terraform-provider-aws | 易学教程

Why can I not use aws_lambda_function datasource inside aws_lambda_alias routing_config?

阅读更多关于 Why can I not use aws_lambda_function datasource inside aws_lambda_alias routing_config?

问题 I am experimenting with a blue/green deployment setup for lambdas using terraform and lambda aliases. I am trying to automatically retrieve the previously deployed version of the lambda by using the aws_lambda_function data source and using the value inside the routing_config => additional_version_weights. This would allow me to set up a traffic split between the previously deployed version and the version that has just been deployed. However, I have run into 2 errors I don't quite understand

Resource 'data.template_file.user_data' does not have attribute 'rendered'

阅读更多关于 Resource 'data.template_file.user_data' does not have attribute 'rendered'

问题 Terraform Version : v0.11.8 Use case Try to terminate the resources using terraform, got error while running output command. Code: output "frontend_rendered" { value = "${data.template_file.user_data.rendered}" } Debug Output module.test.output.test_rendered: Resource 'data.template_file.user_data' does not have attribute 'rendered' for variable 'data.template_file.user_data.rendered' Expected Behavior Termination without any error. Additional Context This issue came after i upgraded

Terraform - Specifying multiple possible values for Variables

阅读更多关于 Terraform - Specifying multiple possible values for Variables

问题 CloudFormation provides AllowedValues for Parameters which tells that the possible value of the parameter can be from this list. How can I achieve this with Terraform variables? The variable type of list does not provide this functionality. So, in case I want my variable to have value out of only two possible values, how can I achieve this with Terraform. CloudFormation script that I want to replicate is: "ParameterName": { "Description": "desc", "Type": "String", "Default": true,

terraform dynamic tags on ASG and other resources like EFS

阅读更多关于 terraform dynamic tags on ASG and other resources like EFS

问题 I would like to get dynamic tags on an aws_autoscaling_group resource, but unlike the example in the documentation I do not yet now how many there will be and the tags must be shared with other resources . In the example below that would be EFS, but basically all other aws resources will be affected. So the following lines are set: variable "tags" { type = "map" default = { tag1 = "value1" tag2 = "value2" } } resource "aws_autoscaling_group" "asg" { name = "test-asg" launch_configuration =

Execute Terraform apply with AWS assume role

阅读更多关于 Execute Terraform apply with AWS assume role

问题 I need to execute a Terraform template to provision infrastructure for an AWS account which I can access by assuming a role. The problem I have now is I do not have an IAM user in that AWS account so I do not have an aws_access_key_id or an aws_secret_access_key to set up another named profile in my ~/.aws/credentials . When I run command terraform apply , the template creates the infrastructure for my account, not the other account. How to run Terraform template using your account which has

Terraform local-exec provisioner on an EC2 instance fails with “Permission denied”

阅读更多关于 Terraform local-exec provisioner on an EC2 instance fails with “Permission denied”

问题 Trying to provision EKS cluster with Terraform. terraform apply fails with: module.eks_node.null_resource.export_rendered_template: Provisioning with 'local-exec'... module.eks_node.null_resource.export_rendered_template (local-exec): Executing: ["/bin/sh" "-c" "cat > /data_output.sh <<EOL\n#!/bin/bash -xe\n\nCA_CERTIFICATE_DIRECTORY=/etc/kubernetes/pki\nCA_CERTIFICATE_FILE_PATH=$CA_CERTIFICATE_DIRECTORY/ca.crt\nmkdir -p $CA_CERTIFICATE_DIRECTORY\necho \

Execute Terraform apply with AWS assume role

阅读更多关于 Execute Terraform apply with AWS assume role

I need to execute a Terraform template to provision infrastructure for an AWS account which I can access by assuming a role. The problem I have now is I do not have an IAM user in that AWS account so I do not have an aws_access_key_id or an aws_secret_access_key to set up another named profile in my ~/.aws/credentials . When I run command terraform apply , the template creates the infrastructure for my account, not the other account. How to run Terraform template using your account which has a role to access services of another AWS account? Here's my Terraform file: # Input variables variable

Deploy local files to instances without using Terraform file provisioners

阅读更多关于 Deploy local files to instances without using Terraform file provisioners

问题 As several other users who have posted to StackOverflow, I ran into problems with file provisioners, and the Terraform documentation says we should not rely on them. What's the best way to work around file provisioners - specifically for local config files and scripts? 回答1: One solution, which works very well and does not require a direct connection to the instance, is to use the userdata as a hook to "install" the files from the base64 version of the file(s). We can actually embed the files