terraform 计划抛出不支持的参数和属性无法设置错误
terraform plan throws Unsupported argument and attribute cannot be set error
我正在尝试使用 terraform 创建一个 s3 存储桶。以下是我的
s3.tf 文件
resource "aws_s3_bucket" "b" {
bucket = "my-bucket"
acl = "private"
force_destroy = "true"
policy = ""
region = "us-east-1"
tags = {
org = "xyz"
Environment = "CI"
project = "abc"
}
versioning {
enabled = "true"
}
cors_rule {
allowed_headers = ["*"]
allowed_methods = ["PUT", "POST"]
allowed_origins = ["https://s3-website-test.hashicorp.com"]
expose_headers = ["ETag"]
max_age_seconds = 3000
}
}
// S3 bucket-level Public Access Block configuration
resource "aws_s3_bucket_public_access_block" "b" {
bucket = aws_s3_bucket.b.id
block_public_acls = true
block_public_policy = true
ignore_public_acls = true
restrict_public_buckets = true
}
Policy.tf 文件
resource "aws_s3_bucket_policy" "b" {
bucket = aws_s3_bucket.b.id
path = "/"
description = "Policy for api to access S3 Bucket"
policy = <<POLICY
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"s3:ListBucket"
],
"Resource": [
"arn:aws:s3:::my-bucket"
]
},
{
"Effect": "Allow",
"Action": [
"s3:*"
],
"Resource": [
"arn:aws:s3:::my-bucket/*"
]
}
]
}
POLICY
}
terraform 计划在 s3.tf 文件和 path 和 [=16= 中为 policy 抛出 unsupported argument 错误] 在 policy.tf 文件和 Computed attribute cannot be set 错误 region。我可以在以前版本的 terraform 中初始化这些参数。现在不支持了吗?如果现在不支持它们,有没有办法在 s3.tf 和 policy.tf 文件中初始化这些参数?
错误信息:
Error: Unsupported argument
on s3.tf line 6, in resource "aws_s3_bucket" "b":
6: bucket_policy = ""
An argument named "policy" is not expected here.
Error: Computed attribute cannot be set
on s3.tf line 7, in resource "aws_s3_bucket" "b":
7: region = "us-east-1"
Error: Unsupported argument
on policy.tf line 30, in resource "aws_s3_bucket_policy" "b":
30: path = "/"
An argument named "path" is not expected here.
Error: Unsupported argument
on policy.tf line 31, in resource "aws_s3_bucket_policy" "b":
31: description = "Policy for api to access S3 Bucket"
An argument named "description" is not expected here.
(部分回答)
地区
我认为 region 参数是在定义提供程序时指定的,而不是为每个资源指定的。这就是适用于 Terraform 的 AWS 提供商的工作方式。
aws_s3_bucket_policy
与 aws_s3_bucket_policy 类似。 The docs 明确指出此类资源仅允许两个参数:
bucket - (Required) The name of the bucket to which to apply the policy.
policy - (Required) The text of the policy. For more information about building AWS IAM policy documents with Terraform, see the AWS IAM Policy Document Guide.
我正在尝试使用 terraform 创建一个 s3 存储桶。以下是我的 s3.tf 文件
resource "aws_s3_bucket" "b" {
bucket = "my-bucket"
acl = "private"
force_destroy = "true"
policy = ""
region = "us-east-1"
tags = {
org = "xyz"
Environment = "CI"
project = "abc"
}
versioning {
enabled = "true"
}
cors_rule {
allowed_headers = ["*"]
allowed_methods = ["PUT", "POST"]
allowed_origins = ["https://s3-website-test.hashicorp.com"]
expose_headers = ["ETag"]
max_age_seconds = 3000
}
}
// S3 bucket-level Public Access Block configuration
resource "aws_s3_bucket_public_access_block" "b" {
bucket = aws_s3_bucket.b.id
block_public_acls = true
block_public_policy = true
ignore_public_acls = true
restrict_public_buckets = true
}
Policy.tf 文件
resource "aws_s3_bucket_policy" "b" {
bucket = aws_s3_bucket.b.id
path = "/"
description = "Policy for api to access S3 Bucket"
policy = <<POLICY
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"s3:ListBucket"
],
"Resource": [
"arn:aws:s3:::my-bucket"
]
},
{
"Effect": "Allow",
"Action": [
"s3:*"
],
"Resource": [
"arn:aws:s3:::my-bucket/*"
]
}
]
}
POLICY
}
terraform 计划在 s3.tf 文件和 path 和 [=16= 中为 policy 抛出 unsupported argument 错误] 在 policy.tf 文件和 Computed attribute cannot be set 错误 region。我可以在以前版本的 terraform 中初始化这些参数。现在不支持了吗?如果现在不支持它们,有没有办法在 s3.tf 和 policy.tf 文件中初始化这些参数?
错误信息:
Error: Unsupported argument
on s3.tf line 6, in resource "aws_s3_bucket" "b":
6: bucket_policy = ""
An argument named "policy" is not expected here.
Error: Computed attribute cannot be set
on s3.tf line 7, in resource "aws_s3_bucket" "b":
7: region = "us-east-1"
Error: Unsupported argument
on policy.tf line 30, in resource "aws_s3_bucket_policy" "b":
30: path = "/"
An argument named "path" is not expected here.
Error: Unsupported argument
on policy.tf line 31, in resource "aws_s3_bucket_policy" "b":
31: description = "Policy for api to access S3 Bucket"
An argument named "description" is not expected here.
(部分回答)
地区
我认为 region 参数是在定义提供程序时指定的,而不是为每个资源指定的。这就是适用于 Terraform 的 AWS 提供商的工作方式。
aws_s3_bucket_policy
与 aws_s3_bucket_policy 类似。 The docs 明确指出此类资源仅允许两个参数:
bucket - (Required) The name of the bucket to which to apply the policy.
policy - (Required) The text of the policy. For more information about building AWS IAM policy documents with Terraform, see the AWS IAM Policy Document Guide.