terraform计划错误:此处不需要参数

时间:2020-11-05 17:27:33

标签: google-cloud-platform terraform terraform-provider-gcp google-cloud-iam

我正在尝试在Google Cloud Platform中为不同的环境创建具有不同的开发和生产权限权限的自定义IAM角色。我的文件夹结构如下:

发布(根文件夹)
-main.tf
-variables.tf
- customiamroles (文件夹)
----main.tf
-环境
---- 非生产
------main.tf
------variables.tf
---- 产品
------main.tf
------variables.tf

根文件夹中的main.tf具有以下代码:

iamroles / main.tf 

    /*
          This is the 'main' Terraform file. It calls the child modules to create roles in the corresponding environments
    */

    provider "google" {
     credentials = file("${var.project_id}.json")
     project     = var.project_id
     region      = var.location
    }

    module "nonprod" {
      source = "./environments/nonprod"
    }

iamroles / variables.tf 

    variable "project_id"{
        type = string
    }

    variable "location" {
        type = string
        default = "europe-west3"
    }

假名/环境/nonprod/main.tf 

module "nonprod" {  
  role_details = [{
        role_id = "VS_DEV_NONPROD_CLOUDSQL",
        title       = "VS DEVELOPER NON PROD CLOUD SQL",
        description = "Role which provides limited view and update access to Cloud SQL",
        permissions = var.developer_nonprod_sql
    },
    {
        role_id = "VS_DEV_NONPROD_APPENGINE",
        title       = "VS DEVELOPER NON PROD APPENGINE",
        description = "Appengine access for developers for non production environments to View, Create and Delete versions, View and Delete instances, View and Run cron jobs",
        permissions = var.developer_nonprod_appengine
    }]
    source = "../../customiamroles"
}

商店/环境/nonprod/variables.tf 

    variable "role_details" {
        type = list(object({
        role_id = string
        title = string
        description = string
        permissions = list(string)
      }))
    }

    variable "developer_nonprod_sql" {
        default = ["cloudsql.databases.create","cloudsql.databases.get"]
    }

    variable "developer_nonprod_appengine" {
        default = ["appengine.applications.get","appengine.instances.get","appengine.instances.list","appengine.operations.*","appengine.services.get","appengine.services.list"]
    }

iamroles / customiamroles / main.tf 

# Creating custom roles
resource "google_project_iam_custom_role" "vs-custom-roles" {
  for_each = var.role_details
  role_id     = each.value.role_id
  title       = each.value.title
  description = each.value.description
  permissions = each.value.permissions
}

从iamroles文件夹执行terraform计划时,出现以下异常: enter image description here

我不熟悉terraform,过去两天都在学习。我可以使用一些帮助来了解我在做什么错。

0 个答案:

没有答案
相关问题
最新问题