我在我的 Linux 实例上运行 terraform,我得到了下面的恐惧。
+ /usr/local/bin/terraform workspace new test
enter code here[0m[0m[1m[33mBackend reinitialization required. Please run "terraform init".[0m
[33mReason: Initial configuration of the requested backend "s3"
The "backend" is the interface that Terraform uses to store state,
perform operations, etc. If this message is showing up, it means that the
Terraform configuration you're using is using a custom configuration for
the Terraform backend.
Changes to backend configurations require reinitialization. This allows
Terraform to setup the new configuration, copy existing state, …我正在使用terraform v.0.11.7。
我想创建4个子网(2个公共子网,2个私有子网)
这是vars.tf的内容
variable "region" {
default = "ap-south-1"
}
variable "ami_id" {
type = "map"
default = "ami-d783a9b8"
}
variable "credentials" {
default = "/root/.aws/credentials"
}
variable "vpc_cidr" {
default = "10.0.0.0/16"
}
variable "pub_subnet_aza_cidr" {
default = "10.0.10.0/24"
}
variable "pub_subnet_azc_cidr" {
default = "10.0.20.0/24"
}
variable "pri_subnet_aza_cidr" {
default = "10.0.30.0/24"
}
variable "pri_subnet_azc_cidr" {
default = "10.0.40.0/24"
}
现在在main.tf中,我想将前2个公共子网关联到公共路由表,该怎么做?
resource "aws_subnet" "pub_subnet_aza" {
vpc_cidr = "{aws_vpc.vpc.id}"
cidr_block = "${var.pub_subnet_aza_cidr}"
tags {
Name = "Pub-Sunet-A"
} …https://www.terraform.io/docs/providers/aws/r/autoscaling_group.html#propagate_at_launch
I do this to apply tags to aws resources:
tags = "${merge(
local.common_tags, // reused in many resources
map(
"Name", "awesome-app-server",
"Role", "server"
)
)}"
But the asg requires propagate_at_launch field.
I already have my map of tags in use in many other resources and I'd like to reuse it for the asg resources to. Pretty sure I'll always be setting propagate_at_launch to true. How can I add that to every element of the map and use it for …
CloudFormation提供了用于参数的AllowedValues,该参数指示该参数的可能值可以来自此列表。如何使用Terraform变量实现这一目标?列表的变量类型不提供此功能。因此,如果我希望变量仅具有两个可能的值,那么如何使用Terraform实现此目的。我要复制的CloudFormation脚本是:
"ParameterName": {
"Description": "desc",
"Type": "String",
"Default": true,
"AllowedValues": [
"true",
"false"
]
}
variables amazon-web-services aws-cloudformation terraform terraform-provider-aws
我需要帮助每周安排 ec2 卷快照,并且需要使用 terraform aws 的云监视规则存档\删除超过 1 个月的备份。
请指导我使用 terraform 编写云监视规则。
问候, 公羊
terraform terraform-template-file terraform-provider-azure terraform-provider-aws terraform-provider-gcp
我希望运行一个 terraform 计划来验证用户上传的 terraform 计划文件并检测资源。
但是,目前运行 terraform 计划需要 AWS 凭证。
有没有办法在不使用凭据的情况下运行计划或以另一种方式从 .tf 文件中提取资源列表?
我正在使用Terraform在AWS中构建一些基础架构。我创建了几个S3存储桶,并希望Glue搜寻器每小时对这些存储桶进行一次爬网。我的Terraform Glue目录数据库,角色和策略都构建良好,但是当我尝试通过向爬网程序的s3_target{}一部分添加四个S3路径来创建爬网程序资源时,出现了故障:
resource "aws_glue_crawler" "datalake_crawler" {
database_name = "${var.glue_db_name}"
name = "${var.crawler_name}"
role = "${aws_iam_role.glue.id}"
s3_target {
# count = "${length(var.data_source_path)}"
path = "${var.data_source_path}"#"${formatlist("%s", var.data_source_path)}"
}
}
这会导致错误:
Error: aws_glue_crawler.datalake_crawler: s3_target.0.path must be a single value, not a list
我尝试在中添加一条count语句,s3_target但这失败。我也尝试添加
"${formatlist("%s", var.data_source_path)}"
在path争论中,但这也失败了。
我可以s3使用Terraform向Glue履带添加多个路径吗?我可以通过AWS控制台实现这一点,但这需要使用基础架构作为代码来完成。
amazon-s3 amazon-web-services terraform aws-glue terraform-provider-aws
I always get this error on my terraform. How do I fix this?
aws_key_pair.kyc_app_public_key: Error import KeyPair: InvalidKey.Format: Key is not in valid OpenSSH public key format
I already generated the ssh with this command ssh-keygen -t rsa -N "" -b 2048 -C "assignment"
Here is my configuration script on terraform
resource "aws_key_pair" "kyc_app_public_key" {
key_name = "assignment"
public_key ="//~/.ssh/id_rsa.pub"
}
我有以下 Terraform 资源,旨在为每个仓库创建一个单独的加密 EFS 卷,然后在两个子网中为每个创建挂载目标:
resource "aws_efs_file_system" "efs-data-share" {
count = "${length(var.warehouses)}"
encrypted = "${var.encrypted}"
kms_key_id = "${element(data.aws_kms_key.encryption_key.*.arn,count.index)}"
performance_mode = "${var.performance_mode}"
tags {
Name = "${element(split(".",var.warehouses[count.index]),0)}-${var.name_suffix}"
Warehouse = "${element(split(".",var.warehouses[count.index]),0)}"
Environment = "${var.environment}"
Purpose = "${var.purpose}"
}
}
resource "aws_efs_mount_target" "mounts" {
count = "${length(var.subnets)}"
file_system_id = "${aws_efs_file_system.efs-data-share.*.id}"
subnet_id = "${element(var.subnets, count.index)}"
security_groups = ["${var.efs_security_groups}"]
}
data "aws_kms_key" "encryption_key" {
count = "${length(var.warehouses)}"
key_id = "alias/${element(split(".",var.warehouses[count.index]),0)}-${var.key_alias_suffix}"
}
EFS 本身启动正常,但挂载失败,因为 file_system_id 必须是单个资源,而不是列表。
* module.prod_multi_efs.aws_efs_mount_target.mounts[1]: file_system_id must be a single value, not a …我想创建一个 terraform (v0.12+) 模块,该模块输出一个带有 Lambda 集成的 AWS API 网关。我不太明白如何(或者甚至可能)遍历映射列表以动态输出资源。
用户应该能够像这样实例化模块:
module "api_gateway" {
source = "./apig"
endpoints = [
{
path = "example1"
method = "GET"
lambda = "some.lambda.reference"
},
{
path = "example1"
method = "POST"
lambda = "some.lambda.reference"
},
{
path = "example2"
method = "GET"
lambda = "another.lambda.reference"
}
]
}
从endpoints界面上,我想输出三个资源:
aws_api_gateway_resource哪里path_part = endpoint[i].path aws_api_gateway_method哪里http_method = endpoint[i].methodaws_api_gateway_integration,需要一个参考
endpoint[i].lambda,等Terraform 的for_each属性似乎不足以处理这个问题。我知道 Terraform 也支持 …