我正在使用 terraform + terraform cloud (用于远程状态管理)
\n\n\xe2\x9c\xa6 \xe2\x9e\x9c terraform -v \nTerraform v0.12.24\n+ provider.aws v2.60.0\n+ provider.null v2.1.2\n\n\xe2\x9c\xa6 \xe2\x9e\x9c terraform plan \nRefreshing Terraform state in-memory prior to plan...\nThe refreshed state will be used to calculate this plan, but will not be\npersisted to local or remote state storage.\n\nmodule.vpc.module.vpc.aws_vpc.this[0]: Refreshing state... [id=vpc-0e89e6d2515004e3d]\nmodule.s3.aws_s3_bucket.project_bucket: Refreshing state... [id=project-bucket]\ndata.aws_availability_zones.all: Refreshing state...\nmodule.bastion.aws_key_pair.ssh_key: Refreshing state... [id=project]\nmodule.vpc.module.vpc.aws_eip.nat[0]: Refreshing state... [id=eipalloc-053796962073bcc33]\nmodule.vpc.module.vpc.aws_subnet.private[1]: Refreshing state... [id=subnet-037152cf7128a8a31]\nmodule.vpc.module.vpc.aws_subnet.private[0]: Refreshing state... [id=subnet-0b4f07b30fb51ab78]\nmodule.vpc.module.vpc.aws_route_table.private[0]: Refreshing state... [id=rtb-0dd52f77a6da2f2b8]\nmodule.vpc.module.vpc.aws_subnet.private[2]: Refreshing state... [id=subnet-007658ad3ec49fed8]\nmodule.vpc.module.vpc.aws_route_table.public[0]: Refreshing state... [id=rtb-050f67e4a3f5b978e]\nmodule.vpc.module.vpc.aws_subnet.public[1]: Refreshing state... [id=subnet-03b773348ee69e0ec]\nmodule.vpc.module.vpc.aws_subnet.public[2]: …我想使用资源将资源private_key_pem生成的内容保存tls_private_key到本地磁盘上的文件中local_file。
resource "tls_private_key" "example" {
algorithm = "RSA"
rsa_bits = 4096
}
resource "aws_key_pair" "generated_key" {
key_name = "cloudtls"
public_key = tls_private_key.example.public_key_openssh
}
resource "aws_instance" "automation" {
instance_type = var.instance_type
ami = var.image_id
iam_instance_profile = aws_iam_instance_profile.ec2_profile.name
key_name = aws_key_pair.generated_key.key_name
}
resource "local_file" "pem_file" {
filename = "pemfile.pem"
#
}
我有如下代码
//Create acm certificate for livy_cert
resource "aws_acm_certificate" "livy_cert" {
count = local.count
domain_name = "${var.subsystem}-${var.component}-livy.${var.region_fqdn}"
validation_method = "DNS"
lifecycle {
create_before_destroy = true
}
}
//Validation route53
resource "aws_route53_record" "certificate_validation" {
for_each = {
for dvo in aws_acm_certificate.livy_cert[0].domain_validation_options : dvo.domain_name => {
name = dvo.resource_record_name
record = dvo.resource_record_value
type = dvo.resource_record_type
}
}
name = each.value.name
records = [each.value.record]
ttl = 60
type = each.value.type
zone_id = module.core_info.route53_zone_id
}
//Validate certificate before assigning
resource "aws_acm_certificate_validation" "livy_alb_validation_cert" {
count = …当我在版本 12.24 中运行 Terraform 计划时,收到错误:不受支持的参数。
Error: Unsupported argument
on .terraform/modules/app/main.tf line 261, in resource "aws_db_instance" "db_instance":
261: timeouts = {
An argument named "timeouts" is not expected here. Did you mean to define a
block of type "timeouts"?
这是.tf文件中的代码:
timeouts = {
create = "${var.db_instance_create_timeout}"
update = "${var.db_instance_update_timeout}"
delete = "${var.db_instance_delete_timeout}"
}
我不知道如何修复这个错误。通过在超时后删除“=”修复了上述错误。
我还收到更多需要解决方案的错误:
Error: Unsupported argument
on .terraform/modules/rds/main.tf line 150, in resource "aws_db_parameter_group" "db_parameter_group":
150: parameter = concat(var.parameters, local.parameters[local.parameter_lookup])
An argument named "parameter" is not expected here. Did …syntax-error amazon-web-services terraform terraform-provider-aws terraform-modules
地形 v0.12.x
我正在尝试使用此脚本创建 Route53 记录,该脚本旨在创建别名为 ALB 的 A 记录。
data "aws_route53_zone" "mycompany_com" {
name = "mycompany.com."
private_zone = true
}
resource "aws_route53_record" "jenkins_master_green" {
zone_id = data.aws_route53_zone.mycompany_com.zone_id
name = "jenkins-green.${data.aws_route53_zone.mycompany_com.name}"
type = "A"
alias {
name = aws_lb.jenkins_master_green.dns_name
zone_id = data.aws_route53_zone.mycompany_com.zone_id
evaluate_target_health = false
}
}
该计划显示了我期望的正确值
$ terraform plan -out out.output
但是当我应用这个计划时我得到了
$ terraform apply out.output
aws_route53_record.jenkins_master_green: Creating...
Error: [ERR]: Error building changeset: InvalidChangeBatch: [Tried to create an alias that targets <redacted>.us-east-1.elb.amazonaws.com., type A in zone <redacted>, but the …我在资源块中有以下代码片段,
...
condition {
dynamic "http_header" {
for_each = var.http_headers
content {
http_header_name = http_header.value.header_name[0]
values = [http_header.value.values[0]]
}
}
}
...
变量当前设置为:
variable "http_headers" {
type = map
default = {}
}
我想提供一个地图并让 Terraform 在内容块内设置它们的值,例如
http_headers = {
header_name = "foo"
values = "bar"
}
我认为根据我迄今为止所做的阅读,这会起作用,但我收到类似于以下内容的错误。
Error: Unsupported attribute
on .terraform/main.tf line 138, in resource "aws_alb_listener_rule" "listener_rule":
138: values = [http_header.value.values[0]]
|----------------
| http_header.value is "foo"
This value does not have any attributes.
FWIW,如果我将变量包装在列表中并对其进行迭代,我就能够实现此工作,http_headers但我想简化配置以仅使用单个映射。这可能吗?
在 Terraform 中,我们如何定义对象列表?
变量.tf
variable "aws_cluster_arn" {
type = string
}
variable "aws_ecs_placement_strategy" {
type = list(object)
}
在configuration.tfvars中
aws_ecs_placement_strategy=(object({type="spread",field="attribute:ecs.availability-zone"}),object({type="BinPack",field="CPU"}))
我收到以下错误:
错误:类型规范无效
在 Variables.tf 第 53 行,变量“aws_ecs_placement_strategy”中:
53:type = list(object)
我的 EKS 特定用户配置位于 json 文件中,我想将其加载到 terraform 中以应用它。
我使用 data_source aws_iam_policy_document
resource "aws_iam_policy_document" "ops_manager" {
policy = file("templates/eks_user_policy.json")
}
不幸的是,当我运行terraform plan时,我得到了这个:
提供程序provider.aws不支持资源类型
“aws_iam_policy_document”。
地形版本:v0.14.9
我原本计划通过 Terraform 配置Amazon ECS 容量提供程序,但我看到了一些问题,其中讨论了无法通过 Terraform 更新 Amazon ECS 容量提供程序。该功能现在可以安全使用吗?
amazon-web-services amazon-ecs terraform terraform-provider-aws
我的问题很简单,但在整个互联网上找不到任何示例或解决方案。我想在中使用 if-else 条件data sourceterraform 中使用 if-else 条件,并根据它应该搜索结果的值。我们的 AWS 账户中有 2 个不同的 VPC:1. Prod VPC、2. RDS VPC
过滤器应基于布尔变量 var.rds_vpc 工作
伪代码:
data "aws_vpc" "vpc" {
if var.rds_vpc == true:
tags = {
Name = "rds_vpc"
Type = "database"
}
else:
tags = {
Cluster = "live_vpc"
Enviornment = "production"
}
}
如果两个 VPC 可以具有相似的标签,我可以简单地通过变量传递值。但在上面的例子中,标签也不同。
如果有人可以提供帮助,我将非常感激。
if-statement datasource conditional-statements terraform terraform-provider-aws