Amazon s3 S3后端:can';t覆盖AWS_S3_端点
我想使用S3后端远程存储我的tfstate 因为我想在Wasabi上使用bucket,而不是AWS,所以我将端点设置为Amazon s3 S3后端:can';t覆盖AWS_S3_端点,amazon-s3,terraform,Amazon S3,Terraform,我想使用S3后端远程存储我的tfstate 因为我想在Wasabi上使用bucket,而不是AWS,所以我将端点设置为s3.wasabisys.com 然而,terraform仍然尝试使用AWS 我尝试使用TF\u AWS\u S3\u ENDPOINT环境变量,但即使是硬编码的值也不起作用: terraform { backend "s3" { bucket = "my-bucket" key = "my-key" region = "us-eas
s3.wasabisys.com
然而,terraform仍然尝试使用AWS
我尝试使用TF\u AWS\u S3\u ENDPOINT
环境变量,但即使是硬编码的值也不起作用:
terraform {
backend "s3" {
bucket = "my-bucket"
key = "my-key"
region = "us-east-1"
endpoint = "s3.wasabisys.com"
access_key = "xxxx"
secret_key = "xxxx"
}
}
输出:
stanislas@mbp ~> terraform init
2018/10/25 08:53:35 [INFO] Terraform version: 0.11.10
2018/10/25 08:53:35 [INFO] Go runtime version: go1.11.1
2018/10/25 08:53:35 [INFO] CLI args: []string{"/usr/local/Cellar/terraform/0.11.10/bin/terraform", "init"}
2018/10/25 08:53:35 [DEBUG] Attempting to open CLI config file: /Users/stanislas/.terraformrc
2018/10/25 08:53:35 [DEBUG] File doesn't exist, but doesn't need to. Ignoring.
2018/10/25 08:53:35 [INFO] CLI command args: []string{"init"}
2018/10/25 08:53:35 [DEBUG] command: loading backend config file: /Users/stanislas/git/xxx
2018/10/25 08:53:35 [DEBUG] command: no data state file found for backend config
Initializing the backend...
2018/10/25 08:53:35 [DEBUG] New state was assigned lineage "be941477-7111-2a13-ceed-55e4fba0bcbd"
2018/10/25 08:53:35 [INFO] Building AWS region structure
2018/10/25 08:53:35 [INFO] Building AWS auth structure
2018/10/25 08:53:35 [INFO] Setting AWS metadata API timeout to 100ms
2018/10/25 08:53:36 [INFO] Ignoring AWS metadata API endpoint at default location as it doesn't return any instance-id
2018/10/25 08:53:36 [INFO] AWS Auth provider used: "StaticProvider"
2018/10/25 08:53:36 [INFO] Initializing DeviceFarm SDK connection
2018/10/25 08:53:36 [DEBUG] [aws-sdk-go] DEBUG: Request sts/GetCallerIdentity Details:
---[ REQUEST POST-SIGN ]-----------------------------
POST / HTTP/1.1
Host: sts.amazonaws.com
User-Agent: aws-sdk-go/1.14.31 (go1.11.1; darwin; amd64) APN/1.0 HashiCorp/1.0 Terraform/0.11.10
Content-Length: 43
Authorization: AWS4-HMAC-SHA256 Credential=xxx, SignedHeaders=content-length;content-type;host;x-amz-date, Signature=xxx
Content-Type: application/x-www-form-urlencoded; charset=utf-8
X-Amz-Date: 20181025T065336Z
Accept-Encoding: gzip
Action=GetCallerIdentity&Version=2011-06-15
-----------------------------------------------------
2018/10/25 08:53:36 [DEBUG] [aws-sdk-go] DEBUG: Response sts/GetCallerIdentity Details:
---[ RESPONSE ]--------------------------------------
HTTP/1.1 403 Forbidden
Connection: close
Content-Length: 306
Content-Type: text/xml
Date: Thu, 25 Oct 2018 06:53:36 GMT
X-Amzn-Requestid: xxx
-----------------------------------------------------
2018/10/25 08:53:36 [DEBUG] [aws-sdk-go] <ErrorResponse xmlns="https://sts.amazonaws.com/doc/2011-06-15/">
<Error>
<Type>Sender</Type>
<Code>InvalidClientTokenId</Code>
<Message>The security token included in the request is invalid.</Message>
</Error>
<RequestId>xxx</RequestId>
</ErrorResponse>
2018/10/25 08:53:36 [DEBUG] [aws-sdk-go] DEBUG: Validate Response sts/GetCallerIdentity failed, not retrying, error InvalidClientTokenId: The security token included in the request is invalid.
status code: 403, request id: xxx
2018/10/25 08:53:36 [DEBUG] plugin: waiting for all plugin processes to complete...
Error configuring the backend "s3": InvalidClientTokenId: The security token included in the request is invalid.
status code: 403, request id: xxx
Please update the configuration in your Terraform files to fix this error
then run this command again.
如您所见,Terraform向sts.amazonaws.com发送请求
我遗漏了什么吗?您是否尝试使用将以下选项设置为
true
跳过请求账户id的步骤
跳过凭证验证
skip\u get\u ec2\u平台
跳过元数据\u api\u检查