stackoom
  简体   繁体   中英

AWS ElasticBeanstalk Terraform DisableIMDSv1 Unknown Configuration Setting

 原文  2020-08-19 21:17:35       amazon-web-services/ amazon-ec2/ amazon-elastic-beanstalk/ terraform

Question

I'm trying to disable IMDSv1 in an ElasticBeanstalk Module I'm writing. I'm looking at the available EB auto scaling setting options here . It shows that the DisableIMDSv1 is a valid setting but when I run a terraform apply it's giving me this error.

ConfigurationValidationException: Configuration validation exception: Invalid option specification (Namespace: 'aws:autoscaling:launchconfiguration', OptionName: 'DisableIMDSv1'): Unknown configuration setting.
        status code: 400

I'm using a variable to loop through my settings so this is what the variable code with the DisableIMDSv1 looks like.

    launch_configuration = {
      namespace = "aws:autoscaling:launchconfiguration"
      name      = "IamInstanceProfile"
      value     = "some-role"
    }
    disable_imds_v1 = {
      namespace = "aws:autoscaling:launchconfiguration"
      name      = "DisableIMDSv1"
      value     = "true"
    }

If I comment out the disable_imds_v1 part I can successfully run my terraform apply .

It looks like the DisableIMDSv1 option might be a new addition to the available beanstalk settings options. Added June 2020 .

Is this a terraform issue where they don't have the option available or I need to upgrade to terraform 0.13.x? I'm using terraform version 0.12.23 with aws provider 3.2.0 . I ran a terraform init -upgrade which bumped up my aws provider from 3.1.0 to 3.2.0 thinking that might fix it but I'm still seeing the Unknown configuration setting message.

1 answers

solution1
 2 ACCPTED  2020-08-20 00:20:40

I had the same issue for EB environments based on Amazon Linux 1 (AL1). I think the option is not supported for AL1. But it worked for me in AL2.

Below is an example that I use. I also use setting as a name of settings, rather then launch_configuration and disable_imds_v1 as in your case.

For example, I used aws_elastic_beanstalk_environment :

resource "aws_elastic_beanstalk_environment" "ebenv" {

  # ...

  # DisableIMDSv1 option will NOT work in AL1 
  #solution_stack_name = "64bit Amazon Linux 2018.03 v2.9.9 running PHP 7.2"

  # but it will work with AL2 
  solution_stack_name = "64bit Amazon Linux 2 v3.1.0 running PHP 7.4"
  
  setting {
    namespace = "aws:autoscaling:launchconfiguration"
    name  = "EC2KeyName"
    value = aws_key_pair.key.key_name
  }
 
  setting {
    namespace = "aws:autoscaling:launchconfiguration"
    name      = "DisableIMDSv1"
    value     = "true"
  }  
  
}

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Setting Up Terraform on AWS AWS SSO configuration via Terraform How to maintain different aws profiles in terraform provider configuration AWS ElasticBeanstalk Django display images Terraform Serverless Applications with AWS Lambda and API Gateway unknown token? 502 Bad Gateway in elasticbeanstalk of AWS Using aws_s3_bucket_cors_configuration for multiple cors_rules with terraform aws provider version 4 Using gzip in AWS ElasticBeanstalk Nginx How to handle canary releases on AWS elasticbeanstalk? How to access files deployed in aws elasticbeanstalk
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM