It is required to create cloudfront public key using terraform, Here public key is separate based on environment and its stored as {env_name}.pem in directory name public-key-cf. env_name can be dev,stage,prod.
To achieve this below terraform block is used:
resource "aws_cloudfront_public_key" "documents-signing-key" {
name = "cf-public-key"
comment = "Public Key"
encoded_key = file("${path.module}/public-key-cf/"${var.environment}".pem)"
}
I am getting error as :
This character is not used within the language.
How to fix this issue?
Thanks.
CodePudding user response:
You seem to have syntax issues within your code and have used quotes in the wrong places. Please refer to String Templates for string interpolations in terraform.
- This is the structure I have used to simulate your query.
.
├── dependencies.tf
├── file_function_variable.tf
├── main.tf
└── public-key-cf
└── dev.pub
- Where file_function_variable.tf is the one where we focus mostly.
## File function within a sting input (multiple string interpolation).
resource "aws_security_group" "file_function_variable" {
name = "allow_tls"
description = "Allow TLS inbound traffic with ${file("${path.module}/public-key-cf/${var.environment}.pub")}"
vpc_id = local.vpc_id
tags = {
Name = "allow_tls"
}
}
## usage of explicit file function.
resource "aws_cloudfront_public_key" "documents-signing-key" {
name = "cf-public-key"
comment = "Public Key"
encoded_key = file("${path.module}/public-key-cf/${var.environment}.pub")
}
variable "environment" {
type = string
description = "(optional) Environment for the deployment"
default = "dev"
}
- The above code has generated the below plan, to verify how will it look like.
➜ stackoverflow tf plan <aws:sre>
Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the
following symbols:
create
Terraform will perform the following actions:
# aws_cloudfront_public_key.documents-signing-key will be created
resource "aws_cloudfront_public_key" "documents-signing-key" {
caller_reference = (known after apply)
comment = "Public Key"
encoded_key = <<-EOT
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAII3EZdb2OUzuMtgxCp5nyR3SmXs1Fml1Z6/kk1cyEuWf
EOT
etag = (known after apply)
id = (known after apply)
name = "cf-public-key"
name_prefix = (known after apply)
}
# aws_security_group.file_function_variable will be created
resource "aws_security_group" "file_function_variable" {
arn = (known after apply)
description = <<-EOT
Allow TLS inbound traffic with ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAII3EZdb2OUzuMtgxCp5nyR3SmXs1Fml1Z6/kk1cyEuWf
EOT
egress = (known after apply)
id = (known after apply)
ingress = (known after apply)
name = "allow_tls"
name_prefix = (known after apply)
owner_id = (known after apply)
revoke_rules_on_delete = false
tags = {
"Name" = "allow_tls"
}
tags_all = {
"Name" = "allow_tls"
}
vpc_id = (known after apply)
}
Conclusion:
As mentioned in another answer, it's better to use plugins/extensions while working with terraform. For VSCode there is an official HashiCorp.terraform plugin which supports syntax highlighting and much more.
CodePudding user response:
encoded_key = file("${path.module}/public-key-cf/"${var.environment}".pem)"
It seems to me that you made a syntactical mistake by placing the quotes in the wrong place, I think you meant to write:
encoded_key = file("${path.module}/public-key-cf/${var.environment}.pem")
If it's the same case in your code that's likely the reason behind that rather cryptic looking error message.
Consider installing a plugin for syntax checks if you haven't yet, it simplifies writing code in terraform (and in general too) by a lot.