创建VPC流日志时模板插值无效

问题描述 投票:0回答:1

我是 TF 新手,我正在尝试创建一个变量,其中包含不同 S3 存储桶的所有区域。

变量.tf

 variable "s3_bucket_arn" {
  type = any
   default = {
    us-east-1 = "arn:aws:s3:::centralized-vpcflowlogs-logging-us"
    us-east-2 = "arn:aws:s3:::centralized-vpcflowlogs-logging-us"
    us-west-2 = "arn:aws:s3:::centralized-vpcflowlogs-logging-us"
    us-west-1 = "arn:aws:s3:::centralized-vpcflowlogs-logging-us"
    ap-southeast-2="arn:aws:s3:::centralized-vpcflowlogs-logging-aus"
  }
}

下面是main.tf中的VPC

    resource "aws_flow_log" "vpc_flow_log" {
   log_destination = "${var.s3_bucket_arn}/${var.environment}/${data.aws_region.current.name}/${aws_vpc.network.id}"
    log_destination_type = "s3"
    traffic_type         = "ALL"
     vpc_id          = aws_vpc.network.id
    
}

运行 terraform 计划时出现此错误。

 │ Error: Invalid template interpolation value

        log_destination = "${var.s3_bucket_arn}/${var.environment}/${data.aws_region.current.name}/${aws_vpc.network.id}"
    │     ├────────────────
    │     │ var.s3_bucket_arn is object with 5 attributes
    │ 
    │ Cannot include the given value in a string template: string required.

知道我为什么会收到错误吗?

terraform terraform-provider-aws
1个回答
0
投票

知道我为什么会收到错误吗?

您正在尝试使用 

map
,其中需要 
string
值。

这个示例应该可以帮助您理解并解决您的问题:

variable "environment" {
  description = "The environment name"
  type        = string
  default     = "dev"
}

locals {
  # this can be declared local as opposed to a variable, 
  # because it is not expected to be changed by the user
  s3_bucket_arns = {
    "us-east-1"      = "arn:aws:s3:::centralized-vpcflowlogs-logging-us"
    "us-east-2"      = "arn:aws:s3:::centralized-vpcflowlogs-logging-us"
    "us-west-2"      = "arn:aws:s3:::centralized-vpcflowlogs-logging-us"
    "us-west-1"      = "arn:aws:s3:::centralized-vpcflowlogs-logging-us"
    "ap-southeast-2" = "arn:aws:s3:::centralized-vpcflowlogs-logging-aus"
  }

  # hard-coded variables for testing purposes only
  current_region = "us-east-1"
  network_id     = "vpc-1234567890"
  # current_region = data.aws_region.current.name
  # network_id     = aws_vpc.network.id

  # current_region must be one of the keys defined in s3_bucket_arn
  s3_bucket_arn = local.s3_bucket_arns[local.current_region]
}

resource "null_resource" "vpc_flow_log" {
  triggers = {
    log_destination      = "${local.s3_bucket_arn}/${var.environment}/${local.current_region}/${local.network_id}"
    log_destination_type = "s3"
    traffic_type         = "ALL"
  }
}

跑步

terraform plan
:

Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
  + create

Terraform will perform the following actions:

  # null_resource.vpc_flow_log will be created
  + resource "null_resource" "vpc_flow_log" {
      + id       = (known after apply)
      + triggers = {
          + "log_destination"      = "arn:aws:s3:::centralized-vpcflowlogs-logging-us/dev/us-east-1/vpc-1234567890"
          + "log_destination_type" = "s3"
          + "traffic_type"         = "ALL"
        }
    }

Plan: 1 to add, 0 to change, 0 to destroy.
最新问题
© www.soinside.com 2019 - 2024. All rights reserved.