9

我有一个terraform文件在我运行时失败terraform plan并出现错误:

Error: Cycle: module.hosting.data.template_file.bucket_policy, module.hosting.aws_s3_bucket.website

这是有道理的,因为桶指的是策略,反之亦然:

data "template_file" "bucket_policy" {
  template = file("${path.module}/policy.json")
  vars = {
    bucket = aws_s3_bucket.website.arn
  }
}

resource "aws_s3_bucket" "website" {
  bucket = "xxx-website"

  website {
    index_document = "index.html"
  }

  policy = data.template_file.bucket_policy.rendered
}

如何避免这种双向引用?

4

2 回答 2

5

您可以使用该aws_s3_bucket_policy资源。这允许您在没有循环依赖的情况下创建资源。

这样,Terraform 可以:

  1. 创建存储桶
  2. 使用存储桶 ARN 创建模板文件
  3. 创建策略,返回模板文件并将其附加到存储桶。

代码看起来像这样:

data "template_file" "bucket_policy" {
  template = file("${path.module}/policy.json")
  vars = {
    bucket = aws_s3_bucket.website.arn
  }
}

resource "aws_s3_bucket" "website" {
  bucket = "xxx-website"

  website {
    index_document = "index.html"
  }
}

resource "aws_s3_bucket_policy" "b" {
  bucket = "${aws_s3_bucket.website.id}"

  policy = data.template_file.bucket_policy.rendered
}
于 2020-05-18T16:19:05.533 回答
3

您可以自己构建存储桶的 ARN:

locals {
  bucket_name = "example"
  bucket_arn  = "arn:aws:s3:::${local.bucket_name}"
}

data "template_file" "bucket_policy" {
  template = file("${path.module}/policy.json")
  vars = {
    bucket = local.bucket_arn
  }
}

resource "aws_s3_bucket" "website" {
  bucket = local.bucket_name

  website {
    index_document = "index.html"
  }

  policy = data.template_file.bucket_policy.rendered
}
于 2020-05-18T13:02:16.400 回答