Terraform 变量未扩展

Question

我有一个 json 文件 bucketPolicy.json

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Action": [
        "s3:DeleteBucket"
      ],
      "Effect": "Deny",
      "Resource": "arn:aws:s3:::$${aws_s3_bucket.destination.id}",
      "Principal": {
        "AWS": ["*"]
      }
    }
  ]
}

我已经创建了一个 template_file 这样的

data "template_file" "test" {
  template = file("./templates/destinationBucketPolicy.json")
  vars = {
    (aws_s3_bucket.destination.id) = var.destination_bucket_name

  }
}

但是当我尝试将其用于我的存储桶策略时

resource "aws_s3_bucket_policy" "destination" {
  bucket = aws_s3_bucket.destination.id

  policy = data.template_file.test.rendered
}

var.destination_bucket_name 的值没有扩展到政策中，而是字面上显示为 "Resource": "arn:aws:s3:::${aws_s3_bucket.destination.id}"

有没有办法让它展开，以便它获取变量的实际值？

Answer 1

最近最好用templatefile:

locals {
  test = templatefile("${path.module}/destinationBucketPolicy.json",
             {
                 bucket_name = var.destination_bucket_name
             })
}

模板为：

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Action": [
        "s3:DeleteBucket"
      ],
      "Effect": "Deny",
      "Resource": "arn:aws:s3:::${bucket_name}",
      "Principal": {
        "AWS": ["*"]
      }
    }
  ]
}

Terraform 变量未扩展

Terraform Variables Not Being Expanded

amazon-web-services

terraform

terraform-provider-aws

terraform0.12+