terraform-provider-aws

问题 It's sad that terraform is not backward compatible. data "aws_security_group" "security_groupdev" { filter { name = "group-name" values = ["SecurityGroupdev"] } } resource "aws_instance" "ec2_instance" { count = "${var.ec2_instance_count}" ... } resource "aws_network_interface_sg_attachment" "sg_attachment" { security_group_id = "${data.aws_security_group.security_groupdev.id}" network_interface_id = "${aws_instance.ec2_instance.primary_network_interface_id}" } but after upgrading it to

问题 It's sad that terraform is not backward compatible. data "aws_security_group" "security_groupdev" { filter { name = "group-name" values = ["SecurityGroupdev"] } } resource "aws_instance" "ec2_instance" { count = "${var.ec2_instance_count}" ... } resource "aws_network_interface_sg_attachment" "sg_attachment" { security_group_id = "${data.aws_security_group.security_groupdev.id}" network_interface_id = "${aws_instance.ec2_instance.primary_network_interface_id}" } but after upgrading it to

问题 I have 3 .tf files in my terraform root directory: vpc.tf subnets.tf instances.tf Along with the .terraform directory after running terraform init I would like to deploy only vpc.tf running something like: terraform apply vpc.tf #here, vpc.tf is a terraform file But it doesn't work (I get a Go error: "zip: not a valid zip file"). If I just run terraform apply it will try to apply all configurations in all 3 terraform files (vpc.tf, subnets.tf and instances.tf) which is not what I want. It

问题 TL;DR I use an open-source server application running on Docker Compose . It has a few services, including PostgreSQL DB and Redis. How can I best deploy this application to AWS in full IaC with Terraform? Solutions so far 1. AWS ecs-cli ecs-cli now supports sending docker compose configs in Amazon ECS. However, I do not think it could be integrated with the Terraform workflow (which is maybe not a big fuss). What I know for sure is that ecs-cli is not supported in CloudFormation , as per

问题 I'm using Terraform to launch my cloud environments. It seems that even minor configuration change affects many of the resources behind the scenes. For example, In cases where I create AWS instances - a small change will lead to auto-generation of all the instances: -/+ aws_instance.DC (new resource required) id: "i-075deb0aaa57c2d" => <computed> (forces new resource) <----- How can we avoid that? ami: "ami-01e306baaaa0a6f65" => "ami-01e306baaaa0a6f65" arn: "arn:aws:ec2:ap-southeast-2

问题 I am using Terraform to construct our applications infrastructure, its been executed from a container. At the beginning I have attached a IAM (AWS) role which basically provide the container with Admin permissions (which is a mistake, i know). Now i need to create a role that is minimal for the existing state. I have a lot of services and resources in that terraform plan. Is there a tool that can read a state or a plan and generate a list of necessary IAM policies? Or what would be the best

问题 I am currently working on a custom Terraform Provider for Jumpcloud and am experiencing some challenges with configuring a custom data source. I see that the Resource schema requires Create, Read, Update, and delete. I am just wanting to run an API query in Terraform so that I can return a list of users and use those users in a for loop. Below is the API call that I have tagged as a schema.Resource func userquery() *schema.Resource { apiKey := "" userGroupID := "" contentType := "application

问题 I'm using nodegroups into my terraform script and I was wondering how can I set the name of instances from nodegroups: resource "aws_eks_node_group" "node_group" { count = length(var.public_subnet_ids) cluster_name = aws_eks_cluster.cluster.name node_group_name = "node-group-${count.index}" node_role_arn = aws_iam_role.nodes.arn subnet_ids = [var.public_subnet_ids[count.index]] instance_types = [var.node-instance-type] ... } Without nodegroups I was doing: resource "aws_launch_configuration"

问题 I have 2 databases on AWS RDS, one for stage and one for production across 2 accounts. I am trying to copy the data in production to stage every x days. My plan was to make a copy of the most recent automatic backup snapshot in production and share it to the stage account before creating the database in stage using the shared snapshot from production . Everything was going right until I ran into what I believe is a bug but it could easily be that I made a mistake. When I tried to get the most

问题 I have 2 databases on AWS RDS, one for stage and one for production across 2 accounts. I am trying to copy the data in production to stage every x days. My plan was to make a copy of the most recent automatic backup snapshot in production and share it to the stage account before creating the database in stage using the shared snapshot from production . Everything was going right until I ran into what I believe is a bug but it could easily be that I made a mistake. When I tried to get the most