Terraform resource_aws_vpc_endpoint Dns 列表为空
Terraform resource_aws_vpc_endpoint Dns list empty
我正在使用 terraform 0.12 并尝试将 vpc 端点设置到另一个 VPC。当我尝试设置别名路由 53 记录时,我总是收到错误指示 dns_entry 是一个空列表。我在这里遗漏了一些明显的东西吗?如果我之后重新执行应用,它将毫无问题地填充 DNS 条目。
resource "aws_vpc_endpoint" "endpoint" {
vpc_id = "${local.vpc_id}"
service_name = "${var.service_endpoint}"
vpc_endpoint_type = "Interface"
security_group_ids = [
"${aws_security_group.privatelink.id}",
]
}
resource "aws_vpc_endpoint_subnet_association" "tk-subnet-assc" {
count = (var.endpoint_subnet_count)
vpc_endpoint_id = "${aws_vpc_endpoint.endpoint.id}"
subnet_id = "${local.vpc_private_subnets[count.index]}"
}
resource "aws_route53_zone" "hz" {
name = "${var.privatelink_dns_zone}"
force_destroy = true
vpc {
vpc_id = "${local.vpc_id}"
}
}
resource "aws_route53_record" "tk" {
zone_id = "${aws_route53_zone.hz.zone_id}"
name = "${var.privatelink_dns_name}.${var.privatelink_dns_zone}"
type = "CNAME"
ttl = "300"
records = ["${lookup(aws_vpc_endpoint.endpoint.dns_entry[0], "dns_name")}"]
}
错误:索引无效
on main.tf line 55, in resource "aws_route53_record" "tk":
55: records = ["${lookup(aws_vpc_endpoint.endpoint.dns_entry[0], "dns_name")}"]
|----------------
| aws_vpc_endpoint.endpoint.dns_entry is empty list of object
The given key does not identify an element in this collection value.
在仔细研究了 AWS terraform 提供程序后,我明白了。当通过 API 完成读取时,它会在端点创建后立即完成,因为我选择在端点之后创建子网关联,端点读取不包括那些并且永远不会被重新读取。要解决此问题,请将 subnet_ids 直接添加到端点。示例如下:
resource "aws_vpc_endpoint" "endpoint" {
vpc_id = "${local.vpc_id}"
service_name = "${var.service_endpoint}"
vpc_endpoint_type = "Interface"
security_group_ids = [
"${aws_security_group.privatelink.id}",
]
subnet_ids = ["${local.vpc_private_subnets[0]}", "${local.vpc_private_subnets[1]}"]
}
resource "aws_route53_zone" "hz" {
name = "${var.privatelink_dns_zone}"
force_destroy = true
vpc {
vpc_id = "${local.vpc_id}"
}
}
resource "aws_route53_record" "tk" {
zone_id = "${aws_route53_zone.hz.zone_id}"
name = "${var.privatelink_dns_name}.${var.privatelink_dns_zone}"
type = "CNAME"
ttl = "300"
records = ["${lookup(aws_vpc_endpoint.endpoint.dns_entry[0], "dns_name")}"]
}
我正在使用 terraform 0.12 并尝试将 vpc 端点设置到另一个 VPC。当我尝试设置别名路由 53 记录时,我总是收到错误指示 dns_entry 是一个空列表。我在这里遗漏了一些明显的东西吗?如果我之后重新执行应用,它将毫无问题地填充 DNS 条目。
resource "aws_vpc_endpoint" "endpoint" {
vpc_id = "${local.vpc_id}"
service_name = "${var.service_endpoint}"
vpc_endpoint_type = "Interface"
security_group_ids = [
"${aws_security_group.privatelink.id}",
]
}
resource "aws_vpc_endpoint_subnet_association" "tk-subnet-assc" {
count = (var.endpoint_subnet_count)
vpc_endpoint_id = "${aws_vpc_endpoint.endpoint.id}"
subnet_id = "${local.vpc_private_subnets[count.index]}"
}
resource "aws_route53_zone" "hz" {
name = "${var.privatelink_dns_zone}"
force_destroy = true
vpc {
vpc_id = "${local.vpc_id}"
}
}
resource "aws_route53_record" "tk" {
zone_id = "${aws_route53_zone.hz.zone_id}"
name = "${var.privatelink_dns_name}.${var.privatelink_dns_zone}"
type = "CNAME"
ttl = "300"
records = ["${lookup(aws_vpc_endpoint.endpoint.dns_entry[0], "dns_name")}"]
}
错误:索引无效
on main.tf line 55, in resource "aws_route53_record" "tk":
55: records = ["${lookup(aws_vpc_endpoint.endpoint.dns_entry[0], "dns_name")}"]
|----------------
| aws_vpc_endpoint.endpoint.dns_entry is empty list of object
The given key does not identify an element in this collection value.
在仔细研究了 AWS terraform 提供程序后,我明白了。当通过 API 完成读取时,它会在端点创建后立即完成,因为我选择在端点之后创建子网关联,端点读取不包括那些并且永远不会被重新读取。要解决此问题,请将 subnet_ids 直接添加到端点。示例如下:
resource "aws_vpc_endpoint" "endpoint" {
vpc_id = "${local.vpc_id}"
service_name = "${var.service_endpoint}"
vpc_endpoint_type = "Interface"
security_group_ids = [
"${aws_security_group.privatelink.id}",
]
subnet_ids = ["${local.vpc_private_subnets[0]}", "${local.vpc_private_subnets[1]}"]
}
resource "aws_route53_zone" "hz" {
name = "${var.privatelink_dns_zone}"
force_destroy = true
vpc {
vpc_id = "${local.vpc_id}"
}
}
resource "aws_route53_record" "tk" {
zone_id = "${aws_route53_zone.hz.zone_id}"
name = "${var.privatelink_dns_name}.${var.privatelink_dns_zone}"
type = "CNAME"
ttl = "300"
records = ["${lookup(aws_vpc_endpoint.endpoint.dns_entry[0], "dns_name")}"]
}