我正在尝试跨帐户创建气流环境;子网位于 aws account1 中,环境位于 aws account2 中..(我使用子网共享与 account1 共享 account2 中的 vpc)
resource "aws_mwaa_environment" "mwaa" {
count = upper(var.env) == "TST" || upper(var.env) == "REC" ? 1 : 0
name = "${module.std_naming_mwaa.name}-mwaa-environnement"
airflow_version = var.airflow_version
environment_class = var.environment_class
min_workers = var.min_workers
max_workers = var.max_workers
dag_s3_path = "dags"
plugins_s3_object_version = var.plugins_s3_object_version
plugins_s3_path = var.plugins_s3_path
requirements_s3_path = "requirements.txt"
execution_role_arn = aws_iam_role.mwaa[0].arn
airflow_configuration_options = var.airflow_configuration_options
source_bucket_arn = module.mwaa_s3[0].arn
webserver_access_mode = var.webserver_access_mode
weekly_maintenance_window_start = var.weekly_maintenance_window_start
network_configuration {
security_group_ids = [data.aws_security_group.cnr_mwaa_endpoints_sg[0].id]
subnet_ids = data.aws_subnets.subnet_mwaa.ids
}
logging_configuration {
dag_processing_logs {
enabled = true
log_level = "INFO"
}
scheduler_logs {
enabled = true
log_level = "INFO"
}
task_logs {
enabled = true
log_level = "INFO"
}
webserver_logs {
enabled = true
log_level = "INFO"
}
worker_logs {
enabled = true
log_level = "INFO"
}
}
lifecycle {
ignore_changes = [
plugins_s3_object_version,
requirements_s3_object_version,
startup_script_s3_object_version
]
}
}
我收到此错误消息:
Error: creating MWAA Environment (cnr-auxo-tst-dom1-mwaa-mwaa-environnement): operation error MWAA: CreateEnvironment, https response error StatusCode: 400, RequestID: 500595f9-5590-47df-890d-4ab5285a0eb0, ValidationException: All subnets do not belong to the user's account
知道我设法通过 aws 控制台创建了一个 env Airflow accross 帐户,是否有人有解释或可以帮助进行配置,以解决此问题..(如果需要,我可以分享更多详细信息)
提前谢谢您
我遇到了与您相同的问题,只需将端点_管理 =“CUSTOMER”放入您的 MWAA 资源中,即可解决问题。关于这个论点,terraform 文档没有很好的记录。