AWS API 与 Terraform 的网关资源 ID 映射
AWS API Gateway Resource ID mapping with Terraform
我有一个由 Terraform 创建的 AWS API Gateway 模块,网关创建没有任何问题,但是当我尝试创建嵌套 api gateway resource 时,资源正在占用一个错误的 ID,它应该采用父 ID,但它却以某种方式采用不同父的 ID,似乎按字母顺序采用。
这里是自己的代码:
resource "aws_api_gateway_resource" "parent" {
for_each = { for key, value in var.restapi.resource : key => value }
path_part = lookup(each.value, "path", null)
parent_id = element([ for key, value in aws_api_gateway_rest_api.managed : value.root_resource_id ], each.key)
rest_api_id = element([ for key, value in aws_api_gateway_rest_api.managed : value.id ], each.key)
}
resource "aws_api_gateway_resource" "childs" {
for_each = { for key, value in var.restapi.resource.childs : key => value }
depends_on = [ aws_api_gateway_resource.parent ]
path_part = lookup(each.value, "path", null)
parent_id = element([ for key, value in aws_api_gateway_resource.managed : value.id ], each.key)
rest_api_id = element([ for key, value in aws_api_gateway_rest_api.managed : value.id ], each.key)
}
aws_api_gateway_resource. childs 中的问题是 parent_id,正如我上面提到的,它采用了错误的父 ID,这里是 terraform plan 结果:
# module.restapi.aws_api_gateway_resource.parent["1"] will be created
+ resource "aws_api_gateway_resource" "parent" {
+ id = (known after apply)
+ parent_id = "j3pt41ko7f"
+ path = (known after apply)
+ path_part = "saml-store"
+ rest_api_id = "mtu4b34wn4"
}
# module.restapi.aws_api_gateway_resource.childs["1"] will be created
+ resource "aws_api_gateway_resource" "childs" {
+ id = (known after apply)
+ parent_id = (known after apply)
+ path = (known after apply)
+ path_part = "saml-store/enable"
+ rest_api_id = "mtu4b34wn4"
}
# module.restapi.aws_api_gateway_resource.childs["2"] will be created
+ resource "aws_api_gateway_resource" "childs" {
+ id = (known after apply)
+ parent_id = "b72571"
+ path = (known after apply)
+ path_part = "block/disable"
+ rest_api_id = "mtu4b34wn4"
}
module.restapi.aws_api_gateway_resource.childs["2"]取错了ID,应该取module.restapi.aws_api_gateway_resource.childs["1"]一样的ID,不知道,只有apply后才知道, 所以 module.restapi.aws_api_gateway_resource.childs["2"] 的 path_part 必须是 "saml-store/enable" 而不是 "block/disable", 我该如何解决这个问题?
您的子资源中似乎存在复制粘贴问题(您引用的是托管资源而非父资源):
resource "aws_api_gateway_resource" "childs" {
for_each = { for key, value in var.restapi.resource.childs : key => value }
depends_on = [ aws_api_gateway_resource.parent ]
path_part = lookup(each.value, "path", null)
parent_id = element([ for key, value in aws_api_gateway_resource.managed : value.id ], each.key)
rest_api_id = element([ for key, value in aws_api_gateway_rest_api.managed : value.id ], each.key)
}
您应该将其更改为:
resource "aws_api_gateway_resource" "childs" {
for_each = { for key, value in var.restapi.resource.childs : key => value }
depends_on = [ aws_api_gateway_resource.parent ]
path_part = lookup(each.value, "path", null)
parent_id = element([ for key, value in aws_api_gateway_resource.parent : value.id ], each.key)
rest_api_id = element([ for key, value in aws_api_gateway_rest_api.managed : value.id ], each.key)
}
我建议你使用data语句Data Source: aws_api_gateway_resource,这里你可以根据你的代码准确指定path,这将是解决方案,最后它会return 确切的 ID
data "aws_api_gateway_resource" "my_resource" {
rest_api_id = "your_rest_api_id"
path = "/endpoint/path"
}
我有一个由 Terraform 创建的 AWS API Gateway 模块,网关创建没有任何问题,但是当我尝试创建嵌套 api gateway resource 时,资源正在占用一个错误的 ID,它应该采用父 ID,但它却以某种方式采用不同父的 ID,似乎按字母顺序采用。
这里是自己的代码:
resource "aws_api_gateway_resource" "parent" {
for_each = { for key, value in var.restapi.resource : key => value }
path_part = lookup(each.value, "path", null)
parent_id = element([ for key, value in aws_api_gateway_rest_api.managed : value.root_resource_id ], each.key)
rest_api_id = element([ for key, value in aws_api_gateway_rest_api.managed : value.id ], each.key)
}
resource "aws_api_gateway_resource" "childs" {
for_each = { for key, value in var.restapi.resource.childs : key => value }
depends_on = [ aws_api_gateway_resource.parent ]
path_part = lookup(each.value, "path", null)
parent_id = element([ for key, value in aws_api_gateway_resource.managed : value.id ], each.key)
rest_api_id = element([ for key, value in aws_api_gateway_rest_api.managed : value.id ], each.key)
}
aws_api_gateway_resource. childs 中的问题是 parent_id,正如我上面提到的,它采用了错误的父 ID,这里是 terraform plan 结果:
# module.restapi.aws_api_gateway_resource.parent["1"] will be created
+ resource "aws_api_gateway_resource" "parent" {
+ id = (known after apply)
+ parent_id = "j3pt41ko7f"
+ path = (known after apply)
+ path_part = "saml-store"
+ rest_api_id = "mtu4b34wn4"
}
# module.restapi.aws_api_gateway_resource.childs["1"] will be created
+ resource "aws_api_gateway_resource" "childs" {
+ id = (known after apply)
+ parent_id = (known after apply)
+ path = (known after apply)
+ path_part = "saml-store/enable"
+ rest_api_id = "mtu4b34wn4"
}
# module.restapi.aws_api_gateway_resource.childs["2"] will be created
+ resource "aws_api_gateway_resource" "childs" {
+ id = (known after apply)
+ parent_id = "b72571"
+ path = (known after apply)
+ path_part = "block/disable"
+ rest_api_id = "mtu4b34wn4"
}
module.restapi.aws_api_gateway_resource.childs["2"]取错了ID,应该取module.restapi.aws_api_gateway_resource.childs["1"]一样的ID,不知道,只有apply后才知道, 所以 module.restapi.aws_api_gateway_resource.childs["2"] 的 path_part 必须是 "saml-store/enable" 而不是 "block/disable", 我该如何解决这个问题?
您的子资源中似乎存在复制粘贴问题(您引用的是托管资源而非父资源):
resource "aws_api_gateway_resource" "childs" {
for_each = { for key, value in var.restapi.resource.childs : key => value }
depends_on = [ aws_api_gateway_resource.parent ]
path_part = lookup(each.value, "path", null)
parent_id = element([ for key, value in aws_api_gateway_resource.managed : value.id ], each.key)
rest_api_id = element([ for key, value in aws_api_gateway_rest_api.managed : value.id ], each.key)
}
您应该将其更改为:
resource "aws_api_gateway_resource" "childs" {
for_each = { for key, value in var.restapi.resource.childs : key => value }
depends_on = [ aws_api_gateway_resource.parent ]
path_part = lookup(each.value, "path", null)
parent_id = element([ for key, value in aws_api_gateway_resource.parent : value.id ], each.key)
rest_api_id = element([ for key, value in aws_api_gateway_rest_api.managed : value.id ], each.key)
}
我建议你使用data语句Data Source: aws_api_gateway_resource,这里你可以根据你的代码准确指定path,这将是解决方案,最后它会return 确切的 ID
data "aws_api_gateway_resource" "my_resource" {
rest_api_id = "your_rest_api_id"
path = "/endpoint/path"
}