{Terraform} Working with Multiple AWS accounts

Terraform

 

参考文献: Terraform Up & Running (Yevgeniy Brikman著)

 

cat <<-'EOF' > variables.tf

EOF


cat <<-'EOF' > main.tf


terraform {
  required_version = "= 1.6.0"
  required_providers {
    aws = {
      source  = "hashicorp/aws"
      version = "= 4.17.0"
    }
  }
}


provider "aws" {
  region = "ap-northeast-1"
  alias = "parent"
}

provider "aws" {
  region = "ap-northeast-1"
  alias = "child"
  
  assume_role {
    role_arn = "arn:aws:iam::888888888888:role/OrganizationAccountAccessRole"
  }
}


data "aws_caller_identity" "parent" {
  provider = aws.parent
}

data "aws_caller_identity" "child" {
  provider = aws.child
}

resource "aws_instance" "instance01" {
  ami = "ami-0404778e217f54308"
  instance_type = "t3.nano"

  provider = aws.parent
}

resource "aws_instance" "instance02" {
  ami = "ami-0404778e217f54308"
  instance_type = "t3.nano"

  provider = aws.child
}


EOF

 

 

cat <<-'EOF' > outputs.tf

output "parent_account_id" {
  value = data.aws_caller_identity.parent.account_id
  description = "parent_account_id"
}
output "child_account_id" {
  value = data.aws_caller_identity.child.account_id
  description = "child_account_id"
}

 

EOF

 

 

terraform init
terraform fmt
terraform -version

terraform apply -auto-approve

 

terraform destroy -auto-approve