Terraform:AWS Inspector 计划失败
Terraform: AWS Inspector plan fails
我正在使用 Terraform 来管理 AWS 基础设施。我是 AWS 和 Terraform 的新手,信息量很大。
我正在尝试使用以下代码通过 terraform 启用服务 AWS Inspector:
resource "aws_inspector_assessment_template" "example" {
name = "example"
# target_arn = aws_inspector_assessment_target.example.arn
duration = 3600
# rules_package_arns = [
# "arn:aws:inspector:us-west-2:758058086616:rulespackage/0-9hgA516p",
# "arn:aws:inspector:us-west-2:758058086616:rulespackage/0-H5hpSawc",
# "arn:aws:inspector:us-west-2:758058086616:rulespackage/0-JJOtZiqQ",
# "arn:aws:inspector:us-west-2:758058086616:rulespackage/0-vg5GGHSD",
# ]
}
但我得到的只是以下错误:
Error: Missing required argument
on aws_inspector.tf line 1, in resource "aws_inspector_assessment_template" "example":
1: resource "aws_inspector_assessment_template" "example" {
The argument "rules_package_arns" is required, but no definition was found.
Error: Missing required argument
on aws_inspector.tf line 1, in resource "aws_inspector_assessment_template" "example":
1: resource "aws_inspector_assessment_template" "example" {
The argument "target_arn" is required, but no definition was found.
这明显是因为我注释掉了target_arn和rules_package_arns.
问题是我不明白这些变量是什么以及要赋予什么值。你能帮我解决这个问题吗?
您不应该注释掉所有必需的部分。因此你的错误。
您还必须创建 aws_inspector_assessment_target, and can use aws_inspector_rules_packages 以获得所需的 ARN。拥有这些资源后,您可以在 aws_inspector_assessment_template.
中引用它们
一个例子是TF docs:
# Declare the data source
data "aws_inspector_rules_packages" "rules" {}
# e.g. Use in aws_inspector_assessment_template
resource "aws_inspector_resource_group" "group" {
tags = {
test = "test"
}
}
resource "aws_inspector_assessment_target" "assessment" {
name = "test"
resource_group_arn = aws_inspector_resource_group.group.arn
}
resource "aws_inspector_assessment_template" "assessment" {
name = "Test"
target_arn = aws_inspector_assessment_target.assessment.arn
duration = "60"
rules_package_arns = data.aws_inspector_rules_packages.rules.arns
}
我正在使用 Terraform 来管理 AWS 基础设施。我是 AWS 和 Terraform 的新手,信息量很大。
我正在尝试使用以下代码通过 terraform 启用服务 AWS Inspector:
resource "aws_inspector_assessment_template" "example" {
name = "example"
# target_arn = aws_inspector_assessment_target.example.arn
duration = 3600
# rules_package_arns = [
# "arn:aws:inspector:us-west-2:758058086616:rulespackage/0-9hgA516p",
# "arn:aws:inspector:us-west-2:758058086616:rulespackage/0-H5hpSawc",
# "arn:aws:inspector:us-west-2:758058086616:rulespackage/0-JJOtZiqQ",
# "arn:aws:inspector:us-west-2:758058086616:rulespackage/0-vg5GGHSD",
# ]
}
但我得到的只是以下错误:
Error: Missing required argument
on aws_inspector.tf line 1, in resource "aws_inspector_assessment_template" "example":
1: resource "aws_inspector_assessment_template" "example" {
The argument "rules_package_arns" is required, but no definition was found.
Error: Missing required argument
on aws_inspector.tf line 1, in resource "aws_inspector_assessment_template" "example":
1: resource "aws_inspector_assessment_template" "example" {
The argument "target_arn" is required, but no definition was found.
这明显是因为我注释掉了target_arn和rules_package_arns.
问题是我不明白这些变量是什么以及要赋予什么值。你能帮我解决这个问题吗?
您不应该注释掉所有必需的部分。因此你的错误。
您还必须创建 aws_inspector_assessment_target, and can use aws_inspector_rules_packages 以获得所需的 ARN。拥有这些资源后,您可以在 aws_inspector_assessment_template.
一个例子是TF docs:
# Declare the data source
data "aws_inspector_rules_packages" "rules" {}
# e.g. Use in aws_inspector_assessment_template
resource "aws_inspector_resource_group" "group" {
tags = {
test = "test"
}
}
resource "aws_inspector_assessment_target" "assessment" {
name = "test"
resource_group_arn = aws_inspector_resource_group.group.arn
}
resource "aws_inspector_assessment_template" "assessment" {
name = "Test"
target_arn = aws_inspector_assessment_target.assessment.arn
duration = "60"
rules_package_arns = data.aws_inspector_rules_packages.rules.arns
}