如何在 terraform 中運行 forloop inside 字符串模板?
[英]How do I run a forloop inside string template in terraform?
問題描述
我的資源如下所示,如何為下面的用例運行 forloop,我手動放置aws_account_ids變量的每個索引。
resource "aws_ecr_repository_policy" "ecr_image_pull_access" {
repository = aws_ecr_repository.ecr_repo.name
policy = <<EOF
{
"Version": "2008-10-17",
"Statement": [
{
"Sid": "AllowPull",
"Effect": "Allow",
"Principal": {
"AWS": [
"arn:aws:iam::${var.aws_account_ids[0]}:root",
"arn:aws:iam::${var.aws_account_ids[1]}:root",
"arn:aws:iam::${var.aws_account_ids[2]}:root"
]
},
"Action": [
"ecr:BatchCheckLayerAvailability",
"ecr:BatchGetImage",
"ecr:GetDownloadUrlForLayer"
]
}
]
}
EOF
}
| var.aws_account_ids is list of string with 3 element
│
│ Cannot include the given value in a string template: string required.
1 個解決方案
解決方案1
3 已采納 2022-11-22 23:14:15
通常的方法是將所有內容包裝在jsonencode中並使用正則 TF 表達式,而不是 json 字符串:
resource "aws_ecr_repository_policy" "ecr_image_pull_access" {
repository = aws_ecr_repository.ecr_repo.name
policy = jsonencode({
Version = "2008-10-17"
Statement = [{
Sid = "AllowPull",
Effect = "Allow"
Principal = {
AWS = [for acc_id in var.aws_account_ids: "arn:aws:iam::${acc_id}:root"]
},
Action = [
"ecr:BatchCheckLayerAvailability",
"ecr:BatchGetImage",
"ecr:GetDownloadUrlForLayer"
]
}]
}
)
}
如何配置 Terraform 以在不銷毀和重新創建的情況下更新 GCP 計算引擎實例模板?
[英]How can I configure Terraform to update a GCP compute engine instance template without destroying and re-creating?
如何使用 Terraform 將 EC2 實例啟動到現有 VPC 中?
[英]How do I launch an EC2 instance into an existing VPC using Terraform?
如何將各種密鑰名稱關聯到 terraform 中的 ec2 實例?
[英]How do I associate various key names to an ec2 instance in terraform?
如何設置Terraform中elasticsearch索引的總字段數限制?
[英]How do I set the total field limit of an elastic search index in Terraform?
如何將生命周期規則應用於 Terraform 中的現有 s3 存儲桶?
[英]How do I apply a lifecycle rule to an EXISTING s3 bucket in Terraform?
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.
相關問題
如何在 VSCode 中更改 Terraform 版本?
如何為 Terraform 配置 AWS MFA?
如何強制 terraform 重新創建資源?
如何在 terraform 中將 rds 與彈性 beantalk 連接
如何配置 Terraform 以在不銷毀和重新創建的情況下更新 GCP 計算引擎實例模板?
如何使用 Terraform 將 EC2 實例啟動到現有 VPC 中?
如何將各種密鑰名稱關聯到 terraform 中的 ec2 實例?
這個 terraform 模板有什么問題?
如何設置Terraform中elasticsearch索引的總字段數限制?
如何將生命周期規則應用於 Terraform 中的現有 s3 存儲桶?
相關標簽