[英]How to get resource id of terraform resource inside of a for_each loop
我想使用 terraform 創建天藍色防火牆網絡規則。
我必須在我的規則集合中使用很多源 ip,所以我創建了一個 ip 組(“ipg_onpremise”)。 現在我需要從我的規則集合中引用 ip 組。 不幸的是,我不能為此使用名稱(“ipg_onpremise”),而是使用資源 ID(“/subscriptions/xx-xx-xx/resourceGroups/rg-shared/providers/Microsoft.Network/ipGroups/ipg_onpremise”)。
這是我的代碼:
# firewall.tf
resource "azurerm_firewall_network_rule_collection" "nrc_fw_shared_onprem_hub" {
name = "onprem-hub"
azure_firewall_name = azurerm_firewall.fw_shared.name
resource_group_name = azurerm_resource_group.rg_shared.name
priority = var.nrc_fw_shared_onprem_hub_rule_priority
action = var.nrc_fw_shared_onprem_hub_rule_action
dynamic "rule" {
for_each = var.nrc_fw_shared_onprem_hub_rules
content {
name = rule.value.name
description = lookup(rule.value, "description", null)
source_addresses = lookup(rule.value, "source_addresses", null)
source_ip_groups = lookup(rule.value, "source_ip_groups" , null)
destination_addresses = lookup(rule.value, "destination_addresses", null)
destination_ip_groups = lookup(rule.value, "destination_ip_groups", null)
destination_ports = lookup(rule.value, "destination_ports", null)
protocols = lookup(rule.value, "protocols", null)
}
}
}
resource "azurerm_ip_group" "ipg_onpremise" {
name = "ipg-onpremise"
location = azurerm_resource_group.rg_shared.location
resource_group_name = azurerm_resource_group.rg_shared.name
cidrs = var.ipg_onpremise_cidrs
}
# terraform.tfvars
nrc_fw_shared_onprem_hub_rules = [
{
name = "onprem->hub"
source_addresses = []
destination_addresses = ["10.0.0.0/16"]
destination_ports = ["*"]
protocols = ["Any"]
source_ip_groups = ["ipg_onpremise"]
destination_ip_groups = []
},
]
運行 terraform 時,出現以下錯誤:
azurerm_firewall_network_rule_collection.nrc_fw_shared_onprem_hub: Creating...
╷
│ Error: creating/updating Network Rule Collection "onprem-hub" in Firewall "fw_shared" (Resource Group "rg-shared"): network.AzureFirewallsClient#CreateOrUpdate: Failure sending request: StatusCode=400 -- Original Error: Code="AzureIpGroupsInvalidResourceId" Message="The resourceId ipg_onpremise is an invalid resourceId of an IpGroup." Details=[]
│
│ with azurerm_firewall_network_rule_collection.nrc_fw_shared_onprem_hub,
│ on firewall.tf line 34, in resource "azurerm_firewall_network_rule_collection" "nrc_fw_shared_onprem_hub":
│ 34: resource "azurerm_firewall_network_rule_collection" "nrc_fw_shared_onprem_hub" {
│
我已經搜索了有關如何使 id 內聯的想法,但找不到任何內容。 有人可以幫我推動正確的方向嗎?
ID 是azurerm_ip_group的一部分。 所以你必須重構你的很多代碼:
resource "azurerm_ip_group" "ipg_onpremise" {
for_each = {for idx, val in var.nrc_fw_shared_onprem_hub_rules: idx => val}
name = each.value.name
location = azurerm_resource_group.rg_shared.location
resource_group_name = azurerm_resource_group.rg_shared.name
cidrs = var.ipg_onpremise_cidrs
}
resource "azurerm_firewall_network_rule_collection" "nrc_fw_shared_onprem_hub" {
name = "onprem-hub"
azure_firewall_name = azurerm_firewall.fw_shared.name
resource_group_name = azurerm_resource_group.rg_shared.name
priority = var.nrc_fw_shared_onprem_hub_rule_priority
action = var.nrc_fw_shared_onprem_hub_rule_action
dynamic "rule" {
for_each = var.nrc_fw_shared_onprem_hub_rules
content {
name = rule.value.name
description = lookup(rule.value, "description", null)
source_addresses = lookup(rule.value, "source_addresses", null)
source_ip_groups = azurerm_ip_group.ipg_onpremise[rule.value.name].id
destination_addresses = lookup(rule.value, "destination_addresses", null)
destination_ip_groups = lookup(rule.value, "destination_ip_groups", null)
destination_ports = lookup(rule.value, "destination_ports", null)
protocols = lookup(rule.value, "protocols", null)
}
}
}
如何使用 Terraform for_each 資源塊和計數資源塊
[英]How to use Terraform for_each resource block and count resource block
如何在 Terraform 的 for_each 循環內訪問 map 中的序列
[英]How to access a sequence in a map inside a for_each loop in Terraform
如何將數據源中for_each循環的key傳遞給資源配置?
[英]How to pass key of for_each loop in a data source to the resource configuration?
如何將terraform中兩個for_each循環的輸出作為輸入傳遞給其他tf資源
[英]How to pass output of two for_each loops in terraform as an input to other tf resource
在模塊中使用 for_each 引用屬性並在資源中計數
[英]Referencing properties with for_each in modules and count in the resource
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.