堆栈内存溢出
  简体   繁体   English

Terraform 11 附加安全组错误

[英]Terraform 11 Additional Security Group Error

 原文  2021-03-26 18:07:54       amazon-web-services/ security/ continuous-integration/ terraform/ efs

问题描述

I'm adding additional security groups in Terraform 11, using AWS Provider 2.70.0 to an EFS Mount Target.我在 Terraform 11 中添加额外的安全组,使用 AWS Provider 2.70.0 到 EFS 挂载目标。

The code block is:代码块是:

resource "aws_efs_mount_target" "default" {
  count          = "${length(split(",",var.backend_subnets)) > 0 ? length(split(",",var.backend_subnets)) : 0}"
  file_system_id = "${aws_efs_file_system.default.id}"
  ip_address     = "${var.mount_target_ip_address}"
  subnet_id      = "${element(split(",", var.backend_subnets), count.index)}"
  security_groups = ["${var.additional_security_groups == "" ? aws_security_group.efs_default_sg.id : format("%s,%s",var.additional_security_groups,aws_security_group.efs_default_sg.id)}"]
}

The variable definition is:变量定义为:

variable "additional_security_groups" {
  description = "Comma separated string of security group ID's"
  default     = ""
}

But the following errors are occurring:但是会出现以下错误:

* module.efs.aws_efs_mount_target.default[1]: 1 error(s) occurred:

* aws_efs_mount_target.default.1: ValidationException:
status code: 400, request id: 5ee48121-27c3-432b-98e9-e2ffdc6e0fdd

plugin.terraform-provider-aws_v2.70.0_x4: 2021/03/26 17:49:50 [ERR] plugin: plugin server: accept unix /tmp/plugin935042092: use of closed network connection

There is no issue when run without the additional security group.在没有附加安全组的情况下运行没有问题。

Any ideas or tips would be much appreciated!任何想法或提示将不胜感激!

1 个解决方案

解决方案1
 0  2021-03-29 10:34:01

So the issue was not with the plugin but was with the compare statement for the security groups.所以问题不在于插件,而在于安全组的比较语句。

The working compare:工作比较:

security_groups = ["${split(",", length(var.additional_security_groups) > 0 ? join(",", concat(list(aws_security_group.efs_default_sg.id), var.additional_security_groups)) : join(",", list(aws_security_group.efs_default_sg.id)))}"]

And to support this, the variable type had to be changed to list:为了支持这一点,必须将变量类型更改为列表:

variable "additional_security_groups" {
  description = "Comma separated list of security group ID's"
  default     = ["sg-123","sg-789"]
}

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 AWS 安全组不在 VPC 错误中,出现 Terraform - AWS Security Group not in VPC error with Terraform terraform:创建安全组时出错:UnauthorizedOperation:您无权执行此操作 - terraform : Error creating Security Group: UnauthorizedOperation: You are not authorized to perform this operation Terraform:安全组中的循环定义 - Terraform: Cycle definitions in security group Terraform 解耦安全组依赖 - Terraform decouple Security Group dependency EKS 托管节点组中的附加安全组 - Additional security group in EKS managed node group Terraform 将新安全组添加到现有安全组 - Terraform add new security group to an existing security group 从 terraform 中的安全组名称中提取安全组 ID - Extract security group id from security group name in terraform Terraform - 为安全组迭代并创建入口规则 - Terraform - Iterate and create Ingress Rules for a Security Group AWS 和 Terraform - 安全组中的默认出口规则 - AWS and Terraform - Default egress rule in security group 获取 AWS 安全组 ID Terraform 模块 - Get ID of AWS Security Group Terraform Module
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM