引用在模块中声明的ARN

huangapple go评论64阅读模式
英文:

Referencing an arn declared in a module

问题

I have a folder /modules/firehose where I've declared a file as such:

  name        = var.firehose_stream_name
  destination = "extended_s3"
  extended_s3_configuration {
    role_arn        = var.firehose_role_arn
    buffer_interval = 60
    buffer_size     = 64
    bucket_arn      = var.destination_bucket_arn
  }
}
variable "firehose_stream_name" {
  description = "name of your stream"
}

variable "firehose_role_arn" {
}

variable "destination_bucket_arn" {

}

I then import the module in the root directory as such:

  source                 = "./modules/firehose"
  firehose_stream_name   = "purchase_logs_firehose_prod"
  firehose_role_arn      = aws_iam_role.purchase_logs_firehose_role.arn
  destination_bucket_arn = aws_s3_bucket.purchase_logs_destination_prod.arn
}
resource "aws_s3_bucket" "purchase_logs_destination_prod" {
  bucket = "purchase-logs-prod-dump"
}

According to the documentation there is an attribute arn which I can reference afterward. However, when I try to reference it elsewhere as module.purchase_logs_firehose_prod.arn, I get an error.


on iam.tf line 83, in resource "aws_iam_policy" "ec2_policy":
83:             ${module.purchase_logs_firehose_prod.arn}
    ├────────────────
    │ module.purchase_logs_firehose_prod is an object

This object does not have an attribute named "arn".

I'm really not sure what the source of the error is. If I even check the state file (after removing the code causing the error and running terraform apply, I see an arn attribute for the resource in question). Any input appreciated!

Here is the file iam.tf where I try to reference it:

  name        = "ec2-policy"
  policy = <<EOF
{
  "Version":"2012-10-17",
  "Statement":[
      {
        "Effect":"Allow",
        "Action":[
            "*"
        ],
        "Resource":[
            "${module.purchase_logs_firehose_prod.arn}" 
        ]
      }
  ]
}
EOF
}
英文:

I have a folder /modules/firehose where i've declared a file as such:

resource "aws_kinesis_firehose_delivery_stream" "purchase_logs_firehose_stream" {
  name        = var.firehose_stream_name
  destination = "extended_s3"
  extended_s3_configuration {
    role_arn        = var.firehose_role_arn
    buffer_interval = 60
    buffer_size     = 64
    bucket_arn      = var.destination_bucket_arn
  }
}
variable "firehose_stream_name" {
  description = "name of your stream"
}

variable "firehose_role_arn" {
}

variable "destination_bucket_arn" {

}


I then import the module in the root directory as such:

module "purchase_logs_firehose_prod" {
  source                 = "./modules/firehose"
  firehose_stream_name   = "purchase_logs_firehose_prod"
  firehose_role_arn      = aws_iam_role.purchase_logs_firehose_role.arn
  destination_bucket_arn = aws_s3_bucket.purchase_logs_destination_prod.arn
}
resource "aws_s3_bucket" "purchase_logs_destination_prod" {
  bucket = "purchase-logs-prod-dump"
}

According to the documentation there is an attribute arn which i can reference afterwards. However when i try to reference it else where as module.purchase_logs_firehose_prod.arn i get an error

│ Error: Unsupported attribute
│ 
│   on iam.tf line 83, in resource "aws_iam_policy" "ec2_policy":
│   83:             ${module.purchase_logs_firehose_prod.arn}
│     ├────────────────
│     │ module.purchase_logs_firehose_prod is a object
│ 
│ This object does not have an attribute named "arn".

I'm really not sure what the source of the error is. If I even check the state file (after removing the code causing the error and running terraform apply, i see an arn attribute for the resource in question). Any input appreciated!

Here is the file iam.tf where i try to reference it

resource "aws_iam_policy" "ec2_policy" {
  name        = "ec2-policy"


  policy = <<EOF
{
  "Version":"2012-10-17",
  "Statement":[
      {
        "Effect":"Allow",
        "Action":[
            "*"
        ],
        "Resource":[
            "${module.purchase_logs_firehose_prod.arn}" 
        ]
      }
  ]
}
EOF

}


答案1

得分: 1

以下是代码的翻译部分:

在这个示例中,您需要在模块级别定义一个输出:

resource "aws_kinesis_firehose_delivery_stream" "purchase_logs_firehose_stream" {
  name        = var.firehose_stream_name
  destination = "extended_s3"
  extended_s3_configuration {
    role_arn        = var.firehose_role_arn
    buffer_interval = 60
    buffer_size     = 64
    bucket_arn      = var.destination_bucket_arn
  }
}
variable "firehose_stream_name" {
  description = "你的流的名称"
}

variable "firehose_role_arn" {
}

variable "destination_bucket_arn" {

}

output "firehose_prod_arn" {
  description = "Kinesis Firehose ARN。"
  value       = aws_kinesis_firehose_delivery_stream.purchase_logs_firehose_stream.arn
}

然后,您可以在iam.tf文件中像这样引用它:

resource "aws_iam_policy" "ec2_policy" {
  name        = "ec2-policy"


  policy = <<EOF
{
  "Version":"2012-10-17",
  "Statement":[
      {
        "Effect":"Allow",
        "Action":[
            "*"
        ],
        "Resource":[
            module.purchase_logs_firehose_prod.firehose_prod_arn
        ]
      }
  ]
}
EOF

}

关于使用输出的更多信息可以在文档中找到,而关于如何引用模块输出的确切解释可以在子模块输出访问的小节中找到。

英文:

For this to work, you have to define an output at the module level:

resource &quot;aws_kinesis_firehose_delivery_stream&quot; &quot;purchase_logs_firehose_stream&quot; {
  name        = var.firehose_stream_name
  destination = &quot;extended_s3&quot;
  extended_s3_configuration {
    role_arn        = var.firehose_role_arn
    buffer_interval = 60
    buffer_size     = 64
    bucket_arn      = var.destination_bucket_arn
  }
}
variable &quot;firehose_stream_name&quot; {
  description = &quot;name of your stream&quot;
}

variable &quot;firehose_role_arn&quot; {
}

variable &quot;destination_bucket_arn&quot; {

}

output &quot;firehose_prod_arn&quot; {
  description = &quot;Kinesis Firehose ARN.&quot;
  value       = aws_kinesis_firehose_delivery_stream.purchase_logs_firehose_stream.arn
}

Then, you can reference it in the iam.tf file like this:

resource &quot;aws_iam_policy&quot; &quot;ec2_policy&quot; {
  name        = &quot;ec2-policy&quot;


  policy = &lt;&lt;EOF
{
  &quot;Version&quot;:&quot;2012-10-17&quot;,
  &quot;Statement&quot;:[
      {
        &quot;Effect&quot;:&quot;Allow&quot;,
        &quot;Action&quot;:[
            &quot;*&quot;
        ],
        &quot;Resource&quot;:[
            module.purchase_logs_firehose_prod.firehose_prod_arn
        ]
      }
  ]
}
EOF

}

More information about using outputs can be found in the docs, while the exact explanation on how referencing the module outputs works is a subsection.

huangapple
  • 本文由 发表于 2023年4月4日 16:17:55
  • 转载请务必保留本文链接:https://go.coder-hub.com/75927025.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定