elasticsearch 创建ElasticSearch域时出错:ValidationException:身份验证错误
我最近在使用Terraform创建ES域时遇到了这个错误。我定义ES域的方式没有任何改变。然而,我确实开始在ALB层上使用SSL(AWS ACM证书),但这不应该影响这一点。你知道它在抱怨什么吗elasticsearch 创建ElasticSearch域时出错:ValidationException:身份验证错误,elasticsearch,terraform,aws-acm,elasticsearch,Terraform,Aws Acm,我最近在使用Terraform创建ES域时遇到了这个错误。我定义ES域的方式没有任何改变。然而,我确实开始在ALB层上使用SSL(AWS ACM证书),但这不应该影响这一点。你知道它在抱怨什么吗 resource "aws_elasticsearch_domain" "es" { domain_name = "${var.es_domain}" elasticsearch_version = "6.3" cluster_config { instance_type =
resource "aws_elasticsearch_domain" "es" {
domain_name = "${var.es_domain}"
elasticsearch_version = "6.3"
cluster_config {
instance_type = "r4.large.elasticsearch"
instance_count = 2
zone_awareness_enabled = true
}
vpc_options {
subnet_ids = "${var.private_subnet_ids}"
security_group_ids = [
"${aws_security_group.es_sg.id}"
]
}
ebs_options {
ebs_enabled = true
volume_size = 10
}
access_policies = <<CONFIG
{
"Version": "2012-10-17",
"Statement": [
{
"Action": "es:*",
"Principal": "*",
"Effect": "Allow",
"Resource": "arn:aws:es:${data.aws_region.current.name}:${data.aws_caller_identity.current.account_id}:domain/${var.es_domain}/*"
}
]
}
CONFIG
snapshot_options {
automated_snapshot_start_hour = 23
}
tags = {
Domain = "${var.es_domain}"
}
depends_on = [
"aws_iam_service_linked_role.es",
]
}
resource "aws_iam_service_linked_role" "es" {
aws_service_name = "es.amazonaws.com"
}
据我在控制台中看到的情况,AWS很快就验证并发布了证书。如图所示,它与ES域无关 有时在启用服务链接角色之前创建ES域时会出现这种情况,即使使用取决于 也许您可以尝试使用本地exec provisioner等待
resource "aws_iam_service_linked_role" "es" {
aws_service_name = "es.amazonaws.com"
provisioner "local-exec" {
command = "sleep 10"
}
}
您得到的完整错误是什么?您是否同时创建了这两个文件(例如相同的目录和状态文件)?@ydaetskcoR-这确实是完全的错误。是的,我正在同一目录和状态文件中创建ALB+ACM证书和ES。
resource "aws_iam_service_linked_role" "es" {
aws_service_name = "es.amazonaws.com"
provisioner "local-exec" {
command = "sleep 10"
}
}