仅在 terraform cloudflare 提供程序版本 >= 4.41.0 时才会出现此问题。在我们使用 4.40.0 版本的 cloudflare 提供商之前,它工作得很好
地形版本:1.9.8 cloudflare 提供商版本:4.46.0
受影响的资源 cloudflare_record
module "cusip-com-cname-record" {
source = "git::https://github.<org>.com/neteng/dns-modules.git//cloudflare//cname-record"
email-address = data.aws_ssm_parameter.email-address.value
api-key = data.aws_ssm_parameter.api-key.value
cname-records = {
"cusip.com/1/test1._domainkey" = {
zone-id = local.cusip-com
name = "test1._domainkey"
value = "target1.amazonses.com"
ttl = 600
}
"cusip.com/1/test2._domainkey" = {
zone-id = local.cusip-com
name = "test2._domainkey"
value = "target2.amazonses.com"
ttl = 600
}
}
Terraform 初始化输出
Initializing modules...
Initializing the backend...
Successfully configured the backend "s3"! Terraform will automatically
use this backend unless the backend configuration changes.
Initializing provider plugins...
Finding latest version of hashicorp/aws...
Finding latest version of cloudflare/cloudflare...
Installing hashicorp/aws v5.76.0...
Installed hashicorp/aws v5.76.0 (signed by HashiCorp)
Installing cloudflare/cloudflare v4.46.0...
Installed cloudflare/cloudflare v4.46.0 (self-signed, key ID )
Partner and community providers are signed by their developers.
If you'd like to know more about provider signing, you can read about it here:
https://www.terraform.io/docs/cli/plugins/signing.html
Terraform has created a lock file .terraform.lock.hcl to record the provider
selections it made above. Include this file in your version control repository
so that Terraform can guarantee to make the same selections by default when
you run "terraform init" in the future.
Terraform has been successfully initialized!
You may now begin working with Terraform. Try running "terraform plan" to see
any changes that are required for your infrastructure. All Terraform commands
should now work.
预期产出 由于这些记录已经存在 我预计 terraform 计划不会做出任何改变。您的基础设施与配置相匹配。
实际产量 尽管 .tf 文件中的配置没有更改,但 terraform plan gen 仍显示如下更改:
module.cusip-com-cname-record.cloudflare_record.cname-record["cusip.com/1/test1._domainkey"] will be updated in-place
~ resource "cloudflare_record" "cname-record" {
id = ""
name = "test1._domainkey"
tags = []
+ value = "target1.amazonses.com"
# (10 unchanged attributes hidden)
}
module.cusip-com-cname-record.cloudflare_record.cname- record["cusip.com/1/test2._domainkey"] will be updated in-place
~ resource "cloudflare_record" "cname-record" {
id = ""
name = "test2._domainkey"
tags = []
+ value = "target2.amazonses.com"
# (10 unchanged attributes hidden)
}
Plan: 0 to add, 2 to change, 0 to destroy.
仅在 terraform cloudflare 提供程序版本 >= 4.41.0 时才会出现此问题。在我们使用 4.40.0 版本的 cloudflare 提供商之前,它工作得很好
我在
变更日志中看到了
resource "cloudflare_record" 的很多更改
适用于提供商版本 4.42.0、4.41.0 和 4.39.0。
此外,我看到 terraform 不会尝试删除任何内容 - 只添加
value