为什么Terraform的“应用”命令失败?

时间:2020-02-03 07:45:16

标签: amazon-web-services terraform terraform-provider-aws 

variable "server_port" {
  description = "web server port"
  default = 8080  
}
resource "aws_launch_configuration" "example" {
  image_id        = "ami-0bea7fd38fabe821a"
  instance_type   = "t2.micro"
  security_groups = ["${aws_security_group.instance.id}"]

  user_data = <<-EOF
              #!/bin/bash
              echo "Hello, World" > index.html
              nohup busynox httpd -f -p "${var.server_port}" &
              EOF

  lifecycle {
    create_before_destroy = true
 }
}

resource "aws_autoscaling_group" "example" {
  launch_configuration = "${aws_launch_configuration.example.id}"

  load_balancers    = ["${aws_elb.example.name}"]
  health_check_type = "ELB"

  min_size = 2
  max_size = 10

  tag {
    key                 = "Name"
    value               = "terraform-asg-example"
    propagate_at_launch = true
  }
}

resource "aws_security_group" "instance" {
  name = "terraform-example-instance"

  ingress {
    from_port   = "${var.server_port}"
    to_port     = "${var.server_port}"
    protocol    = "tcp"
    cidr_blocks = ["0.0.0.0/0"]
  }

  lifecycle {
    create_before_destroy = true
  }
}


resource "aws_elb" "example" {
  name               = "terraform-asg-example"
  security_groups    = ["${aws_security_group.elb.id}"]

  listener {
    lb_port           = 80
    lb_protocol       = "http"
    instance_port     = "${var.server_port}"
    instance_protocol = "http"
  }

  health_check {
    healthy_threshold   = 2
    unhealthy_threshold = 2
    timeout             = 3
    interval            = 30
    target              = "HTTP:${var.server_port}/"
  }
}

resource "aws_security_group" "elb" {
  name = "terraform-example-elb"

  ingress {
    from_port   = 80
    to_port     = 80
    protocol    = "tcp"
    cidr_blocks = ["0.0.0.0/0"]
  }

  egress {
    from_port   = 0
    to_port     = 0
    protocol    = "-1"
    cidr_blocks = ["0.0.0.0/0"]
  }
}

[错误:创建安全组时出错:未授权操作:您无权执行此操作。 状态码:403,请求ID:c2e34351-7fa9-4f7e-845a-77458485bfe9

在web_infra.tf第37行的资源“ aws_security_group”“实例”中: 37:资源“ aws_security_group”“实例” {

错误:创建安全组时出错:UnauthorizedOperation:您无权执行此操作。 状态码:403,请求ID:4229e1ae-a46d-42fc-8bab-4bb0b7ccd656

在web_infra.tf第73行中,在资源“ aws_security_group”“ elb”中: 73:资源“ aws_security_group”“ elb” {]

我的IAM权限是AdministratorAccess。

1 个答案:

答案 0 :(得分:0)

我找到了答案。 

1. aws sts get-session-token --profile default --serial-number arn:aws:iam::3423412:mfa/test@test.com --token-code 509939 

2. credentials file 
[mfa] 
aws_arn_mfa = 
aws_access_key_id = 
aws_secret_access_key = 
aws_session_token = 
region = 

3. terraform provier file 
provider "aws" { 
region = " " 
shared_credentials_file = "credentials file" 
profile = "mfa" 
}
相关问题
最新问题