添加 SSL 证书时出错 - 使用 Terraform 模块
Error on adding SSL ceritifcate - Using Terraform modules
抱歉我的英语不好。
模块:terraform-aws-elb 版本:2.0
Link: https://github.com/terraform-aws-modules/
我尝试使用此模块,但当我从 SSL 证书添加 ARN 时,向我显示此消息:
terraform apply myplan
module.elb_http.module.elb.aws_elb.this: Creating...
Error: Error creating ELB: ValidationError: Secure Listeners need to specify a SSLCertificateId
status code: 400, request id: id-for-my-request1
on .terraform/modules/elb_http/terraform-aws-modules-terraform-aws-elb-43e3e76/modules/elb/main.tf line 1, in resource "aws_elb" "this":
1: resource "aws_elb" "this" {
为了测试,我更改了这个文件:
.terraform/modules/elb_http/terraform-aws-modules-terraform-aws-elb-43e3e76/modules/elb/main.tf
并且,更改 ssl_certificate_id 参数,lookup(listener.value, "ssl_certificate_id", null) 从我的证书到我的 ARN,ACM 模块和 ELB 正常工作。
如果有人遇到过这个问题,如果能帮上忙,谢谢,如果是我的配置不好,我深表歉意。
环境配置
- Terraform 版本:Terraform v0.12.18
provider.aws v2.43.0
ACM 模块版本:2.0
ELB_HTTP模块版本:2.0
OS: Ubuntu 19.04
main.tf
provider "aws" {
region = var.aws_region
}
module "acm" {
source = "terraform-aws-modules/acm/aws"
version = "~> v2.0"
validate_certificate = false
domain_name = "domain.name.example"
zone_id = "zone-id"
subject_alternative_names = [
"*.example.domain.name",
]
tags = {
Name = "example.domain.name"
}
}
module "elb_http" {
source = "terraform-aws-modules/elb/aws"
version = "~> 2.0"
name = var.name
subnets = var.lb_subnets
security_groups = var.sgs
internal = false
listener = [
{
instance_port = var.instance_port
instance_protocol = var.instance_protocol
lb_port = var.lb_port
lb_protocol = var.lb_protocol
},
{
instance_port = var.instance_port
instance_protocol = var.instance_protocol
lb_port = var.lb_port
lb_protocol = var.lb_protocol
ssl_certificate_id = "ssl_ARN"
},
]
health_check = {
target = "HTTP:80/"
interval = 30
healthy_threshold = 2
unhealthy_threshold = 2
timeout = 5
}
// ELB attachments
number_of_instances = var.instaces_number
instances = var.instances_id
tags = {
Owner = var.owner
Environment = var.tag
}
}
variables.tf
variable "aws_region" {
description = "AWS Region"
}
variable "name" {
description = "Cluster Name"
}
variable "lb_subnets" {
description = "Cluster subnets"
type = list(string)
}
variable "sgs" {
description = "Security Groups"
type = list(string)
}
variable "instance_port" {
description = "Instance port"
type = number
}
variable "instance_protocol" {
description = "Instance protocol"
type = string
}
variable "lb_port" {
description = "LB port"
type = number
}
variable "lb_protocol" {
description = "LB protocol"
type = string
}
variable "instaces_number" {
description = "instances numbers"
type = number
}
variable "instances_id" {
description = "Instance IDs"
type = list(string)
}
variable "owner" {
description = "lb owner"
type = string
}
variable "tag" {
description = "lb tag"
type = string
}
此致!
在 main.tf
我有这些行:
listener = [
{
instance_port = var.instance_port
instance_protocol = var.instance_protocol
lb_port = var.lb_port
lb_protocol = var.lb_protocol
},
{
instance_port = var.instance_port
instance_protocol = var.instance_protocol
lb_port = var.lb_port
lb_protocol = var.lb_protocol
ssl_certificate_id = "ssl_ARN"
},
但是,我不需要声明两次值。我更改为:
listener = [
{
instance_port = var.instance_port
instance_protocol = var.instance_protocol
lb_port = var.lb_port
lb_protocol = var.lb_protocol
},
抱歉我的英语不好。
模块:terraform-aws-elb 版本:2.0 Link: https://github.com/terraform-aws-modules/
我尝试使用此模块,但当我从 SSL 证书添加 ARN 时,向我显示此消息:
terraform apply myplan
module.elb_http.module.elb.aws_elb.this: Creating...
Error: Error creating ELB: ValidationError: Secure Listeners need to specify a SSLCertificateId
status code: 400, request id: id-for-my-request1
on .terraform/modules/elb_http/terraform-aws-modules-terraform-aws-elb-43e3e76/modules/elb/main.tf line 1, in resource "aws_elb" "this":
1: resource "aws_elb" "this" {
为了测试,我更改了这个文件:
.terraform/modules/elb_http/terraform-aws-modules-terraform-aws-elb-43e3e76/modules/elb/main.tf
并且,更改 ssl_certificate_id 参数,lookup(listener.value, "ssl_certificate_id", null) 从我的证书到我的 ARN,ACM 模块和 ELB 正常工作。
如果有人遇到过这个问题,如果能帮上忙,谢谢,如果是我的配置不好,我深表歉意。
环境配置
- Terraform 版本:Terraform v0.12.18
provider.aws v2.43.0
ACM 模块版本:2.0
ELB_HTTP模块版本:2.0
OS: Ubuntu 19.04
main.tf
provider "aws" {
region = var.aws_region
}
module "acm" {
source = "terraform-aws-modules/acm/aws"
version = "~> v2.0"
validate_certificate = false
domain_name = "domain.name.example"
zone_id = "zone-id"
subject_alternative_names = [
"*.example.domain.name",
]
tags = {
Name = "example.domain.name"
}
}
module "elb_http" {
source = "terraform-aws-modules/elb/aws"
version = "~> 2.0"
name = var.name
subnets = var.lb_subnets
security_groups = var.sgs
internal = false
listener = [
{
instance_port = var.instance_port
instance_protocol = var.instance_protocol
lb_port = var.lb_port
lb_protocol = var.lb_protocol
},
{
instance_port = var.instance_port
instance_protocol = var.instance_protocol
lb_port = var.lb_port
lb_protocol = var.lb_protocol
ssl_certificate_id = "ssl_ARN"
},
]
health_check = {
target = "HTTP:80/"
interval = 30
healthy_threshold = 2
unhealthy_threshold = 2
timeout = 5
}
// ELB attachments
number_of_instances = var.instaces_number
instances = var.instances_id
tags = {
Owner = var.owner
Environment = var.tag
}
}
variables.tf
variable "aws_region" {
description = "AWS Region"
}
variable "name" {
description = "Cluster Name"
}
variable "lb_subnets" {
description = "Cluster subnets"
type = list(string)
}
variable "sgs" {
description = "Security Groups"
type = list(string)
}
variable "instance_port" {
description = "Instance port"
type = number
}
variable "instance_protocol" {
description = "Instance protocol"
type = string
}
variable "lb_port" {
description = "LB port"
type = number
}
variable "lb_protocol" {
description = "LB protocol"
type = string
}
variable "instaces_number" {
description = "instances numbers"
type = number
}
variable "instances_id" {
description = "Instance IDs"
type = list(string)
}
variable "owner" {
description = "lb owner"
type = string
}
variable "tag" {
description = "lb tag"
type = string
}
此致!
在 main.tf
我有这些行:
listener = [
{
instance_port = var.instance_port
instance_protocol = var.instance_protocol
lb_port = var.lb_port
lb_protocol = var.lb_protocol
},
{
instance_port = var.instance_port
instance_protocol = var.instance_protocol
lb_port = var.lb_port
lb_protocol = var.lb_protocol
ssl_certificate_id = "ssl_ARN"
},
但是,我不需要声明两次值。我更改为:
listener = [
{
instance_port = var.instance_port
instance_protocol = var.instance_protocol
lb_port = var.lb_port
lb_protocol = var.lb_protocol
},