S3 存储桶的 Terraform AWS 可选日志记录
Terraform AWS optional logging for S3 bucket
我正在尝试使用 link 中示例中的 terraform 创建 S3 存储桶
https://www.terraform.io/docs/providers/aws/r/s3_bucket.html
我已经创建了一个 S3 模块。
我面临的问题是,对于某些存储桶,我不想启用日志记录。
如何在 terraform 中实现这一点。
logging {
target_bucket = "${aws_s3_bucket.log_bucket.id}"
target_prefix = "log/"
}
对 target_bucket 和 target_prefix 使用空字符串会导致 terraform 尝试创建 target_bucket.
此外,我正在尝试使用一个模块。
会飞。
如果你想让日志记录的值可选,首先让你的模块 aws_s3_bucket.tf:
resource "aws_s3_bucket" "b" {
bucket = "my-tf-test-bucket"
acl = "private"
logging = "${var.logging}"
}
variable "logging" {
type = "list"
default = []
}
然后在子文件夹 example 中添加您的模板 module.tf:
module "s3" {
source = "../"
logging = [
{
target_bucket = "loggingbucketname"
target_prefix = "log/"
},
]
}
provider "aws" {
region = "eu-west-1"
version = "2.4.0"
}
这是你的版本,有日志记录。
接下来将您的 module.tf 修改为
module "s3" {
source = "../"
}
provider "aws" {
region = "eu-west-1"
version = "2.4.0"
}
那是你没有的版本。这适用于:
地形 v0.11.11
+ provider.aws v2.4.0
已更新
这是 v0.12.5 的答案。
模块现在是:
resource "aws_s3_bucket" "b" {
bucket = "my-tf-test-bucket"
acl = "private"
logging {
target_bucket = var.logging["target_bucket"]
target_prefix = var.logging["target_prefix"]
}
}
variable "logging" {
type=map
default={
target_bucket = ""
target_prefix = ""
}
}
Use module with logging 变为(您的模块路径可能不同):
module "s3" {
source = "../"
logging={
target_bucket = aws_s3_bucket.log_bucket.id
target_prefix = "log/"
}
}
provider "aws" {
region = "eu-west-1"
version = "2.34.0"
}
resource "aws_s3_bucket" "log_bucket" {
bucket = "my-tf-log-bucket"
acl = "private"
}
无:
module "s3" {
source = "../"
}
provider "aws" {
region = "eu-west-1"
version = "2.34.0"
}
使用 terraform 0.12+ 中较新的动态块支持,如果我们想要像这样进行日志记录,我们将传递一个包含日志记录设置的单项数组:
variable "logging" {
type = list
default = []
description = "to enable logging set this to [{target_bucket = 'xxx' target_prefix = 'logs/'}]"
}
resource "aws_s3_bucket" "s3bucket" {
dynamic "logging" {
for_each = [for l in var.logging : {
target_bucket = l.target_bucket
target_prefix = l.target_prefix
}]
content {
target_bucket = logging.value.target_bucket
target_prefix = logging.value.target_prefix
}
}
}
我正在尝试使用 link 中示例中的 terraform 创建 S3 存储桶 https://www.terraform.io/docs/providers/aws/r/s3_bucket.html 我已经创建了一个 S3 模块。
我面临的问题是,对于某些存储桶,我不想启用日志记录。 如何在 terraform 中实现这一点。
logging {
target_bucket = "${aws_s3_bucket.log_bucket.id}"
target_prefix = "log/"
}
对 target_bucket 和 target_prefix 使用空字符串会导致 terraform 尝试创建 target_bucket.
此外,我正在尝试使用一个模块。
会飞。 如果你想让日志记录的值可选,首先让你的模块 aws_s3_bucket.tf:
resource "aws_s3_bucket" "b" {
bucket = "my-tf-test-bucket"
acl = "private"
logging = "${var.logging}"
}
variable "logging" {
type = "list"
default = []
}
然后在子文件夹 example 中添加您的模板 module.tf:
module "s3" {
source = "../"
logging = [
{
target_bucket = "loggingbucketname"
target_prefix = "log/"
},
]
}
provider "aws" {
region = "eu-west-1"
version = "2.4.0"
}
这是你的版本,有日志记录。
接下来将您的 module.tf 修改为
module "s3" {
source = "../"
}
provider "aws" {
region = "eu-west-1"
version = "2.4.0"
}
那是你没有的版本。这适用于: 地形 v0.11.11 + provider.aws v2.4.0
已更新 这是 v0.12.5 的答案。 模块现在是:
resource "aws_s3_bucket" "b" {
bucket = "my-tf-test-bucket"
acl = "private"
logging {
target_bucket = var.logging["target_bucket"]
target_prefix = var.logging["target_prefix"]
}
}
variable "logging" {
type=map
default={
target_bucket = ""
target_prefix = ""
}
}
Use module with logging 变为(您的模块路径可能不同):
module "s3" {
source = "../"
logging={
target_bucket = aws_s3_bucket.log_bucket.id
target_prefix = "log/"
}
}
provider "aws" {
region = "eu-west-1"
version = "2.34.0"
}
resource "aws_s3_bucket" "log_bucket" {
bucket = "my-tf-log-bucket"
acl = "private"
}
无:
module "s3" {
source = "../"
}
provider "aws" {
region = "eu-west-1"
version = "2.34.0"
}
使用 terraform 0.12+ 中较新的动态块支持,如果我们想要像这样进行日志记录,我们将传递一个包含日志记录设置的单项数组:
variable "logging" {
type = list
default = []
description = "to enable logging set this to [{target_bucket = 'xxx' target_prefix = 'logs/'}]"
}
resource "aws_s3_bucket" "s3bucket" {
dynamic "logging" {
for_each = [for l in var.logging : {
target_bucket = l.target_bucket
target_prefix = l.target_prefix
}]
content {
target_bucket = logging.value.target_bucket
target_prefix = logging.value.target_prefix
}
}
}