“角色”的值不合适:需要字符串 terraform12

Posted

技术标签:

【中文标题】“角色”的值不合适:需要字符串 terraform12【英文标题】:Inappropriate value for "role":string required terraform12 【发布时间】:2021-07-20 18:32:54 【问题描述】:

我已经为应用程序上的堡垒入口点编写了一个 terraform 配置文件。

    ami = var.ami
    ebs_optimized = var.ebs_optimized
    iam_instance_profile = aws_iam_instance_profile.iam_instance_profile
    instance_type = var.instance_type
    key_name = "quadops"
    subnet_id = var.subnet_id
    user_data = var.user_data
    tags = 
        Name = "$var.name"
        Business = "Infrastracture"
        app_name = "infra"
        app_env = "$var.env"
    
    volume_tags = 
        Name = "$var.name"
        Business = "Infrastracture"
        app_name = "infra"
        app_env = "$var.env"
    
    vpc_security_group_ids = [aws_security_group.security_group.id]


resource "aws_security_group" "security_group" 
    name = "$var.name-security-group"
    vpc_id = var.vpc_id
    ingress 
    from_port        = 22
    to_port          = 22
    protocol         = "tcp"
    cidr_blocks      = ["0.0.0.0/0"]
  
    egress 
    from_port        = 0
    to_port          = 0
    protocol         = "-1"
    cidr_blocks      = ["0.0.0.0/0"]
  
    tags = 
        Name = "$var.name"
        Business = "Infrastracture"
        app_name = "infra"
        app_env = "$var.env"
    


resource "aws_iam_instance_profile" "iam_instance_profile" 
    name = "$var.name-iam-instance-profile"
    role = aws_iam_role.iam_role 
    tags = 
        Name = "$var.name"
        Business = "Infrastracture"
        app_name = "infra"
        app_env = "$var.env"
    


resource "aws_iam_role" "iam_role" 
    assume_role_policy = jsonencode(
    Version = "2012-10-17"
    Statement = [
      
        Action = "sts:AssumeRole"
        Effect = "Allow"
        Sid    = ""
        Principal = 
          Service = "ec2.amazonaws.com"
        
      ,
    ]
  )
    name = "$var.name-iam-role"
    tags = 
      Name = "$var.name-iam-role"
      Business = "Infrastracture"
      app_name = "infra"
      app_env = "$var.env"
    


resource "aws_eip" "eip" 
    vpc = true
    instance = aws_instance.instance.id
    tags = 
      Name = "$var.name-eip"
      Business = "Infrastracture"
      app_name = "infra"
      app_env = "$var.env"
    


resource "cloudflare_record" "record" 
    zone_id = var.zone_id
    name = "bastion.$var.env"
    type = "A"
    value = "aws_eip.eip.public_ip"

在运行计划时,我收到此错误。


  on .terraform/modules/bastion/main.tf line 49, in resource "aws_iam_instance_profile" "iam_instance_profile":
  49:     role = aws_iam_role.iam_role 
    |----------------
    | aws_iam_role.iam_role is object with 15 attributes

Inappropriate value for attribute "role": string required.

我似乎无法克服这个障碍,因为我认为我正确调用了资源但 terraform12 说它需要一个字符串我是否错误地传递了值?谢谢。

【问题讨论】:

【参考方案1】:

您将整个 aws_iam_role 对象传递给导致错误的 role 参数。相反,请尝试像这样传递角色的名称:

resource "aws_iam_instance_profile" "iam_instance_profile" 
  role = aws_iam_role.iam_role.name

【讨论】:

谢谢!这帮助了我,但在我的情况下,我使用 .id 而不是 .name 作为参考属性。很好的帮助!

以上是关于“角色”的值不合适:需要字符串 terraform12的主要内容,如果未能解决你的问题,请参考以下文章

TF aws_security_group:属性“ingress”的值不合适:需要属性“prefix_list_ids”、“security_groups”和“self”

如何自动切换角色策略(Terraform)

Terraform 无法承担启用 MFA 的角色

熊猫选择列中的值不以字符串开头的行

Terraform 定义的任务角色对于 ECS 计划任务无法正常工作

Terraform AWS 提供商数据源 aws_iam_role 所需的参数“名称”是不是需要角色的路径?