Terraform init fails with - does not have a provider named registry.terraform.io/hashicorp/ip

I keep getting following error when I try to initialize. I am trying to create AWS wafv2 firewall.

Initializing the backend...

Initializing provider plugins...
- Finding latest version of hashicorp/ip...
- Finding latest version of hashicorp/aws...
- Installing hashicorp/aws v4.18.0...
- Installed hashicorp/aws v4.18.0 (signed by HashiCorp)
╷
│ Error: Failed to query available provider packages
│
│ Could not retrieve the list of available versions for provider hashicorp/ip: provider registry registry.terraform.io does not have a provider named registry.terraform.io/hashicorp/ip
│
│ All modules should specify their required_providers so that external consumers will get the correct providers when using a module. To see which modules are currently depending on hashicorp/ip, run the following command:
│     terraform providers

Below is my configuration for WAFv2

terraform {
  required_providers {
    aws = {
      source = "hashicorp/aws"
        # version = ">= 4.18.0"
    }
  }

  # required_version = ">= 0.14.9"
}

provider "aws" {
  profile = "default-qa"
  region  = "us-east-1"
}


resource "aws_wafv2_web_acl" "qa_wafv2" {
  name        = "web_firwall"
  description = "Firewall for qa ecom apps"
  scope       = "REGIONAL"

  default_action {
    allow {}
  }


   rule {
    name     = "dev_ip_set_allow"
    priority = 0

    action {
      allow {}
    }

    statement {
      ip_set_reference_statement {
       arn = aws_wafv2_ip_set.dev_ip_list_allow.arn
      }
    }

    visibility_config {
      cloudwatch_metrics_enabled = false
      metric_name                = "wafv2_dev_ip_set_allow"
      sampled_requests_enabled   = false
    }
  }

  
   rule {
    name     = "ThirdPartyService_AccessSiteFromDifferentLoc_Whitelist"
    priority = 1

    action {
      allow {
        custom_request_handling {
          insert_header {
            name = "3p-servc-frm-waf"
            value = "like_pingdom"
            
          }
        }

      }
    }

    statement {
      ip_set_reference_statement {
       arn = aws_wafv2_ip_set.ThirdPartyService_AccessSiteFromDifferentLoc_Allow.arn
      }
    }

    visibility_config {
      cloudwatch_metrics_enabled = false
      metric_name                = "ThirdPartyService_AccessSiteFromDifferentLoc_Allow"
      sampled_requests_enabled   = false
    }
  }

 rule {
    name     = "web_crawler_group_allow_IPSet"
    priority = 2

    action {
      allow {}
    }

    statement {
      ip_set_reference_statement {
       arn = aws_wafv2_ip_set.web_crawler_group_allow.arn
      }
    }

    visibility_config {
      cloudwatch_metrics_enabled = false
      metric_name                = "web_crawler_group_allow"
      sampled_requests_enabled   = false
    }
  }
  

  tags = {
    Name = "ecom_apps"
    Env = "qa"
  }

  visibility_config {
    cloudwatch_metrics_enabled = false
    metric_name                = "friendly-metric-name"
    sampled_requests_enabled   = false
  }
}


# IP set 1 - dev
resource "aws_wafv2_ip_set" "dev_ip_list_allow" {
  name               = "dev_ip_set"
  description        = "All dev ips to allow access to ecom"
  scope              = "REGIONAL"
  ip_address_version = "IPV4"
  addresses          = ["1.2.3.4/32", "5.6.7.8/32"]

  tags = {
    Name = "ecom_apps"
    Env = "qa"
  }
}

# IP set 1 - thirdparty
resource "aws_wafv2_ip_set" "ThirdPartyService_AccessSiteFromDifferentLoc_Allow" {
  name               = "ThirdPartyService_AccessSiteFromDifferentLoc_Allow"
  description        = "Allow 3p services to access ecom"
  scope              = "REGIONAL"
  ip_address_version = "IPV4"
  addresses          = ["1.2.3.4/32", "5.6.7.8/32"]

  tags = {
    Name = "ecom_apps"
    Env = "qa"
  }
}

# IP set 1 - webcrawler
resource "ip_set_reference_statement" "web_crawler_group_allow" {
  name               = "web_crawler_group_allow"
  description        = "Allow bot crawlers to access ecom"
  scope              = "REGIONAL"
  ip_address_version = "IPV4"
  addresses          = ["1.2.3.4/32", "5.6.7.8/32"]

  tags = {
    Name = "ecom_apps"
    Env = "qa"
  }
}


# Groups

# BOT groups
resource "aws_wafv2_rule_group" "crawler_allow_group" {
  name     = "crawler_allow_group"
  scope    = "REGIONAL"
  capacity = 10

  rule {
    name     = "Allow_crawlers_rule"
    priority = 0

    action {
      allow {}
    }

    statement {
        ip_set_reference_statement {
          arn = ip_set_reference_statement.web_crawler_group_allow.arn
        }
    }

    visibility_config {
      cloudwatch_metrics_enabled = false
      metric_name                = "Allow_crawlers_rule"
      sampled_requests_enabled   = false
    }
  }

  visibility_config {
    cloudwatch_metrics_enabled = false
    metric_name                = "BotGroups"
    sampled_requests_enabled   = false
  }
}



data "aws_caller_identity" "current" {}

output "wafv2_arn" {
  value = aws_wafv2_web_acl.qa_wafv2.arn
}

output "web_Ip_set_arn" {
  value = aws_wafv2_ip_set.dev_ip_list_allow.arn
}

Thanks for any help or inputs!

Venku

Fix the type of this resource

1 Like

oh my. Don’t know when the resource type was changed there. Thank you for catching it!!