Terraform - AWS - TypeError: planResultMessage.search is not a function

Question

I've been scratching my head over this one for longer than I'd like to admit, but I'm throwing in the towel...

I have a large Terraform package and in the Terraform Plan, I get this error:

Terraform Plan (Error) Log

Exception Error in plan - TypeError: planResultMessage.search is not a function

I do not use the planResultMessage.search anywhere in my code, so my guess is that it is a Terraform error?

What I do know is that this set of resources that it is deploying is a bunch of yaml documents that I am trying to leverage to create SSM Documents. They are being loaded as such:

member_data.tf

data "template_file" "member_createmultiregiontrail" {
    template = file("${path.module}/member-runbooks/member-asr-CreateCloudTrailMultiRegionTrail.yml")
}

data "template_file" "member_createlogmetricsfilteralarm" {
    template = file("${path.module}/member-runbooks/member-asr-CreateLogMetricFilterAndAlarm.yml")
}

asr-member.tf

resource "aws_ssm_document" "asr_document_cloudtrail_multiregion" {
    provider        = aws.customer
    count           = var.enabled == true && var.child_account == true ? 1 : 0
    name            = "ASR-CreateCloudTrailMultiRegionTrail"
    document_format = "YAML"
    document_type   = "Automation"

    content = data.template_file.member_createmultiregiontrail.template
}

resource "aws_ssm_document" "asr_document_logs_metricsfilter_alarm" {
    provider        = aws.customer
    count           = var.enabled == true && var.child_account == true ? 1 : 0
    name            = "ASR-CreateLogMetricFilterAndAlarm"
    document_format = "YAML"
    document_type   = "Automation"

    content = data.template_file.member_createlogmetricsfilteralarm.template
}

As an example. I think the cause might be in these document files because the Terraform Error populates in the middle of the contents of these documents, it's always a random location in one of the documents...

Example:

This one fell into a document for SecHub's AFSBP Redshift 6 control, but at the beginning of the section contents it acknowledges that the resource will be deployed:

# module.aws-securityhub-master.aws_ssm_document.AFSBP_Redshift_6[0] will be created

I have tried loading the contents directly, using yamlencode, using simply "file", loading them into locals, pulling a file from locals, and now I'm on data sources.

If anyone can offer any help, it would be greatly appreciated.

DISCLAIMER: This Terraform build out is a deconstruction of Amazon's SHARR solution:

https://aws.amazon.com/solutions/implementations/automated-security-response-on-aws/

you can see the various yaml build-outs here based on which security control:

https://github.com/aws-solutions/aws-security-hub-automated-response-and-remediation/tree/main/source/playbooks

The two that I specifically called out in my data sources are:

https://github.com/aws-solutions/aws-security-hub-automated-response-and-remediation/blob/main/source/remediation_runbooks/CreateCloudTrailMultiRegionTrail.yaml

and

https://github.com/aws-solutions/aws-security-hub-automated-response-and-remediation/blob/main/source/remediation_runbooks/CreateLogMetricFilterAndAlarm.yaml

and the AFSBP yaml can be found here (just in case it matters):

https://github.com/aws-solutions/aws-security-hub-automated-response-and-remediation/blob/main/source/playbooks/AFSBP/ssmdocs/AFSBP_Redshift.6.yaml

Thank you in advance!

Answer 1

This turned out to be a buffer overflow issue. Expanded resources to accommodate the deployment and that solved the issue.