堆栈内存溢出
  简体   繁体   English

如何使用 Terraform 数据源来引用托管前缀列表?

[英]How Do I Use A Terraform Data Source To Reference A Managed Prefix List?

 原文  2022-09-15 10:59:52       amazon-web-services/ terraform/ terraform-provider-aws

问题描述

I'm trying to update a terraform module to add a new security group, which will have an inbound rule populated with two managed prefix lists.我正在尝试更新 terraform 模块以添加一个新的安全组,该安全组将包含一个包含两个托管前缀列表的入站规则。 The prefix lists are shared to my AWS account from a different account using AWS Resource Access Manager, however I have tried referencing prefix lists created within my own AWS account and am seeing the same error.前缀列表使用 AWS Resource Access Manager 从另一个账户共享到我的 AWS 账户,但是我尝试引用在我自己的 AWS 账户中创建的前缀列表并看到相同的错误。

Below is the terraform I am using:下面是我正在使用的 terraform:

resource "aws_security_group" "akamai_sg" {
  name                   = "akamai-pl-sg"
  description            = "Manage access from Akamai to ${var.environment} alb"
  vpc_id                 = var.vpc_id
  tags                   = merge(var.common_tags, tomap({ "Name" = "akamai-pl-sg" }))
  revoke_rules_on_delete = true
}

resource "aws_security_group_rule" "akamai_to_internal_alb" {
  for_each = toset(var.domains_inc_akamai)

  type                     = "ingress"
  description              = "Allow Akamai into ${var.environment}${var.domain_name_suffix}-alb"
  from_port                = var.alb_listener_port
  to_port                  = var.alb_listener_port
  protocol                 = "tcp"
  security_group_id        = aws_security_group.akamai_sg.id
  prefix_list_ids          = [data.aws_prefix_list.akamai-site-shield.id, data.aws_prefix_list.akamai-staging.id]
}

data "aws_prefix_list" "akamai-site-shield" {
  filter {
    name   = "prefix-list-id"
    values = ["pl-xxxxxxxxxx"]
  }
}

data "aws_prefix_list" "akamai-staging" {
  filter {
    name   = "prefix-list-id"
    values = ["pl-xxxxxxxxxx"]
  }
}

The terraform error I am revieving reads: "Error: no matching prefix list found; the prefix list ID or name may be invalid or not exist in the current region"我正在修改的 terraform 错误显示为: “错误:未找到匹配的前缀列表;前缀列表 ID 或名称可能无效或当前区域不存在”

Is anyone able to help, or see where I am going wrong?有没有人可以提供帮助,或者看看我哪里出错了?

Thanks in advance.提前致谢。

1 个解决方案

解决方案1
 0  2022-09-15 11:08:37

Would not be the following possible?会不会以下可能?

data "aws_vpc_endpoint" "s3" {
  vpc_id       = aws_vpc.foo.id
  service_name = "com.amazonaws.us-west-2.s3"
}

data "aws_prefix_list" "s3" {
  prefix_list_id = aws_vpc_endpoint.s3.prefix_list_id
}

It seems the solution is to use:似乎解决方案是使用:

data "aws_ec2_managed_prefix_list" "example" {
  filter {
    name   = "prefix-list-name"
    values = ["my-prefix-list"]
  }
}

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何在 terraform 路由表中引用 AWS 本地前缀列表? - How to reference AWS local prefix list in terraform route table? 如何使用 terraform 在 EC2 中为 EKS 托管节点编辑“名称”标签? - How do I use terraform to edit the "Name" tag in EC2 for a EKS managed node? 如何使用 terraform 获取具有给定前缀的所有 S3 存储桶的列表? - How do I get list of all S3 Buckets with given prefix using terraform? 如何使用 terraform 连接不同 VPC 中的副本 Postgres RDS 及其源? - How do I use terraform to connect a replica Postgres RDS and its Source in a different VPC? 如何使用数据源找出使用 terraform 的 AWS 负载均衡器的 ARN? - How can I use a data source to find out the ARN of AWS load balancer using terraform? 如何在 Terraform 外部数据源中使用 AWS cli 命令 - How to use an AWS cli command in a Terraform external data source 无法将 AWS API 网关使用计划引用为 Terraform 中的数据源 - Unable to reference an AWS API Gateway Usage Plan as a data source in Terraform 如何在 terraform 中向组添加托管策略? - How do you add a managed policy to a group in terraform? 如何用字符串插入 terraform 资源引用? - How do Interpolate a terraform resource reference with a string? 如何使用 Terraform 将我的 Lambda 连接到现有 VPC? - How do I use Terraform to attach my Lambda to to an existing VPC?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM