Warning: file_get_contents(/data/phpspider/zhask/data//catemap/1/amazon-web-services/14.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Amazon web services Terraform aws_iam_role_策略中的JSON语法错误_Amazon Web Services_Terraform_Terraform Provider Aws_Terraform Template File - Fatal编程技术网
Fatal编程技术网

Amazon web services Terraform aws_iam_role_策略中的JSON语法错误

amazon-web-services terraform

Amazon web services Terraform aws_iam_role_策略中的JSON语法错误,amazon-web-services,terraform,terraform-provider-aws,terraform-template-file,Amazon Web Services,Terraform,Terraform Provider Aws,Terraform Template File,因此,对于Terraform,我正在创建一个IAM策略并将其附加到一个角色。我目前正在运行: Terraform v0.12.16 provider.aws v2.40.0 provider.template v2.1.2 在执行代码时,我能够毫无问题地初始化terraform。运行terraform plan时,出现以下错误: Error: "policy" contains an invalid JSON: invalid character '}' looking for beginni

因此,对于Terraform,我正在创建一个IAM策略并将其附加到一个角色。我目前正在运行:

Terraform v0.12.16
provider.aws v2.40.0
provider.template v2.1.2
在执行代码时,我能够毫无问题地初始化terraform。运行terraform plan时,出现以下错误:

Error: "policy" contains an invalid JSON: invalid character '}' looking for beginning of value

  on ec2-iam.tf line 8, in resource "aws_iam_role_policy" "s3_ec2_policy":
   8: resource "aws_iam_role_policy" "s3_ec2_policy" {
我被这个错误缠住了。任何建议都会有帮助。下面是我的代码:

 data "template_file" "s3_web_policy" {
  template = file("scripts/iam/web-ec2-policy.json")
  vars = {
    s3_bucket_arn = "arn:aws:s3:::${var.my_app_s3_bucket}/*"
  }
}

resource "aws_iam_role_policy" "s3_ec2_policy" {
  name = "s3_ec2_policy"
  role = aws_iam_role.s3_ec2_role.id

  policy = data.template_file.s3_web_policy.rendered
}

resource "aws_iam_role" "s3_ec2_role" {
  name = "s3_ec2_role"

  assume_role_policy = file("scripts/iam/web-ec2-assume-role.json")
}
从字符串模板生成JSON时,经常会遇到语法错误,因为模板语言不知道JSON语法,因此作为tempate作者,您必须注意确保括号都正确嵌套,没有丢失或额外的逗号等

您通常可以通过生成JSON来避免此类问题:

如果策略定义看起来太大,无法包含在
资源
块中,您仍然可以根据需要将其分解到单独的模板文件中:

resource "aws_iam_role_policy" "s3_ec2_policy" {
  name = "s3_ec2_policy"
  role = aws_iam_role.s3_ec2_role.id

  policy = templatefile("${path.module}/scripts/iam/web-ec2-policy.json.tmpl", {
    s3_bucket_arn = "arn:aws:s3:::${var.my_app_s3_bucket}/*"
  })
}
…但是在模板内部,而不是使用单个模板插值,只需将整个模板作为对
jsonencode
的单个调用编写,如下所示:

${jsonencode({
  Version = "2012-10-17"
  Statement = [
    {
      # ...
      Resource = s3_bucket_arn
      # ...
    },
    # etc, etc
  ]
})}
请注意,
template_文件
数据源适用于Terraform 0.11及更早版本,而Terraform 0.12仅用于向后兼容。您应该改为使用,它具有相同的用途,但直接集成到Terraform语言中。

模板文件是什么样子的?可能有一个额外的空间或支架/支架处于打开状态。 
${jsonencode({
  Version = "2012-10-17"
  Statement = [
    {
      # ...
      Resource = s3_bucket_arn
      # ...
    },
    # etc, etc
  ]
})}