我创建了一些数据块来查找合适的 AMI。我有 4 个数据块来查找基于 4 个操作系统的 4 个 AMI。例子,
data "aws_ami" "centos" {
owners = ["123456789"]
most_recent = true
filter {
name = "name"
values = ["CentOS*${var.os-version}*x86_64"]
}
}
data "aws_ami" "suse" {
owners = ["amazon"]
most_recent = true
filter {
name = "name"
values = ["suse-sles-${var.os-version}-sp*-v????????-hvm-ssd-x86_64"]
}
}
我像下面这样称呼他们ami_id=data.${os_name}.image-id
所以我想要的是只运行已经被调用的数据块。如果用户选择“suse”,则仅运行 suse 数据块。不是所有的人。现在这是一个问题,因为用户根据操作系统选择版本。例如,16.04 仅适用于 ubuntu,不适用于其他任何版本,因此其他数据块会抛出如下异常,
Error: Your query returned no results. Please change your search criteria and try again.
on main.tf line 79, in data "aws_ami" "suse":
79: data …我正在为 AMI 设置标签。我有 ubuntu 和 EKS AMI,其中 EKS AMI 需要设置 k8s 版本、containerd 等,其他操作系统不需要这些。我已将 EKS 特定的所有变量声明为默认为 null,假设在运行 for_each 时它们会跳过,但会出错。这是代码和错误。
locals {
tags = {
docker_version = var.docker_version
kubernetes = var.k8s_version
cni_plugin_version = var.cni_plugin_version
containerd_version = var.containerd_version
target = var.target
source_ami_id = var.source_ami_id
Release = var.ami_release-version
Description = var.ami_description
Name = var.ami_name
Creator = var.creator
}
data "aws_ami" "ami_image" {
most_recent = true
owners = ["xxxxxxxx"]
name_regex = var.ami_regex
}
output "ami_id" {
value = data.aws_ami.ami_image.id
}
output "ami_arn" {
value = …我正在尝试在 Terraform 中设置 S3 存储桶策略。我在模块中编写了以下代码core/main.tf:
resource "aws_s3_bucket_policy" "access_to_bucket" {\n\n bucket = aws_s3_bucket.some_bucket.id\n\n policy = jsonencode({\n Version = "2012-10-17"\n Statement = [\n {\n Action = ["s3:GetObject", "s3:GetObjectAcl", "s3:ListBucket"]\n Effect = "Allow"\n Principal = "${var.some_variable_name}"\n Resource = [\n "${aws_s3_bucket.some_bucket.arn}",\n "${aws_s3_bucket.some_bucket.arn}/*"\n ]\n },\n ]\n })\n}\n\n然后在本地模块中实例化,该模块使用 localstack 在本地运行。
\n这是生成的计划:
\nTerraform will perform the following actions:\n\n # module.local.aws_s3_bucket_policy.access_to_bucket will be created\n + resource "aws_s3_bucket_policy" "access_to_bucket" {\n + bucket = "some_bucket"\n + id = (known after apply)\n + policy …amazon-s3 amazon-web-services terraform terraform-provider-aws
我正在按照https://docs.aws.amazon.com/eks/latest/userguide/cni-increase-ip-addresses.html创建 EKS 托管节点组的示例进行操作
配置要求我/etc/eks/bootstrap.sh通过--kubelet-extra-args参数将附加参数传递给脚本。
我的 EKS 工作节点是通过 Terraform 资源配置的aws_eks_node_group
我找不到任何配置资源的选项来允许我传递参数--kubelet-extra-args。
我是看错地方还是没有办法实现这一点?
amazon-web-services kubernetes terraform terraform-provider-aws amazon-eks
terraform 验证后收到以下错误消息:
#################################################### #############
错误:资源“aws_ecs_task_definition”中 .terraform/modules/backend_deployment/task_definition.tf 第 4 行的属性值类型不正确:
需要兼容性=“FARGATE”
属性“requires_compatibility”的值不合适:需要一组字符串。
#################################################### #############
这是我的任务定义:
resource "aws_ecs_task_definition" "task_definition" {
family = join("-", [local.cluster_values.backend_name, local.cluster_values.environment, local.cluster_values.random_id])
network_mode = "awsvpc"
requires_compatibilities = "FARGATE"
cpu = 256
memory = 512
container_definitions = data.template_file.task_definition_template.rendered
task_role_arn = local.cluster_values.task_role
}
Terraform-Doku 说道:
require_compatibility - (可选)任务所需的启动类型集。有效值为 EC2 和 FARGATE。
非常感谢您的帮助!
对 terraform 相对较新,目前正在尝试在 AWS 中构建云基础设施。\n当我使用资源aws_route_table ( https://registry.terraform.io/providers/ ) 文档中的官方示例(略有更改)时,出现错误hashcorp/aws/latest/docs/resources/route_table)
\nresource "aws_route_table" "prod-route-table" {\n vpc_id = aws_vpc.prod-vpc.id\n\n route = [{\n # Route all Traffic to the internet gateway\n cidr_block = "0.0.0.0/0"\n gateway_id = aws_internet_gateway.gw.id\n },{\n ipv6_cidr_block = "::/0"\n gateway_id = aws_internet_gateway.gw.id\n }]\n \n}\n我收到以下错误消息
\nError: Incorrect attribute value type\n\xe2\x94\x82 Inappropriate value for attribute "route": element 0: attributes "carrier_gateway_id",\n\xe2\x94\x82 "destination_prefix_list_id", "egress_only_gateway_id", "instance_id", "ipv6_cidr_block",\n\xe2\x94\x82 "local_gateway_id", "nat_gateway_id", "network_interface_id", "transit_gateway_id", "vpc_endpoint_id",\n\xe2\x94\x82 and "vpc_peering_connection_id" are required.\n添加所有这些属性可以解决该错误,但这会极大地破坏代码。\n以不同方式编写它(请参阅下文)不会导致任何错误,terraform AWS 文档是否不正确,因为它们清楚地说明了第一种编写方式?
\n …当我尝试使用 terraform 创建子网时,不断收到以下错误。使用 aws 控制台创建子网没有问题。有人可以帮助我吗?
\n Error: error creating subnet: InvalidSubnet.Range: The CIDR '10.2.0.128/26' is invalid. \xe2\x94\x82 status code: 400
Error: error creating subnet: InvalidSubnet.Range: The CIDR '10.2.0.64/26' is invalid. \xe2\x94\x82 status code: 400
Error: error creating subnet: InvalidSubnet.Range: The CIDR '10.2.0.0/26' is invalid. \xe2\x94\x82 status code: 400
我对 VPC 和子网使用以下 CIDR 范围
\nvariable "cidr_block" {\ndefault = "10.1.0.0/21"\ndescription = "VPC CIDR Block"\ntype = string\n}\n\nvariable "public_subnet_cidr_blocks" {\ndefault = ["10.1.0.0/26","10.2.0.0/26","10.1.0.64/26","10.2.0.64/26","10.1.0.128/26","10.2.0.128/26"]\ntype = list\ndescription = "List of public subnet CIDR …amazon-web-services amazon-vpc terraform terraform-provider-aws
我正在尝试使用 terraform 部署 lambda 函数,代码是用 python 编写的。这是执行该操作的 terraform 代码。
data archive_file UpdateSeqNumInLedgerSummary {
count = (var.environment_id == var.prd_environment) ? 1 : 0
..
..
..
#
}
resource aws_lambda_function update_seqnum_in_indexedledgersummary {
count = (var.environment_id == var.prd_environment) ? 1 : 0
..
..
..
#
}
在部署期间,我还尝试使用aws_lambda_inspiration调用 lambda 函数。这就是我正在做的
data aws_lambda_invocation update_seqnum_invocation {
count = (var.environment_id == var.prd_environment) ? 1 : 0
function_name = aws_lambda_function.update_seqnum_in_indexedledgersummary[count.index].function_name
input = <<JSON
{}
JSON
}
但在部署期间我收到以下错误
Error: Invalid index
on seqnum-update.tf line 124, …我正在尝试在 AWS Elasticache 中创建自定义参数组。
我想使用默认参数组作为基础(名为 default.redis5.0.cluster.on 的组,因为这里有我需要的其他所有内容,但只有一个我想更改的属性),请参阅https:// docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/ParameterGroups.Redis.html有关默认参数组的更多详细信息
我的基本假设是,我需要将默认参数组值复制到 Terraform 资源,然后只修改我需要更改的唯一参数。然而,这会产生大量参数,而且似乎不是最简单的方法。
如果我需要在default.redis5.0.cluster.on参数组中复制参数,那么我需要将这些参数放在 Terraform 中。有没有办法将默认资源组导入为 Terraform 配置?
amazon-web-services amazon-elasticache terraform terraform-provider-aws
编辑:我现在已经修改了问题以显示整个 main.tf 文件。
\n我有一个 Terraform 文件,该文件应该创建一个 AWS S3 存储桶,但每次运行时我不断收到的错误之一terraform plan是:
\xe2\x94\x82 Error: Invalid provider configuration\n\xe2\x94\x82 Provider "registry.terraform.io/hashicorp/aws" requires explicit configuration. Add a provider block to the root module and configure the provider's required arguments as described in the provider documentation.\nmain.tf 文件:
\nterraform {\n backend "s3" {\n region = "us-east-1"\n bucket = "bucketname"\n key = "path/terraform.tfstate" \n dynamodb_table = "tf-state-lock" \n access_key = "<access_key>"\n secret_key = "<secret_key"\n }\n\n required_providers {\n aws = {\n version …amazon-s3 amazon-web-services terraform terraform-provider-aws