在 google_redis_instance | Resources | hashicorp/google | Terraform Registry 裡面是這樣寫的:auth_enabled - (Optional) Optional. Indicates whether OSS Redis AUTH is enabled for the instance. If set to "true" AUTH is enabled on the instance. Default value is "false" meaning AUTH is disabled. auth_string - (Optional) AUTH String set on the instance. This field will only be populated if auth_enabled is true.redis 還是打開 auth 才安全, 所以當然就這樣設定:
resource "google_redis_instance" "this" { ... auth_enabled = true auth_string = "023dbce5e060641d09218027704ca4b3" ... }接著 terraform apply 下去打開 auth...Error: Value for unconfigurable attribute with module.redis.module.redis-general.google_redis_instance.this, on modules/redis/main.tf line 24, in resource "google_redis_instance" "this": 24: auth_string = "023dbce5e060641d09218027704ca4b3" Can't configure a value for "auth_string": its value will be decided automatically based on the result of applying this configuration.所以是會自動生成的意思? 那拿掉 auth_string 的設定, 先 terraform apply 上去之後, 再 terraform show 出來看 auth_string 的內容...# module.redis.module.redis-general.google_redis_instance.this: resource "google_redis_instance" "this" { alternative_location_id = "us-west1-c" auth_enabled = true auth_string = (sensitive value) ...竟然看不到... oroz 查了一下, 得用 terraform show -json 才看得到, 執行下去會得到一行很長很長的 json, 那就多用 jq 轉一下: terraform show -json | jq ."resources": [ { "address": "module.redis.module.redis-general.google_redis_instance.this", "mode": "managed", "type": "google_redis_instance", "name": "this", "provider_name": "registry.terraform.io/hashicorp/google", "schema_version": 0, "values": { "alternative_location_id": "us-west1-c", "auth_enabled": true, "auth_string": "ded6f8e9-5c32-4ebb-b0fb-086a444baa7f", ...終於看到啦~
2022年4月27日 星期三
Terraform - google_redis_instance with auth_enabled is true
訂閱:
張貼留言 (Atom)
沒有留言:
張貼留言