admin管理员组文章数量:1279208
I'm using Terraform for my deployment in AWS. It's mostly working, but when I try to create a policy between a bucket and a cloudfront I'm getting the error:
module.cloudfront_test is a object This object does not have an attribute a named "cloudfront_arn"
The setup that I have, and that is working for me for the rest of the resources is to have, for the cloudfront, a module within a modules/cloudfront folder, with a main.tf, output.tf and variables.tf: For the Cloudfront:
main.tf
resource "aws_cloudfront_distribution" "cloudfront" {
...
}
output.tf
output "cloufront_arn" {
description = "value of cloudfront arn"
value = aws_cloudfront_distribution.cloudfront.arn
}
For the bucket:
main.tf
resource "aws_s3_bucket" "bucket_name" {
bucket = var.bucket_name
}
output.tf
output "bucket_arn" {
value = aws_s3_bucket.bucket_name.arn
}
output "bucket_name" {
value = aws_s3_bucket.bucket_name
}
Outside /modules buckets.tf
module "bucket_pr" {
source = "./modules/buckets"
bucket_name = "bucket-pr"
create_bucket_deploy_test = true
}
policy :
resource "aws_s3_bucket_policy" "terraform_bucket_policy_pr" {
bucket = module.bucket_pr.bucket_name
policy = jsonencode({
Version = "2008-10-17"
Id = "PolicyForCloudFrontPrivateContent"
Statement = [
{
Sid = "AllowCloudFrontServicePrincipal"
Effect = "Allow"
Principal = {
Service = "cloudfront.amazonaws"
}
Action = "s3:GetObject"
Resource = "${module.bucket_pr.bucket_arn}/*"
Condition = {
StringEquals = {
"AWS:SourceArn" = module.cloudfront_pr.cloudfront_arn
}
}
}
]
})
}
本文标签:
版权声明:本文标题:amazon web services - The output of CloudFront in Terraform doesn't behave like other resources - Stack Overflow 内容由网友自发贡献,该文观点仅代表作者本人, 转载请联系作者并注明出处:http://www.betaflare.com/web/1741276570a2369763.html, 本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌抄袭侵权/违法违规的内容,一经查实,本站将立刻删除。
发表评论