这是我从这个 repo 中提取的 terraform 脚本
provider "aws" {
region = "${var.aws_region}"
profile = "${var.aws_profile}"
}
##----------------------------
# Get VPC Variables
##----------------------------
#-- Get VPC ID
data "aws_vpc" "selected" {
tags = {
Name = "${var.name_tag}"
}
}
#-- Get Public Subnet List
data "aws_subnet_ids" "selected" {
vpc_id = "${data.aws_vpc.selected.id}"
tags = {
Tier = "public"
}
}
#--- Gets Security group with tag specified by var.name_tag
data "aws_security_group" "selected" {
tags = {
Name = "${var.name_tag}*"
}
}
#--- Creates SSH key to provision server
module "ssh_key_pair" {
source = "git::https://github.com/cloudposse/terraform-aws-key-pair.git?ref=tags/0.3.2"
namespace = "example"
stage = "dev"
name = "${var.key_name}"
ssh_public_key_path = "${path.module}/secret"
generate_ssh_key = "true"
private_key_extension = ".pem"
public_key_extension = ".pub"
}
#-- Grab the latest AMI built with packer - widows2016.json
data "aws_ami" "Windows_2016" {
owners = [ "amazon", "microsoft" ]
filter {
name = "is-public"
values = ["false"]
}
filter {
name = "name"
values = ["windows2016Server*"]
}
most_recent = true
}
#-- sets the user data script
data "template_file" "user_data" {
template = "/scripts/user_data.ps1"
}
#---- Test Development Server
resource "aws_instance" "this" {
ami = "${data.aws_ami.Windows_2016.image_id}"
instance_type = "${var.instance}"
key_name = "${module.ssh_key_pair.key_name}"
subnet_id = "${data.aws_subnet_ids.selected.ids[01]}"
security_groups = ["${data.aws_security_group.selected.id}"]
user_data = "${data.template_file.user_data.rendered}"
iam_instance_profile = "${var.iam_role}"
get_password_data = "true"
root_block_device {
volume_type = "${var.volume_type}"
volume_size = "${var.volume_size}"
delete_on_termination = "true"
}
tags {
"Name" = "NEW_windows2016"
"Role" = "Dev"
}
#--- Copy ssh keys to S3 Bucket
provisioner "local-exec" {
command = "aws s3 cp ${path.module}/secret s3://PATHTOKEYPAIR/ --recursive"
}
#--- Deletes keys on destroy
provisioner "local-exec" {
when = "destroy"
command = "aws s3 rm 3://PATHTOKEYPAIR/${module.ssh_key_pair.key_name}.pem"
}
provisioner "local-exec" {
when = "destroy"
command = "aws s3 rm s3://PATHTOKEYPAIR/${module.ssh_key_pair.key_name}.pub"
}
}
当我调谐时,terraform plan我收到此错误消息:
Refreshing Terraform state in-memory prior to plan...
The refreshed state will be used to calculate this plan, but will not be
persisted to local or remote state storage.
data.template_file.user_data: Refreshing state...
Error: Error refreshing state: 1 error(s) occurred:
* provider.aws: error validating provider credentials: error calling sts:GetCallerIdentity: NoCredentialProviders: no valid providers in chain. Deprecated.
For verbose messaging see aws.Config.CredentialsChainVerboseErrors
小智 10
仔细检查文件的格式~/.aws/credentials。
就我而言,凭据使用以下格式:
[profile]
AWS_ACCESS_KEY_ID=xxxx
AWS_SECRET_ACCESS_KEY=yyyy
将其更改为以下内容解决了问题:
[profile]
aws_access_key_id = xxxx
aws_secret_access_key = yyyy
小智 7
我认为您错过了访问权限和密钥。尝试如下所示的方法。如果您没有将 import 作为变量传递。
provider "aws" {
region = "${var.region}"
profile = "${var.profile}"
access_key=********
secret_key=********
}
| 归档时间: |
|
| 查看次数: |
32145 次 |
| 最近记录: |