堆棧內存溢出
  簡體   English   中英

Terraform 錯誤:引用未聲明的資源

[英]Terraform Error: Reference to undeclared resource

 原文  2021-03-02 04:46:38       amazon-web-services/ amazon-s3/ syntax/ terraform/ terraform-provider-aws

問題描述

我正在嘗試在跨區域的 terraform 中運行 s3 復制。 我的大部分代碼都很好,但我只收到 2 個似乎無法解決的錯誤。

我的主要 s3.tf 的一部分是

resource "aws_kms_key" "s3_replica-us-west-2" {
  description             = "S3 master key replica us-west-2"
  deletion_window_in_days = 30
  enable_key_rotation     = "true"
}

module "s3_replica" {
  source = "git@github.com:xxx"

  providers = {
    aws     = "aws.us-west-2"
  }

  name                  = "s3_replica"
  logging_bucket_prefix = "s3_replica"
  versioning            = var.versioning
  bucket_logging        = var.bucket_logging
  logging_bucket_name   = var.logging_bucket_name

  kms_key_id    = aws_kms_key.s3_replica-us-west-2.key_id
  sse_algorithm = var.sse_algorithm
}

module "s3" {
  source                = "git@github.com:xxxx"
  name                  = "s3"
  logging_bucket_prefix = "s3"
  versioning            = var.versioning
  bucket_logging        = var.bucket_logging
  logging_bucket_name   = var.logging_bucket_name

  kms_key_id    = aws_kms_key.s3.key_id
  sse_algorithm = var.sse_algorithm

  replication_configuration = {
    role = aws_iam_role.s3_replication.arn

      rules = {
         id = "replicate_to_${local.s3_replica}"
         prefix = ""
         status = "Enabled"

        destination = {
          bucket = lookup.module.s3_replica.bucket_arn
          replica_kms_key_id = lookup.s3_replica_arn
          }
        }

      source_selection_criteria = {
          sse_kms_encrypted_objects = {
            enabled = true
          }
        }
  }

我使用的模塊中的復制配置塊的一部分是:

dynamic "replication_configuration" {
    for_each = length(keys(var.replication_configuration)) == 0 ? [] : [var.replication_configuration]

    content {
      role = replication_configuration.value.role

      dynamic "rules" {
        for_each = replication_configuration.value.rules

        content {
          id       = lookup(rules.value, "id", null)
          priority = lookup(rules.value, "priority", null)
          prefix   = lookup(rules.value, "prefix", null)
          status   = lookup(rules.value, "status", null)

          dynamic "destination" {
            for_each = length(keys(lookup(rules.value, "destination", {}))) == 0 ? [] : [lookup(rules.value, "destination", {})]

            content {
              bucket             = lookup(destination.value, "bucket", null)
              storage_class      = lookup(destination.value, "storage_class", null)
              replica_kms_key_id = lookup(destination.value, "replica_kms_key_id", null)
              account_id         = lookup(destination.value, "account_id", null)
            }
          }

          dynamic "source_selection_criteria" {
            for_each = length(keys(lookup(rules.value, "source_selection_criteria", {}))) == 0 ? [] : [lookup(rules.value, "source_selection_criteria", {})]

            content {

              dynamic "sse_kms_encrypted_objects" {
                for_each = length(keys(lookup(source_selection_criteria.value, "sse_kms_encrypted_objects", {}))) == 0 ? [] : [lookup(source_selection_criteria.value, "sse_kms_encrypted_objects", {})]

                content {

                  enabled = sse_kms_encrypted_objects.value.enabled
                }
              }
            }
          }

        }
      }
    }
  }
}

現在,當我運行 terraform init 時......它可以工作。 但是當我運行 terraform 計划時,我得到了錯誤:

Error: Reference to undeclared resource

  on s3.tf line 108, in module "s3":
 108:           bucket = lookup.module.s3_replica.bucket_arn

A managed resource "lookup" "module" has not been declared in the root module.


Error: Reference to undeclared resource

  on s3.tf line 109, in module "s3":
 109:           replica_kms_key_id = lookup.s3_replica-us-west-2_arn

A managed resource "lookup" "s3_replica_arn" has not been declared
in the root module.

現在我不知道為什么會出現這些錯誤..

1 個解決方案

解決方案1
 2 已采納  2021-03-02 06:20:33

據我了解,您的s3_replica存儲桶是在module.s3中創建的,您希望訪問其 ARN 以初始化module.s3 遺憾的是,您不能這樣做,因為在模塊完全創建之前您無法引用模塊輸出。

解決此問題的一種方法是首先創建s3_replica ,然后將其傳遞給module.s3 下面只是一個例子,可能需要更多的修改:

resource "aws_s3_bucket" "s3_replica" {
  bucket = "my-replication-bucket-23223"
  acl    = "private"
}

resource "aws_kms_key" "s3_replica" {
  description             = "KMS for replication"
  deletion_window_in_days = 10
}

module "s3" {

  # 
  #

  replication_configuration = {
    role = aws_iam_role.s3_replication.arn

      rules = {
         id = "replicate_to_${local.s3_replica}"
         prefix = ""
         status = "Enabled"

        destination = {
          bucket             = resource.aws_s3_bucket.s3_replica.arn
          replica_kms_key_id = resource.aws_kms_key.s3_replica.arn
          }
        }

      source_selection_criteria = {
          sse_kms_encrypted_objects = {
            enabled = true
          }
        }
  }

我建議您查看 TF 文檔中的Module Composition 它通過示例解釋了如何使用模塊。

暫無
暫無

聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.

相關問題 Terraform AWS:錯誤:未聲明變量的值 為什么在嘗試設置安全組 ID 時會收到“對未聲明資源的引用”錯誤? 如何用字符串插入 terraform 資源引用? 在 Terraform 中如何引用另一個資源中一個資源的 ID? Terraform 資源:執行應用時出現連接錯誤? Terraform For_Each:如何引用創建的資源 ID 具有 kms 數據資源的 terraform 代碼的無效 arn 錯誤 Terraform - 當模塊的資源已經存在時,EntityAlreadyExists 錯誤 (409) 為什么我們在 terraform 中出現資源存在錯誤? 如何使 Terraform 繼續執行並在 terraform 應用期間忽略資源創建錯誤?
相關標簽
 
粵ICP備18138465號  © 2020-2024 STACKOOM.COM