我想使用 terraform 为跨区域中的每个 vpc 创建安全组,下面是我正在使用的 terraform 文件
“安全组.tf”
locals {
vpcs = ["aws_vpc.vpc_useast.id", "aws_vpc.vpc_uswest.id"]
}
resource "aws_security_group" "alb_security_group" {
for_each = toset(local.vpcs)
name = "alb security group"
description = "enable ssh/http/https access on port 80/443"
vpc_id = each.value
ingress {
}
egress {
}
tags = {
Name = "allow_SSH_HTTP_HTTPS"
}
provider = aws.us-east-2
}
“vpc.tf”
resource "aws_vpc" "vpc_useast" {
cidr_block = "20.0.0.0/16"
tags = {
Name = "TF-LB-VPC-A"
}
}
“provider.tf”
provider "aws" {
region = "us-east-1"
}
provider "aws" {
alias = "us-east-2"
region = "us-east-2"
}
执行后出现以下错误 错误:创建安全组(alb 安全组):InvalidVpcID.NotFound:vpc ID 'aws_vpc.vpc_useast.id' 不存在 状态代码:400,请求 ID:72eefd3b-5316-4693-964e-08dfe55a2b0a
with aws_security_group.alb_security_group1["aws_vpc.vpc_useast.id"],
on securitygroup.tf line 9, in resource "aws_security_group" "alb_security_group1":
9: resource "aws_security_group" "alb_security_group1" {
请帮忙
问题在于本地值定义:
locals {
vpcs = ["aws_vpc.vpc_useast.id", "aws_vpc.vpc_uswest.id"] }
当您添加双引号时,Terraform 会将值视为字符串,并将文本放在引号内。也就是说,您传递给函数的 ID 是:“aws_vpc.vpc_useast.id”和“aws_vpc.vpc_uswest.id”,而不是实际的 id。
要解决此问题,您需要删除双引号,以便变量将指向实际 ID。