我正在尝试通过从 IPAM 获取下一个可用的 CIDR 来自动创建 VPC。但是每次运行 Terraform 都会在我使用数据时获得一个新的 CIDR 块。我尝试将 CIDR 存储在参数存储区中,但只要运行 terraform 甚至不更改 terraform 代码,它仍然会被覆盖?
有人可以帮忙吗?
#Preview next CIDR from pool
data "aws_vpc_ipam_preview_next_cidr" "previewed_cidr" {
ipam_pool_id = data.aws_vpc_ipam_pool.ipv4_ipam_pool.id
netmask_length = var.vpc_mask_length["standard"]
}
resource "aws_ssm_parameter" "vpc_cidr" {
name = "/test/custom-fields/vpc_cidr"
type = "String"
value = data.aws_vpc_ipam_preview_next_cidr.previewed_cidr.cidr
}
#Calculate subnet cidrs from previewed IPAM CIDR
locals {
partition = cidrsubnets(data.aws_vpc_ipam_preview_next_cidr.previewed_cidr.cidr, 1, 1)
private_subnets = cidrsubnets(local.partition[0], 2, 2, 2)
}
module "vpc" {
source = "terraform-aws-modules/vpc/aws"
version = "3.19.0"
name = "dev-vpc"
cidr = aws_ssm_parameter.vpc_cidr.value
azs = formatlist("${data.aws_region.current.name}%s", ["a", "b", "c"])
private_subnets. = local.private_subnets
}
resource "aws_vpc_ipam_pool_cidr_allocation" "ipam_allocation" {
ipam_pool_id = data.aws_vpc_ipam_pool.ipv4_ipam_pool.id
cidr = data.aws_vpc_ipam_preview_next_cidr.previewed_cidr.cidr
description = "test-vpc"
}
尝试的解决方法:
选项1:
我也尝试过 aws_vpc_ipam_preview_next_cidr 资源,但 vpc 模块不接受它作为输入并抛出以下错误“计数”值取决于在应用之前无法确定的资源属性,但资源属性已经应用。
resource "aws_vpc_ipam_preview_next_cidr" "previewed_cidr" {
ipam_pool_id = data.aws_vpc_ipam_pool.ipv4_ipam_pool.id
netmask_length = var.vpc_mask_length["standard"]
}
选项2:
我也读过生命周期,不幸的是我不能在模块或数据上使用它们,它只支持资源。我试过下面的代码,但也没有运气。
resource "aws_vpc_ipam_pool_cidr_allocation" "ipam_allocation" {
ipam_pool_id = data.aws_vpc_ipam_pool.ipv4_ipam_pool.id
cidr = data.aws_vpc_ipam_preview_next_cidr.previewed_cidr.cidr
description = "test-vpc"
lifecycle {
ignore_changes = [cidr]
}
}