amazon-web-services - 有没有办法配置 terragrunt 为远程状态创建 s3 存储桶
问题描述
我将 terragrunt 配置为代入角色,该角色运行良好,但我发现 terragrunt 在 IAM 用户帐户中创建后端 s3 存储桶。如何配置 terragrunt 以在代入角色帐户而不是 IAM 用户中创建后端存储桶(s3)帐户。我正在使用 GitHub Actions 工作流程来运行该过程。我的一些代码如下
terragrunt.hcl
remote_state {
backend = "s3"
config =
bucket = "name of bucket"
key = "${path_relative_to_include()}/terraform.tfstate
region = "us-east-1"
encrypt = true
dynamodb_table = "my-lock-table"
}
generate "provider" {
path = "provider".tf
if_exists = "overwrite_terragrunt"
contents = <<EOF
provider "aws" {
assume_role {
role_arn = "arn:aws:iam::123456789012:role/role_role
下面是我的 githubaction 工作流 yaml:
name: 'Terragrunt GitHub Actions'
on:
pull_request:
branches:
-test
env:
tf_version: 'latest'
tg_version: 'latest'
tf_working_dir: '.'
jobs:
terragrunt:
name: 'Terragrunt'
runs-on: ubuntu-latest
steps:
- name: 'checkout'
uses: actions/checkout@master
- name: 'Terragrunt Init'
uses: the-commons-project/terragrunt-github-actions@master
with:
tf_actions_version: ${{ env.tf_version }}
tg_actions_version: ${{ env.tg_version }}
tf_actions_subcommand: 'init'
tf_actions_working_dir: ${{ env.tf_working_dir }}
tf_actions_comment: true
env:
AWS_DEFAULT_REGION: 'us-east-1'
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID}}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY}}
TF_INPUT: false
enter code here
解决方案
推荐阅读
- azure - Azure Runbook to connect to SQL server running on Azure VM
- c# - Global Function in Asp.net
- ios - Status bar not sticking to top on Some iPads
- angular - @Input/@Output check in templates
- ios - How to Merge video with audio?
- javascript - Function run function
- javascript - javascript:检查字符串中包含哪个数组条目
- ios - 导航到同一屏幕,但来自两个不同的视图控制器
- flutter - 更新活动小部件的状态
- php - 带有额外分组的mysql排序字段增量值