如何在terraform的另一个文件中引用在一个文件中创建的资源 [英] How to reference a resource created in one file in another file in terraform

问题描述

terraform/env/res/main.tf:

terraform/env/res/main.tf:

resource "aws_security_group" "allow_all" {
  name        = "allow_all"
  description = "Allow all inbound traffic"
  vpc_id      = "${aws_vpc.main.id}"

  ingress {
    from_port   = 0
    to_port     = 0
    protocol    = "-1"
    cidr_blocks = ["0.0.0.0/0"]
  }

  egress {
    from_port       = 0
    to_port         = 0
    protocol        = "-1"
    cidr_blocks     = ["0.0.0.0/0"]
  }
} 

terraform/mod/sec/main.tf:

terraform/mod/sec/main.tf:

resource aws_elb " elb" { 
  name = "elb-example"
  subnets         = ["${data.aws_subnet_ids.all.ids}"]
  security_groups = ["${aws_security_group.allow_all.id}"] // SG 
  internal        = false
  listener = [
    {
      instance_port     = "80"
      instance_protocol = "HTTP"
      lb_port           = "80"
      lb_protocol       = "HTTP"
    },
    {
      instance_port     = "8080"
      instance_protocol = "HTTP"
      lb_port           = "8080"
      lb_protocol       = "HTTP"
    },
  ]

  health_check = [
    {
      target              = "HTTP:80/"
      interval            = 30
      healthy_threshold   = 2
      unhealthy_threshold = 2
      timeout             = 5
    },
  ]
  access_logs = [
    {
      bucket = "my-access-logs-bucket"
    },
  ]
  lifecycle {
    prevent_destroy = true
  }
}

遇到错误未定义变量 aws_security_group.allow_all在变量 aws_security_group.allow_all_id 中.此外，是否可以验证字符串并添加额外的安全组.三元条件是我能想到的.您能否提出其他替代方案?

Running into error undefined variable aws_security_group.allow_all in variable aws_security_group.allow_all_id. Also, is it possible to verify a string and add an additional security group. ternary conditional is what i can think off. Can you suggest any other alternatives?

推荐答案

看起来你有两个模块，一个是 terraform/mod/sec 另一个是 terraform/env/资源.前者定义 aws_security_group 资源，后者使用该安全组 ID 创建 aws_elb 资源.

It looks like you have two modules, one is terraform/mod/sec and the other is terraform/env/res. The former defines an aws_security_group resource and the latter uses that security group id to create a aws_elb resource.

我假设您正在从不正确的 res 目录运行 terraform.相反，应该做的是在 res 模块中输出安全组 ID

I'm assuming you're running terraform from the res directory which is incorrect. Instead what should be done is output the security group id in the res module

output "sg_id" {
  value = aws_security_group.allow_all.id
}

然后在 sec 模块中引用 res 模块.

and then reference the res module within the sec module.

module "res" {
  source = "../../env/res"
}

resource "aws_lb" "lb" {
  name            = "lb-example"
  subnets         = [data.aws_subnet_ids.all.ids]
  security_groups = [module.res.sg_id] # uses the module output to insert SG
  internal        = false
  listener = [
    # ...
  ]
  # ...
}

然后从这个目录terraform/mod/sec，就可以运行了

Then from this directory terraform/mod/sec, this can be run

terraform init && terraform plan

并且应该在 res 模块中应用新的安全组，该模块使用 sg_id 输出安全组 id，然后由 sec 模块作为 aws_lb 资源的输入.

and that should apply the new security group in the res module which outputs the security group id using sg_id, which is then used by the sec module as an input to the aws_lb resource.

这篇关于如何在terraform的另一个文件中引用在一个文件中创建的资源的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！