7

我有一个 Terraform 样本中最行人的:

#  Configure AWS provider
provider "aws" {
    region     = "us-east-1"
    access_key = "xxxxxxxxx"
    secret_key = "yyyyyyyyyyy"
}

#  Terraform configuration
terraform {
  backend "s3" {
    bucket = "terraform.example.com"
    key    = "85/182/terraform.tfstate"
    region = "us-east-1"
  }
}

当我运行 terraform init 时,我收到以下(跟踪的)响应:

2018/08/14 14:19:13 [INFO] Terraform version: 0.11.7  41e50bd32a8825a84535e353c3674af8ce799161
2018/08/14 14:19:13 [INFO] Go runtime version: go1.10.1
2018/08/14 14:19:13 [INFO] CLI args: []string{"C:\\cygwin64\\usr\\local\\bin\\terraform.exe", "init"}
2018/08/14 14:19:13 [DEBUG] Attempting to open CLI config file: C:\Users\judall\AppData\Roaming\terraform.rc
2018/08/14 14:19:13 [DEBUG] File doesn't exist, but doesn't need to. Ignoring.
2018/08/14 14:19:13 [INFO] CLI command args: []string{"init"}
2018/08/14 14:19:13 [DEBUG] command: loading backend config file: C:\cygwin64\home\judall\t2

2018/08/14 14:19:13 [DEBUG] command: no data state file found for backend config
Initializing the backend...
2018/08/14 14:19:13 [DEBUG] New state was assigned lineage "5113646b-318f-9612-5057-bc4803292c3a"
2018/08/14 14:19:13 [INFO] Building AWS region structure
2018/08/14 14:19:13 [INFO] Building AWS auth structure
2018/08/14 14:19:13 [INFO] Setting AWS metadata API timeout to 100ms
2018/08/14 14:19:13 [INFO] Ignoring AWS metadata API endpoint at default location as it doesn't return any instance-id

2018/08/14 14:19:13 [DEBUG] plugin: waiting for all plugin processes to complete...
Error configuring the backend "s3": No valid credential sources found for AWS Provider.
  Please see https://terraform.io/docs/providers/aws/index.html for more information on
  providing credentials for the AWS Provider

Please update the configuration in your Terraform files to fix this error
then run this command again.

我已经在谷歌上搜索了几个小时。我尝试使用“profile”属性——它产生的跟踪日志略有不同,但最终结果相同。我尝试设置 AWS_ 环境变量 - 结果相同。

我正在运行 terraform 0.11.7 版。有什么建议么?

4

2 回答 2

10

provider配置独立于您的配置backend

您在块中配置的凭证provider用于创建您的 AWS 相关资源。要访问 S3 存储桶作为远程状态的存储,您还需要提供凭据。这可以与您的配置相同,provider也可以完全不同(出于安全原因,仅在此特定存储桶上具有权限)。

backend您可以通过在块中添加凭据来修复它:

#  Terraform configuration
terraform {
  backend "s3" {
    bucket     = "terraform.example.com"
    key        = "85/182/terraform.tfstate"
    region     = "us-east-1"
    access_key = "xxxxxxxxx"
    secret_key = "yyyyyyyyyyy"
  }
}

或者,您可以在主目录 ( Docs ) 中创建 AWS(默认)配置文件,并在 terraform 代码中删除您的凭证(首选选项,当您将配置存储在版本控制系统中时)。

于 2018-08-21T10:16:41.397 回答
1

正如@JimUdall 在评论中指出的那样,如果您在更新的后端配置上重新运行 init,则需要使用-reconfigure更新的配置来应用更改的配置。

terraform init -reconfigure
于 2020-08-28T13:06:22.877 回答