extended-s3-test-stream"
  destination = "extended_s3"
  extended_s3_configuration {
    role_arn       = aws_iam_role.firehose_role.arn
    bucket_arn     = aws_s3_bucket.bucket.arn
  }
}

resource "aws_s3_bucket" "bucket" {
  bucket = "core-si-archival-kinesis-name"
}

resource "aws_s3_bucket_acl" "bucket_acl" {
  bucket = aws_s3_bucket.bucket.id
  acl    = "private"
}
  
data "aws_iam_policy_document" "firehose_assume_role" {
  statement {
    effect = "Allow"

    principals {
      type        = "Service"
      identifiers = ["firehose.amazonaws.com"]
    }

    actions = ["sts:AssumeRole"]
  }
}

resource "aws_iam_role" "firehose_role" {
  name               = "firehose_test_role"
  assume_role_policy = data.aws_iam_policy_document.firehose_assume_role.json
}

What could be the potential issue for this ?

Topic		Replies	Views
TLS Handhake error with backend config Terraform	2	2464	September 9, 2022
KinesisDataFirehose to Opensearch Serverless AWS	0	258	July 18, 2023
IAM role chaining with kinesis firehosedelivery stream is failing AWS	0	198	January 21, 2024
Error validating provider credentials: error calling sts:GetCallerIdentity: RequestError: send request failed Terraform Providers	2	6384	May 28, 2022
Assistance Required: Intermittent Delays and Failures in Terraform Plan Execution Terraform	0	35	September 19, 2024

Creation of Kinesis is failing with tls issue

Related topics