EMR + ServiceAccessSecurityGroup settings

[Daniel del Castillo]

Hi,

I've upgrade to Terraform v0.7.7 and I'm migrating my CloudFormations script to the new EMR resource. However there are 2 requirements that doesn't seems to be supported:

1) Create a cluster with 1 master node and no slaves: I remember someone told me this was going to be supported but terraform gives me this error 

* aws_emr_cluster.hive-metastore-service.0: ValidationException: Instance count must be greater than 0.

status code: 400, request id: 8911fca5-976f-11e6-a7c2-93ab7141cbe2

2) ServiceAccessSecurityGroup seems to be not supported: when the cluster runs in a private subnet this security group is required but I can't find anything in the docs or source code that takes this setting. This is the error I get when I try to create the cluster:

* aws_emr_cluster.hive-metastore-service.1: [WARN] Error waiting for EMR Cluster state to be "WAITING" or "RUNNING": unexpected state 'TERMINATED_WITH_ERRORS', wanted target 'WAITING, RUNNING'. last error: %!s(<nil>)

In the AWS console I can see the problem is:

You must also specify a ServiceAccessSecurityGroup if you use custom security groups when creating a cluster in a private subnet.

Any help here is really appreciated.

Please let me know if you want me to raise an issue in GitHub and I'll be glad to do it - I could also contribute the code is any change is needed.

Thanks...

Regards,

Daniel

[Daniel del Castillo]

Hello,

I opened a PR in GitHub with a patch for the Service Access Security Group - link below. I hope that's fine.

https://github.com/hashicorp/terraform/pull/9600

Thanks,

Daniel