【发布时间】:2018-09-18 19:38:15
【问题描述】:
在我的一个项目中让 Terraform 远程状态工作时遇到问题。状态文件在 S3 中是远程的。我是这样导入的:
data "terraform_remote_state" "management" {
backend = "s3"
config {
bucket = "testbucket"
key = "subfolder/terraform.tfstate"
region = "us-west-2"
}
}
我可以在上述状态文件的根级别看到输出:
"outputs": {
"cidr": {
"sensitive": false,
"type": "string",
"value": "10.90.0.0/16"
},
我正在使用这样的远程状态:
module "dev-alpha-application" {
source = "../../modules/application"
envname = "test-app"
baseami = "ami-a042f4d8"
key_name = "pb-smarsh-test"
clui_baseami = "ami-xxxxxxxx"
adui_baseami = "ami-xxxxxxxx"
cidr = "10.80.0.0/16"
management_cidr = "${data.terraform_remote_state.management.cidr}"
vpn_gateway_id = "cgw-xxxxxxxx"
cidrs = "${list("${data.terraform_remote_state.management.cidr}", "${module.dev-alpha-application.cidr}")}"
除非我忽略了一些愚蠢的事情,否则这应该可以,但是当我运行 terraform apply 时,我收到以下错误:
* module.dev-alpha-application.var.management_cidr: Resource 'data.terraform_remote_state.management' does not have attribute 'cidr' for variable 'data.terraform_remote_state.management.cidr'
Terraform 初始化按预期工作。任何帮助将不胜感激。我试图包含尽可能多的信息 .
编辑 - 在调试模式下,它似乎正在打开远程状态文件 ok
-----------------------------------------------------
2018/04/10 09:05:10 [DEBUG] [aws-sdk-go] <?xml version="1.0" encoding="UTF-8"?>
<ListBucketResult xmlns="http://s3.amazonaws.com/doc/2006-03-01/"><Name>testbucket</Name><Prefix>env:/</Prefix><Marker></Marker><MaxKeys>1000</MaxKeys><IsTruncated>false</IsTruncated></ListBucketResult>
2018/04/10 09:05:10 [DEBUG] [aws-sdk-go] DEBUG: Request s3/GetObject Details:
---[ REQUEST POST-SIGN ]-----------------------------
GET /subfolder/terraform.tfstate HTTP/1.1
Host: testbucket.s3.us-west-2.amazonaws.com
User-Agent: aws-sdk-go/1.12.59 (go1.9.1; linux; amd64) APN/1.0 HashiCorp/1.0 Terraform/0.11.3
Authorization: AWS4-HMAC-SHA256 Credential=AKIAI6X7Y3APAUTZZQOQ/20180410/us-west-2/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=716689e2124dd2a689b528c0cb51b07aeaf791cf577fa1a4fd17a79fb401b957
X-Amz-Content-Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
X-Amz-Date: 20180410T080510Z
Accept-Encoding: gzip
-----------------------------------------------------
2018/04/10 09:05:11 [DEBUG] [aws-sdk-go] DEBUG: Response s3/GetObject Details:
---[ RESPONSE ]--------------------------------------
HTTP/1.1 200 OK
Connection: close
Content-Length: 386104
Accept-Ranges: bytes
Content-Type: application/json
Date: Tue, 10 Apr 2018 08:05:12 GMT
Etag: "1df4aaad48451707a79306a8f6a1c51c"
Last-Modified: Mon, 09 Apr 2018 14:53:03 GMT
Server: AmazonS3
X-Amz-Id-2: 92XqUEj319Uq5KhYFWvrLQ3O7VooOMMQ4GxY0keRKYY72Q5mpOgjeZ78w20AzjCSFLuZZycfEqU=
X-Amz-Request-Id: 448DB8C5E4B70A9A
X-Amz-Server-Side-Encryption: AES256
X-Amz-Version-Id: GjI6glV8oa9_.eOFSc5GFGVtTJBnrEmL
但我在调试日志中也看到了这一点:
2018/04/10 09:02:17 [DEBUG] Resource state not found for "data.terraform_remote_state.management": data.terraform_remote_state.management
【问题讨论】:
-
一目了然我认为你需要
data.terraform_remote_state.management.outputs..cidr -
代码看起来OK,确认remote_state是正确的。
testbucket/subfolder/terraform.tfstate是否存在于您期望的位置? TF 不会告诉您未找到状态,而是允许您使用它,这可能就是您收到此错误的原因 -
谢谢@Stephen。存储桶/文件夹/文件确实存在。我编辑了存储桶的真实名称,因为它会泄露个人信息。我还为这个项目使用了与写入远程状态的密钥相同的密钥,因此它不应该是访问问题。
-
也许尝试启用 terraform 调试
TF_LOG=DEBUG terraform plan。它可能非常冗长,但通常可以让您了解正在发生的事情 -
感谢您的帮助。我在上面添加了更多^
标签: terraform