我正试图将两个AWS Terraform提供程序传递给我的子模块。我希望默认值保持匿名,因为我不能遍历并向父模块中的所有地形资源添加提供程序。
父模块------------------------------------------版本.tf
terraform {
required_version = "~> 1.0"
backend "remote" {
hostname = "app.terraform.io"
organization = "some-org"
workspaces {
prefix = "some-state-file"
}
}
required_providers {
aws = {
source = "hashicorp/aws"
version = "~> 3.0"
configuration_aliases = [ aws.domain-management ]
}
}
}
provider "aws" {
access_key = var.aws_access_key_id
secret_key = var.aws_secret_access_key
region = var.aws_region
default_tags {
tags = {
Application = var.application_name
Environment = var.environment
}
}
}
provider "aws" {
alias = "domain-management"
region = var.domain_management_aws_region
access_key = var.domain_management_aws_access_key_id
secret_key = var.domain_management_aws_secret_access_key
}
模块.tf(调用子模块(
module "vanity-cert-test" {
source = "some-source"
fully_qualified_domain_name = "some-domain.com"
alternative_names = ["*.${var.dns_zone.name}"]
application_name = var.application_name
environment = var.environment
service_name = var.service_name
domain_managment_zone_name = "some-domain02.com"
providers = {
aws.domain-management = aws.domain-management
}
}
子模块------------------------------------------------------
版本.tf
terraform {
required_version = "~> 1.0"
required_providers {
aws = {
source = "hashicorp/aws"
version = "~> 3.0"
confiuration_aliases = [aws.domain-management]
}
}
}
provider "aws" {
alias = domain-management
}
路线53.tf
# Create validation Route53 records
resource "aws_route53_record" "vanity_route53_cert_validation" {
# use domain management secondary aws provider
provider = aws.domain-management
for_each = {
for dvo in aws_acm_certificate.vanity_certificate.domain_validation_options : dvo.domain_name => {
name = dvo.resource_record_name
record = dvo.resource_record_value
type = dvo.resource_record_type
}
}
zone_id = data.aws_route53_zone.vanity_zone.zone_id
name = each.value.name
records = [each.value.record]
ttl = 60
type = each.value.type
allow_overwrite = true
}
使用情况是在一个单独的帐户中定义一个虚荣证书,证书的DNS验证需要从该帐户进行。当前运行此程序时,我收到以下错误:地形图-var文件=/应用程序.tfvars
╷
│ Warning: Provider aws.domain-management is undefined
│
│ on services/self-service-ticket-portal-app/ssl-certificate.tf line 33, in module "vanity-cert-test":
│ 33: aws.domain-management = aws.domain-management
│
│ Module module.services.module.self-service-ticket-portal-app.module.vanity-cert-test does not declare a provider named aws.domain-management.
│ If you wish to specify a provider configuration for the module, add an entry for aws.domain-management in the required_providers block within the module.
╵
╷
│ Error: missing provider module.services.module.self-service-ticket-portal-app.provider["registry.terraform.io/hashicorp/aws"].domain-management
如果您的"父模块";是根模块,则不能在其中使用configuration_aliases。configuration_aliases仅用于子模块:
要在模块内声明配置别名以便从父模块接收备用提供程序配置,请将configuration_aliages参数添加到该提供程序的required_providers条目中。