Raghunandan Sk
Raghunandan Sk

Reputation: 338

How to fix : VALIDATION_ERROR: You must also specify a ServiceAccessSecurityGroup Terraform

I am new in terraform . I have a issue which I am facing when I am launching a simple EMR cluster in private subnet

It fails with the below error message :

I did check the github seems like the fixed it for the issue opened . But I am using the latest version of terraform (0.11.7)

Below are the github links for for the issue reported in Github https://github.com/hashicorp/terraform/issues/9518 https://github.com/hashicorp/terraform/pull/9600

Any suggestions on how to fix this will be really helpful

Thank you

Upvotes: 2

Views: 4421

Answers (2)

Shree Prakash
Shree Prakash

Reputation: 2314

As we know that to put emr components in private subnet, you have to following

these security groups

https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-man-sec-groups.html#emr-sg-elasticmapreduce-sa-private

Then in terraform you have to resolve cyclic dependency between security groups from this link and put following configuration as shown below

 ec2_attributes {
subnet_id                         = element(var.subnet_ids, count.index)
key_name                          = "${var.ssh_key_id}"
emr_managed_master_security_group = aws_security_group.EmrManagedMasterSecurityGroup.id
emr_managed_slave_security_group  = aws_security_group.EmrManagedSlaveSecurityGroup.id
service_access_security_group = aws_security_group.ServiceAccessSecurityGroup.id

#additional_master_security_groups = aws_security_group.allow_ssh.id
instance_profile = aws_iam_instance_profile.example_ec2_profile.arn
}

source:- https://github.com/hashicorp/terraform/pull/9600

Upvotes: 0

Arockiasmy K
Arockiasmy K

Reputation: 353

The issue is fixed in Git because it was raised to show an error which is supposed to ask for service_access_security_group while using the emr_managed_master_security_group and emr_managed_slave_security_group.

So, you would require mentioning service_access_security_group parameter in your EMR resource.

Thanks.

Upvotes: 2

Related Questions