AWS基础设施文档作为代码 [英] Documentation for AWS infrastructure as code
问题描述
最近,在尝试构建Terraform IaC时,我发现我无法使API网关正确路由到Lambda.事实证明,使用控制台时,AWS会自动分配Lambda网关所需的权限,但是在terraform中使用IaC时,必须明确分配该权限.
Recently, while trying to build a terraform IaC, I found that I couldn’t get the API Gateway to route to the Lambda properly. It turned out that when using the console AWS automatically assigns the permissions the gateway needs for the Lambda, but with IaC in terraform this must be assigned explicitly.
以上内容是可以理解的,但对于AWS和terraform而言,对于新手而言,很容易混淆.
The above is understandable but for a newbie, to both AWS and terraform, confusing.
是否存在说明基础设施连接中所需组件的文档,例如上述文档?
Is there documentation which explains the required components within an infrastructure connection, such as that above?
据我所知,AWS文档和terraform文档都是经过深思熟虑的,但是并没有一个事实(据我所知)真正说明,在任何特定(无论是普通的还是晦涩的)设置中都需要一定的资源.从常规搜索中推断出这些联系并不是很好的替代方法.
I know of the AWS docs and the terraform docs are particularly well thought out but none of it actually explains (as far as I’ve seen) that a certain resource is required in any particular (however common or obscure) setup. Inferring these connections from general searching is not a great replacement.
推荐答案
我认为没有文档列出了所有必需组件".在一个页面/区域中.但是您可以从不同的文档中获得不同的信息,并且正如您所提到的,AWS和Terraform在这方面都做得很好.
I don't think that there is a documentation that lists "all of the required components" in one single page/area. But you can get different pieces of information from different docs, and as you mentioned AWS and Terraform do both a great job at this.
关于AWS,在API网关中具有权限的情况下,我可以想到两个有用的链接(尽管第一个链接是从第二个链接中引用的):
Talking about AWS, in the case of permissions in API gateway, I can think of two useful links (the 1st one is referenced from the 2nd one though):
我同意以下事实:如果您真的不知道要实现的目标,有时可能会把AWS转换为terraform.通常,当我被某事理论上应该起作用"时,我会受阻.在IaC与AWS控制台中,我从问题退后了一步,试图弄清楚我是在AWS世界中真正尝试将哪些组件粘合在一起.然后通常情况会变得更加明显.
I agree in the fact that sometimes it's a lot of guesses to translate AWS into terraform if you don't really know what you are trying to achieve. Usually when I am blocked on something that "should theoritically work" in IaC vs AWS console, I step back from the problem and try to figure out what kind of components am I really trying to glue together in AWS world. Then usually things become more obvious.
因为在terraform中,它实际上是在创建独立的小型基础设施并使它们协同工作.与其他IaC相比,以我的经验,它比CloudFormation更为精细.
Because in terraform it's really creating small independant pieces of infrastructure and make them work together. Comparing with other IaC, in my experience it's a lot more granular than CloudFormation for instance.
可以帮助我更快地了解问题的个人实践是,阅读我在Terraform中工作的每个组件介绍文档.例如,如果我用terraform IaC编写lambda,我将快速阅读所有lambda_xxxx_yyyy简介部分,以减少卡住并在出现故障时做出更快的反应.通常对我有用.
A personal practice that helps me figure out things faster is to read every single intro doc of the components I am working on in Terraform. For instance, if I am writing lambda in terraform IaC, I would quickly read all the lambda_xxxx_yyyy intro parts to get less stuck and react faster when something fails. It usually works for me.
这篇关于AWS基础设施文档作为代码的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
