[英]Terraform - Dynamic variables arguments
我覺得我已經嘗試了很多不同的方法,但在我如何調用這些變量方面我可能有點偏離。 我有以下代碼:
config_rule_params = {
"access_keys_rotated" = {
"input_parameters" = "{\"maxAccessKeyAge\": \"90\"}",
"maximum_execution_frequency" = "TwentyFour_Hours",
"source" = {
"owner" = "AWS",
"source_identifier" = "ACCESS_KEYS_ROTATED"
}
},
"acm_certificate_expiration_check" = {
"input_parameters" = "{\"daysToExpiration\": \"30\"}",
"maximum_execution_frequency" = "TwentyFour_Hours",
"source" = {
"owner" = "AWS",
"source_identifier" = "ACM_CERTIFICATE_EXPIRATION_CHECK"
},
"scope" = {
"compliance_resource_types" = "AWS::ACM::Certificate"
}
}
}
}
resource "aws_config_config_rule" "parameterised_config_rules" {
for_each = local.config_rule_params
name = each.key
input_parameters = each.value.input_parameters
maximum_execution_frequency = each.value.maximum_execution_frequency
dynamic "source" {
for_each = local.config_rule_params[*].source[*]
content {
owner = each.value.owner
source_identifier = each.source_identifier
}
}
dynamic "scope" {
for_each = local.config_rule_params[*].scope[*]
content {
compliance_resource_types = each.value.compliance_resource_types
}
}
}
最終,我將在config_rule_params下添加大量規則,但並非所有規則都有source 、 scope甚至其他參數。 創建資源時如何正確調用這些變量? 當前收到以下錯誤:
Error: Unsupported attribute
on .terraform/modules/baselines_config_rules_module/modules/baseline-config-rules/main.tf line 53, in resource "aws_config_config_rule" "parameterised_config_rules":
53: for_each = local.config_rule_params[*].source[*]
This object does not have an attribute named "source".
Error: Unsupported attribute
on .terraform/modules/baselines_config_rules_module/modules/baseline-config-rules/main.tf line 61, in resource "aws_config_config_rule" "parameterised_config_rules":
61: for_each = local.config_rule_params[*].scope[*]
This object does not have an attribute named "scope".
ERROR: Job failed: exit code 1
當您在動態塊中使用for_each時,默認情況下,迭代器被引用為使用塊的 label ( source和scope ),而不是each :
迭代器參數(可選)設置表示復數值的當前元素的臨時變量的名稱。 如果省略,則變量的名稱默認為動態塊的 label (上例中的“設置”)。
在您的示例中,它將是source和scope :
dynamic "source" {
for_each = local.config_rule_params[*].source[*]
content {
owner = source.value.owner
source_identifier = source.source_identifier
}
}
dynamic "scope" {
for_each = local.config_rule_params[*].scope[*]
content {
compliance_resource_types = scope.value.compliance_resource_types
}
}
您正確地使用[*]運算符作為一種簡潔的方式來調整可能是 null 或不包含零或一個元素的列表,但這里有兩件事需要更改:
dynamic塊的迭代器符號是您正在生成的塊的名稱。 each是頂級資源本身的迭代器符號,即使在dynamic塊內也是如此。each.value作為dynamic塊中for_each表達式的一部分,以引用local.config_rule_params的當前元素。把它們放在一起,我們得到這樣的東西:
resource "aws_config_config_rule" "parameterised_config_rules" {
for_each = local.config_rule_params
name = each.key
input_parameters = each.value.input_parameters
maximum_execution_frequency = each.value.maximum_execution_frequency
dynamic "source" {
for_each = each.value.source[*]
content {
owner = source.value.owner
source_identifier = source.value.source_identifier
}
}
dynamic "scope" {
for_each = each.value.scope[*]
content {
compliance_resource_types = scope.value.compliance_resource_types
}
}
}
請注意,在dynamic "source"塊中,當前元素是source.value ,而在dynamic "scope"塊中,當前元素是scope.value 。 因此,在這些dynamic塊中使用each.value也是有效的,因此您可以在構建這些嵌套塊時同時引用兩個重復級別。
使用 shell 腳本在 json 中傳遞動態 terraform 變量
[英]Passing dynamic terraform variables in json using shell script
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.