Terraform - 获取 terraform_remote_state 导致访问被拒绝

Question

我有 2 个模块 ..启动了一个 VPC 并添加了一些 s3 存储桶，输出保存在 s3 中。然后我添加了另一个模块重新初始化然后尝试计划

新模块如下所示。我需要使用数据来获取 vpc_id。

    provider "aws" {
  region                  = var.region
  shared_credentials_file = "$HOME/.aws/credentials"
  profile                 = "terraform"
}

terraform {
  backend "s3" {
    profile = "terraform"
    bucket = var.remote_state_bucket
    key    = var.remote_state_key
    region = var.region
  }
}

data "terraform_remote_state" "network_configuration" {
  backend = "s3"
  config = {
   bucket = var.remote_state_bucket
    key    = var.remote_state_key
    region = var.region
  }
}

当我跑步时

 terraform plan -var-file="test.tfvars"

由于 terraform_remote_state 块，我收到以下错误。我删除然后计划有效。

Error: AccessDenied: Access Denied
    status code: 403, request id: ZRTM92CVDQFRBF9T, host id: 0HYGuPq9Q7skZLtXvdR3mD6657g4fqUaQQNf2jP2GRcLx1vTxkYhFtyKAiTTLRBrEwECnPf0Y9A=

为什么？我不明白？我该如何解决？

Answer 1

您应该将profile 添加到您的config：

data "terraform_remote_state" "network_configuration" {
  backend = "s3"
  config = {
   bucket   = var.remote_state_bucket
    key     = var.remote_state_key
    region  = var.region
    profile = "terraform"
  }
}