在我的某个项目中遇到Terraform远程状态问题。状态文件在S3中是远程的。我是这样导入的:
data "terraform_remote_state" "management" {
backend = "s3"
config {
bucket = "testbucket"
key = "subfolder/terraform.tfstate"
region = "us-west-2"
}
}
我可以在上面的statefile的根级别看到输出:
"outputs": {
"cidr": {
"sensitive": false,
"type": "string",
"value": "10.90.0.0/16"
},
我正在使用远程状态:
module "dev-alpha-application" {
source = "../../modules/application"
envname = "test-app"
baseami = "ami-a042f4d8"
key_name = "pb-smarsh-test"
clui_baseami = "ami-xxxxxxxx"
adui_baseami = "ami-xxxxxxxx"
cidr = "10.80.0.0/16"
management_cidr = "${data.terraform_remote_state.management.cidr}"
vpn_gateway_id = "cgw-xxxxxxxx"
cidrs = "${list("${data.terraform_remote_state.management.cidr}", "${module.dev-alpha-application.cidr}")}"
除非我忽略了一些愚蠢的东西,否则这应该有效,但是当我运行terraform时,我会收到以下错误:
* module.dev-alpha-application.var.management_cidr: Resource 'data.terraform_remote_state.management' does not have attribute 'cidr' for variable 'data.terraform_remote_state.management.cidr'
Terraform init按预期工作。任何帮助将不胜感激。我试图尽可能多地包含信息
编辑 - 在调试模式下,它似乎正在打开远程状态文件ok
-----------------------------------------------------
2018/04/10 09:05:10 [DEBUG] [aws-sdk-go] <?xml version="1.0" encoding="UTF-8"?>
<ListBucketResult xmlns="http://s3.amazonaws.com/doc/2006-03-01/"><Name>testbucket</Name><Prefix>env:/</Prefix><Marker></Marker><MaxKeys>1000</MaxKeys><IsTruncated>false</IsTruncated></ListBucketResult>
2018/04/10 09:05:10 [DEBUG] [aws-sdk-go] DEBUG: Request s3/GetObject Details:
---[ REQUEST POST-SIGN ]-----------------------------
GET /subfolder/terraform.tfstate HTTP/1.1
Host: testbucket.s3.us-west-2.amazonaws.com
User-Agent: aws-sdk-go/1.12.59 (go1.9.1; linux; amd64) APN/1.0 HashiCorp/1.0 Terraform/0.11.3
Authorization: AWS4-HMAC-SHA256 Credential=AKIAI6X7Y3APAUTZZQOQ/20180410/us-west-2/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=716689e2124dd2a689b528c0cb51b07aeaf791cf577fa1a4fd17a79fb401b957
X-Amz-Content-Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
X-Amz-Date: 20180410T080510Z
Accept-Encoding: gzip
-----------------------------------------------------
2018/04/10 09:05:11 [DEBUG] [aws-sdk-go] DEBUG: Response s3/GetObject Details:
---[ RESPONSE ]--------------------------------------
HTTP/1.1 200 OK
Connection: close
Content-Length: 386104
Accept-Ranges: bytes
Content-Type: application/json
Date: Tue, 10 Apr 2018 08:05:12 GMT
Etag: "1df4aaad48451707a79306a8f6a1c51c"
Last-Modified: Mon, 09 Apr 2018 14:53:03 GMT
Server: AmazonS3
X-Amz-Id-2: 92XqUEj319Uq5KhYFWvrLQ3O7VooOMMQ4GxY0keRKYY72Q5mpOgjeZ78w20AzjCSFLuZZycfEqU=
X-Amz-Request-Id: 448DB8C5E4B70A9A
X-Amz-Server-Side-Encryption: AES256
X-Amz-Version-Id: GjI6glV8oa9_.eOFSc5GFGVtTJBnrEmL
但我也在调试日志中看到了这一点:
2018/04/10 09:02:17 [DEBUG] Resource state not found for "data.terraform_remote_state.management": data.terraform_remote_state.management
答案 0 :(得分:1)
对于那些有类似问题的人。这主要是因为terraform的文档不是最新的。
对于terraform <= 0.11,您需要直接不使用“输出”直接访问输出变量,例如data.terraform_remote_state.management.cidr
。
使用> = 0.12,它将使用“输出”,例如data.terraform_remote_state.management.outputs.cidr
。
该网站上的文档也将被修复,但目前尚未部署。
答案 1 :(得分:0)
请参见以下示例-通常需要一个dynamodb锁定表,以便您可以与团队成员共享状态而不会破坏状态。
data "terraform_remote_state" "buckets" {
backend = "s3"
environment = "default"
config {
bucket = "state-bucket"
dynamodb_table = "dynamodbtable-tfstate"
key = "aws/buckets/tfstate/terraform.tfstate"
region = "${var.region}"
}
}