0

我有一个Terraform资源可以在AWS Backup. 我正在尝试基于tags. 因此,通过参考Terraform docs在线(按标签选择备份),我创建了一个如下所示的资源:

resource "aws_backup_selection" "select_lin_config" {
iam_role_arn = "arn:aws:iam::abc"
name         = "lin_config"
plan_id      = aws_backup_plan.bkp_plan_ec2.id

selection_tag {
  type  = "STRINGEQUALS"
  key   = "Name"
  value = "config_lin1"
 } 
}

当我执行 aterraform apply时,出现以下错误:

Error: error creating Backup Selection: InvalidParameterValueException: Invalid selection conditions Condition(conditionType=STRINGEQUALS, conditionKey=Name, conditionValue=config_lin1)
{
  RespMetadata: {
StatusCode: 400,

RequestID: "587a331c-e218-4341-9de1-a69a3ef7ec21"
  },
  Code_: "ERROR_3309",
  Context: "Condition(conditionType=STRINGEQUALS, conditionKey=Name, conditionValue=config_lin1)",
  Message_: "Invalid selection conditions Condition(conditionType=STRINGEQUALS, conditionKey=Name, conditionValue=config_lin1)"
}
4

1 回答 1

0

我几乎使用了来自 Terraform 文档的以下示例,并且它有效。将以下内容复制并粘贴到您的 Terraform 代码中并尝试一下。

可以肯定的是,您可能希望使用terraform init -upgrade. 我的 AWS 提供商版本是 3.26.0。

resource "aws_backup_vault" "example" {
  name        = "example_backup_vault"
}

resource "aws_backup_plan" "example" {
  name = "tf_example_backup_plan"

  rule {
    rule_name         = "tf_example_backup_rule"
    target_vault_name = aws_backup_vault.example.name
    schedule          = "cron(0 12 * * ? *)"
  }

  advanced_backup_setting {
    backup_options = {
      WindowsVSS = "enabled"
    }
    resource_type = "EC2"
  }
}

resource "aws_iam_role" "example" {
  name               = "example"
  assume_role_policy = <<POLICY
{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Action": ["sts:AssumeRole"],
      "Effect": "allow",
      "Principal": {
        "Service": ["backup.amazonaws.com"]
      }
    }
  ]
}
POLICY
}

resource "aws_iam_role_policy_attachment" "example" {
  policy_arn = "arn:aws:iam::aws:policy/service-role/AWSBackupServiceRolePolicyForBackup"
  role       = aws_iam_role.example.name
}

resource "aws_backup_selection" "example" {
  iam_role_arn = aws_iam_role.example.arn
  name         = "tf_example_backup_selection"
  plan_id      = aws_backup_plan.example.id

  selection_tag {
    type  = "STRINGEQUALS"
    key   = "foo"
    value = "bar"
  }
}
于 2021-02-10T11:34:33.570 回答