Conversation
Collaborator
|
Ran Plan for dir: Show Outputmodule.lambda-file-systems.data.archive_file.zip: Reading...
module.eks.data.http.workstation-external-ip: Reading...
module.lambda-file-systems.data.archive_file.zip: Read complete after 0s [id=7aa2bb50d6935e8ee924d21832910de2a59fe05b]
module.eks.data.http.workstation-external-ip: Read complete after 0s [id=http://ipv4.icanhazip.com]
module.lambda-file-systems.data.aws_availability_zones.available: Reading...
module.lambda-file-systems.data.aws_partition.current: Reading...
module.lambda-file-systems.data.aws_iam_policy_document.assume_role_policy: Reading...
module.lambda-file-systems.data.aws_iam_policy_document.assume_role_policy: Read complete after 0s [id=2690255455]
module.lambda-file-systems.data.aws_partition.current: Read complete after 0s [id=aws]
module.lambda-file-systems.data.aws_iam_policy.AWSLambdaVPCAccessExecutionRole: Reading...
module.lambda-file-systems.data.aws_iam_policy.AmazonElasticFileSystemClientFullAccess: Reading...
module.ecs-alb.data.aws_region.current: Reading...
module.ecs-alb.data.aws_region.current: Read complete after 0s [id=us-west-1]
module.ecs-alb.data.aws_availability_zones.available: Reading...
module.ecs-alb.data.aws_ssm_parameter.ecs_image_id: Reading...
module.eks.data.aws_availability_zones.available: Reading...
module.sagemaker.data.aws_region.current: Reading...
module.sagemaker.data.aws_iam_policy_document.assume_role: Reading...
module.sagemaker.data.aws_caller_identity.current: Reading...
module.sagemaker.data.aws_iam_policy_document.assume_role: Read complete after 0s [id=1147345228]
module.sagemaker.data.aws_region.current: Read complete after 0s [id=us-west-2]
module.sagemaker.data.aws_caller_identity.current: Read complete after 0s [id=425443422359]
module.lambda-file-systems.data.aws_availability_zones.available: Read complete after 1s [id=us-east-1]
module.lambda-file-systems.data.aws_iam_policy.AWSLambdaVPCAccessExecutionRole: Read complete after 1s [id=arn:aws:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole]
module.lambda-file-systems.data.aws_iam_policy.AmazonElasticFileSystemClientFullAccess: Read complete after 1s [id=arn:aws:iam::aws:policy/AmazonElasticFileSystemClientFullAccess]
module.ecs-alb.data.aws_ssm_parameter.ecs_image_id: Read complete after 1s [id=/aws/service/ecs/optimized-ami/amazon-linux-2023/recommended/image_id]
module.ecs-alb.data.aws_availability_zones.available: Read complete after 1s [id=us-west-1]
module.eks.data.aws_availability_zones.available: Read complete after 1s [id=us-west-2]
Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
+ create
<= read (data resources)
Terraform will perform the following actions:
# module.ecs-alb.aws_alb.main will be created
+ resource "aws_alb" "main" {
+ arn = (known after apply)
+ arn_suffix = (known after apply)
+ desync_mitigation_mode = "defensive"
+ dns_name = (known after apply)
+ drop_invalid_header_fields = false
+ enable_deletion_protection = false
+ enable_http2 = true
+ enable_tls_version_and_cipher_suite_headers = false
+ enable_waf_fail_open = false
+ enable_xff_client_port = false
+ enforce_security_group_inbound_rules_on_private_link_traffic = (known after apply)
+ id = (known after apply)
+ idle_timeout = 60
+ internal = (known after apply)
+ ip_address_type = (known after apply)
+ load_balancer_type = "application"
+ name = "tf-example-alb-ecs"
+ name_prefix = (known after apply)
+ preserve_host_header = false
+ security_groups = (known after apply)
+ subnets = (known after apply)
+ tags_all = (known after apply)
+ vpc_id = (known after apply)
+ xff_header_processing_mode = "append"
+ zone_id = (known after apply)
}
# module.ecs-alb.aws_alb_listener.front_end will be created
+ resource "aws_alb_listener" "front_end" {
+ arn = (known after apply)
+ id = (known after apply)
+ load_balancer_arn = (known after apply)
+ port = 80
+ protocol = "HTTP"
+ ssl_policy = (known after apply)
+ tags_all = (known after apply)
+ default_action {
+ order = (known after apply)
+ target_group_arn = (known after apply)
+ type = "forward"
}
}
# module.ecs-alb.aws_alb_target_group.test will be created
+ resource "aws_alb_target_group" "test" {
+ arn = (known after apply)
+ arn_suffix = (known after apply)
+ connection_termination = (known after apply)
+ deregistration_delay = "300"
+ id = (known after apply)
+ ip_address_type = (known after apply)
+ lambda_multi_value_headers_enabled = false
+ load_balancer_arns = (known after apply)
+ load_balancing_algorithm_type = (known after apply)
+ load_balancing_anomaly_mitigation = (known after apply)
+ load_balancing_cross_zone_enabled = (known after apply)
+ name = "tf-example-ecs-ghost"
+ name_prefix = (known after apply)
+ port = 8080
+ preserve_client_ip = (known after apply)
+ protocol = "HTTP"
+ protocol_version = (known after apply)
+ proxy_protocol_v2 = false
+ slow_start = 0
+ tags_all = (known after apply)
+ target_type = "instance"
+ vpc_id = (known after apply)
}
# module.ecs-alb.aws_autoscaling_group.app will be created
+ resource "aws_autoscaling_group" "app" {
+ arn = (known after apply)
+ availability_zones = (known after apply)
+ default_cooldown = (known after apply)
+ desired_capacity = 1
+ force_delete = false
+ force_delete_warm_pool = false
+ health_check_grace_period = 300
+ health_check_type = (known after apply)
+ id = (known after apply)
+ ignore_failed_scaling_activities = false
+ launch_configuration = (known after apply)
+ load_balancers = (known after apply)
+ max_size = 2
+ metrics_granularity = "1Minute"
+ min_size = 1
+ name = "tf-test-asg"
+ name_prefix = (known after apply)
+ predicted_capacity = (known after apply)
+ protect_from_scale_in = false
+ service_linked_role_arn = (known after apply)
+ target_group_arns = (known after apply)
+ vpc_zone_identifier = (known after apply)
+ wait_for_capacity_timeout = "10m"
+ warm_pool_size = (known after apply)
}
# module.ecs-alb.aws_cloudwatch_log_group.app will be created
+ resource "aws_cloudwatch_log_group" "app" {
+ arn = (known after apply)
+ id = (known after apply)
+ log_group_class = (known after apply)
+ name = "tf-ecs-group/app-ghost"
+ name_prefix = (known after apply)
+ retention_in_days = 0
+ skip_destroy = false
+ tags_all = (known after apply)
}
# module.ecs-alb.aws_cloudwatch_log_group.ecs will be created
+ resource "aws_cloudwatch_log_group" "ecs" {
+ arn = (known after apply)
+ id = (known after apply)
+ log_group_class = (known after apply)
+ name = "tf-ecs-group/ecs-agent"
+ name_prefix = (known after apply)
+ retention_in_days = 0
+ skip_destroy = false
+ tags_all = (known after apply)
}
# module.ecs-alb.aws_ecs_cluster.main will be created
+ resource "aws_ecs_cluster" "main" {
+ arn = (known after apply)
+ id = (known after apply)
+ name = "terraform_example_ecs_cluster"
+ tags_all = (known after apply)
}
# module.ecs-alb.aws_ecs_service.test will be created
+ resource "aws_ecs_service" "test" {
+ cluster = (known after apply)
+ deployment_maximum_percent = 200
+ deployment_minimum_healthy_percent = 100
+ desired_count = 1
+ enable_ecs_managed_tags = false
+ enable_execute_command = false
+ iam_role = "tf_example_ecs_role"
+ id = (known after apply)
+ launch_type = (known after apply)
+ name = "tf-example-ecs-ghost"
+ platform_version = (known after apply)
+ scheduling_strategy = "REPLICA"
+ tags_all = (known after apply)
+ task_definition = (known after apply)
+ triggers = (known after apply)
+ wait_for_steady_state = false
+ load_balancer {
+ container_name = "ghost"
+ container_port = 2368
+ target_group_arn = (known after apply)
}
}
# module.ecs-alb.aws_ecs_task_definition.ghost will be created
+ resource "aws_ecs_task_definition" "ghost" {
+ arn = (known after apply)
+ arn_without_revision = (known after apply)
+ container_definitions = jsonencode(
[
+ {
+ cpu = 256
+ essential = true
+ image = "ghost:latest"
+ logConfiguration = {
+ logDriver = "awslogs"
+ options = {
+ awslogs-group = "tf-ecs-group/app-ghost"
+ awslogs-region = "us-west-1"
}
}
+ memory = 512
+ name = "ghost"
+ portMappings = [
+ {
+ containerPort = 2368
+ hostPort = 0
},
]
},
]
)
+ family = "tf_example_ghost_td"
+ id = (known after apply)
+ network_mode = (known after apply)
+ revision = (known after apply)
+ skip_destroy = false
+ tags_all = (known after apply)
+ track_latest = false
}
# module.ecs-alb.aws_iam_instance_profile.app will be created
+ resource "aws_iam_instance_profile" "app" {
+ arn = (known after apply)
+ create_date = (known after apply)
+ id = (known after apply)
+ name = "tf-ecs-instprofile"
+ name_prefix = (known after apply)
+ path = "/"
+ role = "tf-ecs-example-instance-role"
+ tags_all = (known after apply)
+ unique_id = (known after apply)
}
# module.ecs-alb.aws_iam_role.app_instance will be created
+ resource "aws_iam_role" "app_instance" {
+ arn = (known after apply)
+ assume_role_policy = jsonencode(
{
+ Statement = [
+ {
+ Action = "sts:AssumeRole"
+ Effect = "Allow"
+ Principal = {
+ Service = "ec2.amazonaws.com"
}
+ Sid = ""
},
]
+ Version = "2012-10-17"
}
)
+ create_date = (known after apply)
+ force_detach_policies = false
+ id = (known after apply)
+ managed_policy_arns = (known after apply)
+ max_session_duration = 3600
+ name = "tf-ecs-example-instance-role"
+ name_prefix = (known after apply)
+ path = "/"
+ tags_all = (known after apply)
+ unique_id = (known after apply)
}
# module.ecs-alb.aws_iam_role.ecs_service will be created
+ resource "aws_iam_role" "ecs_service" {
+ arn = (known after apply)
+ assume_role_policy = jsonencode(
{
+ Statement = [
+ {
+ Action = "sts:AssumeRole"
+ Effect = "Allow"
+ Principal = {
+ Service = "ecs.amazonaws.com"
}
+ Sid = ""
},
]
+ Version = "2008-10-17"
}
)
+ create_date = (known after apply)
+ force_detach_policies = false
+ id = (known after apply)
+ managed_policy_arns = (known after apply)
+ max_session_duration = 3600
+ name = "tf_example_ecs_role"
+ name_prefix = (known after apply)
+ path = "/"
+ tags_all = (known after apply)
+ unique_id = (known after apply)
}
# module.ecs-alb.aws_iam_role_policy.ecs_service will be created
+ resource "aws_iam_role_policy" "ecs_service" {
+ id = (known after apply)
+ name = "tf_example_ecs_policy"
+ name_prefix = (known after apply)
+ policy = jsonencode(
{
+ Statement = [
+ {
+ Action = [
+ "ec2:Describe*",
+ "elasticloadbalancing:DeregisterInstancesFromLoadBalancer",
+ "elasticloadbalancing:DeregisterTargets",
+ "elasticloadbalancing:Describe*",
+ "elasticloadbalancing:RegisterInstancesWithLoadBalancer",
+ "elasticloadbalancing:RegisterTargets",
]
+ Effect = "Allow"
+ Resource = "*"
},
]
+ Version = "2012-10-17"
}
)
+ role = "tf_example_ecs_role"
}
# module.ecs-alb.aws_iam_role_policy.instance will be created
+ resource "aws_iam_role_policy" "instance" {
+ id = (known after apply)
+ name = "TfEcsExampleInstanceRole"
+ name_prefix = (known after apply)
+ policy = (known after apply)
+ role = "tf-ecs-example-instance-role"
}
# module.ecs-alb.aws_internet_gateway.gw will be created
+ resource "aws_internet_gateway" "gw" {
+ arn = (known after apply)
+ id = (known after apply)
+ owner_id = (known after apply)
+ tags_all = (known after apply)
+ vpc_id = (known after apply)
}
# module.ecs-alb.aws_launch_configuration.app will be created
+ resource "aws_launch_configuration" "app" {
+ arn = (known after apply)
+ associate_public_ip_address = true
+ ebs_optimized = (known after apply)
+ enable_monitoring = true
+ iam_instance_profile = "tf-ecs-instprofile"
+ id = (known after apply)
+ image_id = (sensitive value)
+ instance_type = "t3.small"
+ key_name = (known after apply)
+ name = (known after apply)
+ name_prefix = (known after apply)
+ security_groups = (known after apply)
+ user_data = "0a75fa0afef151205e26a7a22261fb152bf1f785"
}
# module.ecs-alb.aws_route_table.r will be created
+ resource "aws_route_table" "r" {
+ arn = (known after apply)
+ id = (known after apply)
+ owner_id = (known after apply)
+ propagating_vgws = (known after apply)
+ route = [
+ {
+ carrier_gateway_id = ""
+ cidr_block = "0.0.0.0/0"
+ core_network_arn = ""
+ destination_prefix_list_id = ""
+ egress_only_gateway_id = ""
+ gateway_id = (known after apply)
+ ipv6_cidr_block = ""
+ local_gateway_id = ""
+ nat_gateway_id = ""
+ network_interface_id = ""
+ transit_gateway_id = ""
+ vpc_endpoint_id = ""
+ vpc_peering_connection_id = ""
},
]
+ tags_all = (known after apply)
+ vpc_id = (known after apply)
}
# module.ecs-alb.aws_route_table_association.a[0] will be created
+ resource "aws_route_table_association" "a" {
+ id = (known after apply)
+ route_table_id = (known after apply)
+ subnet_id = (known after apply)
}
# module.ecs-alb.aws_route_table_association.a[1] will be created
+ resource "aws_route_table_association" "a" {
+ id = (known after apply)
+ route_table_id = (known after apply)
+ subnet_id = (known after apply)
}
# module.ecs-alb.aws_security_group.instance_sg will be created
+ resource "aws_security_group" "instance_sg" {
+ arn = (known after apply)
+ description = "controls direct access to application instances"
+ egress = [
+ {
+ cidr_blocks = [
+ "0.0.0.0/0",
]
+ description = ""
+ from_port = 0
+ ipv6_cidr_blocks = []
+ prefix_list_ids = []
+ protocol = "-1"
+ security_groups = []
+ self = false
+ to_port = 0
},
]
+ id = (known after apply)
+ ingress = [
+ {
+ cidr_blocks = [
+ "1.2.3.4/32",
]
+ description = ""
+ from_port = 22
+ ipv6_cidr_blocks = []
+ prefix_list_ids = []
+ protocol = "tcp"
+ security_groups = []
+ self = false
+ to_port = 22
},
+ {
+ cidr_blocks = []
+ description = ""
+ from_port = 32768
+ ipv6_cidr_blocks = []
+ prefix_list_ids = []
+ protocol = "tcp"
+ security_groups = (known after apply)
+ self = false
+ to_port = 61000
},
]
+ name = "tf-ecs-instsg"
+ name_prefix = (known after apply)
+ owner_id = (known after apply)
+ revoke_rules_on_delete = false
+ tags_all = (known after apply)
+ vpc_id = (known after apply)
}
# module.ecs-alb.aws_security_group.lb_sg will be created
+ resource "aws_security_group" "lb_sg" {
+ arn = (known after apply)
+ description = "controls access to the application ELB"
+ egress = [
+ {
+ cidr_blocks = [
+ "0.0.0.0/0",
]
+ description = ""
+ from_port = 0
+ ipv6_cidr_blocks = []
+ prefix_list_ids = []
+ protocol = "-1"
+ security_groups = []
+ self = false
+ to_port = 0
},
]
+ id = (known after apply)
+ ingress = [
+ {
+ cidr_blocks = [
+ "0.0.0.0/0",
]
+ description = ""
+ from_port = 80
+ ipv6_cidr_blocks = []
+ prefix_list_ids = []
+ protocol = "tcp"
+ security_groups = []
+ self = false
+ to_port = 80
},
]
+ name = "tf-ecs-lbsg"
+ name_prefix = (known after apply)
+ owner_id = (known after apply)
+ revoke_rules_on_delete = false
+ tags_all = (known after apply)
+ vpc_id = (known after apply)
}
# module.ecs-alb.aws_subnet.main[0] will be created
+ resource "aws_subnet" "main" {
+ arn = (known after apply)
+ assign_ipv6_address_on_creation = false
+ availability_zone = "us-west-1b"
+ availability_zone_id = (known after apply)
+ cidr_block = "10.10.0.0/24"
+ enable_dns64 = false
+ enable_resource_name_dns_a_record_on_launch = false
+ enable_resource_name_dns_aaaa_record_on_launch = false
+ id = (known after apply)
+ ipv6_cidr_block_association_id = (known after apply)
+ ipv6_native = false
+ map_public_ip_on_launch = false
+ owner_id = (known after apply)
+ private_dns_hostname_type_on_launch = (known after apply)
+ tags_all = (known after apply)
+ vpc_id = (known after apply)
}
# module.ecs-alb.aws_subnet.main[1] will be created
+ resource "aws_subnet" "main" {
+ arn = (known after apply)
+ assign_ipv6_address_on_creation = false
+ availability_zone = "us-west-1c"
+ availability_zone_id = (known after apply)
+ cidr_block = "10.10.1.0/24"
+ enable_dns64 = false
+ enable_resource_name_dns_a_record_on_launch = false
+ enable_resource_name_dns_aaaa_record_on_launch = false
+ id = (known after apply)
+ ipv6_cidr_block_association_id = (known after apply)
+ ipv6_native = false
+ map_public_ip_on_launch = false
+ owner_id = (known after apply)
+ private_dns_hostname_type_on_launch = (known after apply)
+ tags_all = (known after apply)
+ vpc_id = (known after apply)
}
# module.ecs-alb.aws_vpc.main will be created
+ resource "aws_vpc" "main" {
+ arn = (known after apply)
+ cidr_block = "10.10.0.0/16"
+ default_network_acl_id = (known after apply)
+ default_route_table_id = (known after apply)
+ default_security_group_id = (known after apply)
+ dhcp_options_id = (known after apply)
+ enable_dns_hostnames = (known after apply)
+ enable_dns_support = true
+ enable_network_address_usage_metrics = (known after apply)
+ id = (known after apply)
+ instance_tenancy = "default"
+ ipv6_association_id = (known after apply)
+ ipv6_cidr_block = (known after apply)
+ ipv6_cidr_block_network_border_group = (known after apply)
+ main_route_table_id = (known after apply)
+ owner_id = (known after apply)
+ tags_all = (known after apply)
}
# module.eks.aws_eks_cluster.demo will be created
+ resource "aws_eks_cluster" "demo" {
+ arn = (known after apply)
+ certificate_authority = (known after apply)
+ cluster_id = (known after apply)
+ created_at = (known after apply)
+ endpoint = (known after apply)
+ id = (known after apply)
+ identity = (known after apply)
+ name = "terraform-eks-demo"
+ platform_version = (known after apply)
+ role_arn = (known after apply)
+ status = (known after apply)
+ tags_all = (known after apply)
+ version = (known after apply)
+ vpc_config {
+ cluster_security_group_id = (known after apply)
+ endpoint_private_access = false
+ endpoint_public_access = true
+ public_access_cidrs = (known after apply)
+ security_group_ids = (known after apply)
+ subnet_ids = (known after apply)
+ vpc_id = (known after apply)
}
}
# module.eks.aws_eks_node_group.demo will be created
+ resource "aws_eks_node_group" "demo" {
+ ami_type = (known after apply)
+ arn = (known after apply)
+ capacity_type = (known after apply)
+ cluster_name = "terraform-eks-demo"
+ disk_size = (known after apply)
+ id = (known after apply)
+ instance_types = (known after apply)
+ node_group_name = "demo"
+ node_group_name_prefix = (known after apply)
+ node_role_arn = (known after apply)
+ release_version = (known after apply)
+ resources = (known after apply)
+ status = (known after apply)
+ subnet_ids = (known after apply)
+ tags_all = (known after apply)
+ version = (known after apply)
+ scaling_config {
+ desired_size = 1
+ max_size = 1
+ min_size = 1
}
}
# module.eks.aws_iam_role.demo-cluster will be created
+ resource "aws_iam_role" "demo-cluster" {
+ arn = (known after apply)
+ assume_role_policy = jsonencode(
{
+ Statement = [
+ {
+ Action = "sts:AssumeRole"
+ Effect = "Allow"
+ Principal = {
+ Service = "eks.amazonaws.com"
}
},
]
+ Version = "2012-10-17"
}
)
+ create_date = (known after apply)
+ force_detach_policies = false
+ id = (known after apply)
+ managed_policy_arns = (known after apply)
+ max_session_duration = 3600
+ name = "terraform-eks-demo-cluster"
+ name_prefix = (known after apply)
+ path = "/"
+ tags_all = (known after apply)
+ unique_id = (known after apply)
}
# module.eks.aws_iam_role.demo-node will be created
+ resource "aws_iam_role" "demo-node" {
+ arn = (known after apply)
+ assume_role_policy = jsonencode(
{
+ Statement = [
+ {
+ Action = "sts:AssumeRole"
+ Effect = "Allow"
+ Principal = {
+ Service = "ec2.amazonaws.com"
}
},
]
+ Version = "2012-10-17"
}
)
+ create_date = (known after apply)
+ force_detach_policies = false
+ id = (known after apply)
+ managed_policy_arns = (known after apply)
+ max_session_duration = 3600
+ name = "terraform-eks-demo-node"
+ name_prefix = (known after apply)
+ path = "/"
+ tags_all = (known after apply)
+ unique_id = (known after apply)
}
# module.eks.aws_iam_role_policy_attachment.demo-cluster-AmazonEKSClusterPolicy will be created
+ resource "aws_iam_role_policy_attachment" "demo-cluster-AmazonEKSClusterPolicy" {
+ id = (known after apply)
+ policy_arn = "arn:aws:iam::aws:policy/AmazonEKSClusterPolicy"
+ role = "terraform-eks-demo-cluster"
}
# module.eks.aws_iam_role_policy_attachment.demo-cluster-AmazonEKSVPCResourceController will be created
+ resource "aws_iam_role_policy_attachment" "demo-cluster-AmazonEKSVPCResourceController" {
+ id = (known after apply)
+ policy_arn = "arn:aws:iam::aws:policy/AmazonEKSVPCResourceController"
+ role = "terraform-eks-demo-cluster"
}
# module.eks.aws_iam_role_policy_attachment.demo-node-AmazonEC2ContainerRegistryReadOnly will be created
+ resource "aws_iam_role_policy_attachment" "demo-node-AmazonEC2ContainerRegistryReadOnly" {
+ id = (known after apply)
+ policy_arn = "arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly"
+ role = "terraform-eks-demo-node"
}
# module.eks.aws_iam_role_policy_attachment.demo-node-AmazonEKSWorkerNodePolicy will be created
+ resource "aws_iam_role_policy_attachment" "demo-node-AmazonEKSWorkerNodePolicy" {
+ id = (known after apply)
+ policy_arn = "arn:aws:iam::aws:policy/AmazonEKSWorkerNodePolicy"
+ role = "terraform-eks-demo-node"
}
# module.eks.aws_iam_role_policy_attachment.demo-node-AmazonEKS_CNI_Policy will be created
+ resource "aws_iam_role_policy_attachment" "demo-node-AmazonEKS_CNI_Policy" {
+ id = (known after apply)
+ policy_arn = "arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy"
+ role = "terraform-eks-demo-node"
}
# module.eks.aws_internet_gateway.demo will be created
+ resource "aws_internet_gateway" "demo" {
+ arn = (known after apply)
+ id = (known after apply)
+ owner_id = (known after apply)
+ tags = {
+ "Name" = "terraform-eks-demo"
}
+ tags_all = {
+ "Name" = "terraform-eks-demo"
}
+ vpc_id = (known after apply)
}
# module.eks.aws_route_table.demo will be created
+ resource "aws_route_table" "demo" {
+ arn = (known after apply)
+ id = (known after apply)
+ owner_id = (known after apply)
+ propagating_vgws = (known after apply)
+ route = [
+ {
+ carrier_gateway_id = ""
+ cidr_block = "0.0.0.0/0"
+ core_network_arn = ""
+ destination_prefix_list_id = ""
+ egress_only_gateway_id = ""
+ gateway_id = (known after apply)
+ ipv6_cidr_block = ""
+ local_gateway_id = ""
+ nat_gateway_id = ""
+ network_interface_id = ""
+ transit_gateway_id = ""
+ vpc_endpoint_id = ""
+ vpc_peering_connection_id = ""
},
]
+ tags_all = (known after apply)
+ vpc_id = (known after apply)
}
# module.eks.aws_route_table_association.demo[0] will be created
+ resource "aws_route_table_association" "demo" {
+ id = (known after apply)
+ route_table_id = (known after apply)
+ subnet_id = (known after apply)
}
# module.eks.aws_route_table_association.demo[1] will be created
+ resource "aws_route_table_association" "demo" {
+ id = (known after apply)
+ route_table_id = (known after apply)
+ subnet_id = (known after apply)
}
# module.eks.aws_security_group.demo-cluster will be created
+ resource "aws_security_group" "demo-cluster" {
+ arn = (known after apply)
+ description = "Cluster communication with worker nodes"
+ egress = [
+ {
+ cidr_blocks = [
+ "0.0.0.0/0",
]
+ description = ""
+ from_port = 0
+ ipv6_cidr_blocks = []
+ prefix_list_ids = []
+ protocol = "-1"
+ security_groups = []
+ self = false
+ to_port = 0
},
]
+ id = (known after apply)
+ ingress = (known after apply)
+ name = "terraform-eks-demo-cluster"
+ name_prefix = (known after apply)
+ owner_id = (known after apply)
+ revoke_rules_on_delete = false
+ tags = {
+ "Name" = "terraform-eks-demo"
}
+ tags_all = {
+ "Name" = "terraform-eks-demo"
}
+ vpc_id = (known after apply)
}
# module.eks.aws_security_group_rule.demo-cluster-ingress-workstation-https will be created
+ resource "aws_security_group_rule" "demo-cluster-ingress-workstation-https" {
+ cidr_blocks = [
+ "151.0.207.195/32",
]
+ description = "Allow workstation to communicate with the cluster API Server"
+ from_port = 443
+ id = (known after apply)
+ protocol = "tcp"
+ security_group_id = (known after apply)
+ security_group_rule_id = (known after apply)
+ self = false
+ source_security_group_id = (known after apply)
+ to_port = 443
+ type = "ingress"
}
# module.eks.aws_subnet.demo[0] will be created
+ resource "aws_subnet" "demo" {
+ arn = (known after apply)
+ assign_ipv6_address_on_creation = false
+ availability_zone = "us-west-2a"
+ availability_zone_id = (known after apply)
+ cidr_block = "10.0.0.0/24"
+ enable_dns64 = false
+ enable_resource_name_dns_a_record_on_launch = false
+ enable_resource_name_dns_aaaa_record_on_launch = false
+ id = (known after apply)
+ ipv6_cidr_block_association_id = (known after apply)
+ ipv6_native = false
+ map_public_ip_on_launch = true
+ owner_id = (known after apply)
+ private_dns_hostname_type_on_launch = (known after apply)
+ tags = {
+ "Name" = "terraform-eks-demo-node"
+ "kubernetes.io/cluster/terraform-eks-demo" = "shared"
}
+ tags_all = {
+ "Name" = "terraform-eks-demo-node"
+ "kubernetes.io/cluster/terraform-eks-demo" = "shared"
}
+ vpc_id = (known after apply)
}
# module.eks.aws_subnet.demo[1] will be created
+ resource "aws_subnet" "demo" {
+ arn = (known after apply)
+ assign_ipv6_address_on_creation = false
+ availability_zone = "us-west-2b"
+ availability_zone_id = (known after apply)
+ cidr_block = "10.0.1.0/24"
+ enable_dns64 = false
+ enable_resource_name_dns_a_record_on_launch = false
+ enable_resource_name_dns_aaaa_record_on_launch = false
+ id = (known after apply)
+ ipv6_cidr_block_association_id = (known after apply)
+ ipv6_native = false
+ map_public_ip_on_launch = true
+ owner_id = (known after apply)
+ private_dns_hostname_type_on_launch = (known after apply)
+ tags = {
+ "Name" = "terraform-eks-demo-node"
+ "kubernetes.io/cluster/terraform-eks-demo" = "shared"
}
+ tags_all = {
+ "Name" = "terraform-eks-demo-node"
+ "kubernetes.io/cluster/terraform-eks-demo" = "shared"
}
+ vpc_id = (known after apply)
}
# module.eks.aws_vpc.demo will be created
+ resource "aws_vpc" "demo" {
+ arn = (known after apply)
+ cidr_block = "10.0.0.0/16"
+ default_network_acl_id = (known after apply)
+ default_route_table_id = (known after apply)
+ default_security_group_id = (known after apply)
+ dhcp_options_id = (known after apply)
+ enable_dns_hostnames = (known after apply)
+ enable_dns_support = true
+ enable_network_address_usage_metrics = (known after apply)
+ id = (known after apply)
+ instance_tenancy = "default"
+ ipv6_association_id = (known after apply)
+ ipv6_cidr_block = (known after apply)
+ ipv6_cidr_block_network_border_group = (known after apply)
+ main_route_table_id = (known after apply)
+ owner_id = (known after apply)
+ tags = {
+ "Name" = "terraform-eks-demo-node"
+ "kubernetes.io/cluster/terraform-eks-demo" = "shared"
}
+ tags_all = {
+ "Name" = "terraform-eks-demo-node"
+ "kubernetes.io/cluster/terraform-eks-demo" = "shared"
}
}
# module.elb.aws_elb.web will be created
+ resource "aws_elb" "web" {
+ arn = (known after apply)
+ availability_zones = (known after apply)
+ connection_draining = true
+ connection_draining_timeout = 400
+ cross_zone_load_balancing = true
+ desync_mitigation_mode = "defensive"
+ dns_name = (known after apply)
+ id = (known after apply)
+ idle_timeout = 400
+ instances = (known after apply)
+ internal = (known after apply)
+ name = "example-elb"
+ name_prefix = (known after apply)
+ security_groups = (known after apply)
+ source_security_group = (known after apply)
+ source_security_group_id = (known after apply)
+ subnets = (known after apply)
+ tags_all = (known after apply)
+ zone_id = (known after apply)
+ health_check {
+ healthy_threshold = 2
+ interval = 30
+ target = "HTTP:80/"
+ timeout = 3
+ unhealthy_threshold = 2
}
+ listener {
+ instance_port = 80
+ instance_protocol = "http"
+ lb_port = 80
+ lb_protocol = "http"
}
}
# module.elb.aws_instance.web will be created
+ resource "aws_instance" "web" {
+ ami = "ami-5f709f34"
+ arn = (known after apply)
+ associate_public_ip_address = (known after apply)
+ availability_zone = (known after apply)
+ cpu_core_count = (known after apply)
+ cpu_threads_per_core = (known after apply)
+ disable_api_stop = (known after apply)
+ disable_api_termination = (known after apply)
+ ebs_optimized = (known after apply)
+ get_password_data = false
+ host_id = (known after apply)
+ host_resource_group_arn = (known after apply)
+ iam_instance_profile = (known after apply)
+ id = (known after apply)
+ instance_initiated_shutdown_behavior = (known after apply)
+ instance_lifecycle = (known after apply)
+ instance_state = (known after apply)
+ instance_type = "t2.micro"
+ ipv6_address_count = (known after apply)
+ ipv6_addresses = (known after apply)
+ key_name = "terraform-aws-provider-example"
+ monitoring = (known after apply)
+ outpost_arn = (known after apply)
+ password_data = (known after apply)
+ placement_group = (known after apply)
+ placement_partition_number = (known after apply)
+ primary_network_interface_id = (known after apply)
+ private_dns = (known after apply)
+ private_ip = (known after apply)
+ public_dns = (known after apply)
+ public_ip = (known after apply)
+ secondary_private_ips = (known after apply)
+ security_groups = (known after apply)
+ source_dest_check = true
+ spot_instance_request_id = (known after apply)
+ subnet_id = (known after apply)
+ tags = {
+ "Name" = "elb-example"
}
+ tags_all = {
+ "Name" = "elb-example"
}
+ tenancy = (known after apply)
+ user_data = "a41cf0adaab665823c19a8f869f1cb12d597660b"
+ user_data_base64 = (known after apply)
+ user_data_replace_on_change = false
+ vpc_security_group_ids = (known after apply)
}
# module.elb.aws_internet_gateway.gw will be created
+ resource "aws_internet_gateway" "gw" {
+ arn = (known after apply)
+ id = (known after apply)
+ owner_id = (known after apply)
+ tags = {
+ "Name" = "tf_test_ig"
}
+ tags_all = {
+ "Name" = "tf_test_ig"
}
+ vpc_id = (known after apply)
}
# module.elb.aws_lb_cookie_stickiness_policy.default will be created
+ resource "aws_lb_cookie_stickiness_policy" "default" {
+ cookie_expiration_period = 600
+ id = (known after apply)
+ lb_port = 80
+ load_balancer = (known after apply)
+ name = "lbpolicy"
}
# module.elb.aws_route_table.r will be created
+ resource "aws_route_table" "r" {
+ arn = (known after apply)
+ id = (known after apply)
+ owner_id = (known after apply)
+ propagating_vgws = (known after apply)
+ route = [
+ {
+ carrier_gateway_id = ""
+ cidr_block = "0.0.0.0/0"
+ core_network_arn = ""
+ destination_prefix_list_id = ""
+ egress_only_gateway_id = ""
+ gateway_id = (known after apply)
+ ipv6_cidr_block = ""
+ local_gateway_id = ""
+ nat_gateway_id = ""
+ network_interface_id = ""
+ transit_gateway_id = ""
+ vpc_endpoint_id = ""
+ vpc_peering_connection_id = ""
},
]
+ tags = {
+ "Name" = "aws_route_table"
}
+ tags_all = {
+ "Name" = "aws_route_table"
}
+ vpc_id = (known after apply)
}
# module.elb.aws_route_table_association.a will be created
+ resource "aws_route_table_association" "a" {
+ id = (known after apply)
+ route_table_id = (known after apply)
+ subnet_id = (known after apply)
}
# module.elb.aws_security_group.default will be created
+ resource "aws_security_group" "default" {
+ arn = (known after apply)
+ description = "Used in the terraform"
+ egress = [
+ {
+ cidr_blocks = [
+ "0.0.0.0/0",
]
+ description = ""
+ from_port = 0
+ ipv6_cidr_blocks = []
+ prefix_list_ids = []
+ protocol = "-1"
+ security_groups = []
+ self = false
+ to_port = 0
},
]
+ id = (known after apply)
+ ingress = [
+ {
+ cidr_blocks = [
+ "0.0.0.0/0",
]
+ description = ""
+ from_port = 22
+ ipv6_cidr_blocks = []
+ prefix_list_ids = []
+ protocol = "tcp"
+ security_groups = []
+ self = false
+ to_port = 22
},
+ {
+ cidr_blocks = [
+ "0.0.0.0/0",
]
+ description = ""
+ from_port = 80
+ ipv6_cidr_blocks = []
+ prefix_list_ids = []
+ protocol = "tcp"
+ security_groups = []
+ self = false
+ to_port = 80
},
]
+ name = "instance_sg"
+ name_prefix = (known after apply)
+ owner_id = (known after apply)
+ revoke_rules_on_delete = false
+ tags_all = (known after apply)
+ vpc_id = (known after apply)
}
# module.elb.aws_security_group.elb will be created
+ resource "aws_security_group" "elb" {
+ arn = (known after apply)
+ description = "Used in the terraform"
+ egress = [
+ {
+ cidr_blocks = [
+ "0.0.0.0/0",
]
+ description = ""
+ from_port = 0
+ ipv6_cidr_blocks = []
+ prefix_list_ids = []
+ protocol = "-1"
+ security_groups = []
+ self = false
+ to_port = 0
},
]
+ id = (known after apply)
+ ingress = [
+ {
+ cidr_blocks = [
+ "0.0.0.0/0",
]
+ description = ""
+ from_port = 80
+ ipv6_cidr_blocks = []
+ prefix_list_ids = []
+ protocol = "tcp"
+ security_groups = []
+ self = false
+ to_port = 80
},
]
+ name = "elb_sg"
+ name_prefix = (known after apply)
+ owner_id = (known after apply)
+ revoke_rules_on_delete = false
+ tags_all = (known after apply)
+ vpc_id = (known after apply)
}
# module.elb.aws_subnet.tf_test_subnet will be created
+ resource "aws_subnet" "tf_test_subnet" {
+ arn = (known after apply)
+ assign_ipv6_address_on_creation = false
+ availability_zone = (known after apply)
+ availability_zone_id = (known after apply)
+ cidr_block = "10.0.0.0/24"
+ enable_dns64 = false
+ enable_resource_name_dns_a_record_on_launch = false
+ enable_resource_name_dns_aaaa_record_on_launch = false
+ id = (known after apply)
+ ipv6_cidr_block_association_id = (known after apply)
+ ipv6_native = false
+ map_public_ip_on_launch = true
+ owner_id = (known after apply)
+ private_dns_hostname_type_on_launch = (known after apply)
+ tags = {
+ "Name" = "tf_test_subnet"
}
+ tags_all = {
+ "Name" = "tf_test_subnet"
}
+ vpc_id = (known after apply)
}
# module.elb.aws_vpc.default will be created
+ resource "aws_vpc" "default" {
+ arn = (known after apply)
+ cidr_block = "10.0.0.0/16"
+ default_network_acl_id = (known after apply)
+ default_route_table_id = (known after apply)
+ default_security_group_id = (known after apply)
+ dhcp_options_id = (known after apply)
+ enable_dns_hostnames = true
+ enable_dns_support = true
+ enable_network_address_usage_metrics = (known after apply)
+ id = (known after apply)
+ instance_tenancy = "default"
+ ipv6_association_id = (known after apply)
+ ipv6_cidr_block = (known after apply)
+ ipv6_cidr_block_network_border_group = (known after apply)
+ main_route_table_id = (known after apply)
+ owner_id = (known after apply)
+ tags = {
+ "Name" = "tf_test"
}
+ tags_all = {
+ "Name" = "tf_test"
}
}
# module.lambda-file-systems.aws_default_security_group.default will be created
+ resource "aws_default_security_group" "default" {
+ arn = (known after apply)
+ description = (known after apply)
+ egress = [
+ {
+ cidr_blocks = [
+ "0.0.0.0/0",
]
+ description = ""
+ from_port = 0
+ ipv6_cidr_blocks = []
+ prefix_list_ids = []
+ protocol = "-1"
+ security_groups = []
+ self = false
+ to_port = 0
},
]
+ id = (known after apply)
+ ingress = [
+ {
+ cidr_blocks = []
+ description = ""
+ from_port = 0
+ ipv6_cidr_blocks = []
+ prefix_list_ids = []
+ protocol = "-1"
+ security_groups = []
+ self = true
+ to_port = 0
},
]
+ name = (known after apply)
+ name_prefix = (known after apply)
+ owner_id = (known after apply)
+ revoke_rules_on_delete = false
+ tags_all = (known after apply)
+ vpc_id = (known after apply)
}
# module.lambda-file-systems.aws_default_subnet.default_az1 will be created
+ resource "aws_default_subnet" "default_az1" {
+ arn = (known after apply)
+ assign_ipv6_address_on_creation = false
+ availability_zone = "us-east-1a"
+ availability_zone_id = (known after apply)
+ cidr_block = (known after apply)
+ enable_dns64 = false
+ enable_lni_at_device_index = (known after apply)
+ enable_resource_name_dns_a_record_on_launch = false
+ enable_resource_name_dns_aaaa_record_on_launch = false
+ existing_default_subnet = (known after apply)
+ force_destroy = false
+ id = (known after apply)
+ ipv6_cidr_block = (known after apply)
+ ipv6_cidr_block_association_id = (known after apply)
+ ipv6_native = false
+ map_public_ip_on_launch = true
+ outpost_arn = (known after apply)
+ owner_id = (known after apply)
+ private_dns_hostname_type_on_launch = (known after apply)
+ tags_all = (known after apply)
+ vpc_id = (known after apply)
}
# module.lambda-file-systems.aws_default_subnet.default_az2 will be created
+ resource "aws_default_subnet" "default_az2" {
+ arn = (known after apply)
+ assign_ipv6_address_on_creation = false
+ availability_zone = "us-east-1b"
+ availability_zone_id = (known after apply)
+ cidr_block = (known after apply)
+ enable_dns64 = false
+ enable_lni_at_device_index = (known after apply)
+ enable_resource_name_dns_a_record_on_launch = false
+ enable_resource_name_dns_aaaa_record_on_launch = false
+ existing_default_subnet = (known after apply)
+ force_destroy = false
+ id = (known after apply)
+ ipv6_cidr_block = (known after apply)
+ ipv6_cidr_block_association_id = (known after apply)
+ ipv6_native = false
+ map_public_ip_on_launch = true
+ outpost_arn = (known after apply)
+ owner_id = (known after apply)
+ private_dns_hostname_type_on_launch = (known after apply)
+ tags_all = (known after apply)
+ vpc_id = (known after apply)
}
# module.lambda-file-systems.aws_default_vpc.default will be created
+ resource "aws_default_vpc" "default" {
+ arn = (known after apply)
+ cidr_block = (known after apply)
+ default_network_acl_id = (known after apply)
+ default_route_table_id = (known after apply)
+ default_security_group_id = (known after apply)
+ dhcp_options_id = (known after apply)
+ enable_dns_hostnames = true
+ enable_dns_support = true
+ enable_network_address_usage_metrics = (known after apply)
+ existing_default_vpc = (known after apply)
+ force_destroy = false
+ id = (known after apply)
+ instance_tenancy = (known after apply)
+ ipv6_association_id = (known after apply)
+ ipv6_cidr_block = (known after apply)
+ ipv6_cidr_block_network_border_group = (known after apply)
+ main_route_table_id = (known after apply)
+ owner_id = (known after apply)
+ tags_all = (known after apply)
}
# module.lambda-file-systems.aws_efs_access_point.access_point_lambda will be created
+ resource "aws_efs_access_point" "access_point_lambda" {
+ arn = (known after apply)
+ file_system_arn = (known after apply)
+ file_system_id = (known after apply)
+ id = (known after apply)
+ owner_id = (known after apply)
+ tags_all = (known after apply)
+ posix_user {
+ gid = 1000
+ uid = 1000
}
+ root_directory {
+ path = "/lambda"
+ creation_info {
+ owner_gid = 1000
+ owner_uid = 1000
+ permissions = "777"
}
}
}
# module.lambda-file-systems.aws_efs_file_system.efs_for_lambda will be created
+ resource "aws_efs_file_system" "efs_for_lambda" {
+ arn = (known after apply)
+ availability_zone_id = (known after apply)
+ availability_zone_name = (known after apply)
+ creation_token = (known after apply)
+ dns_name = (known after apply)
+ encrypted = (known after apply)
+ id = (known after apply)
+ kms_key_id = (known after apply)
+ name = (known after apply)
+ number_of_mount_targets = (known after apply)
+ owner_id = (known after apply)
+ performance_mode = (known after apply)
+ size_in_bytes = (known after apply)
+ tags = {
+ "Name" = "efs_for_lambda"
}
+ tags_all = {
+ "Name" = "efs_for_lambda"
}
+ throughput_mode = "bursting"
}
# module.lambda-file-systems.aws_efs_mount_target.mount_target_az1 will be created
+ resource "aws_efs_mount_target" "mount_target_az1" {
+ availability_zone_id = (known after apply)
+ availability_zone_name = (known after apply)
+ dns_name = (known after apply)
+ file_system_arn = (known after apply)
+ file_system_id = (known after apply)
+ id = (known after apply)
+ ip_address = (known after apply)
+ mount_target_dns_name = (known after apply)
+ network_interface_id = (known after apply)
+ owner_id = (known after apply)
+ security_groups = (known after apply)
+ subnet_id = (known after apply)
}
# module.lambda-file-systems.aws_efs_mount_target.mount_target_az2 will be created
+ resource "aws_efs_mount_target" "mount_target_az2" {
+ availability_zone_id = (known after apply)
+ availability_zone_name = (known after apply)
+ dns_name = (known after apply)
+ file_system_arn = (known after apply)
+ file_system_id = (known after apply)
+ id = (known after apply)
+ ip_address = (known after apply)
+ mount_target_dns_name = (known after apply)
+ network_interface_id = (known after apply)
+ owner_id = (known after apply)
+ security_groups = (known after apply)
+ subnet_id = (known after apply)
}
# module.lambda-file-systems.aws_iam_role.iam_role_for_lambda will be created
+ resource "aws_iam_role" "iam_role_for_lambda" {
+ arn = (known after apply)
+ assume_role_policy = jsonencode(
{
+ Statement = [
+ {
+ Action = "sts:AssumeRole"
+ Effect = "Allow"
+ Principal = {
+ Service = "lambda.amazonaws.com"
}
},
]
+ Version = "2012-10-17"
}
)
+ create_date = (known after apply)
+ force_detach_policies = false
+ id = (known after apply)
+ managed_policy_arns = (known after apply)
+ max_session_duration = 3600
+ name = (known after apply)
+ name_prefix = (known after apply)
+ path = "/"
+ tags_all = (known after apply)
+ unique_id = (known after apply)
}
# module.lambda-file-systems.aws_iam_role_policy_attachment.AWSLambdaVPCAccessExecutionRole-attach will be created
+ resource "aws_iam_role_policy_attachment" "AWSLambdaVPCAccessExecutionRole-attach" {
+ id = (known after apply)
+ policy_arn = "arn:aws:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole"
+ role = (known after apply)
}
# module.lambda-file-systems.aws_iam_role_policy_attachment.AmazonElasticFileSystemClientFullAccess-attach will be created
+ resource "Warning: Output length greater than max comment size. Continued in next comment. |
Collaborator
|
Continued plan output from previous comment. Show Outputaws_iam_role_policy_attachment" "AmazonElasticFileSystemClientFullAccess-attach" {
+ id = (known after apply)
+ policy_arn = "arn:aws:iam::aws:policy/AmazonElasticFileSystemClientFullAccess"
+ role = (known after apply)
}
# module.lambda-file-systems.aws_lambda_function.example_lambda will be created
+ resource "aws_lambda_function" "example_lambda" {
+ architectures = (known after apply)
+ arn = (known after apply)
+ filename = "hello_lambda.zip"
+ function_name = "hello_lambda"
+ handler = "hello_lambda.lambda_handler"
+ id = (known after apply)
+ invoke_arn = (known after apply)
+ last_modified = (known after apply)
+ memory_size = 128
+ package_type = "Zip"
+ publish = false
+ qualified_arn = (known after apply)
+ qualified_invoke_arn = (known after apply)
+ reserved_concurrent_executions = -1
+ role = (known after apply)
+ runtime = "python3.7"
+ signing_job_arn = (known after apply)
+ signing_profile_version_arn = (known after apply)
+ skip_destroy = false
+ source_code_hash = "eUlmHhO6Fix0OZDyg08kPxIQkrvsF4STLRQ2Zv3M6Es="
+ source_code_size = (known after apply)
+ tags_all = (known after apply)
+ timeout = 60
+ version = (known after apply)
+ environment {
+ variables = {
+ "greeting" = "Hello"
}
}
+ file_system_config {
+ arn = (known after apply)
+ local_mount_path = "/mnt/efs"
}
+ vpc_config {
+ ipv6_allowed_for_dual_stack = false
+ security_group_ids = (known after apply)
+ subnet_ids = (known after apply)
+ vpc_id = (known after apply)
}
}
# module.sagemaker.data.aws_iam_policy_document.foo will be read during apply
# (config refers to values not yet known)
<= data "aws_iam_policy_document" "foo" {
+ id = (known after apply)
+ json = (known after apply)
+ statement {
+ actions = [
+ "sagemaker:*",
]
+ effect = "Allow"
+ resources = [
+ "*",
]
}
+ statement {
+ actions = [
+ "cloudwatch:PutMetricData",
+ "ecr:BatchCheckLayerAvailability",
+ "ecr:BatchGetImage",
+ "ecr:GetAuthorizationToken",
+ "ecr:GetDownloadUrlForLayer",
+ "logs:CreateLogGroup",
+ "logs:CreateLogStream",
+ "logs:DescribeLogStreams",
+ "logs:PutLogEvents",
]
+ effect = "Allow"
+ resources = [
+ "*",
]
}
+ statement {
+ actions = [
+ "s3:GetObject",
]
+ effect = "Allow"
+ resources = [
+ (known after apply),
+ (known after apply),
]
}
}
# module.sagemaker.aws_iam_policy.foo will be created
+ resource "aws_iam_policy" "foo" {
+ arn = (known after apply)
+ description = "Allow SageMaker to create model"
+ id = (known after apply)
+ name = "terraform-sagemaker-example"
+ name_prefix = (known after apply)
+ path = "/"
+ policy = (known after apply)
+ policy_id = (known after apply)
+ tags_all = (known after apply)
}
# module.sagemaker.aws_iam_role.foo will be created
+ resource "aws_iam_role" "foo" {
+ arn = (known after apply)
+ assume_role_policy = jsonencode(
{
+ Statement = [
+ {
+ Action = "sts:AssumeRole"
+ Effect = "Allow"
+ Principal = {
+ Service = "sagemaker.amazonaws.com"
}
},
]
+ Version = "2012-10-17"
}
)
+ create_date = (known after apply)
+ force_detach_policies = false
+ id = (known after apply)
+ managed_policy_arns = (known after apply)
+ max_session_duration = 3600
+ name = "terraform-sagemaker-example"
+ name_prefix = (known after apply)
+ path = "/"
+ tags_all = (known after apply)
+ unique_id = (known after apply)
}
# module.sagemaker.aws_iam_role_policy_attachment.foo will be created
+ resource "aws_iam_role_policy_attachment" "foo" {
+ id = (known after apply)
+ policy_arn = (known after apply)
+ role = "terraform-sagemaker-example"
}
# module.sagemaker.aws_s3_bucket.foo will be created
+ resource "aws_s3_bucket" "foo" {
+ acceleration_status = (known after apply)
+ acl = (known after apply)
+ arn = (known after apply)
+ bucket = (known after apply)
+ bucket_domain_name = (known after apply)
+ bucket_prefix = (known after apply)
+ bucket_regional_domain_name = (known after apply)
+ force_destroy = true
+ hosted_zone_id = (known after apply)
+ id = (known after apply)
+ object_lock_enabled = (known after apply)
+ policy = (known after apply)
+ region = (known after apply)
+ request_payer = (known after apply)
+ tags_all = (known after apply)
+ website_domain = (known after apply)
+ website_endpoint = (known after apply)
}
# module.sagemaker.aws_s3_bucket_acl.foo_bucket_acl will be created
+ resource "aws_s3_bucket_acl" "foo_bucket_acl" {
+ acl = "private"
+ bucket = (known after apply)
+ id = (known after apply)
}
# module.sagemaker.aws_s3_object.object will be created
+ resource "aws_s3_object" "object" {
+ acl = (known after apply)
+ bucket = (known after apply)
+ bucket_key_enabled = (known after apply)
+ checksum_crc32 = (known after apply)
+ checksum_crc32c = (known after apply)
+ checksum_sha1 = (known after apply)
+ checksum_sha256 = (known after apply)
+ content_type = (known after apply)
+ etag = (known after apply)
+ force_destroy = false
+ id = (known after apply)
+ key = "model.tar.gz"
+ kms_key_id = (known after apply)
+ server_side_encryption = (known after apply)
+ source = "model.tar.gz"
+ storage_class = (known after apply)
+ tags_all = (known after apply)
+ version_id = (known after apply)
}
# module.sagemaker.aws_sagemaker_endpoint.foo will be created
+ resource "aws_sagemaker_endpoint" "foo" {
+ arn = (known after apply)
+ endpoint_config_name = "terraform-sagemaker-example"
+ id = (known after apply)
+ name = "terraform-sagemaker-example"
+ tags = {
+ "foo" = "bar"
}
+ tags_all = {
+ "foo" = "bar"
}
}
# module.sagemaker.aws_sagemaker_endpoint_configuration.foo will be created
+ resource "aws_sagemaker_endpoint_configuration" "foo" {
+ arn = (known after apply)
+ id = (known after apply)
+ name = "terraform-sagemaker-example"
+ name_prefix = (known after apply)
+ tags = {
+ "foo" = "bar"
}
+ tags_all = {
+ "foo" = "bar"
}
+ production_variants {
+ initial_instance_count = 1
+ initial_variant_weight = 1
+ instance_type = "ml.t2.medium"
+ model_name = "terraform-sagemaker-example"
+ variant_name = "variant-1"
+ volume_size_in_gb = (known after apply)
}
}
# module.sagemaker.aws_sagemaker_model.foo will be created
+ resource "aws_sagemaker_model" "foo" {
+ arn = (known after apply)
+ execution_role_arn = (known after apply)
+ id = (known after apply)
+ name = "terraform-sagemaker-example"
+ tags = {
+ "foo" = "bar"
}
+ tags_all = {
+ "foo" = "bar"
}
+ primary_container {
+ image = "425443422359.dkr.ecr.us-west-2.amazonaws.com/foo:latest"
+ mode = "SingleModel"
+ model_data_url = (known after apply)
}
}
# module.sagemaker.random_integer.bucket_suffix will be created
+ resource "random_integer" "bucket_suffix" {
+ id = (known after apply)
+ max = 99999
+ min = 1
+ result = (known after apply)
}
Plan: 74 to add, 0 to change, 0 to destroy.
╷
│ Warning: Redundant empty provider block
│
│ on eks/providers.tf line 18:
│ 18: provider "http" {}
│
│ Earlier versions of Terraform used empty provider blocks ("proxy provider
│ configurations") for child modules to declare their need to be passed a
│ provider configuration by their callers. That approach was ambiguous and is
│ now deprecated.
│
│ If you control this module, you can migrate to the new declaration syntax
│ by removing all of the empty provider "http" blocks and then adding or
│ updating an entry like the following to the required_providers block of
│ module.eks:
│ http = {
│ source = "hashicorp/http"
│ }
│
│ (and one more similar warning elsewhere)
╵
|
Collaborator
Inkdrop Diagram
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Here is an example of a Pull Request using Inkdrop custom image for Atlantis