无法使用 Terraform 0.12 获取子网数据

【问题标题】:Unable to get subnet data using Terraform 0.12无法使用 Terraform 0.12 获取子网数据
【发布时间】:2020-07-31 08:50:28
【问题描述】:

我正在尝试查询 vpc 和子网的值,我能够获取 vpc id 但是我无法获取应该证明 2 个值的子网 id。

已在 terraform 计划中看到错误(删除了一些细节以缩短您对我的代码的阅读时间)

# module.environment.aws_elastic_beanstalk_environment.env will be created
  + resource "aws_elastic_beanstalk_environment" "pogimo123" {
      + all_settings           = (known after apply)
      + application            = "pogimo123"
      + name                   = "pogimo123"
      + platform_arn           = (known after apply)
      + queues                 = (known after apply)
      + solution_stack_name    = "64bit Amazon Linux 2018.03 v2.9.8 running PHP 7.2"
      + tier                   = "WebServer"
      + setting {
          + name      = "ELBScheme"
          + namespace = "aws:ec2:vpc"
          + value     = "internal"
        }
      + setting {
          + name      = "ELBSubnets"
          + namespace = "aws:ec2:vpc"
          + value     = "data.aws_subnet_ids.mysubnets.ids"
        }
      + setting {
          + name      = "Subnets"
          + namespace = "aws:ec2:vpc"
          + value     = "data.aws_subnet_ids.mysubnets.ids"
        }
      + setting {
          + name      = "VPCId"
          + namespace = "aws:ec2:vpc"
          + value     = "vpc-pogimo123"
        }
    }

如果您检查 VPC,它会显示该值已被很好地查询,显示 vpc id vpc-pogimo123 但是在子网上我得到了这些

+ value     = "data.aws_subnet_ids.subnets.ids"

应该给这个值

  + value   = [
            + "subnet-01293018398409233",
            + "subnet-jlkj312knasdhjalsd",
            + "subnet-908345mnsdfhs3244s",
    ]

这是错误

Error: ConfigurationValidationException: Configuration validation exception: Invalid option value: '["data.aws_subnet_ids.mysubnets.ids"]' (Namespace: 'aws:ec2:vpc', OptionName: 'Subnets'): The subnet 'data.aws_subnet_ids.mysubnets.ids' does not exist.
    status code: 400, request id: 123h12j3a-12312-4ed3458-c234-0adnahj234hjsa

  on ../modules/environment/tfenvtest.tf line 1, in resource "aws_elastic_beanstalk_environment" "tfenvtest":
   1: resource "aws_elastic_beanstalk_environment" "tfenvtest" {

这是我使用的代码

data "aws_vpc" "myvpc" {
  filter {
    name   = "tag:POGIMO123"
    values = ["TRUE"]
  }
}

data "aws_subnet_ids" "mysubnets" {
  vpc_id = data.aws_vpc.myvpc.id

  filter {
    name   = "tag:Name"
    values = ["*_POGIMO123"]
  }
}

resource "aws_elastic_beanstalk_application" "tftest" {
  name        = "pogimo123"
  description = "pogimo123"
}

resource "aws_elastic_beanstalk_environment" "tfenvtest" {
  name                = "tf-test-name"
  application         = "${aws_elastic_beanstalk_application.tftest.name}"
  solution_stack_name = "64bit Amazon Linux 2018.03 v2.9.8 running PHP 7.2"
}

setting {
  namespace = "aws:ec2:vpc"
  name      = "VPCId"
  value     = data.aws_vpc.myvpc.id
}
setting {
  namespace = "aws:ec2:vpc"
  name = "ELBSubnets"
  value = "data.aws_subnet_ids.mysubnets.ids"
}
setting {
  namespace = "aws:ec2:vpc"
  name = "Subnets"
  value = "data.aws_subnet_ids.mysubnets.ids"
}

【问题讨论】:

    标签: amazon-elastic-beanstalk terraform


    【解决方案1】:

    我尝试通过在us-east-1 的沙盒帐户和默认 VPC(不是您的自定义 VPC,因为没有提供代码)中启动您的脚本来验证

    更多的问题然后它最初很明显:

    • setting 必须在 aws_elastic_beanstalk_environment
    • 应该是join(",", data.aws_subnet_ids.mysubnets.ids),而不是"data.aws_subnet_ids.mysubnets.ids"
    • 缺少实例配置文件

    EB 修改后的完全工作 terraform 脚本如下:

    provider "aws" {
  # your data
}

data "aws_vpc" "myvpc" {
  default = true
}

data "aws_subnet_ids" "mysubnets" {
  vpc_id = data.aws_vpc.myvpc.id
}

resource "aws_elastic_beanstalk_application" "tftest" {
  name        = "pogimo123"
  description = "pogimo123"
}


resource "aws_iam_role" "eb_instance_role" {

  path               = "/"
  assume_role_policy = <<EOF
{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Action": "sts:AssumeRole",
      "Principal": {
        "Service": "ec2.amazonaws.com"
      },
      "Effect": "Allow",
      "Sid": ""
    }
  ]
}
EOF
}

resource "aws_iam_role_policy_attachment" "eb_role_attachment" {

  role       = "${aws_iam_role.eb_instance_role.name}"
  policy_arn = "arn:aws:iam::aws:policy/AWSElasticBeanstalkWebTier"
}



resource "aws_iam_instance_profile" "eb_instance_profile" {

  role = "${aws_iam_role.eb_instance_role.id}"
  
  # wait for the profile to exist
  # it takes time
  provisioner "local-exec" {
    command = "sleep 30"
  }
  
}

resource "aws_elastic_beanstalk_environment" "tfenvtest" {
  name                = "tf-test-name"
  application         = aws_elastic_beanstalk_application.tftest.name
  solution_stack_name = "64bit Amazon Linux 2018.03 v2.9.8 running PHP 7.2"
  

  setting {
    namespace = "aws:ec2:vpc"
    name      = "VPCId"
    value     = data.aws_vpc.myvpc.id
  }
  
  setting {
    namespace = "aws:autoscaling:launchconfiguration"
    name      = "IamInstanceProfile"
    value     = aws_iam_instance_profile.eb_instance_profile.name
  }  

  setting {
    namespace = "aws:ec2:vpc"
    name = "Subnets"
    value = join(",", data.aws_subnet_ids.mysubnets.ids)
  }
  
}

    【讨论】:

    • Marcin - 我已经尝试过了,我还通过添加我遇到的错误和代码更正来更新我的问题(应该是 mysubnets 而不是子网)
    • @Lagot 我用你的脚本的完整工作版本更新了答案。
    猜你喜欢
    • 2020-11-21
    • 1970-01-01
    • 2020-08-09
    • 2021-11-29
    • 2020-02-12
    • 2021-10-23
    • 2019-10-28
    • 2020-01-05
    • 2019-11-24
    相关资源
    最近更新 更多
    热门标签
    Java Python linux javascript Mysql C# Docker 算法 前端 SpringBoot Redis Vue spring 设计模式 .net core .net kubernetes c++ 数据库 数据结构 大数据 js 机器学习 微服务 Android Go 程序员 面试 JVM ASP.net core 云原生 人工智能 后端 PHP git CSS golang k8s Nginx Django mybatis 深度学习 多线程 React 架构 devops 爬虫 云计算 Spring Boot LeetCode