amazon-route53 - 为什么会出错，在Terraform aws_route53_record中出现 "alias target name does not lie within the target zone"？-6ren

amazon-route53 - 为什么会出错，在Terraform aws_route53_record中出现 "alias target name does not lie within the target zone"？

转载作者：行者123 更新时间：2023-12-03 16:06:38

使用Terraform 0.12，我正在S3存储桶中创建一个静态网站:

...

resource "aws_s3_bucket" "www" {
  bucket = "example.com"
  acl    = "public-read"
  policy = <<-POLICY
    {
      "Version": "2012-10-17",
      "Statement": [{
        "Sid": "AddPerm",
        "Effect": "Allow",
        "Principal": "*",
        "Action": ["s3:GetObject"],
        "Resource": ["arn:aws:s3:::example.com/*"]
      }]
    }
    POLICY
  website {
    index_document = "index.html"
    error_document = "404.html"
  }

  tags = {
    Environment = var.environment
    Terraform = "true"
  }
}

resource "aws_route53_zone" "main" {
  name = "example.com"

  tags = {
    Environment = var.environment
    Terraform = "true"
  }
}

resource "aws_route53_record" "main-ns" {
  zone_id = aws_route53_zone.main.zone_id
  name    = "example.com"
  type    = "A"
  alias {
    name                   = aws_s3_bucket.www.website_endpoint
    zone_id                = aws_route53_zone.main.zone_id
    evaluate_target_health = false
  }
}

我得到了错误:

Error: [ERR]: Error building changeset: InvalidChangeBatch:
[Tried to create an alias that targets example.com.s3-website-us-west-2.amazonaws.com., type A in zone Z1P...9HY, but the alias target name does not lie within the target zone, 
 Tried to create an alias that targets example.com.s3-website-us-west-2.amazonaws.com., type A in zone Z1P...9HY, but that target was not found]
    status code: 400, request id: 35...bc

  on main.tf line 132, in resource "aws_route53_record" "main-ns":
 132: resource "aws_route53_record" "main-ns" {

怎么了？

最佳答案

zone_id中的alias是S3存储桶区域ID，而不是Route 53区域ID。正确的aws_route53_record资源为:

resource "aws_route53_record" "main-ns" {
  zone_id = aws_route53_zone.main.zone_id
  name    = "example.com"
  type    = "A"
  alias {
    name                   = aws_s3_bucket.www.website_endpoint
    zone_id                = aws_s3_bucket.www.hosted_zone_id    # Corrected
    evaluate_target_health = false
  }
}

这是CloudFront的示例。变量是:

base_url = example.com
cloudfront_distribution = "EXXREDACTEDXXX"
domain_names = ["example.com", "www.example.com"]

Terraform代码为:

data "aws_route53_zone" "this" {
  name = var.base_url
}

data "aws_cloudfront_distribution" "this" {
  id = var.cloudfront_distribution
}

resource "aws_route53_record" "this" {
  for_each = toset(var.domain_names)
  zone_id = data.aws_route53_zone.this.zone_id
  name = each.value
  type = "A"
  alias {
    name    = data.aws_cloudfront_distribution.this.domain_name
    zone_id = data.aws_cloudfront_distribution.this.hosted_zone_id
    evaluate_target_health = false
  }
}

许多用户指定CloudFront的 zone_id = "Z2FDTNDATAQYW2"是因为它始终是 Z2FDTNDATAQYW2 ...直到某天可能不是。我喜欢通过使用数据源 aws_cloudfront_distribution计算字符串来避免文字字符串。

关于amazon-route53 - 为什么会出错，在Terraform aws_route53_record中出现 "alias target name does not lie within the target zone"？，我们在Stack Overflow上找到一个类似的问题： https://stackoverflow.com/questions/59584443/

文章推荐： angular - providedIn any 和 root 有什么区别

行者123

个人简介

我是一名优秀的程序员,十分优秀！

作者热门文章

滴滴打车优惠券免费领取

全站热门文章

首页

博学

6Ren·AI

商城

amazon-route53 - 为什么会出错，在Terraform aws_route53_record中出现 "alias target name does not lie within the target zone"？