Amazon web services 如何要求Terraform CLI使用其主机的AWS共享凭据而不是AWS EC2实例配置文件
试图通过用户数据脚本在AWS EC2上运行Terraform CLI v0.12.28。配置实例时,它应该自动启动基础结构构建 要构建的infra可能位于其他云或帐户上。凭据存储在SSM参数存储中。EC2实例具有允许访问参数存储的角色配置文件Amazon web services 如何要求Terraform CLI使用其主机的AWS共享凭据而不是AWS EC2实例配置文件,amazon-web-services,amazon-ec2,terraform,digital-ocean,terraform-provider-aws,Amazon Web Services,Amazon Ec2,Terraform,Digital Ocean,Terraform Provider Aws,试图通过用户数据脚本在AWS EC2上运行Terraform CLI v0.12.28。配置实例时,它应该自动启动基础结构构建 要构建的infra可能位于其他云或帐户上。凭据存储在SSM参数存储中。EC2实例具有允许访问参数存储的角色配置文件 export TF_LOG=TRACE export TF_IN_AUTOMATION=1 export AWS_PROFILE=digital_ocean export AWS_SDK_LOAD_CONFIG=1 AWS_EC2_METADATA_DIS
export TF_LOG=TRACE
export TF_IN_AUTOMATION=1
export AWS_PROFILE=digital_ocean
export AWS_SDK_LOAD_CONFIG=1
AWS_EC2_METADATA_DISABLED=true
/usr/local/bin/terraform init -input=false
[INFO] AWS Auth provider used: "SharedCredentialsProvider"
平台:EC2/Amazon Linux 2问题在于用户数据环境缺少一些变量 我在用户数据脚本中添加了以下内容,TF init按预期工作:
export AWS_AUTO_SCALING_HOME=/opt/aws/apitools/as
export AWS_CLOUDWATCH_HOME=/opt/aws/apitools/mon
export AWS_ELB_HOME=/opt/aws/apitools/elb
export AWS_PATH=/opt/aws
export EC2_AMITOOL_HOME=/opt/aws/amitools/ec2
export EC2_HOME=/opt/aws/apitools/ec2
export HOME=/root
export LOGNAME=root
export PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/opt/aws/bin:/root/bin
export SHELL=/bin/bash
export USER=root
# yum install ... &co
#
cat > /run/tf/run_tf <<EOF
#!/bin/bash
cd /run/tf/XXX
export TF_VAR_zzz="${...}"
export TF_LOG=TRACE
export TF_IN_AUTOMATION=1
export AWS_PROFILE="..."
export AWS_SDK_LOAD_CONFIG=1
export AWS_EC2_METADATA_DISABLED=true
export AWS_AUTO_SCALING_HOME=/opt/aws/apitools/as
export AWS_CLOUDWATCH_HOME=/opt/aws/apitools/mon
export AWS_ELB_HOME=/opt/aws/apitools/elb
export AWS_PATH=/opt/aws
export EC2_AMITOOL_HOME=/opt/aws/amitools/ec2
export EC2_HOME=/opt/aws/apitools/ec2
export HOME=/root
export LOGNAME=root
export PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/opt/aws/bin:/root/bin
export SHELL=/bin/bash
export USER=root
/usr/local/bin/terraform init -input=false
/usr/local/bin/terraform plan -input=false -out=tfplan
EOF
chmod 0755 /run/tf/run_tf
at now +2 minutes -f /run/tf/run_tf
#yum安装&有限公司
#
cat>/run/tf/run\u tf问题在于用户数据环境缺少一些变量
我在用户数据脚本中添加了以下内容,TF init按预期工作:
export AWS_AUTO_SCALING_HOME=/opt/aws/apitools/as
export AWS_CLOUDWATCH_HOME=/opt/aws/apitools/mon
export AWS_ELB_HOME=/opt/aws/apitools/elb
export AWS_PATH=/opt/aws
export EC2_AMITOOL_HOME=/opt/aws/amitools/ec2
export EC2_HOME=/opt/aws/apitools/ec2
export HOME=/root
export LOGNAME=root
export PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/opt/aws/bin:/root/bin
export SHELL=/bin/bash
export USER=root
实际上,更具体地说,用户数据脚本执行一些设置(创建目录、安装包等),并使用“at”延迟TF调用。这是为了使EC2实例能够正确引导
环境变量位于“at”脚本中
# yum install ... &co
#
cat > /run/tf/run_tf <<EOF
#!/bin/bash
cd /run/tf/XXX
export TF_VAR_zzz="${...}"
export TF_LOG=TRACE
export TF_IN_AUTOMATION=1
export AWS_PROFILE="..."
export AWS_SDK_LOAD_CONFIG=1
export AWS_EC2_METADATA_DISABLED=true
export AWS_AUTO_SCALING_HOME=/opt/aws/apitools/as
export AWS_CLOUDWATCH_HOME=/opt/aws/apitools/mon
export AWS_ELB_HOME=/opt/aws/apitools/elb
export AWS_PATH=/opt/aws
export EC2_AMITOOL_HOME=/opt/aws/amitools/ec2
export EC2_HOME=/opt/aws/apitools/ec2
export HOME=/root
export LOGNAME=root
export PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/opt/aws/bin:/root/bin
export SHELL=/bin/bash
export USER=root
/usr/local/bin/terraform init -input=false
/usr/local/bin/terraform plan -input=false -out=tfplan
EOF
chmod 0755 /run/tf/run_tf
at now +2 minutes -f /run/tf/run_tf
#yum安装&有限公司
#
cat>/run/tf/run\u tf