如何在terraform的另一个文件中引用在一个文件中创建的资源 [英] How to reference a resource created in one file in another file in terraform
问题描述
terraform/env/res/main.tf:
terraform/env/res/main.tf:
resource "aws_security_group" "allow_all" {
name = "allow_all"
description = "Allow all inbound traffic"
vpc_id = "${aws_vpc.main.id}"
ingress {
from_port = 0
to_port = 0
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
}
egress {
from_port = 0
to_port = 0
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
}
}
terraform/mod/sec/main.tf:
terraform/mod/sec/main.tf:
resource aws_elb " elb" {
name = "elb-example"
subnets = ["${data.aws_subnet_ids.all.ids}"]
security_groups = ["${aws_security_group.allow_all.id}"] // SG
internal = false
listener = [
{
instance_port = "80"
instance_protocol = "HTTP"
lb_port = "80"
lb_protocol = "HTTP"
},
{
instance_port = "8080"
instance_protocol = "HTTP"
lb_port = "8080"
lb_protocol = "HTTP"
},
]
health_check = [
{
target = "HTTP:80/"
interval = 30
healthy_threshold = 2
unhealthy_threshold = 2
timeout = 5
},
]
access_logs = [
{
bucket = "my-access-logs-bucket"
},
]
lifecycle {
prevent_destroy = true
}
}
遇到错误未定义变量 aws_security_group.allow_all在变量 aws_security_group.allow_all_id 中.此外,是否可以验证字符串并添加额外的安全组.三元条件是我能想到的.您能否提出其他替代方案?
Running into error undefined variable aws_security_group.allow_all in variable aws_security_group.allow_all_id. Also, is it possible to verify a string and add an additional security group. ternary conditional is what i can think off. Can you suggest any other alternatives?
推荐答案
看起来你有两个模块,一个是 terraform/mod/sec
另一个是 terraform/env/资源
.前者定义 aws_security_group
资源,后者使用该安全组 ID 创建 aws_elb
资源.
It looks like you have two modules, one is terraform/mod/sec
and the other is terraform/env/res
. The former defines an aws_security_group
resource and the latter uses that security group id to create a aws_elb
resource.
我假设您正在从不正确的 res
目录运行 terraform.相反,应该做的是在 res
模块中输出安全组 ID
I'm assuming you're running terraform from the res
directory which is incorrect. Instead what should be done is output the security group id in the res
module
output "sg_id" {
value = aws_security_group.allow_all.id
}
然后在 sec
模块中引用 res
模块.
and then reference the res
module within the sec
module.
module "res" {
source = "../../env/res"
}
resource "aws_lb" "lb" {
name = "lb-example"
subnets = [data.aws_subnet_ids.all.ids]
security_groups = [module.res.sg_id] # uses the module output to insert SG
internal = false
listener = [
# ...
]
# ...
}
然后从这个目录terraform/mod/sec
,就可以运行了
Then from this directory terraform/mod/sec
, this can be run
terraform init && terraform plan
并且应该在 res
模块中应用新的安全组,该模块使用 sg_id
输出安全组 id,然后由 sec
模块作为 aws_lb
资源的输入.
and that should apply the new security group in the res
module which outputs the security group id using sg_id
, which is then used by the sec
module as an input to the aws_lb
resource.
这篇关于如何在terraform的另一个文件中引用在一个文件中创建的资源的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!