有以下代码:
data "aws_kms_key" "rds_key" {
key_id = "alias/rds_cluster_enryption_key"
}
我想用这个密钥加密rds实例
resource "aws_rds_cluster" "tf-aws-rds-1" {
cluster_identifier = "aurora-cluster-1"
engine = "aurora-mysql"
engine_version = "5.7.mysql_aurora.2.03.2"
availability_zones = ["us-east-1a", "us-east-1b", "us-east-1c"]
database_name = "cupday"
master_username = "administrator"
master_password = var.password
backup_retention_period = 5
preferred_backup_window = "07:00-09:00"
storage_encrypted = true
kms_key_id = "data.aws_kms_key.rds_key.arn"
}
然而,我得到了一个错误如下:
Error: "kms_key_id" (data.aws_kms_key.rds_key.id) is an invalid ARN: arn: invalid prefix
on main.tf line 42, in resource "aws_rds_cluster" "tf-aws-rds-1":
42: kms_key_id = "data.aws_kms_key.rds_key.id"
Error: "kms_key_id" (data.aws_kms_key.rds_key.arn) is an invalid ARN: arn: invalid prefix
on main.tf line 42, in resource "aws_rds_cluster" "tf-aws-rds-1":
42: kms_key_id = "data.aws_kms_key.rds_key.arn"
我到底该怎么称呼他们?
我不想在kms_key_id中披露我的帐户id
您对的使用
kms_key_id = "data.aws_kms_key.rds_key.arn"
将导致CCD_ 1实际上是字符串"1";data.aws_kms_key.rds_key.arn";。
它应该是(tf 0.12+(:
kms_key_id = data.aws_kms_key.rds_key.arn
或对于tf 0.11:
kms_key_id = "${data.aws_kms_key.rds_key.arn}"