我有一个aws_ssm_association,其中包含一个文档,该文档从s3下载脚本并执行该脚本。我希望每次更改脚本时都重新生成该关联,以便可以在所有现有实例上重新运行该关联。
我一直在寻找全地形解决方案,但没有找到。这就是我的期望:
variable scripts {
default = [
"myscript.sh"
]
}
resource "aws_s3_bucket_object" "scripts" {
key = "${var.scripts[count.index]}"
bucket = "${aws_s3_bucket.scripts.bucket}"
source = "scripts/${var.scripts[count.index]}"
etag = "${md5(file("scripts/${var.scripts[count.index]}"))}"
acl = "private"
count = "${length(var.scripts)}"
}
resource "aws_ssm_association" "script" {
name = "AWS-RunRemoteScript"
association_name = "s3-script"
parameters {
sourceType = "S3"
sourceInfo = <<EOJ
{
"path": "https://s3.amazonaws.com/${aws_s3_bucket.scripts.bucket}/myscript.sh"
}
EOJ
commandLine = "myscript.sh"
}
targets {
key = "tag:Env"
values = ["sandbox"]
}
force_update_key = "${element(aws_s3_bucket_object.scripts.*.etag, index(var.scripts, "myscript.sh"))}"
}
force_update_key是我希望找到的东西,但是在任何文档中都看不到任何相关内容。
那么我该如何在校验和更改时强制使用新资源?