Terraform for_each 变量以创建多个 AWS 侦听器规则并设置唯一的 target_group_arn
[英]Terraform for_each variable to create multiple AWS listener rules and set a unique target_group_arn
问题描述
I'm trying to work out an aws container setup with terraform that routes traffic from my ALB to target groups based on specific ports using terraforms for_each option.
我正在尝试使用 terraform 制定一个 aws 容器设置,该设置使用 terraforms for_each 选项将流量从我的 ALB 路由到基于特定端口的目标组。 I have a for_each setup that's creating the listener rules I'd expect based on my variable我有一个 for_each 设置,它根据我的变量创建了我期望的侦听器规则
variable "tenant_data" {
type = "map"
default = {
tenant1 = {
port = 32768
listener_priority = 986
tenantName = "tenant1"
}
tenant2 = {
port = 32769
listener_priority = 987
tenantName = "tenant2"
}
tenant3 = {
port = 32770
listener_priority = 988
tenantName = "tenant3"
}
}
}
I'm not sure if it's possible to get the for_each resource to use a unique target_group_arn in the listener rule that would be created by a similar for_each setup of the target group I'm using.我不确定是否有可能让 for_each 资源在侦听器规则中使用唯一的target_group_arn ,该规则将由我正在使用的目标组的类似 for_each 设置创建。 I'm also not sure if this is the best way to go about accomplishing this goal.我也不确定这是否是实现这一目标的最佳方式。 I could create each resource but in the end I'll be looking at about 30 separate listeners and target groups so I'm seeing if I can figure out a way to make use of a single variable that handles the resource creation.我可以创建每个资源,但最后我将查看大约 30 个独立的侦听器和目标组,因此我想看看是否可以找到一种方法来利用处理资源创建的单个变量。
resource "aws_alb_listener_rule" "java_dev" {
for_each = var.tenant_data
listener_arn = data.terraform_remote_state.alb.outputs.alb_https_listener_arn
priority = each.value.listener_priority
action {
type = "forward"
target_group_arn = each.value.target_group_arn - what I'm trying to set
}
condition {
field = "host-header"
values = ["${each.value.tenantName}.my-site.com"]
}
condition {
field = "path-pattern"
values = ["/some-value/*"]
}
}
Initially I was thinking I could try and use output values from the target group and add them into my variables but that doesn't seem possible.最初我想我可以尝试使用目标组的输出值并将它们添加到我的变量中,但这似乎不可能。 Aside from that I'm still trying to think of a way this could work.除此之外,我仍在尝试想出一种可行的方法。
I've spent half the day looking at work arounds but haven't found anything useful.我花了半天时间寻找解决方法,但没有发现任何有用的东西。 If anyone has any resources or ideas, they would be very helpful.如果有人有任何资源或想法,他们将非常有帮助。
Edit: without the for_each each listener and target would look like this编辑:没有 for_each 每个侦听器和目标看起来像这样
resource "aws_alb_listener_rule" "alpha3" {
listener_arn = listener_arn
priority = 987
action {
type = "forward"
target_group_arn = aws_alb_target_group.group.arn
}
condition {
field = "host-header"
values = ["one.my-site.com"]
}
condition {
field = "path-pattern"
values = ["/path/*"]
}
}
# Target Group
resource "aws_alb_target_group" "group" {
name = "ct-tgt-grp"
port = 32769
protocol = "HTTP"
vpc_id = vpc_id
target_type = "instance"
health_check {
interval = 30
port = 5000
protocol = "HTTP"
timeout = 10
healthy_threshold = 3
unhealthy_threshold = 5
path = "/health"
matcher = 200
}
}
1 个解决方案
解决方案1
4 已采纳 2020-01-08 23:33:00
What I understood from the question is that there should be one target group and one listener rule per element of var.tenant_data , and that each listener rule should refer to the corresponding target group.我从问题中了解到, var.tenant_data每个元素应该有一个目标组和一个侦听器规则,并且每个侦听器规则都应引用相应的目标组。
By using for_each with both of these resources, they will both end up with instances identified by the same keys, and so you can make cross-references using each.key , like this:通过将for_each与这两种资源一起使用,它们最终都会得到由相同键标识的实例,因此您可以使用each.key进行交叉引用,如下所示:
variable "tenant_data" {
type = map(object({
port = number
listener_priority = number
}))
}
resource "aws_alb_target_group" "tenant" {
for_each = var.tenant_data
name = "ct-${each.key}"
port = each.value.port
protocol = "HTTP"
vpc_id = var.vpc_id
target_type = "instance"
health_check {
interval = 30
port = 5000
protocol = "HTTP"
timeout = 10
healthy_threshold = 3
unhealthy_threshold = 5
path = "/health"
matcher = 200
}
}
resource "aws_alb_listener_rule" "tenant" {
for_each = var.tenant_data
listener_arn = var.listener_arn
priority = each.value.listener_priority
action {
type = "forward"
target_group_arn = aws_alb_target_group.tenant[each.key].arn
}
condition {
field = "host-header"
values = ["one.my-site.com"]
}
condition {
field = "path-pattern"
values = ["/path/*"]
}
}
The key part of the above is here, for emphasis:上面的关键部分在这里,为了强调:
target_group_arn = aws_alb_target_group.tenant[each.key].arn
Because both of these resource blocks have the same for_each , we can use each.key to cross-reference, looking up the single target group corresponding to each listener rule.由于这两个资源块都有相同的for_each ,我们可以使用each.key进行交叉引用,查找每个侦听器规则对应的单个目标组。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.