我在 Terraform 中有以下配置
resource "aws_dynamodb_table" "scanner" {
name = "scanner"
read_capacity = 2
write_capacity = 1
hash_key = "public_ip"
attribute {
name = "public_ip"
type = "S"
}
attribute {
name = "region"
type = "S"
}
attribute {
name = "account_id"
type = "N"
}
global_secondary_index {
name = "cleanup-index"
hash_key = "account_id"
range_key = "region"
read_capacity = 1
write_capacity = 1
projection_type = "INCLUDE"
non_key_attributes = ["vpc_id", "instance_id", "integration_id", "private_ip"]
}
}
在我从 Terraform 0.7.13 升级到 0.9.6 之前,它一直工作得很完美。从那时起,Terraform 每次都会尝试重新创建索引:
~ aws_dynamodb_table.scanner
global_secondary_index.3508752412.hash_key: "" => "account_id"
global_secondary_index.3508752412.name: "" => "cleanup-index"
global_secondary_index.3508752412.non_key_attributes.#: "0" => "4"
global_secondary_index.3508752412.non_key_attributes.0: "" => "vpc_id"
global_secondary_index.3508752412.non_key_attributes.1: "" => "instance_id"
global_secondary_index.3508752412.non_key_attributes.2: "" => "integration_id"
global_secondary_index.3508752412.non_key_attributes.3: "" => "private_ip"
global_secondary_index.3508752412.projection_type: "" => "INCLUDE"
global_secondary_index.3508752412.range_key: "" => "region"
global_secondary_index.3508752412.read_capacity: "" => "1"
global_secondary_index.3508752412.write_capacity: "" => "1"
global_secondary_index.3860163270.hash_key: "account_id" => ""
global_secondary_index.3860163270.name: "cleanup-index" => ""
global_secondary_index.3860163270.non_key_attributes.#: "4" => "0"
global_secondary_index.3860163270.non_key_attributes.0: "vpc_id" => ""
global_secondary_index.3860163270.non_key_attributes.1: "instance_id" => ""
global_secondary_index.3860163270.non_key_attributes.2: "private_ip" => ""
global_secondary_index.3860163270.non_key_attributes.3: "integration_id" => ""
global_secondary_index.3860163270.projection_type: "INCLUDE" => ""
global_secondary_index.3860163270.range_key: "region" => ""
global_secondary_index.3860163270.read_capacity: "1" => "0"
global_secondary_index.3860163270.write_capacity: "1" => "0"
Terraform 在他们的文档中说:DynamoDB API 期望在创建或更新 GSI/LSI 或创建初始表时传递属性结构(名称和类型)。在这些情况下,它期望提供哈希/范围键;因为它们会在很多地方重复使用(即表的范围键可能是一个或多个 GSI 的一部分),所以它们存储在表对象上以防止重复并提高一致性。如果您在此处添加在这些场景中未使用的属性,则可能会导致规划中的无限循环。但我不认为我的配置与此相关。有类似经历吗?我怀疑与this有关系。谢谢!
最佳答案
有时底层提供者 API 会对 Terraform 提交的数据进行规范化或重组,以便读回时数据不同。
这似乎就是这种情况的一个例子。在配置中,non_key_attributes 列为 ["vpc_id", "instance_id", "integration_id", "private_ip"],但它们从 API 返回为 [“vpc_id”、“instance_id”、“private_ip”、“integration_id”]。
Terraform 中的一个错误是,它不认为这两者是等效的,如果确实(正如看起来的那样)排序不敏感,并且 DynamoDB API 可以按照与提交的顺序不同的顺序返回它们。
作为修复此错误之前的解决方法,可以对配置中的列表重新排序以匹配 API 返回的内容,这应该会导致 Terraform 不再看到差异。只要 API 从一个请求到下一个请求以一致的顺序返回列表,就应该可以工作。
关于amazon-dynamodb - Terraform DynamoDB 索引循环,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/44267243/