I can authenticate no problem but when creating the plugin errors out
i have debug mode on:
Error: reading EC2 AMIs: UnauthorizedOperation: You are not authorized to perform this operation.
│ status code: 403, request id: 7e39745e-f209-4fbb-ba6f-4ddd15f80259
│
│ with data.aws_ami.centos-7,
│ on admd1-diad-tt01.tf line 17, in data "aws_ami" "centos-7":
│ 17: data "aws_ami" "centos-7" {
│
╵
2023-06-02T14:00:12.767-0400 [TRACE] statemgr.Filesystem: removing lock metadata file .terraform.tfstate.lock.info
2023-06-02T14:00:12.768-0400 [TRACE] statemgr.Filesystem: unlocking terraform.tfstate using fcntl flock
2023-06-02T14:00:12.771-0400 [DEBUG] provider.stdio: received EOF, stopping recv loop: err="rpc error: code = Unavailable desc = error reading from server: EOF"2023-06-02T14:00:12.780-0400 [DEBUG] provider: plugin process exited: path=.terraform/providers/registry.terraform.io/hashicorp/aws/4.67.0/linux_amd64/terraform-provider-aws_v4.67.0_x5 pid=9093
2023-06-02T14:00:12.780-0400 [DEBUG] provider: plugin exited
here is what i am creating and the role has all resource access
terraform {
required_providers {
aws = {
source = "hashicorp/aws"
version = "~> 4.0"
}
}
}
provider "aws" {
region = "us-east-1"
# profile = "cops"
}
# CentOS 7
data "aws_ami" "centos-7" {
owners = ["679593333241"]
most_recent = true
filter {
name = "name"
values = ["CentOS Linux 7 x86_64 HVM EBS *"]
}
filter {
name = "architecture"
values = ["x86_64"]
}
filter {
name = "root-device-type"
values = ["ebs"]
}
}
resource "aws_instance" "tt01" {
ami = data.aws_ami.centos-7.id
associate_public_ip_address = true
availability_zone = "us-east-1c"
disable_api_termination = "true"
ebs_optimized = true
instance_type = "t2.medium"
ipv6_addresses = []
key_name = "p8953"
monitoring = false
source_dest_check = true
subnet_id = "subnet-0139e79a8a3cdee6d"
tags = {
"cops_type" = "tt"
"cops_env" = "admd1-diad"
"cops_hostname" = "adm1-diad-tt01"
"cops_group" = "p"
"Name" = "adm1-diad-tt01"
}
root_block_device {
delete_on_termination = false
encrypted = false
volume_size = 100
volume_type = "gp2"
}
timeouts {}
lifecycle {
ignore_changes = [
user_data
]
}
}
resource "aws_security_group" "allow_ports_ingress_teleport" {
name = "allow_proxy_teleport"
description = "Allow teleport inbound traffic"
# vpc_id = aws_vpc.main.id
ingress {
description = "Proxy teleport"
from_port = 3025
to_port = 3025
protocol = "tcp"
}
egress {
from_port = 0
to_port = 0
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
ipv6_cidr_blocks = ["::/0"]
}
tags = {
Name = "allow_proxy_teleport"
}
}