每次运行Terraform时,它都会在第一次失败,但是在重试后会成功。
地形给我以下错误:
1 error occurred:
* module.my_module.aws_sqs_queue_policy.aws_sqs_queue_policy: 1 error occurred:
* aws_sqs_queue_policy.aws_sqs_queue_policy: Error updating SQS attributes: InvalidAttributeValue: Invalid value for the parameter Policy.
status code: 400, request id:
下面是我的Terraform脚本: 我想创建一个带有消费者角色的sqs。因此,消费者可以承担此消费者角色,以从sqs读取消息。
resource "aws_sqs_queue" "consumer_queue" {
name = "my-queue"
}
# Allow the consumer to assume the consumer role
data "aws_iam_policy_document" "queue_consumer_role_permissions_doc" {
statement {
principals {
type = "AWS"
identifiers = ["${var.consumer_arn}"]
}
actions = ["sts:AssumeRole"]
}
}
resource "aws_iam_role" "queue_consumer_role" {
name = "queue-consumer-role"
path = "/"
assume_role_policy = "${data.aws_iam_policy_document.queue_consumer_role_permissions_doc.json}"
}
data "aws_iam_policy_document" "zo_message_bus_queue_permissions" {
//All consumer to read from this queue
statement {
principals {
type = "AWS"
identifiers = ["${aws_iam_role.queue_consumer_role.arn}"]
}
actions = [
"SQS:ReceiveMessage"]
resources = ["${aws_sqs_queue.consumer_queue.arn}"]
}
}
resource "aws_sqs_queue_policy" "aws_sqs_queue_policy" {
depends_on = ["aws_sqs_queue.consumer_queue"]
queue_url = "${aws_sqs_queue.consumer_queue.id}"
policy = "${data.aws_iam_policy_document.zo_message_bus_queue_permissions.json}"
}