Terraform:无法列出来自 AWS 的所有标记和未标记资源

问题描述 投票:0回答:1

我正在尝试使用下面的 terraform 代码列出所有标记和未标记的 aws 资源:

main.tf

data "aws_resourcegroupstaggingapi_resources" "tagged_resources" {
  resource_type_filters = [ "ec2:instance" ]
  tag_filter {
    key    = "*"
    values = ["*"]
  }
}

data "aws_resourcegroupstaggingapi_resources" "untagged_resources" {
  tag_filter {
    key    = " "
    values = [" "]
  }
}

resource "terraform_data" "print_resources" {
  count = length(data.aws_resourcegroupstaggingapi_resources.tagged_resources.id) + length(data.aws_resourcegroupstaggingapi_resources.untagged_resources.id)

  triggers_replace =  {
    always_run = timestamp()
  }

  provisioner "local-exec" {
     command = <<-EOT
       echo "Resource ID for tagged resources : ${element(data.aws_resourcegroupstaggingapi_resources.tagged_resources[*].id,count.index)} and Resource ID for untagged resources : ${element(data.aws_resourcegroupstaggingapi_resources.untagged_resources[*].id,count.index)}"
       
     EOT
  }
}

output "tagged_resources_ids" {
  value = data.aws_resourcegroupstaggingapi_resources.tagged_resources[*].id
}

**terraform apply 输出如下:**

data.aws_resourcegroupstaggingapi_resources.untagged_resources: Reading...
data.aws_resourcegroupstaggingapi_resources.tagged_resources: Reading...
data.aws_resourcegroupstaggingapi_resources.tagged_resources: Read complete after 1s [id=aws]
data.aws_resourcegroupstaggingapi_resources.untagged_resources: Read complete after 1s [id=aws]

Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
  + create

Terraform will perform the following actions:

  # terraform_data.print_resources[0] will be created
  + resource "terraform_data" "print_resources" {
      + id               = (known after apply)
      + triggers_replace = {
          + always_run = (known after apply)
        }
    }

  # terraform_data.print_resources[1] will be created
  + resource "terraform_data" "print_resources" {
      + id               = (known after apply)
      + triggers_replace = {
          + always_run = (known after apply)
        }
    }

  # terraform_data.print_resources[2] will be created
  + resource "terraform_data" "print_resources" {
      + id               = (known after apply)
      + triggers_replace = {
          + always_run = (known after apply)
        }
    }

  # terraform_data.print_resources[3] will be created
  + resource "terraform_data" "print_resources" {
      + id               = (known after apply)
      + triggers_replace = {
          + always_run = (known after apply)
        }
    }

  # terraform_data.print_resources[4] will be created
  + resource "terraform_data" "print_resources" {
      + id               = (known after apply)
      + triggers_replace = {
          + always_run = (known after apply)
        }
    }

  # terraform_data.print_resources[5] will be created
  + resource "terraform_data" "print_resources" {
      + id               = (known after apply)
      + triggers_replace = {
          + always_run = (known after apply)
        }
    }

Plan: 6 to add, 0 to change, 0 to destroy.

Changes to Outputs:
  ~ tagged_resources_ids = [
      - [],
      + "aws",
    ]
terraform_data.print_resources[5]: Creating...
terraform_data.print_resources[0]: Creating...
terraform_data.print_resources[5]: Provisioning with 'local-exec'...
terraform_data.print_resources[5] (local-exec): Executing: ["/bin/sh" "-c" "echo \"Resource ID for tagged resources : aws and Resource ID for untagged resources : aws\"\n       \n"]
terraform_data.print_resources[0]: Provisioning with 'local-exec'...
terraform_data.print_resources[0] (local-exec): Executing: ["/bin/sh" "-c" "echo \"Resource ID for tagged resources : aws and Resource ID for untagged resources : aws\"\n       \n"]
terraform_data.print_resources[1]: Creating...
terraform_data.print_resources[1]: Provisioning with 'local-exec'...
terraform_data.print_resources[1] (local-exec): Executing: ["/bin/sh" "-c" "echo \"Resource ID for tagged resources : aws and Resource ID for untagged resources : aws\"\n       \n"]
terraform_data.print_resources[5] (local-exec): Resource ID for tagged resources : aws and Resource ID for untagged resources : aws
terraform_data.print_resources[2]: Creating...
terraform_data.print_resources[2]: Provisioning with 'local-exec'...
terraform_data.print_resources[2] (local-exec): Executing: ["/bin/sh" "-c" "echo \"Resource ID for tagged resources : aws and Resource ID for untagged resources : aws\"\n       \n"]
terraform_data.print_resources[4]: Creating...
terraform_data.print_resources[4]: Provisioning with 'local-exec'...
terraform_data.print_resources[4] (local-exec): Executing: ["/bin/sh" "-c" "echo \"Resource ID for tagged resources : aws and Resource ID for untagged resources : aws\"\n       \n"]
terraform_data.print_resources[3]: Creating...
terraform_data.print_resources[3]: Provisioning with 'local-exec'...
terraform_data.print_resources[3] (local-exec): Executing: ["/bin/sh" "-c" "echo \"Resource ID for tagged resources : aws and Resource ID for untagged resources : aws\"\n       \n"]
terraform_data.print_resources[5]: Creation complete after 0s [id=d71ba741-20a2-b2ac-4d55-0513f2a678e1]
terraform_data.print_resources[1] (local-exec): Resource ID for tagged resources : aws and Resource ID for untagged resources : aws
terraform_data.print_resources[1]: Creation complete after 0s [id=d835d78f-93a9-870c-97ed-82daac1f46b7]
terraform_data.print_resources[2] (local-exec): Resource ID for tagged resources : aws and Resource ID for untagged resources : aws
terraform_data.print_resources[2]: Creation complete after 0s [id=f0227bc6-9c3c-d3c0-5986-efeaa0446fcc]
terraform_data.print_resources[4] (local-exec): Resource ID for tagged resources : aws and Resource ID for untagged resources : aws
terraform_data.print_resources[4]: Creation complete after 0s [id=629c2a01-7217-9aad-f4fb-05c663429d8c]
terraform_data.print_resources[0] (local-exec): Resource ID for tagged resources : aws and Resource ID for untagged resources : aws
terraform_data.print_resources[0]: Creation complete after 0s [id=cdb59780-41fe-e427-a536-cf67bfd9cf97]
terraform_data.print_resources[3] (local-exec): Resource ID for tagged resources : aws and Resource ID for untagged resources : aws
terraform_data.print_resources[3]: Creation complete after 0s [id=0beb1fb7-a34a-aae0-85ab-91bb659a318c]

Apply complete! Resources: 6 added, 0 changed, 0 destroyed.

Outputs:

tagged_resources_ids = [ “AWS”, ]



**terraform_version: 1.4.6
hashicorp/aws v5.40.0

**

**问题** echo 语句和输出变量在标记和未标记资源的输出中将 id 显示为“aws”,而不是唯一 id 。感谢您的帮助来获取所有资源的实际 ID。

terraform terraform-provider-aws
1个回答
0
投票

在 Terraform 中,您在结果中看到的 

id
并不指向您的 AWS 资源。这只是 Terraform 自己的查询参考。要实际识别您的 AWS 资源,您需要使用它们的 ARN,每个资源的 ARN 都是唯一的。

您尝试使用空格作为标签过滤器来查找未标记的资源,这与AWS标记系统的工作方式不太相符。 AWS 需要特定标签(而不是空格)来过滤资源。

要列出具有标签的 EC2 实例,您可以按如下方式进行设置:

data "aws_resourcegroupstaggingapi_resources" "tagged_resources" {
  resource_type_filters = ["ec2:instance"]
}

output "tagged_resources_arns" {
  value = data.aws_resourcegroupstaggingapi_resources.tagged_resources.arns
}

这将为您提供标记的 EC2 实例的 ARN。 Terraform 并不是开箱即用就能找到未标记的资源。您可能需要发挥一点创意,也许需要一些额外的脚本来追踪这些内容。

最新问题
© www.soinside.com 2019 - 2024. All rights reserved.