0

我有 2 个事件:

在事件桥/事件/event1/main.tf

module "event1" {
  source              = "../../rule"
  name                = "event1"
  description         = "event1"
  schedule_expression = "cron(0 4 * * ? *)"
  input               = jsonencode({"job-type": "event1"})
  cloudwatch_arn      = module.targets.cloudwatch_arn
}

module "targets" {
  source = "../../targets"
}

在事件桥/事件/event2/main.tf

module "event2" {
  source              = "../../rule"
  name                = "event2"
  description         = "event2"
  schedule_expression = "cron(0 5 * * ? *)"
  input               = jsonencode({"job-type": "event2"})
  cloudwatch_arn      = module.targets.cloudwatch_arn
}

module "targets" {
  source = "../../targets"
}

在事件桥/目标/main.tf

resource "aws_cloudwatch_log_group" "log_group_target" {
  name = "/aws/events/${local.rule_name}"
}

resource "aws_sns_topic" "sns_target" {
  name = local.rule_name
}

resource "aws_sns_topic_policy" "sns-target-policy" {
  arn    = aws_sns_topic.sns_target.arn
  policy = data.aws_iam_policy_document.events_to_sns_topic_policy.json
}

data "aws_iam_policy_document" "events_to_sns_topic_policy" {
  statement {
    effect  = "Allow"
    actions = ["SNS:Publish"]

    principals {
      type        = "Service"
      identifiers = ["events.amazonaws.com"]
    }

    resources = [aws_sns_topic.sns_target.arn]
  }
}

在事件桥/目标/变量.tf

locals {
  rule_name = "scheduled-events"
}

在事件桥/目标/输出.tf

output "cloudwatch_arn" {
  value = aws_cloudwatch_log_group.log_group_target.arn
}

output "sns_topic_arn" {
  value = aws_sns_topic.sns_target.arn
}

在事件桥/规则/main.tf

resource "aws_cloudwatch_event_rule" "rule" {
  name                = var.name
  description         = var.description
  schedule_expression = var.schedule_expression
}

resource "aws_cloudwatch_event_target" "cloud_watch_target" {
  rule  = local.rule_name
  arn   = var.cloudwatch_arn
}

resource "aws_cloudwatch_event_target" "sns_target" {
  rule      = local.rule_name
  arn       = var.sns_arn
  input     = var.input
}

在事件桥/规则/变量.tf

locals {
  rule_name = "scheduled-events"
}

variable "name" {
  description = "A name of the event bridge rule to be created"
  type        = string
}

variable "description" {
  description = "A description of the event bridge rule to be created"
  type        = string
}

variable "input" {
  description = "A message for the events to be processed by this rule"
  type        = any
}

variable "schedule_expression" {
  description = "A scheduled time interval for the events to be processed"
  type        = any
}

variable "cloudwatch_arn" {
  description = "Logging cloudwatch arn for the events to be processed"
  type        = any
}

如果我计划为每个事件创建另一个 cloudwatch 日志组和 sns 目标,并且应用时由于名称相同而出现错误,但我希望他们使用相同的 cloudwatch 日志组和 sns 目标..你知道如何我能做到吗?多谢!!

4

1 回答 1

2

一个资源只能在该状态的一个地址进行管理。您正在创建目标模块的两个实例:module.event1.module.targetsmodule.event2.module.targets.

如果要在两个事件模块中使用在一个目标模块中创建的相同值,则必须将模块输出作为变量传递或使用事件模块中的数据源来引用目标。在这两种情况下,只创建一个目标模块。

根据要求,我正在扩大答案以澄清。

考虑以下目录结构。

  • 规则/
    • 主文件
    • 变量.tf
  • 目标/
    • 主文件
    • 输出.tf
    • 变量.tf
  • ./main.tf

这里根目录下的 main.tf 是状态的提供者。这是文件的内容,虽然我没有测试过。

规则/main.tf

resource "aws_cloudwatch_event_rule" "rule" {
  name                = var.name
  description         = var.description
  schedule_expression = var.schedule_expression
}

resource "aws_cloudwatch_event_target" "cloud_watch_target" {
  rule = aws_cloudwatch_event_rule.rule.name
  arn  = var.cloudwatch_arn
}

resource "aws_cloudwatch_event_target" "sns_target" {
  rule  = aws_cloudwatch_event_rule.rule.name
  arn   = var.sns_topic_arn
  input = var.input
}

规则/变量.tf

variable "name" {
  description = "A name of the event bridge rule to be created"
  type        = string
}

variable "description" {
  description = "A description of the event bridge rule to be created"
  type        = string
}

variable "input" {
  description = "A message for the events to be processed by this rule"
  type        = any
}

variable "schedule_expression" {
  description = "A scheduled time interval for the events to be processed"
  type        = string
}

variable "cloudwatch_arn" {
  description = "Logging cloudwatch arn for the events to be processed"
  type        = string
}

variable "sns_topic_arn" {
  type = string
}

目标/main.tf

resource "aws_cloudwatch_log_group" "log_group_target" {
  name = "/aws/events/${local.rule_name}"
}

resource "aws_sns_topic" "sns_target" {
  name = local.rule_name
}

resource "aws_sns_topic_policy" "sns-target-policy" {
  arn    = aws_sns_topic.sns_target.arn
  policy = data.aws_iam_policy_document.events_to_sns_topic_policy.json
}

data "aws_iam_policy_document" "events_to_sns_topic_policy" {
  statement {
    effect  = "Allow"
    actions = ["SNS:Publish"]

    principals {
      type        = "Service"
      identifiers = ["events.amazonaws.com"]
    }

    resources = [aws_sns_topic.sns_target.arn]
  }
}

目标/输出.tf

output "cloudwatch_arn" {
  value = aws_cloudwatch_log_group.log_group_target.arn
}

output "sns_topic_arn" {
  value = aws_sns_topic.sns_target.arn
}

目标/变量.tf

locals {
  rule_name = "scheduled-events"
}

主顶层 main.tf

module "targets" {
  source = "./targets"
}

module "event1" {
  source = "./rule"

  name                = "event1"
  description         = "event1"
  schedule_expression = "cron(0 4 * * ? *)"
  input               = jsonencode({ "job-type" : "event1" })
  cloudwatch_arn      = module.targets.cloudwatch_arn
  sns_topic_arn       = module.targets.sns_topic_arn
}

module "event2" {
  source = "./rule"

  name                = "event2"
  description         = "event2"
  schedule_expression = "cron(0 5 * * ? *)"
  input               = jsonencode({ "job-type" : "event2" })
  cloudwatch_arn      = module.targets.cloudwatch_arn
  sns_topic_arn       = module.targets.sns_topic_arn
}
于 2022-01-17T17:25:44.990 回答