我正在尝试使用 Terraform 为我的 ACM 证书创建一组验证记录,但遇到了一个奇怪的问题。
resource "aws_acm_certificate" "cert" {
domain_name = "${element(var.domains, count.index)}"
count = "${length(var.domains)}"
validation_method = "DNS"
lifecycle {
create_before_destroy = true
}
}
resource "aws_route53_record" "cert-record" {
name = "${element(aws_acm_certificate.cert.*.domain_validation_options.0.resource_record_name, count.index)}"
type = "${element(aws_acm_certificate.cert.*.domain_validation_options.0.resource_record_type, count.index)}"
zone_id = "${var.zone-id}"
count = "${length(var.domains)}"
ttl = 30
records = [
"${element(aws_acm_certificate.cert.*.domain_validation_options.0.resource_record_value, count.index)}"
]
depends_on = [
"aws_acm_certificate.cert"
]
}
resource "aws_acm_certificate_validation" "cert-valid" {
certificate_arn = "${element(aws_acm_certificate.cert.*.arn, count.index)}"
count = "${length(var.domains)}"
validation_record_fqdns = [
"${element(aws_route53_record.cert-record.*.fqdn, count.index)}"
]
depends_on = [
"aws_route53_record.cert-record"
]
}
每当我运行该程序时,都会收到以下错误:
Error: Error running plan: 1 error occurred:
* module.swarm.module.certs.aws_route53_record.cert-record: 5 errors occurred:
* module.swarm.module.certs.aws_route53_record.cert-record[0]: Resource 'aws_acm_certificate.cert' does not have attribute 'domain_validation_options.0.resource_record_type' for variable 'aws_acm_certificate.cert.*.domain_validation_options.0.resource_record_type'
* module.swarm.module.certs.aws_route53_record.cert-record[4]: Resource 'aws_acm_certificate.cert' does not have attribute 'domain_validation_options.0.resource_record_value' for variable 'aws_acm_certificate.cert.*.domain_validation_options.0.resource_record_value'
* module.swarm.module.certs.aws_route53_record.cert-record[3]: Resource 'aws_acm_certificate.cert' does not have attribute 'domain_validation_options.0.resource_record_name' for variable 'aws_acm_certificate.cert.*.domain_validation_options.0.resource_record_name'
* module.swarm.module.certs.aws_route53_record.cert-record[2]: Resource 'aws_acm_certificate.cert' does not have attribute 'domain_validation_options.0.resource_record_type' for variable 'aws_acm_certificate.cert.*.domain_validation_options.0.resource_record_type'
* module.swarm.module.certs.aws_route53_record.cert-record[1]: Resource 'aws_acm_certificate.cert' does not have attribute 'domain_validation_options.0.resource_record_value' for variable 'aws_acm_certificate.cert.*.domain_validation_options.0.resource_record_value'
奇怪的是,这几乎是文档中示例的副本,只是修改为使用“count”属性并自动迭代主机名列表。
调试说明:
$ ../terraform -v
Terraform v0.11.14
+ provider.aws v2.19.0
+ provider.postgresql v1.1.0
答案1
刚刚遇到了同样的问题并且认为没有解决方案:
- 当您添加 count. 元素时,您会创建一个嵌套列表,据我所知,元素等无法处理这些嵌套变量。
- 我将其移到一个模块中但却遇到了
count模块缺失的情况。
我的最终解决方案是创建一个执行上述操作的模块。然后多次调用它。虽然不理想,但很简洁。