添加 SSL 证书时出错 - 使用 Terraform 模块

Error on adding SSL ceritifcate - Using Terraform modules

抱歉我的英语不好。

模块:terraform-aws-elb 版本:2.0 Link: https://github.com/terraform-aws-modules/

我尝试使用此模块,但当我从 SSL 证书添加 ARN 时,向我显示此消息:

terraform apply myplan 

module.elb_http.module.elb.aws_elb.this: Creating...
Error: Error creating ELB: ValidationError: Secure Listeners need to specify a SSLCertificateId
        status code: 400, request id: id-for-my-request1

  on .terraform/modules/elb_http/terraform-aws-modules-terraform-aws-elb-43e3e76/modules/elb/main.tf line 1, in resource "aws_elb" "this":
   1: resource "aws_elb" "this" {

为了测试,我更改了这个文件:

.terraform/modules/elb_http/terraform-aws-modules-terraform-aws-elb-43e3e76/modules/elb/main.tf

并且,更改 ssl_certificate_id 参数,lookup(listener.value, "ssl_certificate_id", null) 从我的证书到我的 ARN,ACM 模块和 ELB 正常工作。

如果有人遇到过这个问题,如果能帮上忙,谢谢,如果是我的配置不好,我深表歉意。

环境配置

main.tf

provider "aws" {
    region = var.aws_region
}

module "acm" {
  source  = "terraform-aws-modules/acm/aws"
  version = "~> v2.0"

validate_certificate  = false

  domain_name  = "domain.name.example"
  zone_id      = "zone-id"

  subject_alternative_names = [
    "*.example.domain.name",
  ]

  tags = {
    Name = "example.domain.name"
  }
}


module "elb_http" {
  source  = "terraform-aws-modules/elb/aws"
  version = "~> 2.0"

  name = var.name

  subnets         = var.lb_subnets
  security_groups = var.sgs
  internal        = false

  listener = [
    {
      instance_port     = var.instance_port
      instance_protocol = var.instance_protocol
      lb_port           = var.lb_port
      lb_protocol       = var.lb_protocol
    },
    {
      instance_port     = var.instance_port
      instance_protocol = var.instance_protocol
      lb_port           = var.lb_port
      lb_protocol       = var.lb_protocol
      ssl_certificate_id  = "ssl_ARN"

    },
  ]

  health_check = {
    target              = "HTTP:80/"
    interval            = 30
    healthy_threshold   = 2
    unhealthy_threshold = 2
    timeout             = 5
  }


  // ELB attachments
  number_of_instances = var.instaces_number
  instances           = var.instances_id

  tags = {
    Owner       = var.owner
    Environment = var.tag
  }
}

variables.tf

variable "aws_region" {
  description = "AWS Region"
}

variable "name" {
  description = "Cluster Name"
}
variable "lb_subnets" {
  description = "Cluster subnets"
  type  = list(string)
}

variable "sgs" {
  description = "Security Groups"
  type  = list(string)
}

variable "instance_port" {
  description = "Instance port"
  type  = number
}
variable "instance_protocol" {
  description = "Instance protocol"
  type  = string
}
variable "lb_port" {
  description = "LB port"
  type  = number
}
variable "lb_protocol" {
  description = "LB protocol"
  type  = string
}
variable "instaces_number" {
  description = "instances numbers"
  type  = number
}
variable "instances_id" {
  description = "Instance IDs"
  type  = list(string)
}

variable "owner" {
  description = "lb owner"
  type  = string
}
variable "tag" {
  description = "lb tag"
  type  = string
}

此致!

main.tf 我有这些行:

listener = [
  {
    instance_port     = var.instance_port
    instance_protocol = var.instance_protocol
    lb_port           = var.lb_port
    lb_protocol       = var.lb_protocol
  },
  {
    instance_port     = var.instance_port
    instance_protocol = var.instance_protocol
    lb_port           = var.lb_port
    lb_protocol       = var.lb_protocol
    ssl_certificate_id  = "ssl_ARN"
},

但是,我不需要声明两次值。我更改为:

listener = [
  {
    instance_port     = var.instance_port
    instance_protocol = var.instance_protocol
    lb_port           = var.lb_port
    lb_protocol       = var.lb_protocol
  },