Terraform 依赖于 aws_iam_policy
[英]Terraform depends_on aws_iam_policy
问题描述
I have a module that create some aws policy from json files.
我有一个模块可以从 json 文件创建一些 aws 策略。 Terraform plan return an error when it try to attach the new resources (policies) to the role it is creating. Terraform 计划在尝试将新资源(策略)附加到它正在创建的角色时返回错误。
The "for_each" value depends on resource attributes that cannot be determined until apply
This is ok, so I tried to use depends_on on the module that create the new resources (policies), but I still have the same error.没关系,所以我尝试在创建新资源(策略)的模块上使用depends_on,但我仍然有同样的错误。
here my module:这是我的模块:
module "admin" {
source = "./my_repo/admin"
depends_on = [
aws_iam_policy.common,
aws_iam_policy.ses_sending,
aws_iam_policy.athena_readonly,
]
policies = [
aws_iam_policy.common.arn,
aws_iam_policy.ses_sending.arn,
aws_iam_policy.athena_readonly.arn,
]
In the module./my_repo/admin I have a file with this code (here I have the error)在 module./my_repo/admin 我有一个包含此代码的文件(这里我有错误)
resource "aws_iam_role_policy_attachment" "me" {
for_each = toset(var.policies)
role = aws_iam_role.me.name
policy_arn = each.value
}
What's wrong?怎么了?
Thank you谢谢
1 个解决方案
解决方案1
0 2021-12-07 15:25:16
The "for_each" value depends on resource attributes that cannot be determined until apply, so Terraform cannot predict how many policies will be created. “for_each”值取决于资源属性,直到应用才能确定,因此 Terraform 无法预测将创建多少策略。 To work around this, use the -target argument to first apply only the resources that the for_each depends on.要解决此问题,请使用 -target 参数首先仅应用 for_each 所依赖的资源。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.