Error when applying Terraform configuration for ALB: ListenerNotFound

Question

Hello everyone! I'm using Terraform to create a simple Application Load Balancer (ALB), but I keep encountering an error when running terraform apply. The error message seems to concatenate the ARN of the ELB Listener with the ARN of the AWS ACM Certificate, which I find strange. I've searched my entire project for any incorrect variable usage but couldn't find any issues. I'm hoping someone can help guide me through this problem.

Here's the error message I'm getting:
```
Error: reading ELB (Elastic Load Balancing) Listener Certificate (arn:aws:elasticloadbalancing:us-east-1:{id}:listener/app/my-lb/###############/###############_arn:aws:acm:us-east-1:############:certificate/####################################): ListenerNotFound: One or more listeners not found
```
And here's a simplified version of my Terraform code:
```
terraform {
  required_providers {
    archive = {
      source = "hashicorp/archive"
    }
    aws = {
      source  = "hashicorp/aws"
      version = "~> 4.0"
    }
  }
  required_version = ">= 1.4.2"
}

resource "aws_lb" "main" {
  name               = "my-lb"
  load_balancer_type = "application"
  subnets            = [some var]
  security_groups    = [some var]
}
resource "aws_lb_target_group" "main" {
  name   = "tg-main"
  vpc_id = [vpcid]

port        = 80
  target_type = "ip"
  protocol    = "HTTP"

health_check {
    healthy_threshold = 3
    interval          = 100
    timeout           = 30
  }

#depends_on = [var.sh.main_alb]
}
resource "aws_lb_listener" "https" {
  load_balancer_arn = aws_lb.main.arn

port            = "443"
  protocol        = "HTTPS"
  ssl_policy      = "ELBSecurityPolicy-2016-08"
  certificate_arn = data.terraform_remote_state.global.outputs.certificate_arn

default_action {
    type             = "forward"
    target_group_arn = aws_lb_target_group.tg-main.arn
  }
}
```
I'd really appreciate any guidance or suggestions to help me understand and resolve this issue. Thank you!

Answer

It appears your variable `data.terraform_remote_state.global.outputs.certificate_arn` is incorrect.

I recommend you do a 'terraform plan' from the command line to see what value is being applied to the `aws_lb_listener.https.certificate_arn` attribute.

Here is my code where I use an ACM Certificate datasource to locate my certificate, and my `terraform plan` output. Note the format of the output:

```
data "aws_acm_certificate" "amazon_issued_tyler" {
  domain      = "awstyler.myinternalhostname.aws.dev"
  types       = ["AMAZON_ISSUED"]
  most_recent = true
}

resource "aws_lb_listener" "https" {
  load_balancer_arn = aws_lb.main.arn

port            = "443"
  protocol        = "HTTPS"
  ssl_policy      = "ELBSecurityPolicy-2016-08"
  certificate_arn = data.aws_acm_certificate.amazon_issued_tyler.arn

default_action {
    type             = "forward"
    target_group_arn = aws_lb_target_group.main.arn
  }
}
```

Plan Output:

```
  # aws_lb_listener.https will be created
  + resource "aws_lb_listener" "https" {
      + arn               = (known after apply)
      + certificate_arn   = "arn:aws:acm:us-east-1:000000000000:certificate/00000000-e59e-4e8b-a45a-543f9d85c86d"
      + id                = (known after apply)
      + load_balancer_arn = (known after apply)
      + port              = 443
      + protocol          = "HTTPS"
      + ssl_policy        = "ELBSecurityPolicy-2016-08"
      + tags_all          = (known after apply)

+ default_action {
          + order            = (known after apply)
          + target_group_arn = (known after apply)
          + type             = "forward"
        }
    }

```

Error when applying Terraform configuration for ALB: ListenerNotFound

相關內容