如何在“资源”部分转义包含 ${aws:username} 的 HCL 字符串?
我目前使用 Terraform 0.9.9 版通过以下方式在 main.tf 文件中创建 AWS 策略:
resource "aws_iam_group_policy" "AllowIndividualUserToSeeTheirAccountInformation" {
name = "AllowIndividualUserToSeeTheirAccountInformation"
group = "${aws_iam_group.pr_faas_developers.id}"
policy = <<EOF
{
"Version": "2012-10-17",
"Statement": [
{
"Action": [
"iam:ChangePassword",
"iam:CreateLoginProfile",
"iam:DeleteLoginProfile",
"iam:GetAccountPasswordPolicy",
"iam:GetAccountSummary",
"iam:GetLoginProfile",
"iam:UpdateLoginProfile"
],
"Effect": "Allow",
"Resource":
[
"arn:aws:iam::XXXXXXXXX:user/${aws:username}"
]
}
]
}
EOF
}
这样做时,Terraform 尝试进行插值${aws:username}并且 terraform 将失败,如下所示
terraform.exe plan
Failed to load root config module: Error loading D:\amazonaws-root-master\main.t
f: Error reading config for aws_iam_group_policy[AllowIndividualUserToSeeTheirAc
countInformation]: parse error at …