terraform

问题 I am tying to to provision Azure AD Domain Service using Terraform by giving Terraform the Azure ARM template, this is because Terrafrom does not support provisioning Azure AD Domain Service natively. I have exported the ARM Template and it's parameters, one of the parameters is called "notificationSettings" which is a type Object and looks like below : "notificationSettings": { "value": { "notifyGlobalAdmins": "Enabled", "notifyDcAdmins": "Enabled", "additionalRecipients": [] } } Other

问题 My TF code is giving me an error: /* * Policy: AmazonEC2ReadOnlyAccess */ assume_role_policy = <<EOF { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": "ec2:Describe*", "Resource": "*" }, { "Effect": "Allow", "Action": "elasticloadbalancing:Describe*", "Resource": "*" }, { "Effect": "Allow", "Action": [ "cloudwatch:ListMetrics", "cloudwatch:GetMetricStatistics", "cloudwatch:Describe*" ], "Resource": "*" }, { "Effect": "Allow", "Action": "autoscaling:Describe*", "Resource

问题 See the example below: data "aws_kms_secrets" "api_key" { count = "${length(keys(var.keys))}" secret { name = "secret_name" payload = "${element(values(var.keys), count.index)}" } } resource "aws_api_gateway_api_key" "access_key" { count = "${length(keys(var.keys))}" name = "${var.environment}-${element(keys(var.keys), count.index)}" value = "${lookup(element(data.aws_kms_secrets.api_key.*.plaintext, count.index), "secret_name")}" } It appears to be impossible to look up the plaintext values

问题 See the example below: data "aws_kms_secrets" "api_key" { count = "${length(keys(var.keys))}" secret { name = "secret_name" payload = "${element(values(var.keys), count.index)}" } } resource "aws_api_gateway_api_key" "access_key" { count = "${length(keys(var.keys))}" name = "${var.environment}-${element(keys(var.keys), count.index)}" value = "${lookup(element(data.aws_kms_secrets.api_key.*.plaintext, count.index), "secret_name")}" } It appears to be impossible to look up the plaintext values

问题 I am launching a aws_launch_configuration instance using terraform. I'm using a shell script for the user_data variable, like so: resource "aws_launch_configuration" "launch_config" { ... user_data = "${file("router-init.sh")}" .... } Within this router-init.sh, one of the things I would like to do, is to have access to the ip addresses for other instances I am launching via terraform. I know that I can use a splat to access all the ip addresses of that instance, for instance: output ip

问题 I am launching a aws_launch_configuration instance using terraform. I'm using a shell script for the user_data variable, like so: resource "aws_launch_configuration" "launch_config" { ... user_data = "${file("router-init.sh")}" .... } Within this router-init.sh, one of the things I would like to do, is to have access to the ip addresses for other instances I am launching via terraform. I know that I can use a splat to access all the ip addresses of that instance, for instance: output ip

问题 How do I create an S3 bucket that has access to put a terraform.tfstate file? How do I get the tfstate into the bucket? What is the proper way to do this? To preface, I have spent over 6 hours trying to figure this out. I saw the similar post with a problem caused by MFA. That's not my issue. I'm using the same code to create EC2 instances, VPC and other resources just fine. ---[ REQUEST POST-SIGN ]----------------------------- GET /?prefix=env%3A%2F HTTP/1.1 Host: tfstate-neonaluminum.s3.us

问题 How do I create an S3 bucket that has access to put a terraform.tfstate file? How do I get the tfstate into the bucket? What is the proper way to do this? To preface, I have spent over 6 hours trying to figure this out. I saw the similar post with a problem caused by MFA. That's not my issue. I'm using the same code to create EC2 instances, VPC and other resources just fine. ---[ REQUEST POST-SIGN ]----------------------------- GET /?prefix=env%3A%2F HTTP/1.1 Host: tfstate-neonaluminum.s3.us

问题 How do I create an S3 bucket that has access to put a terraform.tfstate file? How do I get the tfstate into the bucket? What is the proper way to do this? To preface, I have spent over 6 hours trying to figure this out. I saw the similar post with a problem caused by MFA. That's not my issue. I'm using the same code to create EC2 instances, VPC and other resources just fine. ---[ REQUEST POST-SIGN ]----------------------------- GET /?prefix=env%3A%2F HTTP/1.1 Host: tfstate-neonaluminum.s3.us

问题 I am provisioning AWS infrastructure using terraform and want to pass variables such as aws_subnet_id and aws_security_id into ansible playbook using vars_file (don't know if there is any other way though). How can I do that? 回答1: terraform outputs are an option, or you can just use something like: provisioner "local-exec" { command = "ANSIBLE_HOST_KEY_CHECKING=\"False\" ansible-playbook -u ${var.ssh_user} --private-key=\"~/.ssh/id_rsa\" --extra-vars='{"aws_subnet_id": ${aws_terraform