terraform - Terraform 中的 InvalidGroup.NotFound 错误,但存在安全组
问题描述
我从 command 收到以下错误AWS_PROFILE=myprofile AWS_REGION=sa-east-1 terraform apply -target=module.saopaulo_service_dev_kubernetes
。
Error authorizing security group rule type ingress: InvalidGroup.NotFound: The security group ‘sg-something’ does not exist
我申请的目标如下。
module "saopaulo_service_dev_kubernetes" {
source = "./modules/regional-kubernetes"
region_code = "saopaulo"
vpc_name = "main"
env = "dev"
cluster_prefix = "service"
instance_type = "m5.2xlarge"
providers = {
aws = aws.saopaulo
}
}
源文件如下。我没有添加所有文件,因为文件太多,只是附加了terraform-aws-modules/eks/aws
我用来创建模块的 eks 模块 ( )。
data "aws_eks_cluster" "cluster" {
name = module.eks.cluster_id
}
data "aws_eks_cluster_auth" "cluster" {
name = module.eks.cluster_id
}
provider "kubernetes" {
host = data.aws_eks_cluster.cluster.endpoint
cluster_ca_certificate = base64decode(data.aws_eks_cluster.cluster.certificate_authority.0.data)
token = data.aws_eks_cluster_auth.cluster.token
load_config_file = false
version = "~> 1.9"
}
module "eks" {
source = "terraform-aws-modules/eks/aws"
version = "12.2.0" # Version Pinning
cluster_name = local.cluster_name
cluster_version = local.cluster_version
vpc_id = local.vpc_id
subnets = local.private_subnets
cluster_enabled_log_types = ["api", "audit", "authenticator", "controllerManager", "scheduler"]
worker_additional_security_group_ids = [aws_security_group.nodeport.id, data.aws_security_group.common_eks_sg.id]
wait_for_cluster_cmd = "for i in `seq 1 60`; do curl -k -s $ENDPOINT/healthz >/dev/null && exit 0 || true; sleep 5; done; echo TIMEOUT && exit 1"
worker_groups = concat([{
instance_type = "t3.micro"
asg_min_size = "1"
asg_max_size = var.asg_max_size
key_name = "shared-backdoor"
kubelet_extra_args = join(" ", [
"--node-labels=app=nodeport",
"--register-with-taints=dedicated=nodeport:NoSchedule"
])
pre_userdata = file("${path.module}/pre_userdata.sh")
tags = concat([for k, v in local.common_tags : {
key = k
value = v
propagate_at_launch = "true"
}], [{
key = "Role"
value = "nodeport"
propagate_at_launch = "true"
}])
}], local.worker_group)
map_users = local.allow_user
# map_roles = local.allow_roles[var.env]
}
我在 sa-east-1 区域中有名为 sg-something 的安全组,并且还检查了我是否正在通过检查在正确的区域上运行 terraform apply
data "aws_region" "current" {}
output my_region {
value = data.aws_region.current.name
}
有什么建议么?
解决方案
推荐阅读
- go - Golang 的自制公式
- android - Espresso Recorder Test 向我抛出错误: Looped for 3600 iterations over 60 SECONDS
- scala - Spark数据框爆炸列
- arrays - 如何获取数组的列数和行数
- google-app-engine - 将 GAE 应用程序升级到 Java 8
- jquery - 在编辑器ckeditor中工作的HTML代码
- node.js - 不是 module.exports 的函数错误
- javascript - 如何在js中将字符串解析为数组
- angular - 如何在 Angular 6 中导入 ag-grid 主题
- android - API 24 上不显示进度条