从 Terraform 进行 REST API 调用的最佳方法是什么?我目前使用的是null_resource与local-exec供应方做出卷曲电话:
resource "null_resource" "cloudability-setup" {
provisioner "local-exec" {
command = <<EOT
curl -s -X POST https://api.cloudability.com/v3/vendors/aws/accounts \
-H 'Content-Type: application/json' \
-u "$${CldAbltyAPIToken:?Missing Cloudability API Token Env Variable}:" \
-d '{"vendorAccountId": "${data.aws_caller_identity.current.account_id}", "type": "aws_role" }'
EOT
}
但是,cURL 返回码对于 HTTP 200 和 HTTP 400 响应是成功的。如果无法注册新帐户,我希望将资源标记为失败。
我试过只返回 HTTP 响应代码:
resource "null_resource" "cloudability-setup" {
provisioner "local-exec" {
command = <<EOT
curl -s -o /dev/null -w "%{http_code}" \
-X POST https://api.cloudability.com/v3/vendors/aws/accounts \
-H 'Content-Type: …有人可以给我一个示例,说明如何基于变量映射以编程方式创建Terraform提供程序别名吗?这是我尝试过的方法,但出现以下错误:
variable "aws_regions" {
default = [
{
region = "us-east-1"
alias = "default"
},
{
region = "us-east-2"
alias = "useast2"
},
{
region = "us-west-1"
alias = "uswest1"
},
{
region = "us-west-2"
alias = "uswest2"
},
{
region = "eu-central-1"
alias = "eucent1"
}
]
}
provider "aws" {
count = "${length(var.aws_regions)}"
region = "${lookup(var.aws_regions[count.index], "region")}"
alias = "${lookup(var.aws_regions[count.index], "alias")}"
}
# CloudWatch Log Groups
resource "aws_cloudwatch_log_group" "linux" {
count = "${length(var.aws_regions)}"
provider = "aws.${lookup(var.aws_regions[count.index], "alias")}"
name …我对terraform相对较新,并且正在尝试遍历所有aws_instances以应用null_resource。您可以使用多个splat来访问所有实例,而无论其名称如何?
EC2实例分为三种类型:
aws_instance.web.* (3 instances)
aws_instance.app.* (3 instances)
aws_instance.db.* (2 instances)
这是我尝试将null_resource应用于所有八个aws_instances的尝试:
resource "null_resource" "install_security_package" {
#count = "${length(aws_instance)}" #terraform error: resource count can't reference variable: aws_instance
#count = "${length(aws_instance.*)}" #terraform error: resource variables must be three parts: TYPE.NAME.ATTR
count = "${length(aws_instance.*.*)}" #terraform error: unknown resource 'aws_instance.*'
connection {
type = "ssh"
host = "${element(aws_instance.*.private_ip, count.index)}"
user = "${lookup(var.user, var.platform)}"
private_key = "${file("${var.private_key_path}")}"
timeout = "2m"
}
provisioner "remote-exec" {
inline = [
"sudo rpm -Uvh http://www.example.com/security/repo/security_baseline.rpm",
]
}
}