terraform

问题 I'm quite new to Terraform, though I have gone through all of the instructional modules available on Hashicorp's site. Currently, I'm struggling with understanding how to set up environment variables. I know how to reference variables in the main.tf config ( access_key = "${var.access_key}" ), and I know how to save that access key to a separate file and reference that, but what I don't understand (and can't find any documentation/instruction on) is how to set up environment variables so I

问题 When defining the aws provider in terraform, provider "aws" { access_key = "<AWS_ACCESS_KEY>" secret_key = "<AWS_SECRET_KEY>" region = "<AWS_REGION>" } I'd like to be able to just use the, already defined, system variables AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY Is there any way to have the tf files read environment variables? doing something like, provider "aws" { access_key = env.AWS_ACCESS_KEY_ID secret_key = env.AWS_SECRET_KEY_ID region = env.AWS_REGION } 回答1: Yes, can read environment

问题 I am trying to implement nested for loops using Terraform 0.12's new features in order to loop through AWS IAM users, each of which can have one or more policies attached. The variable used to represent this list is of type map(list(string)) and looks something like this: { "user 1" = [ "policy1", "policy2" ], "user 2" = [ "policy1" ] } Getting the list of users to create is easy enough via keys() , but since there is currently no mechanism for nesting looped resource creation in Terraform,

问题 I want to identify the public IP of the terraform execution environment and add it to aws security group inbound to prevent access from other environments. Currently, I am manually editing the values in the variables.tf file. variables.tf variable public_ip_address { default = "xx" } I would like to execute the "curl ifconfig.co" command on the local host and automatically set the security group based on the result Is there a way to do such things? I could do it by putting the result of local

问题 I am new to Terraform and trying to create some resources on Azure. To me it looks like there is some unnecessary duplication between the resource name and the attribute name in the definitions. resource "azurerm_resource_group" "group_name" { name = "group_name" # <-- repeated! location = "${local.location}" } Is there a difference? Can I somehow set them to be the same in the spirit of this: resource "azurerm_resource_group" "group_name" { name = "${name}" location = "${local.location}" }

问题 is possible to assign a different tag value to each EC2 instance created by the aws_autoscaling_group module of Terraform. For example, node1, node2, node3 and node4 for a ASG of 4 instances. thanks. 回答1: Autoscaling groups in AWS can only (optionally) propagate the tags of the ASG to the instances it creates. It can't do any dynamic tagging based on the count of instances in the ASG. If you really need this then you'd have to have the user data of the instances perform some step that

问题 While running terraform init when using Terraform 0.11.3 we are getting the following error: Initializing provider plugins... - Checking for available provider plugins on https://releases.hashicorp.com... Error installing provider "template": Get https://releases.hashicorp.com/terraform-provider-template/: read tcp 172.25.77.25:53742->151.101.13.183:443: read: connection reset by peer. Terraform analyses the configuration and state and automatically downloads plugins for the providers used.

问题 While running terraform init when using Terraform 0.11.3 we are getting the following error: Initializing provider plugins... - Checking for available provider plugins on https://releases.hashicorp.com... Error installing provider "template": Get https://releases.hashicorp.com/terraform-provider-template/: read tcp 172.25.77.25:53742->151.101.13.183:443: read: connection reset by peer. Terraform analyses the configuration and state and automatically downloads plugins for the providers used.

问题 I'm using Terraform to provision some resources on AWS. Running the "plan" step of Terraform fails with the following vague error (for example): Error: Error loading state: AccessDenied: Access Denied status code: 403, request id: ABCDEF12345678, host id: SOMELONGBASE64LOOKINGSTRING=== Given a request id and a host id is it possible to see more in depth what went wrong? Setting TF_LOG=DEBUG (or some other level) seems to help, but I was curious if there is a CLI command to get more

问题 I have created azure vm ,nic ,nsg inside the firewall. Now i need to delete specific created vm,nic,nsg inside the firewall. This i will be doing continuously. When i try i delete with specific vm,ns,nic with below, but it is deleting total resource group. terraform init terraform apply -no-color -auto-approve terraform destroy -force My code: # Configure the Microsoft Azure Provider provider "azurerm" { subscription_id = "xxxxx" client_id = "xxxxx" client_secret = "xxxxx" tenant_id = "xxxxx"