使用 Terraform 通过 EC2 创建时，如何向 AWS EBS 添加标签？

Question

我正在尝试为使用 PROD 的 AMI 的 TEST 环境创建 EC2 实例。一切都正确创建，但我无法弄清楚如何将标签添加到与其一起创建的 EBS 卷中？

标签在 EC2 上有效，但不适用于 EBS 或根卷。我也尝试在它们上添加标签映射，但这是无效的。有任何想法吗？

provider "aws" {
  region = "us-east-1"
}

data "aws_ami" "existing_sft_ami" {
  most_recent = true

  filter {
    name   = "name"
    values = [var.prod_name]
  }
  owners = [
    var.aws_account_id]
}

data "aws_subnet" "subnet" {
  id = var.aws_subnet_id
}

resource "aws_instance" "sftp" {
  ami           = data.aws_ami.existing_sft_ami.id
  instance_type = "t2.micro"
  availability_zone = var.availability_zone
  subnet_id = data.aws_subnet.subnet.id
  key_name = var.ssh_key_name
  vpc_security_group_ids = [var.aws_security_group_id]
  root_block_device {
    delete_on_termination = true
  }
  ebs_block_device {
    device_name = "/dev/sdb"
    delete_on_termination = true
  }
  tags = {
    Name = var.name
    Owner = var.owner
    Created = formatdate("DD MMM YYYY hh:mm ZZZ", timestamp())
    Environment = "TEST"
  }
}

Answer 1

您需要使用附加的volume_tags 参数来标记卷。此外，为了让您的代码更干一点，您可以使用 locals 块来做到这一点。

locals {
    tags = {
        Name = var.name
        Owner = var.owner
        Created = formatdate("DD MMM YYYY hh:mm ZZZ", timestamp())
        Environment = var.environment
    }
}

resource "aws_instance" "sftp" {
  ami           = data.aws_ami.existing_sft_ami.id
  instance_type = "t2.micro"
  availability_zone = var.availability_zone
  subnet_id = data.aws_subnet.subnet.id
  key_name = var.ssh_key_name
  vpc_security_group_ids = [var.aws_security_group_id]
  root_block_device {
    delete_on_termination = true
  }
  ebs_block_device {
    device_name = "/dev/sdb"
    delete_on_termination = true
  }
  tags = local.tags
  volume_tags = local.tags
}

Answer 2

您也可以将tags 属性添加到root_block_device 和ebs_block_device，如果您不想将同一组标签应用于所有块设备（@987654325 @ 会做）。

例如：

provider "aws" {
  region = "us-east-1"
}

data "aws_ami" "existing_sft_ami" {
  most_recent = true

  filter {
    name   = "name"
    values = [var.prod_name]
  }
  owners = [
    var.aws_account_id]
}

data "aws_subnet" "subnet" {
  id = var.aws_subnet_id
}

resource "aws_instance" "sftp" {
  ami           = data.aws_ami.existing_sft_ami.id
  instance_type = "t2.micro"
  availability_zone = var.availability_zone
  subnet_id = data.aws_subnet.subnet.id
  key_name = var.ssh_key_name
  vpc_security_group_ids = [var.aws_security_group_id]
  root_block_device {
    delete_on_termination = true
    tags = {
      Name = "${var.name}-root-volume"
      Owner = var.owner
      Created = formatdate("DD MMM YYYY hh:mm ZZZ", timestamp())
      Environment = "TEST"
    }
  }
  ebs_block_device {
    device_name = "/dev/sdb"
    delete_on_termination = true
    tags = {
      Name = "${var.name}-secondary-volume"
      Owner = var.owner
      Created = formatdate("DD MMM YYYY hh:mm ZZZ", timestamp())
      Environment = "TEST"
    }
  }
  tags = {
    Name = var.name
    Owner = var.owner
    Created = formatdate("DD MMM YYYY hh:mm ZZZ", timestamp())
    Environment = "TEST"
  }
}

就像@ben-whaley 所说，您可以通过将公共标签集定义为局部变量来避免一些重复 - 您可以使用merge 将这些标签与特定于您的块设备的标签组合起来，如下所示：

  tags = merge(local.tags, {
    Name = "${var.name}-secondary-volume"
  })

请注意，一旦创建实例，a bug in the AWS provider for Terraform 就无法更新任何 ebs_block_device 上的标签 -- 更新 root_block_device 上的标签可以正常工作。