使用aws_acm_certificate资源使Terraform忽略提供的变量。
这是一个简单的Terraform文件:
variable "aws_access_key_id" {}
variable "aws_secret_key" {}
variable "region" { default = "us-west-1" }
provider "aws" {
alias = "prod"
region = "${var.region}"
access_key = "${var.aws_access_key_id}"
secret_key = "${var.aws_secret_key}"
}
resource "aws_acm_certificate" "cert" {
domain_name = "foo.example.com"
validation_method = "DNS"
tags {
project = "foo"
}
lifecycle {
create_before_destroy = true
}
}
运行validate,plan或apply失败:
$ terraform validate -var-file=my.tfvars
$ cat my.tfvars
region = "us-west-2"
aws_secret_key = "secret"
aws_access_key_id = "not as secret"
您的代码中没有错。
请进行一些清洁,然后再次运行(仅当您完全理解自己在做什么时运行RM命令)
rm -rf .terraform
rm terraform.tfstate*
terraform fmt
terraform get -update=true
terraform init
terraform plan