我希望你能帮助我解决我的问题。我正在尝试自动让我的 ec2 实例使用我的 terraform 脚本加入一个广告域。由于 Terraform 不支持任何“域加入目录”选项,我想尝试创建一个 SSM 文档,让 Systems Manager 为我制作。实际上我得到了以下代码:
resource "aws_directory_service_directory" "ad" {
name = "active-directory-service.com"
password = "${var.ad-password}"
edition = "Standard"
size = "Small"
type = "MicrosoftAD"
vpc_settings {
vpc_id = "${aws_vpc.vpc.id}"
subnet_ids = ["${aws_subnet.ds-subnet.0.id}",
"${aws_subnet.ds-subnet.1.id}"
]
}
}
resource "aws_vpc_dhcp_options" "vpc-dhcp-options" {
domain_name = "${var.dir_domain_name}"
domain_name_servers = aws_directory_service_directory.ad.dns_ip_addresses
}
resource "aws_vpc_dhcp_options_association" "dns_resolver" {
vpc_id = aws_vpc.vpc.id
dhcp_options_id = aws_vpc_dhcp_options.vpc-dhcp-options.id
}
resource "aws_ssm_document" "ad-server-domain-join-document" {
name = "myapp_dir_default_doc"
document_type = "Command"
content = <<DOC
{
"schemaVersion": …