Introduction
Problem
Attempting to access Terraform Enterprise states or runs fails with Internal
Server Errors: Oh no, the application has errored!
Cause
- Historical data file artifacts like states and runs in Terraform Enterprise are stored in an object storage system like an S3 bucket, or Azure Blob storage. Terraform Enterprise uses the tfe-archivist container to access this data.
- When the Internal Server Error appears, you can get further details from the command line of the Terraform Enterprise server instance with:
sudo docker logs tfe-archivist2023-03-31T17:19:05.208953249Z 2023/03/31 17:19:05 [ERROR] main: failed to start server { err="===== RESPONSE ERROR (ErrorCode=AuthenticationFailed) =====\nDescription=Server failed to authenticate the request. Make sure the value of Authorization header is formed correctly including the signature.\nRequestId:bdbfeec3-a01e-002c-aaaa-63d6ce000000\nTime:2023-03-31T17:19:05.2065361Z, Details: \n AuthenticationErrorDetail: The MAC signature found in the HTTP request 'MeWh5xxxDokLgH+BsqkZNXWe2qb8H42uIUIETfu/U+Q=' is not the same as any computed signature. Server used following string to sign: 'GET\n\n\n\n\n\n\n\n\n\n\n\nx-ms-date:Fri, 31 Mar 2023 17:19:02 GMT\nx-ms-version:2020-10-02\n/tfeadtstorage75aaabb7/terraform\nrestype:container'.\n" }
The output of the log command will generally give you the root cause:
-
The credentials to the file storage container are invalid
-
The network connection to the storage container is failing.
Overview of possible solutions (if applicable)
Solutions:
-
Verify and fix the credentials outside of Terraform Enterprise from the appropriate command line tool for the variety of object storage in use (awscli, azcli, etc)
-
Verify the network connection to the blob storage objects outside of TFE using
traceroute
Outcome
Retry viewing the workspace data. If it still fails, please contact Hashicorp Support