这是我的ec2.tf
resource "aws_instance" "ec2_instance" {
# resource gets created if private_ip variable is not passed as a input.
count = var.instance_count
//"${length(compact(split(",", var.instance_count))) > 0 ? "${var.instance_count}" : 0}"
ami = "${element(split(",", var.ami_id), count.index)}"
instance_type = "${element(split(",", var.instance_type), count.index)}"
subnet_id = "${element(split("," ,var.subnet),count.index)}"
key_name = "${aws_key_pair.tmnl-infra-ssrv.key_name}"
associate_public_ip_address = "${var.associate_public_ip}"
disable_api_termination = "${var.disable_termination}"
vpc_security_group_ids = ["${element(split("@", var.security_group), 0)}"]
iam_instance_profile = "${element(split(",", var.iam_instance_profile), count.index)}"
ebs_optimized = "${element(split(",", var.ebs_optimized), count.index)}"
这是EC2的主要模块。tf
module "ec2" {
source = "../../euc-terraformcontrol-compute"
ami_id = "${element(split(",", var.ami_id), 0)},${element(split(",", var.ami_id), 1)},${element(split(",", var.ami_id), 2)},${element(split(",", var.ami_id), 3)},${element(split(",", var.ami_id), 4)},${element(split(",", var.ami_id), 5)},${element(split(",", var.ami_id), 6)},${element(split(",", var.ami_id), 7)}"
instance_count = "${element(split(",", var.instance_count), 0)}"
root_volume_size = "${element(split(",", var.root_volume_size),0)}"
subnet = "subnet-0be87b3442158715d,subnet-0cd01502c1a6f37d9,subnet-06785e23087afb9a6"
iam_instance_profile = "${element(split(",", var.iam_instance_profile),0)}"
#if multiple security group should be attached to each instance then the format will be "${var.sg1},${var.sg2},${var.sg3},${var.sg4}"
security_group = ["${element(split(",", module.security_groups.security_group_05_id),0)}","${element(split(",", module.security_groups.security_group_06_id),0)}"]
instance_type = "${element(split(",", var.instance_type), 0)},${element(split(",", var.instance_type), 1)},${element(split(",", var.instance_type), 2)},${element(split(",", var.instance_type), 3)},${element(split(",", var.instance_type), 4)},${element(split(",", var.instance_type), 5)},${element(split(",", var.instance_type), 6)},${element(split(",", var.instance_type), 7)}"
instance_name = "${element(split(",", var.instance_name), 0)},${element(split(",", var.instance_name), 1)},${element(split(",", var.instance_name), 2)},${element(split(",", var.instance_name), 3)},${element(split(",", var.instance_name), 4)},${element(split(",", var.instance_name), 5)},${element(split(",", var.instance_name), 6)},${element(split(",", var.instance_name), 7)}"
}
tfvars文件中的变量是:
security_group = "security_group_04_id@security_group_05_id@security_group_07_id"
现在有两种类型的错误我得到:
- 错误:属性值类型不正确
在。。。。\xxxxxxxxxxxx\ec2.tf第20行,在资源";aws_instance"quot;ec2_instance":20:vpc_security_group_ids=["${element(split("@",var.security_group(,0(}]|----------------|var.security_group是包含2个元素的元组
"的值无效;str";参数:需要字符串。
- 错误:启动源实例时出错:InvalidGroup.NotFound:VPC'VPC-016113bafe6694c18'中不存在安全组'sg-0a8a5220cf7ae4fff,sg-0d245af2b879c385d'状态代码:400,请求id:291fda8a-7ec5-486b-b45b-9feb3bd9f7a3
请帮助我解决这些错误。
我认为没有使用您在tfvars中定义的值。
ec2.tf模块从main.tf 中的此行获取值
security_group = ["${element(split(",", module.security_groups.security_group_05_id),0)}","${element(split(",", module.security_groups.security_group_06_id),0)}"]
这看起来像是一个安全组ID列表。您将此列表作为";var.security_group;到模块。很明显,SPLIT函数将抛出一个错误,因为它将期望一个STRING。因此,您看到的错误是意料之中的。
vpc_security_group_ids = ["${element(split("@", var.security_group), 0)}"]
很难进一步指出这里的问题是什么。此代码不起作用。如果你的TF配置文件以前工作过,我猜最近有一个更改打破了这一点——请查看代码更改。
要求很简单。vpc_security_group_ids需要一个有效的安全组ID列表。
我将进行疯狂猜测:以下可能是问题。复习并尝试一下。。。。(显然,检查Terraform计划是否符合您的预期(
1.(在main.tf中--去掉中间的双引号,只留下一个逗号。类似于""-->;只是,
security_group = ["${element(split(",", module.security_groups.security_group_05_id),0)},${element(split(",", module.security_groups.security_group_06_id),0)}"]
2.(--将@替换为逗号。@没有道理。
vpc_security_group_ids=["${element(split(",",var.security_group(,0(}"]
我在ec2.tf 中进行了此更改
vpc_security_group_ids = "${var.security_group}"
我在主.tf 中更改了这个
security_group =["${module.security_groups.security_group_04_id}", "${module.security_groups.security_group_05_id}"]
这对我有效。