使用 kms 数据资源的 terraform 代码的无效 arn 错误
Invalid arn error for terraform code with kms data resource
有以下代码:
data "aws_kms_key" "rds_key" {
key_id = "alias/rds_cluster_enryption_key"
}
并且我想用这个密钥来加密rds实例
resource "aws_rds_cluster" "tf-aws-rds-1" {
cluster_identifier = "aurora-cluster-1"
engine = "aurora-mysql"
engine_version = "5.7.mysql_aurora.2.03.2"
availability_zones = ["us-east-1a", "us-east-1b", "us-east-1c"]
database_name = "cupday"
master_username = "administrator"
master_password = var.password
backup_retention_period = 5
preferred_backup_window = "07:00-09:00"
storage_encrypted = true
kms_key_id = "data.aws_kms_key.rds_key.arn"
}
但是,我收到如下错误:
Error: "kms_key_id" (data.aws_kms_key.rds_key.id) is an invalid ARN: arn: invalid prefix
on main.tf line 42, in resource "aws_rds_cluster" "tf-aws-rds-1":
42: kms_key_id = "data.aws_kms_key.rds_key.id"
Error: "kms_key_id" (data.aws_kms_key.rds_key.arn) is an invalid ARN: arn: invalid prefix
on main.tf line 42, in resource "aws_rds_cluster" "tf-aws-rds-1":
42: kms_key_id = "data.aws_kms_key.rds_key.arn"
我到底应该如何推荐他们?
我不想在 kms_key_id
中公开我的帐户 ID
您的使用:
kms_key_id = "data.aws_kms_key.rds_key.arn"
将导致 kms_key_id 字面上的字符串“data.aws_kms_key.rds_key.arn”。
它应该是 (tf 0.12+):
kms_key_id = data.aws_kms_key.rds_key.arn
或 tf 0.11:
kms_key_id = "${data.aws_kms_key.rds_key.arn}"
有以下代码:
data "aws_kms_key" "rds_key" {
key_id = "alias/rds_cluster_enryption_key"
}
并且我想用这个密钥来加密rds实例
resource "aws_rds_cluster" "tf-aws-rds-1" {
cluster_identifier = "aurora-cluster-1"
engine = "aurora-mysql"
engine_version = "5.7.mysql_aurora.2.03.2"
availability_zones = ["us-east-1a", "us-east-1b", "us-east-1c"]
database_name = "cupday"
master_username = "administrator"
master_password = var.password
backup_retention_period = 5
preferred_backup_window = "07:00-09:00"
storage_encrypted = true
kms_key_id = "data.aws_kms_key.rds_key.arn"
}
但是,我收到如下错误:
Error: "kms_key_id" (data.aws_kms_key.rds_key.id) is an invalid ARN: arn: invalid prefix
on main.tf line 42, in resource "aws_rds_cluster" "tf-aws-rds-1":
42: kms_key_id = "data.aws_kms_key.rds_key.id"
Error: "kms_key_id" (data.aws_kms_key.rds_key.arn) is an invalid ARN: arn: invalid prefix
on main.tf line 42, in resource "aws_rds_cluster" "tf-aws-rds-1":
42: kms_key_id = "data.aws_kms_key.rds_key.arn"
我到底应该如何推荐他们?
我不想在 kms_key_id
中公开我的帐户 ID您的使用:
kms_key_id = "data.aws_kms_key.rds_key.arn"
将导致 kms_key_id 字面上的字符串“data.aws_kms_key.rds_key.arn”。
它应该是 (tf 0.12+):
kms_key_id = data.aws_kms_key.rds_key.arn
或 tf 0.11:
kms_key_id = "${data.aws_kms_key.rds_key.arn}"