terraform

Terraform EKS tagging

我的梦境 提交于 2021-01-20 11:37:10
问题 I am having this issue of Terraform EKS tagging and don't seem to find workable solution to tag all the VPC subnets when a new cluster is created. To provide some context: We have one AWS VPC where we deployment several EKS cluster into the subnets. We do not create VPC or subnets are part of the EKS cluster creation. Therefore, the terraform code creating a cluster doesn't get to tag existing subnets and VPC. Although EKS will add the required tags, they are automatically removed next time

Service Principal from Terraform not recognized by Azure API

隐身守侯 提交于 2021-01-20 07:54:09
问题 What specific changes need to be made to the syntax below in order for the terraform azurerm provider to be able to authenticate the service principal that will be created using the following code? The Problem A Second Terraform module needs to authenticate to Azure through the azurerm provider with a client_id and client_secret that is created programatically during an earlier, separate process. The provider block in the Second Terraform module looks like: provider "azurerm" { subscription

Service Principal from Terraform not recognized by Azure API

浪尽此生 提交于 2021-01-20 07:53:58
问题 What specific changes need to be made to the syntax below in order for the terraform azurerm provider to be able to authenticate the service principal that will be created using the following code? The Problem A Second Terraform module needs to authenticate to Azure through the azurerm provider with a client_id and client_secret that is created programatically during an earlier, separate process. The provider block in the Second Terraform module looks like: provider "azurerm" { subscription

如何快速往cloud shell中传送文件

自作多情 提交于 2021-01-15 09:08:58
今天来分享一个小技巧,关于cloud shell的,cloud shell是个不错的工具,尤其是在一个应急的情况,本地安装CLI或者PowerShell都需要时间和权限,但是cloud shell是个现成的命令行环境,还内置像vscode、terraform、Ansible这种工具,非常方便,比较遗憾的是目前还是只有Global Azure才有 但是有个问题其实一直让我觉得比较麻烦,就是怎么把一些文件快速传到cloud shell里去,有一些脚本或者文件在本地写好之后想放到cloud shell里去运行,但是一个个编辑实在麻烦,研究了一下之后逐渐发现了一些技巧 像这种共享文件有一个比较好用的方式其实就是azure file,可以直接支持挂载,经过研究之后发现,其实cloud shell里内置了一个叫clouddrive的程序,这个程序就可以用来挂载azure file,首先打开cloud shell,在global azure的右上角有个小按钮 打开之后根目录就会有一个clouddrive的程序 使用clouddrive mount 指定好订阅、storage和file share的名字之后很简单就可以连接到这个file share,当然需要注意这个file share需要和cloud shell在同一个region 这里要提醒的一点是,cloud shell之所以能够保存文件

Convert list to map with index in Terraform

点点圈 提交于 2021-01-07 01:43:59
问题 I would like to convert a simple list of string in terraform to a map with the keys as indexes. I want to go from something like this: locals { keycloak_secret = [ "account-console", "admin-cli", "broker", "internal", "realm-management", "security-admin-console", ] } To something like map({0:"account-console", 1:"admin-cli"}, ...) My goal is to take advantage of the new functionality of terraform 0.13 to use loop over map on terraform module. I didn't find any solution, may something help me,

使用ARM Template清空资源组资源

▼魔方 西西 提交于 2021-01-06 15:35:03
这次分享一个ARM Template的小技巧,ARM Template可以用来部署云资源,实际上他也可以用来删除云资源,这也是ARM Template的功能之一,在部署的时候其实我们是可以指定操作方式的,默认情况下,后台会使用增量模式,也就是说ARM Template里的资源会被新增到环境中,如果在实际环境中存在,但是ARM Template中不存在的,会被系统忽略掉,不会认为不在ARM Template里定义就不应该存在,但是我们也可以使用complete mode,这种模式下,系统会严格按照ARM Template进行定义,不在ARM Template定义中的,系统会认为不应该存在与实际环境中,这种资源会被系统直接删除掉,所以这种模式其实是很危险的,一定要慎用 但是同时,我们也可以用这种模式搞些事,比如删除一些我们不需要的资源,像我们平时做实验时,实验完成后资源其实就不需要了,可以直接删掉了,如果实验环境比较大,那么需要一项一项把资源清理掉,比较耗时间,也可以选择把资源组整个删除掉,但是下次做实验又需要重新建一个,这点其实terraform就比较方便了,可以直接用destroy清理掉创建的资源,ARM Template里可以用这种方式取个巧 在VS CODE里输入arm,然后选择arm! 生成的会是一个空的arm template 可以看到资源组里现在是有资源的

Terraform JSON generation

你。 提交于 2021-01-05 09:11:59
问题 I'm trying to create an AWS dashboard using terraform to display the S3 metrics. I was thinking of looping through all the S3 buckets stored in a list variable and generate the dashboard json. The for loop is able to add the metrics, but I'm not able to remove the trailing comma, which results in an erroneous json. Is there an easy way to fix this json using this approach? Is there a better way to do json processing? Should I be using terraform for this processing? Code snippet :- dashboard

Terraform JSON generation

北慕城南 提交于 2021-01-05 09:10:58
问题 I'm trying to create an AWS dashboard using terraform to display the S3 metrics. I was thinking of looping through all the S3 buckets stored in a list variable and generate the dashboard json. The for loop is able to add the metrics, but I'm not able to remove the trailing comma, which results in an erroneous json. Is there an easy way to fix this json using this approach? Is there a better way to do json processing? Should I be using terraform for this processing? Code snippet :- dashboard

Cloudwatch alarm for list of servers

北慕城南 提交于 2021-01-05 07:25:53
问题 I am trying to set a few alerts across a list of servers, I have my servers defined in locals as below: locals { my_list = [ "server1", "server2" ] } I then defined my cloudwatch alerts as so: (This is one such alert) resource "aws_cloudwatch_metric_alarm" "ec2-high-cpu-warning" { for_each = toset(local.my_list) alarm_name = "ec2-high-cpu-warning-for-${each.key}" comparison_operator = "GreaterThanThreshold" evaluation_periods = "1" metric_name = "CPUUtilization" namespace = "AWS/EC2"

Cloudwatch alarm for list of servers

蓝咒 提交于 2021-01-05 07:24:06
问题 I am trying to set a few alerts across a list of servers, I have my servers defined in locals as below: locals { my_list = [ "server1", "server2" ] } I then defined my cloudwatch alerts as so: (This is one such alert) resource "aws_cloudwatch_metric_alarm" "ec2-high-cpu-warning" { for_each = toset(local.my_list) alarm_name = "ec2-high-cpu-warning-for-${each.key}" comparison_operator = "GreaterThanThreshold" evaluation_periods = "1" metric_name = "CPUUtilization" namespace = "AWS/EC2"
订阅 terraform