我得到
〜就地更新
Terraform将执行以下操作:
〜aws_security_group.mayanks-sg revoke_rules_on_delete:“” =>“假”
在运行Terraform计划时,我不知道它的含义以及为什么要在Google上搜索它,但是没有运气。
tf文件:-
resource "aws_security_group" "mayanks-sg" {
name = "mayanks-sg"
description = "for test purpose"
vpc_id = ""
}
resource "aws_security_group_rule" "mayanks-sg" {
type = "ingress"
security_group_id = "sg-xxxxxxxxx"
from_port = 12345
to_port = 12345
protocol = "tcp"
cidr_blocks = ["x.x.x.x"]
}
resource "aws_security_group_rule" "mayanks-sg-1" {
type = "ingress"
security_group_id = "sg-xxxxxxxxx"
from_port = 54321
to_port = 54321
protocol = "tcp"
cidr_blocks = ["x.x.x.x"]
}
tfstate:-
{
"version": 3,
"terraform_version": "0.11.7",
"serial": 1,
"lineage": "x-x-x-x-x",
"modules": [
{
"path": [
"root"
],
"outputs": {},
"resources": {
"aws_security_group.mayanks-sg": {
"type": "aws_security_group",
"depends_on": [],
"primary": {
"id": "sg-xxxxxxxxx",
"attributes": {
"arn": "arn:aws:ec2:x:x:security-group/sg-xxxxxxxxx",
"description": "for test purpose",
"egress.#": "0",
"id": "sg-xxxxxxxxx",
"ingress.#": "2",
"ingress.1364877358.cidr_blocks.#": "1",
"ingress.1364877358.cidr_blocks.0": "x.x.x.x",
"ingress.1364877358.description": "",
"ingress.1364877358.from_port": "12345",
"ingress.1364877358.ipv6_cidr_blocks.#": "0",
"ingress.1364877358.protocol": "tcp",
"ingress.1364877358.security_groups.#": "0",
"ingress.1364877358.self": "false",
"ingress.1364877358.to_port": "12345",
"ingress.2197545509.cidr_blocks.#": "1",
"ingress.2197545509.cidr_blocks.0": "x.x.x.x",
"ingress.2197545509.description": "",
"ingress.2197545509.from_port": "54321",
"ingress.2197545509.ipv6_cidr_blocks.#": "0",
"ingress.2197545509.protocol": "tcp",
"ingress.2197545509.security_groups.#": "0",
"ingress.2197545509.self": "false",
"ingress.2197545509.to_port": "54321",
"name": "mayanks-sg",
"owner_id": "xxxxxxx",
"tags.%": "0",
"vpc_id": ""
},
"meta": {
"x-x-x-x-x-x": {
"create": 600000000000,
"delete": 600000000000
},
"schema_version": "1"
},
"tainted": false
},
"deposed": [],
"provider": "provider.aws"
},
"aws_security_group_rule.mayanks-sg": {
"type": "aws_security_group_rule",
"depends_on": [],
"primary": {
"id": "sgrule-xxxxxx",
"attributes": {
"cidr_blocks.#": "1",
"cidr_blocks.0": "x.x.x.x",
"description": "",
"from_port": "12345",
"id": "sgrule-xxxxxx",
"ipv6_cidr_blocks.#": "0",
"prefix_list_ids.#": "0",
"protocol": "tcp",
"security_group_id": "sg-xxxxxxxxxx",
"self": "false",
"to_port": "12345",
"type": "ingress"
},
"meta": {
"schema_version": "2"
},
"tainted": false
},
"deposed": [],
"provider": "provider.aws"
},
"aws_security_group_rule.mayanks-sg-1": {
"type": "aws_security_group_rule",
"depends_on": [],
"primary": {
"id": "sgrule-xxxxxx",
"attributes": {
"cidr_blocks.#": "1",
"cidr_blocks.0": "x.x.x.x",
"description": "",
"from_port": "54321",
"id": "sgrule-xxxxx",
"ipv6_cidr_blocks.#": "0",
"prefix_list_ids.#": "0",
"protocol": "tcp",
"security_group_id": "sg-xxxxxxxxxxx",
"self": "false",
"to_port": "54321",
"type": "ingress"
},
"meta": {
"schema_version": "2"
},
"tainted": false
},
"deposed": [],
"provider": "provider.aws"
}
},
"depends_on": []
}
]
}
我想通过在配置文件中添加一些内容以及该参数的含义来从中消除此错误。 预先感谢
答案 0 :(得分:0)
这不是错误消息。如果要删除它,请apply您的模板。
它表明,如果您运行模板,它将更新该安全组的参数。 revoke_rules_on_delete当前设置为空白。 Terraform将其默认设置为false。
revoke_rules_on_delete-(可选)指示Terraform在删除规则本身之前,撤销所有附加到入口和出口规则的安全组。通常不需要这样做,但是某些AWS服务(例如Elastic Map Reduce)可能会自动将必需的规则添加到与该服务一起使用的安全组中,并且这些规则可能包含循环依赖关系,以防止破坏安全组而无需先删除依赖关系。默认为false
最底线,如果您希望做到这一点,请在您的aws_security_group资源中进行设置,然后应用您的剧本。如果您希望它为假,请应用您的剧本。
https://www.terraform.io/docs/providers/aws/r/security_group.html
答案 1 :(得分:0)
对于任何遇到此问题并想知道如何解决的人。
按照这三个步骤,您可以以最小的风险执行terraform apply。
terraform apply 这样做,您可以看到terraform修复了状态文件,而您不必担心terraform会修改任何意外的资源。