如何使用 Terraform 创建 AWS SSM 文档 Package
[英]How to create an AWS SSM Document Package using Terraform
问题描述
Using Terraform, I am trying to create an AWS SSM Document Package for Chrome so I can install it on various EC2 instances I have.
使用 Terraform,我正在尝试为 Chrome 创建一个 AWS SSM 文档 Package,以便我可以将它安装在我拥有的各种 EC2 实例上。 I define these steps via terraform:我通过 terraform 定义这些步骤:
- Upload zip containing Chrome installer plus install and uninstall powershell scripts.上传包含 Chrome 安装程序的 zip 以及安装和卸载 powershell 脚本。
- Add that ZIP to an SSM package.将 ZIP 添加到 SSM package。
However, when I execute terraform apply I receive the following error...但是,当我执行terraform apply时,我收到以下错误...
Error updating SSM document: InvalidParameterValueException: AttachmentSource not provided in the input request.
The contents of my main.tf are as follows:我的main.tf的内容如下:
# 1. Add package zip to s3
resource "aws_s3_bucket_object" "windows_chrome_executable" {
bucket = "mybucket"
key = "ssm_document_packages/GoogleChromeStandaloneEnterprise64.msi.zip"
source = "./software-packages/GoogleChromeStandaloneEnterprise64.msi.zip"
etag = md5("./software-packages/GoogleChromeStandaloneEnterprise64.msi.zip")
}
# 2. Create AWS SSM Document Package using zip.
resource "aws_ssm_document" "ssm_document_package_windows_chrome" {
name = "windows_chrome"
document_type = "Package"
attachments_source {
key = "SourceUrl"
values = ["/path/to/mybucket"]
}
content = <<DOC
{
"schemaVersion": "2.0",
"version": "1.0.0",
"packages": {
"windows": {
"_any": {
"x86_64": {
"file": "GoogleChromeStandaloneEnterprise64.msi.zip"
}
}
}
},
"files": {
"GoogleChromeStandaloneEnterprise64.msi.zip": {
"checksums": {
"sha256": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
}
}
}
}
DOC
}
If I change the file from a zip to a vanilla msi I do not receive the error message, however, when I navigate to the package in the AWS console it tells me that the install.ps1 and uninstall.ps1 files are missing (since obviously they weren't included).如果我将文件从 zip 更改为 vanilla msi,我不会收到错误消息,但是,当我在 AWS 控制台中导航到 package 时,它会告诉我 install.ps1 和 uninstall.ps1 文件丢失(因为显然他们不包括在内)。
Has anyone experienced the above error and do you know how to resolve it?有没有人遇到过上述错误,您知道如何解决吗? Or does anyone have reference to a detailed example of how to do this?或者是否有人参考了如何执行此操作的详细示例?
Thank you.谢谢你。
3 个解决方案
解决方案1
1 2020-09-14 20:23:46
I ran into this same problem, in order to fix it I added a trailing slash to the source url value parameter:我遇到了同样的问题,为了解决这个问题,我在源 url 值参数中添加了一个斜杠:
attachments_source {
key = "SourceUrl"
values = ["/path/to/mybucket/"]
}
My best guess is it appends the filename from the package spec to the value provided in the attachments source value so it needs the trailing slash to build a valid path to the actual file.我最好的猜测是将 package 规范中的文件名附加到附件源值中提供的值,因此它需要尾部斜杠来构建实际文件的有效路径。
解决方案2
0 2021-03-19 23:01:57
This is the way it should be set up for an attachment in s3:这是在 s3 中为附件设置的方式:
attachments_source {
key = "S3FileUrl"
values = ["s3://packer-bucket/packer_1.7.0_linux_amd64.zip"]
name = "packer_1.7.0_linux_amd64.zip"
}
解决方案3
0 已采纳 2021-04-27 16:25:27
I realized that in the above example there was no way terraform could identify a dependency between the two resources ie the s3 object needs to be created before the aws_ssm_document.我意识到在上面的示例中,terraform 无法识别两个资源之间的依赖关系,即需要在 aws_ssm_document 之前创建 s3 object。 Thus, I added in the following explicit dependency inside the aws_ssm_document:因此,我在 aws_ssm_document 中添加了以下显式依赖项:
depends_on = [
aws_s3_bucket_object.windows_chrome_executable
]
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.