#my child module, main.tf
provider “aws” {
alias = “source”
region = “us-west-2”
}
provider “aws” {
alias = “dest”
region = “us-east-1”
}
data “aws_caller_identity” “source” {
provider = aws.source
}
data “aws_caller_identity” “dest” {
provider = aws.dest
}
data “aws_iam_policy_document” “assume_role” {
statement {
effect = “Allow”
principals {
type = "Service"
identifiers = ["s3.amazonaws.com"]
}
actions = ["sts:AssumeRole"]
}
}
resource “aws_iam_role” “replication” {
name = “tf-iam-role-replication-12345”
assume_role_policy = data.aws_iam_policy_document.assume_role.json
}
data “aws_iam_policy_document” “replication” {
statement {
effect = “Allow”
actions = [
"s3:GetReplicationConfiguration",
"s3:ListBucket",
]
resources = [aws_s3_bucket.source.arn]
}
statement {
effect = “Allow”
actions = [
"s3:GetObjectVersionForReplication",
"s3:GetObjectVersionAcl",
"s3:GetObjectVersionTagging",
]
resources = ["${aws_s3_bucket.source.arn}/*"]
}
statement {
effect = “Allow”
actions = [
"s3:ReplicateObject",
"s3:ReplicateDelete",
"s3:ReplicateTags",
]
resources = ["${aws_s3_bucket.destination.arn}/*"]
}
}
resource “aws_iam_policy” “replication” {
name = “tf-iam-role-policy-replication-12345”
policy = data.aws_iam_policy_document.replication.json
}
resource “aws_iam_role_policy_attachment” “replication” {
role = aws_iam_role.replication.name
policy_arn = aws_iam_policy.replication.arn
}
#my root module, main.tf:
terraform {
required_providers {
aws = {
source = “hashicorp/aws”
version = “4.27.0”
}
}
}
module “s3-cross-account-replication” {
source = “./s3_logs_replication_modules”
source_bucket_name = var.source_bucket_name
source_region = var.source_region
dest_bucket_name = var.dest_bucket_name
dest_region = var.dest_region
replication_name = var.replication_name
priority = 0
}
Above is my Terraform code, and I’m trying to create an S3 logs replication in another bucket, but I keep getting this error:
To work with module.s3-cross-account-replication.aws_s3_bucket_replication_configuration.replication its
│ original provider configuration at
│ module.s3-cross-account-replication.provider[“Terraform Registry”].central is required,
│ but it has been removed. This occurs when a provider configuration is removed while objects created by that
│ provider still exist in the state. Re-add the provider configuration to destroy
│ module.s3-cross-account-replication.aws_s3_bucket_replication_configuration.replication, after which you
│ can remove the provider configuration again.
Does anybody know how to fix this?