【以下的问题经过翻译处理】 我正在努力通过加入域的ASG(AWS 安全组)部署EC2实例。
每次我都会遇到以下错误
New-SSMAssociation:Document schema version, 2.2, is not supported by association that is created with instance id
我尝试了详细介绍这里的各种模式版本,但是都出现了相同的错误
SSMdoc.tf
resource "aws_ssm_document" "ad-join-domain" {
name = "ad-join-domain"
document_type = "Command"
content = jsonencode(
{
"schemaVersion" = "2.2"
"description" = "aws:domainJoin"
"parameters" : {
"directoryId" : {
"description" : "(Required) The ID of the directory.",
"type" : "String"
},
"directoryName" : {
"description" : "(Required) The name of the domain.",
"type" : "String"
},
"dnsIpAddresses" : {
"description" : "(Required) The IP addresses of the DNS servers for your directory.",
"type" : "StringList"
},
},
"mainSteps" = [
{
"action" = "aws:domainJoin",
"name" = "domainJoin",
"inputs" = {
"directoryId" : data.aws_directory_service_directory.adgems.id,
"directoryName" : data.aws_directory_service_directory.adgems.name,
"dnsIpAddresses" : [data.aws_directory_service_directory.adgems.dns_ip_addresses]
}
}
]
}
)
}
template.tf
data "template_file" "ad-join-template" {
template = <<EOF
<powershell>
Set-DefaultAWSRegion -Region eu-west-2
Set-Variable -name instance_id -value (Invoke-Restmethod -uri http://169.254.169.254/latest/meta-data/instance-id)
New-SSMAssociation -InstanceId $instance_id -Name "${aws_ssm_document.ad-join-domain.name}"
</powershell