[英]Terraform - Error: no matching Route53Zone found
I using https://github.com/cloudposse/terraform-aws-acm-request-certificate
to generate certificate using terraform and aws.我使用
https://github.com/cloudposse/terraform-aws-acm-request-certificate
使用 terraform 和 aws 生成证书。
I want to run this module on serval domains: "example.com", "cdn.example.com"...我想在服务域上运行此模块:“example.com”、“cdn.example.com”...
I don't want to use subject_alternative_names
for cdn.example.com
because it will be appear on the subject
field inside the certificate, and when everyone open the certificate I don't want to him to see cdn domain.我不想给
cdn.example.com
使用subject_alternative_names
,因为它会出现在证书里面的subject
字段,大家打开证书的时候我不想让他看到cdn域名。
For cdn.example.com I want a new certificate.对于 cdn.example.com,我想要一个新证书。
So I try to run terraform apply
with my code below but I getting errors:所以我尝试使用下面的代码运行
terraform apply
但出现错误:
Error: no matching Route53Zone found
错误:找不到匹配的 Route53Zone
on.terraform\modules\acm_request_certificate_example\main.tf line 19, in data "aws_route53_zone" "default": 19: data "aws_route53_zone" "default" {
on.terraform\modules\acm_request_certificate_example\main.tf 第 19 行,在数据“aws_route53_zone”“默认”中:19:数据“aws_route53_zone”“默认”{
Error: no matching Route53Zone found
错误:找不到匹配的 Route53Zone
on.terraform\modules\acm_request_certificate_cdn_example\main.tf line 19, in data "aws_route53_zone" "default": 19: data "aws_route53_zone" "default" {
on.terraform\modules\acm_request_certificate_cdn_example\main.tf 第 19 行,在数据“aws_route53_zone”“默认”中:19:数据“aws_route53_zone”“默认”{
I can't run more than more module?我不能运行更多的模块? How to solve it anyway?
无论如何如何解决它?
main.tf主程序
terraform {
required_version = "~> 0.12.0"
}
provider "aws" {
version = "~> 2.12.0"
region = "us-east-1"
}
module "acm_request_certificate_example" {
source = "git::https://github.com/cloudposse/terraform-aws-acm-request-certificate.git?ref=master"
domain_name = "example.com"
process_domain_validation_options = true
ttl = "300"
}
module "acm_request_certificate_cdn_example" {
source = "git::https://github.com/cloudposse/terraform-aws-acm-request-certificate.git?ref=master"
domain_name = "cdn.example.com"
process_domain_validation_options = true
ttl = "300"
}
I only have example.com
in the hosted zone.我在托管区域中只有
example.com
。
Based on the comments.根据评论。
The issue was caused by using process_domain_validation_options = true
.该问题是由使用
process_domain_validation_options = true
引起的。 This checks if the hosted zone exists in Roure53 prior requesting a certificate.这会在请求证书之前检查托管区域是否存在于 Roure53 中。 This is done to enable automated validation of the SSL certificate to be issued.
这样做是为了启用对要颁发的 SSL 证书的自动验证。
Since in the OP's case SSL certificates are requested for domains without corresponding zones, the terraform was erroring out.由于在 OP 的情况下,为没有相应区域的域请求 SSL 证书,因此 terraform 出错了。
The solution was to use process_domain_validation_options = false
, but this requires manual validation procedure for the SSL to be issued.解决方案是使用
process_domain_validation_options = false
,但这需要对要发布的 SSL 执行手动验证程序。 To automation of this procedure must be done through a custom solution.要使此过程自动化,必须通过自定义解决方案来完成。 In very broad terms, such solution could involve created required record for the validation using aws_route53_record , a lambda function or local-exec provisioner to created needed records.
从广义上讲,此类解决方案可能涉及使用aws_route53_record 、 lambda function 或local-exec供应商创建验证所需的记录以创建所需的记录。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.