terraform

问题 I am trying to generate a bunch of files from templates - I need to replace the hardcoded 1 with the count.index , not sure what format terraform will allow we to use. resource "local_file" "foo" { count = "${length(var.files)}" content = "${data.template_file.tenant_repo_multi.1.rendered}" #TODO: Replace 1 with count index. filename = "${element(var.files, count.index)}" } data "template_file" "tenant_repo_multi" { count = "${length(var.files)}" template = "${file("templates/${element(var

问题 I am using terraform v0.12.6 and I run into many errors like: Error: Error creating Security Group: InvalidGroup.Duplicate: The security group 'security-search-populate' already exists for VPC 'vpc-003e06e33a87c22f5' status code: 400, request id: 82acdc81-c324-4672-b9fe-531eb8283ed3 Error: Error creating IAM Role PopulateTaskRole: EntityAlreadyExists: Role with name PopulateTaskRole already exists. status code: 409, request id: 49aac94c-d52b-11e9-a535-c19e5ed20660 I know I can solve them by

问题 Im trying to iterate through a variable type map and i'm not sure how to This is what i have so far In my main.tf: resource "aws_route_53_record" "proxy_dns" { count = "${length(var.account_name)}" zone_id = "${infrastructure.zone_id}" name = "proxy-${element(split(",", var.account_name), count.index)}-dns type = CNAME ttl = 60 records = ["{records.dns_name}"] } And in my variables.tf variable "account_name" { type = "map" default = { "account1" = "accountA" "account2" = "accountB" } } I want

问题 I'm using Terraform 0.12.26 and I want to build an AWS Ubuntu machine instance. When I run terraform apply , everything looks right... but I can't ssh to the new EC2 machine. My home firewall allows ssh everywhere, and I can ssh to any other internet resources. If I manually install an EC2 instance in the same region / az, ssh works fine... this problem seems to be limited to Terraform. $ terraform apply ... Do you want to perform these actions? Terraform will perform the actions described

问题 How to escape HCL string containing ${aws:username} in "Resource" section? I currently use Terraform version 0.9.9 to create AWS policies in a main.tf file in following way: resource "aws_iam_group_policy" "AllowIndividualUserToSeeTheirAccountInformation" { name = "AllowIndividualUserToSeeTheirAccountInformation" group = "${aws_iam_group.pr_faas_developers.id}" policy = <<EOF { "Version": "2012-10-17", "Statement": [ { "Action": [ "iam:ChangePassword", "iam:CreateLoginProfile", "iam

问题 How to escape HCL string containing ${aws:username} in "Resource" section? I currently use Terraform version 0.9.9 to create AWS policies in a main.tf file in following way: resource "aws_iam_group_policy" "AllowIndividualUserToSeeTheirAccountInformation" { name = "AllowIndividualUserToSeeTheirAccountInformation" group = "${aws_iam_group.pr_faas_developers.id}" policy = <<EOF { "Version": "2012-10-17", "Statement": [ { "Action": [ "iam:ChangePassword", "iam:CreateLoginProfile", "iam

问题 When trying to execute a shell script throw provisioner "remote-exec" in terraform connection not establish I'm using ami for ubuntu-xenial-16.04 so the user is ubuntu This is the last code that I use to execute the shell script: resource "aws_instance" "secondary_zone" { count = 1 instance_type = "${var.ec2_instance_type}" ami = "${data.aws_ami.latest-ubuntu.id}" key_name = "${aws_key_pair.deployer.key_name}" subnet_id = "${aws_subnet.secondary.id}" vpc_security_group_ids = ["${aws_security

问题 I am trying to create a Windows Ec2 instance from AMI and executing a powershell command on that as : data "aws_ami" "ec2-worker-initial-encrypted-ami" { filter { name = "tag:Name" values = ["ec2-worker-initial-encrypted-ami"] } } resource "aws_instance" "my-test-instance" { ami = "${data.aws_ami.ec2-worker-initial-encrypted-ami.id}" instance_type = "t2.micro" tags { Name = "my-test-instance" } provisioner "local-exec" { command = "C:\\ProgramData\\Amazon\\EC2-Windows\\Launch\\Scripts\

问题 I am trying to create a Windows Ec2 instance from AMI and executing a powershell command on that as : data "aws_ami" "ec2-worker-initial-encrypted-ami" { filter { name = "tag:Name" values = ["ec2-worker-initial-encrypted-ami"] } } resource "aws_instance" "my-test-instance" { ami = "${data.aws_ami.ec2-worker-initial-encrypted-ami.id}" instance_type = "t2.micro" tags { Name = "my-test-instance" } provisioner "local-exec" { command = "C:\\ProgramData\\Amazon\\EC2-Windows\\Launch\\Scripts\

问题 We have many IAM users, all creating self-serve infrastructure on EC2 using Terraform. Users don't necessarily set the key for their instances, so it's hard to tie an instance to a particular user. I realize we could dig through CloudTrail to find out which users are creating instances, but it seems like it would be simpler to tag the instances with the current IAM username. The problem is Terraform doesn't appear to expose this - I can use aws_caller_identity or aws_canonical_user_id , but