【发布时间】:2021-02-03 20:20:07
【问题描述】:
由于我是 terraform 的新手,所以一旦我卡住了将近一天,我想请你帮忙。
当尝试应用 IAC 将 Nginx 服务部署到 AWS 上的 ECS(EC2 启动类型)时,我遇到了以下问题:
Error: Error creating IAM Role nginx-iam_role: MalformedPolicyDocument: Has prohibited field Resource status code: 400, request id: 0f1696f4-d86b-4ad1-ba3b-9453f3beff2b
我已经检查了文档并且语法很好。还有什么问题?
按照 sn-p 代码创建 IAM 基础设施:
provider "aws" {
region = "us-east-2"
}
data "aws_iam_policy_document" "nginx-doc-policy" {
statement {
sid = "1"
actions = [
"ec2:*"
]
resources = ["*"]
}
}
resource "aws_iam_role" "nginx-iam_role" {
name = "nginx-iam_role"
path = "/"
assume_role_policy = "${data.aws_iam_policy_document.nginx-doc-policy.json}"
}
resource "aws_iam_group_policy" "nginx-group-policy" {
name = "my_developer_policy"
group = "${aws_iam_group.nginx-iam-group.name}"
policy = "${data.aws_iam_policy_document.nginx-doc-policy.json}"
}
resource "aws_iam_group" "nginx-iam-group" {
name = "nginx-iam-group"
path = "/"
}
resource "aws_iam_user" "nginx-user" {
name = "nginx-user"
path = "/"
}
resource "aws_iam_user_group_membership" "nginx-membership" {
user = "${aws_iam_user.nginx-user.name}"
groups = ["${aws_iam_group.nginx-iam-group.name}"]
}
如果你们需要剩余代码:https://github.com/atilasantos/iac-terraform-nginx.git
【问题讨论】:
-
stackoverflow.com/a/44581645/2291321 回答你的问题了吗?
标签: amazon-web-services amazon-ec2 terraform amazon-ecs