terraform-provider-aws

问题 In AWS console, we can easily enable cloudwatch logging and X-ray for a step function statemachine, but I want my resource fully managed by Terraform, from this page:https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sfn_state_machine It seems like Terraform doesn't support this at the moment (also see: https://github.com/hashicorp/terraform-provider-aws/issues/12192) Does anyone know if there is any workaround to achieve this? I'd really like to be able to enable

问题 I'm following the answer in this question, I tried to enable x-ray and it works, code I used: resource "null_resource" "enable_step_function_logging" { triggers = { state_machine_arn = aws_sfn_state_machine.sfn_state_machine.arn } provisioner "local-exec" { command = "aws stepfunctions update-state-machine --state-machine-arn ${self.triggers.state_machine_arn} --tracing-configuration enabled=true" } } Now I want to enable cloudwatch logging ' --logging-configuration=xxx' part, but I keep

问题 I am trying to login to ec2 instance that terraform will create with the following code: resource "aws_instance" "sess1" { ami = "ami-c58c1dd3" instance_type = "t2.micro" key_name = "logon" connection { host= self.public_ip user = "ec2-user" private_key = file("/logon.pem") } provisioner "remote-exec" { inline = [ "sudo yum install nginx -y", "sudo service nginx start" ] } } But this gives me an error: PS C:\Users\Amritvir Singh\Documents\GitHub\AWS-Scribble\Terraform> terraform apply

问题 I am trying to login to ec2 instance that terraform will create with the following code: resource "aws_instance" "sess1" { ami = "ami-c58c1dd3" instance_type = "t2.micro" key_name = "logon" connection { host= self.public_ip user = "ec2-user" private_key = file("/logon.pem") } provisioner "remote-exec" { inline = [ "sudo yum install nginx -y", "sudo service nginx start" ] } } But this gives me an error: PS C:\Users\Amritvir Singh\Documents\GitHub\AWS-Scribble\Terraform> terraform apply

问题 I have seen several links, but I have to see an example. I have: resource "aws_iam_role" "role" { name = "role" assume_role_policy = <<-EOF { "Version": "2012-10-17", "Statement": [ { "Sid": "Stmt1590217939125", "Action": "s3:*", "Effect": "Allow", "Resource": "arn:aws:s3:::wwe" }, { "Sid": "Stmt1590217939125", "Action": "s3:*", "Effect": "Allow", "Resource": "arn:aws:s3:::wwe/*" }, { "Sid": "Stmt1577967806846", "Action": [ "secretsmanager:DescribeSecret", "secretsmanager:GetRandomPassword",

问题 I'm learning TF and trying to apply an infrastructure that creates: a simple lambda function an SNS topic get that lambda to subscribe the SNS topic a Cloud Watch Event that publishes a message to the topic at some interval a Cloud Watch Log Group to check if the lambda gets notified by the SNS The lambda permission to allow calls from SNS I'm able to apply that successfully. The infrastructure seems perfectly fine (it has the same aspect when I create that myself through the visual aws

问题 I'm learning TF and trying to apply an infrastructure that creates: a simple lambda function an SNS topic get that lambda to subscribe the SNS topic a Cloud Watch Event that publishes a message to the topic at some interval a Cloud Watch Log Group to check if the lambda gets notified by the SNS The lambda permission to allow calls from SNS I'm able to apply that successfully. The infrastructure seems perfectly fine (it has the same aspect when I create that myself through the visual aws

问题 I can't find the documentation or an example Terraform module online. How do I create a custom Event Bus in AWS Event Bridge? 回答1: As of this writing, creating an EventBridge Event Bus isn't supported by the Terraform Provider for AWS yet. We had to use the default Event Bus or create it with the AWS CLI or Console. Caveats: EventBridge has a couple of serious IAM gaps right now: you can't restrict what buses an IAM principal can publish events too and it uses a Service principal instead of a

问题 We store our latest approved AMIs in AWS parameter store. When creating new instances with Terraform I would like to programatically get this AMI ID. I have a command to pull the AMI ID but I'm not sure how to use it with Terraform. Here is the command I use to pull the AMI ID: $(aws ssm get-parameter --name /path/to/ami --query 'Parameter.Value' --output text) And here is my Terraform script: resource "aws_instance" "nginx" { ami = "ami-c58c1dd3" # pull value from parameter store instance

问题 We store our latest approved AMIs in AWS parameter store. When creating new instances with Terraform I would like to programatically get this AMI ID. I have a command to pull the AMI ID but I'm not sure how to use it with Terraform. Here is the command I use to pull the AMI ID: $(aws ssm get-parameter --name /path/to/ami --query 'Parameter.Value' --output text) And here is my Terraform script: resource "aws_instance" "nginx" { ami = "ami-c58c1dd3" # pull value from parameter store instance