我有一个 Terraform 配置,在一个文件中包含各种 AWS 资源,包括一个 VPC、三个私有子网、三个公有子网和一个 EB 环境。
我的 Terraform 版本是 0.12.0,而 AWS 提供商版本是~> 2.12专有网络如下所示:
resource "aws_vpc" "terraform-vpc" {
cidr_block = "${var.cidr_block}"
assign_generated_ipv6_cidr_block = true
}
我的六个子网如下所示:
resource "aws_subnet" "private-a" {
vpc_id = "${aws_vpc.terraform-vpc.id}"
availability_zone = "eu-west-2a"
cidr_block = "10.0.1.0/24"
}
resource "aws_subnet" "public-a" {
vpc_id = "${aws_vpc.terraform-vpc.id}"
availability_zone = "eu-west-2a"
cidr_block = "10.0.2.0/24"
}
resource "aws_subnet" "private-b" {
vpc_id = "${aws_vpc.terraform-vpc.id}"
availability_zone = "eu-west-2b"
cidr_block = "10.0.3.0/24"
}
resource "aws_subnet" "public-b" {
vpc_id = "${aws_vpc.terraform-vpc.id}"
availability_zone = "eu-west-2b"
cidr_block = "10.0.4.0/24"
}
resource "aws_subnet" "private-c" {
vpc_id = "${aws_vpc.terraform-vpc.id}"
availability_zone = "eu-west-2c"
cidr_block = "10.0.5.0/24"
}
resource "aws_subnet" "public-c" {
vpc_id = "${aws_vpc.terraform-vpc.id}"
availability_zone = "eu-west-2c"
cidr_block = "10.0.6.0/24"
}
然后,在我的aws_elastic_beanstalk_environment资源中,我有:
...
setting {
namespace = "aws:ec2:vpc"
name = "Subnets"
value = "#{aws_subnet.private-a.id},#{aws_subnet.private-b.id},#{aws_subnet.private-c.id}"
}
setting {
namespace = "aws:ec2:vpc"
name = "ELBSubnets"
value = "#{aws_subnet.public-a.id},#{aws_subnet.public-b.id},#{aws_subnet.public-c.id}"
}
...
depends_on = [
aws_security_group.default, # created earlier in the same file
aws_subnet.public-a,
aws_subnet.public-b,
aws_subnet.public-c,
aws_subnet.private-a,
aws_subnet.private-b,
aws_subnet.private-c
]
问题是我总是收到一个错误,指出其中一个子网不存在,例如:
Error: ConfigurationValidationException: Configuration validation exception:
Invalid option value: '["#{aws_subnet.private-c.id}","#{aws_subnet.private-b.id}","#{aws_subnet.private-a.id}"]'
(Namespace: 'aws:ec2:vpc', OptionName: 'Subnets'): The subnet '#{aws_subnet.private-c.id}' does not exist.
它始终与不同的子网相关,有时是用于Subnets选项的私有子网之一,有时是ELBSubnets选项中使用的公共子网之一。
令我困惑的是,我已经明确将它们定义为依赖项,尽管我认为即使没有明确的依赖项,它也应该可以工作。在terraform apply日志中,所有子网始终在 eb 环境之前创建:
aws_subnet.private-c: Creation complete after 1s [id=subnet-some-id]
aws_subnet.public-a: Creation complete after 1s [id=subnet-some-id]
aws_subnet.public-c: Creation complete after 1s [id=subnet-some-id]
aws_subnet.public-b: Creation complete after 1s [id=subnet-some-id]
aws_subnet.private-a: Creation complete after 6s [id=subnet-some-id]
aws_subnet.private-b: Creation complete after 6s [id=subnet-some-id]
...
aws_elastic_beanstalk_environment.default: Creating...
签入 AWS 后,将按预期和apply报告创建子网的所有内容。此错误的原因可能是什么?
正如ydaetskcor在子网插值中提到的,并使用#而不是$,所以#{aws_subnet.public-a.id},#{aws_subnet.public-b.id}应该是${aws_subnet.public-a.id},${aws_subnet.public-b.id}。