我有Terraform模块来配置AWS资源。在terraform plan之后,我看到以下错误:
错误:缺少必需的参数 在main.tf行113中的模块“ ecs-task-execution-role”中: 113:模块“ ecs-task-execution-role” { 参数“ iam_role_name”是必需的,但未找到定义。
这是我在../terraform/modules/iam/ecs_iam.tf中定义的资源:
resource "aws_iam_role" "iam--task-execution-role" {
name = var.iam_role_name
assume_role_policy = data.aws_iam_policy_document.ecs-task-assume-role.json
}
data "aws_iam_policy_document" "ecs-task-assume-role" {
statement {
actions = ["sts:AssumeRole"]
principals {
type = "Service"
identifiers = ["ecs-tasks.amazonaws.com"]
}
}
}
data "aws_iam_policy" "ecs-task-execution-role" {
arn = "arn:aws:iam::aws:policy/service-role/AmazonECSTaskExecutionRolePolicy"
}
# Attach the above policy to the execution role.
resource "aws_iam_role_policy_attachment" "ecs-task-execution-role" {
role = aws_iam_role.iam-task-execution-role.name
policy_arn = data.aws_iam_policy.ecs-task-execution-role.arn
}
变量在../terraform/modules/iam/variables.tf中定义:
variable "iam_role_name" {
type = string
}
该模块位于../terraform/production/main.tf中:
module "iam-jo-task-execution-role" {
source = "../modules/iam"
iam_role_name = "iam-jo-task-execution-role"
}
# Attach the above policy to the execution role.
module "ecs-task-execution-role" {
source = "../modules/iam"
}
任何帮助表示赞赏。
答案 0 :(得分:1)
在您的示例中:
module "iam-jo-task-execution-role" {
source = "../modules/iam"
iam_role_name = "iam-jo-task-execution-role"
}
# Attach the above policy to the execution role.
module "ecs-task-execution-role" {
source = "../modules/iam"
}
您没有将iam_role_name变量的值传递给ecs-task-execution-role模块。上方的iam-jo-task-execution-role模块说明了如何将变量传递给模块。
答案 1 :(得分:0)
事实证明我误解了Terraform中的资源和模块。
在声明使用源../terraform/production/main.tf中资源使用的../modules/iam文件中,我需要以下语法:
module "iam-jo-task-execution-role" {
source = "../modules/iam"
iam_role_name = "iam-jo-task-execution-role"
}
无需为../terraform/modules/iam/ecs_iam.tf中声明的每个资源定义模块。这只是几个资源的分组(打包)。