lifecycle { prevent_destroy = true }
turned on, it makes it impossible to see what change in my Terraform code would cause it to be recreated. How can I show what makes Terraform want to recreate it, without commenting out the lifecycle
block?
hi guys, i will try deploy a composer with a custom network. But when i using the tag ip_allocation_policy, i receive an error: Blocks of type "ip_allocation_policy" are not expected here.
resource "google_composer_environment" "composer" {
project = var.project
name = var.name
region = var.region
config {
node_count = 4
node_config {
zone = var.zone
machine_type = var.machine_type
network = var.network
subnetwork = var.subnetwork
/* service_account = var.service_account */
}
ip_allocation_policy {
use_ip_aliases = true
}
database_config {
machine_type = var.db_machine_type
}
web_server_config {
machine_type = var.web_machine_type
}
any idea what is wrong in my manifest?
Good morning all. I'm using provider aws alias so I can reference Route53 priv zone. However, I am getting an error saying
Error: no matching Route53Zone found
Do you see anything wrong with my tf file?
variable "stage_account" {
description = "Blah"
default = "stage"
}
variable "s_number" {
description = "The account number of the AWS account we want to pull zone id from"
default = "222222222222B"
}
provider "aws" {
alias = "dns"
profile = var.stage_account
region = "us-east-1"
assume_role {
....
}
}
data "aws_route53_zone" "example" {
provider = aws.dns
name = "example.com"
private_zone = true
vpc_id = "vpc-BBBBBBBB" # This is vpc-id in AWS ACCOUNT B where the private zone example.com exist
}
resource "aws_route53_zone_association" "example" {
vpc_id = "vpc-AAAAAAAA" # This is vpc-id in AWS ACCOUNT A
zone_id = data.aws_route53_zone.example.zone_id
vpc_region = "us-east-1"
}
Can anyone help me out with the bellow error:|
Error: Unsupported block type
│
│ on main.tf line 65, in resource "google_composer_environment" "test":
│ 65: database_config {
│
│ Blocks of type "database_config" are not expected here.
╵
╷
│ Error: Unsupported block type
│
│ on main.tf line 69, in resource "google_composer_environment" "test":
│ 69: web_server_config {
│
│ Blocks of type "web_server_config" are not expected here.
Below is the code:
terraform {
required_providers {
google = {
source = "hashicorp/google"
version = "3.90.1"
}
}
}
variable "gcp_region" {
type = string
description = "Region to use for GCP provider"
default = "us-central1"
}
variable "gcp_project" {
type = string
description = "Project to use for this config"
default = "aayush-terraform"
}
provider "google" {
region = var.gcp_region
project = var.gcp_project
}
resource "google_service_account" "test" {
account_id = "composer-env-account"
display_name = "Test Service Account for Composer Environment"
}
resource "google_project_iam_member" "composer-worker" {
role = "roles/composer.worker"
member = "serviceAccount:${google_service_account.test.email}"
}
resource "google_compute_network" "test" {
name = "composer-test-network"
auto_create_subnetworks = false
}
resource "google_compute_subnetwork" "test" {
name = "composer-test-subnetwork"
ip_cidr_range = "10.2.0.0/16"
region = "us-central1"
network = google_compute_network.test.id
}
resource "google_composer_environment" "test" {
name = "example-composer-env"
region = "us-central1"
config {
node_count = 3
node_config {
zone = "us-central1-a"
machine_type = "n1-standard-1"
network = google_compute_network.test.id
subnetwork = google_compute_subnetwork.test.id
service_account = google_service_account.test.name
}
database_config {
machine_type = "db-n1-standard-2"
}
web_server_config {
machine_type = "composer-n1-webserver-2"
}
}
}
Hi all, I have a question about the TF "try" function. My understanding is that it will try an option and if it fails, will go on to the next. I have a module to create S3 buckets and I have to the following:
resource "aws_s3_bucket_versioning" "versioning" {
bucket = aws_s3_bucket.s3_bucket.id
versioning_configuration {
status = var.enable_versioning ? "Enabled" : try("Disabled", "Suspended")
}
}
This is to cover the idea of a new bucket being created vs someone wanting to turn off versioning after a bucket has been created. However, I get the following error:
Error: expected versioning_configuration.0.status to be one of [Enabled Suspended], got Disabled
with module.bucket.aws_s3_bucket_versioning.versioning,
on .terraform/modules/bucket/main.tf line 86, in resource "aws_s3_bucket_versioning" "versioning":
86: status = var.enable_versioning ? "Enabled" : try("Disabled", "Suspended")
Am I misinterpreting what the try() function is for?
# Deploy setup and cluster configuration to the worker hosts
resource "null_resource" "config" {
count = var.instance_count
triggers = {
id = openstack_compute_instance_v2.vtm[count.index].id
}
connection {
type = "ssh"
host = openstack_compute_instance_v2.vtm[count.index].access_ip_v4
user = "admin"
bastion_host = var.bastion_host
bastion_user = var.bastion_user
}
provisioner "file" {
source = "${path.module}/certs/${var.site}-server.crt"
destination = "/root/setup_vsd_cert"
}
provider "kubernetes" {
host = var.aks_host
client_certificate = var.admin_client_certificate
client_key = var.admin_client_key
cluster_ca_certificate = var.admin_cluster_ca_certificate
}
provider "helm" {
kubernetes = provider.kubernetes
}
@rajeshpeta_gitlab
resource "aws_subnet" "RdsSubnets" {
count = var.RdsCreate ? length(var.RdsSubnets) : 0
vpc_id = aws_vpc.VPC.id
cidr_block = var.RdsSubnets[count.index]
availability_zone = data.aws_availability_zones.AZs.names[count.index]
map_public_ip_on_launch = false
depends_on = [aws_eip.NATEIP]
tags = {
Name = "X360RdsPrivateSubnet${1+count.index}"
}
}
resource "aws_route_table" "PrivateRT" {
vpc_id = aws_vpc.VPC.id
count = var.RdsCreate ? length(var.RdsSubnets) : 0
route {
cidr_block = "0.0.0.0/0"
nat_gateway_id = aws_nat_gateway.NAT[count.index].id
}
tags = {
Name = "X360PrivateRT"
}
}
resource "aws_route_table_association" "PrivateRTA" {
count = var.RdsCreate ? length(var.RdsSubnets) : 0
subnet_id = aws_subnet.RdsSubnets[count.index].id
route_table_id = aws_route_table.PrivateRT[count.index].id #aws_route_table.PrivateRT.id
}