Terraform aws_s3_bucket_website_configuration 不断创建 aws_s3_bucket 资源的网站块

问题描述 投票:0回答:2

我在 Terraform 上使用 

~3.0
作为 AWS 提供商版本,最后下载 
terraform init
3.75.1
。当我运行
terraform plan
时,出现了警告;

Warning: Argument is deprecated

  on main.tf line 14, in resource "aws_s3_bucket" "xxx":
  14: resource "aws_s3_bucket" "xxx" {

Use the aws_s3_bucket_website_configuration resource instead

我的桶资源是这样的;

resource "aws_s3_bucket" "bucket" {
  bucket = "bucket"
  acl    = "public-read"
  policy = <<EOF
{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Principal": "*",
            "Action": "s3:GetObject",
            "Resource": "arn:aws:s3:::bucket/*"
        }
    ]
}
EOF

  website {
    index_document = "index.html"
    error_document = "index.html"
  }
}

由于提供程序配置的最新更改以及我因更改而收到的弃用警告,我将我的存储桶资源划分为 3 个,如下所示;

resource "aws_s3_bucket" "bucket" {
  bucket = "bucket"
  policy = <<EOF
{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Principal": "*",
            "Action": "s3:GetObject",
            "Resource": "arn:aws:s3:::bucket/*"
        }
    ]
}
EOF
}

resource "aws_s3_bucket_acl" "bucket-acl" {
  bucket = aws_s3_bucket.bucket.id
  acl    = "public-read"
}

resource "aws_s3_bucket_website_configuration" "bucket-website-config" {
  bucket = aws_s3_bucket.bucket.id

  index_document {
    suffix = "index.html"
  }
  error_document {
    key = "index.html"
  }
}

我运行了

terraform plan
,输出如下;

# aws_s3_bucket.bucket will be updated in-place
  ~ resource "aws_s3_bucket" "bucket" {
      ~ acl                         = "public-read" -> "private"
        id                          = "bucket"
        tags                        = {}
        # (13 unchanged attributes hidden)


      - website {
          - error_document = "index.html" -> null
          - index_document = "index.html" -> null
        }
        # (1 unchanged block hidden)
    }


# aws_s3_bucket_acl.bucket-acl will be created
  + resource "aws_s3_bucket_acl" "bucket-acl" {
      + acl    = "public-read"
      + bucket = "bucket"
      + id     = (known after apply)

      + access_control_policy {
          + grant {
              + permission = (known after apply)

              + grantee {
                  + display_name  = (known after apply)
                  + email_address = (known after apply)
                  + id            = (known after apply)
                  + type          = (known after apply)
                  + uri           = (known after apply)
                }
            }

          + owner {
              + display_name = (known after apply)
              + id           = (known after apply)
            }
        }
    }

# aws_s3_bucket_website_configuration.bucket-website-config will be created
  + resource "aws_s3_bucket_website_configuration" "bucket-website-config" {
      + bucket           = "bucket"
      + id               = (known after apply)
      + website_domain   = (known after apply)
      + website_endpoint = (known after apply)

      + error_document {
          + key = "index.html"
        }

      + index_document {
          + suffix = "index.html"
        }
    }

尽管有些困惑(因为我无法理解 

aws_s3_bucket
上的更改。因为我基本上使用相同的配置值),但我还是运行 
terraform apply
看看会发生什么。

应用每次更改后,我都会运行 

terraform plan
以确保一切都是最新的。从这以后,我的环境就进入了一种恶性循环。

第二个

terraform plan
输出是;

aws_s3_bucket.bucket will be updated in-place
  ~ resource "aws_s3_bucket" "bucket" {
        id                          = "bucket"
        tags                        = {}
        # (14 unchanged attributes hidden)


      - website {
          - error_document = "index.html" -> null
          - index_document = "index.html" -> null
        }
        # (1 unchanged block hidden)
    }

正如我们所看到的,它尝试从存储桶中删除网站配置。我也为此跑了

terraform apply
,申请后,我第三次跑了
terraform plan

# aws_s3_bucket_website_configuration.bucket-website-config will be created
  + resource "aws_s3_bucket_website_configuration" "bucket-website-config" {
      + bucket           = "bucket"
      + id               = (known after apply)
      + website_domain   = (known after apply)
      + website_endpoint = (known after apply)

      + error_document {
          + key = "index.html"
        }

      + index_document {
          + suffix = "index.html"
        }
    }

当我应用此方法时,Terraform 会再次尝试删除网站配置,并且这些更改循环会持续下去。

这是一个错误吗?有人偶然发现这个问题吗?除了添加

ignore_changes
块或降级提供商版本之外还有其他解决方案吗?

任何帮助将不胜感激, 非常感谢。

terraform-provider-aws
2个回答
5
投票

我遇到了完全相同的情况,并且由于提供商版本太旧而遇到了它。 我还使用了 ~3.62 AWS 提供商。

根据提供商变更日志,其中一些资源刚刚通过 4.0.0 添加:

  • 新资源:aws_s3_bucket_website_configuration (#22648)
  • 新资源:aws_s3_bucket_acl (#22853)

我为 AWS 提供商切换到版本 >= 4.4,之后一切都按预期工作(只是提一下,我选择 4.4 是因为与此问题无关的其他原因。4.0 也应该已经足够了)。

1
投票

正如@lopin所说,这是旧版本提供程序的问题。除了 @Oguzhan Aygun 生命周期解决方法之外,您还可以使用旧版本提供程序方法,即 

website
资源内的 
aws_s3_bucket
块,如下所示;

resource "aws_s3_bucket" "b" {
  bucket = "s3-website-test.hashicorp.com"

  website {
    index_document = "index.html"
    error_document = "error.html"

    routing_rules = ...
}
最新问题
© www.soinside.com 2019 - 2024. All rights reserved.