terraform

问题 I am having trouble in variable interpolation in terraform. Here is what my terraform configuration looks like. i.e variable inside builtin function variable "key" {} ssh_keys { path = "/home/${var.provider["user"]}/.ssh/authorized_keys" key_data = "${file(${var.key})}" } Command: terraform apply -var 'key=~/.ssh/id_rsa.pub' It's not reading the value of "key" from command line argument or from env variable. However when i hardcore the value in .tf file, it works. Like below. key_data = "$

问题 I'm struggling to get the password from a couple of new ec2 instances when using terraform. Been reading up through a couple of posts and thought i had it but not getting anywhere. Here's my config: resource "aws_instance" "example" { ami = "ami-06f9d25508c9681c3" count = "2" instance_type = "t2.small" key_name = "mykey" vpc_security_group_ids =["sg-98d190fc","sg-0399f246d12812edb"] get_password_data = "true" } output "public_ip" { value = "${aws_instance.example.*.public_ip}" } output

问题 I would like to create multiple EC2 instances using Terraform and write the private IP addresses of the instances to /etc/hosts on every instance. Currently I am trying the following code but it's not working: resource "aws_instance" "ceph-cluster" { count = "${var.ceph_cluster_count}" ami = "${var.app_ami}" instance_type = "t2.small" key_name = "${var.ssh_key_name}" vpc_security_group_ids = [ "${var.vpc_ssh_sg_ids}", "${aws_security_group.ceph.id}", ] subnet_id = "${element(split(",", var

问题 I want to create a S3 and make it encryption at rest with AES256, but terraform complain that: * aws_s3_bucket.s3: : invalid or unknown key: server_side_encryption_configuration (see my code complained by terraform below) What is wrong with server_side_encryption_configuration? isn't it supported? https://www.terraform.io/docs/providers/aws/r/s3_bucket.html Anyway, how to have "encryption at rest with AES256" for S3 using terraform? resource "aws_s3_bucket" "s3" { bucket = "s3_bucket_name"

问题 I've been looking for a way to be able to deploy to multiple AWS accounts simultaneously in Terraform and coming up dry. AWS has the concept of doing this with Stacks but I'm not sure if there is a way to do this in Terraform? If so what would be some solutions? You can read more about the Cloudformation solution here. 回答1: You can define multiple provider aliases which can be used to run actions in different regions or even different AWS accounts. So to perform some actions in your default

问题 It's been somewhat long I'm trying to automate the deployment of an application gateway using Terraform but it simply fails with an error message. I have made sure all protocol settings to HTTPS. However, I doubt there is something fishy with the PFX certificate. Is it that I'm not supplying the authentication certificate due to which it's failing? Tried a lot over the web to get a solution but there are no mentions of this. Terraform Code: # Create a resource group resource "azurerm_resource

问题 I am newbie to the Terraform and just want to ask that is there anyway to set the AWS console password for IAM user with Terraform. I am able to configure the IAM users, group, their access and secret key but couldn't find the way to set the console password. Please point me to where I can get it work. Thanks 回答1: Its possible to get console password for IAM USER using terraform : Using below command : terraform output password | base64 --decode | keybase pgp decrypt Follow below instructions

问题 My question is similar to this git hub post, but unfortunately it is unsolved: https://github.com/hashicorp/terraform/issues/550 I want a simple way to give sudo privileges to the commands run in the provisioner "remote-exec" { } block of my terraform scripts. I am coming from an ansible background that has the sudo: yes option that allows any commands ansible runs to run commands with sudo privileges when using the --ask-sudo-pass optional in my ansible-playbook run commands. I would like to

问题 Is there any way to avoid resource deletion when reorganizing/renaming resources? Example: when I first implemented CloudFront Terraform it was an independent sub directory in my project, later I switched to using it as a module in. my root Terraform config but this caused Terraform to want to delete the old CloudFront distribution and create a new one: Terraform will perform the following actions: - aws_cloudfront_distribution.main_site_distribution + module.cloudfront.aws_cloudfront

问题 Is there any way to avoid resource deletion when reorganizing/renaming resources? Example: when I first implemented CloudFront Terraform it was an independent sub directory in my project, later I switched to using it as a module in. my root Terraform config but this caused Terraform to want to delete the old CloudFront distribution and create a new one: Terraform will perform the following actions: - aws_cloudfront_distribution.main_site_distribution + module.cloudfront.aws_cloudfront