amazon-web-services - 将新对象添加到地图时 Terraform 重新生成资源
问题描述
我有一个生成 Amazon Cognito 用户池 + 客户端和域的 Terraform(0.12 之前)模块。
resource "aws_cognito_user_pool" "pool" {
count = "${var.user_pool_count}"
name = "${lookup(var.user_pools[count.index], "name")}"
username_attributes = ["email"]
auto_verified_attributes = ["email"]
password_policy {
minimum_length = "${lookup(var.user_pools[count.index], "password_minimum_length")}"
require_lowercase = "${lookup(var.user_pools[count.index], "password_require_lowercase")}"
require_numbers = "${lookup(var.user_pools[count.index], "password_require_numbers")}"
require_symbols = "${lookup(var.user_pools[count.index], "password_require_symbols")}"
require_uppercase = "${lookup(var.user_pools[count.index], "password_require_uppercase")}"
}
verification_message_template = {
default_email_option = "CONFIRM_WITH_LINK"
}
lambda_config = {
pre_token_generation = "${var.lambda_pre_token_generation}"
custom_message = "${var.lambda_custom_message}"
}
email_configuration = {
reply_to_email_address = "${lookup(var.user_pools[count.index], "reply_to_email_address")}"
source_arn = "${lookup(var.user_pools[count.index], "source_arn")}"
email_sending_account = "${lookup(var.user_pools[count.index], "email_sending_account")}"
}
schema = [
< REDACTED >
]
}
resource "aws_cognito_user_pool_client" "client" {
count = "${var.user_pool_count}"
name = "${lookup(var.user_pools[count.index], "name")}"
user_pool_id = "${element(aws_cognito_user_pool.pool.*.id,count.index)}"
explicit_auth_flows = ["ADMIN_NO_SRP_AUTH", "USER_PASSWORD_AUTH"]
}
resource "aws_cognito_user_pool_domain" "main" {
count = "${var.user_pool_count}"
domain = "${lookup(var.user_pools[count.index], "domain")}"
user_pool_id = "${element(aws_cognito_user_pool.pool.*.id,count.index)}"
}
这接受名为 user_pools 的映射列表来定义所需的 Cognito 用户池。不幸的是,当我添加一个包含新池定义的新地图时,Terraform 会强制为所有池重新创建 aws_cognito_user_pool_client 和 aws_cognito_user_pool_domain。这似乎是因为它看到了以下变化:
user_pool_id: "eu-west-1_R8SDX8Yqj" => "${element(aws_cognito_user_pool.pool.*.id,count.index)}" (forces new resource)
我假设这是因为 Terraform 看到了变化aws_cognito_user_pool.pool.*.id并迫使重新进行游戏。谁能解释如何解决这个问题?重新生成所有域和客户端对我来说不是最理想的。
解决方案
对于任何阅读本文的人。我在 Github 上发现了以下问题 - https://github.com/hashicorp/terraform/issues/14357
将我的语法更改为以下似乎可以解决它。
user_pool_id = "${aws_cognito_user_pool.pool.*.id[count.index]}"
推荐阅读
- c# - ASP.NET Core 中基于声明的授权
- android - 预览未在 Android Studio 3.1.4 中显示
- java - 通知单独的 JVM 执行任务
- google-bigquery - 我的数据无法进行日期分区,如何使用集群?
- javascript - 当位置(x、y 或 z)太大时,网格会在 three.js 中抖动
- android - setVisibility(View.GONE) 导致崩溃
- javascript - 正则表达式提取文本后跟括号(多合一字符串)
- css - 如何为 React tic-tac-toe 教程添加颜色?
- mongoose - 使用 Mongoose 按名称排序根,按位置排序它们的图像
- django - django def post 方法在 cbv 中不起作用