我的模块目录下有一个
outputs.tfMain.tfMain.tfoutputs.tf Terraform v0.11.14
+ provider.aws v2.19.0
但是,如果我不使用模块并严格从
Main.tfmodule "identity-provider" {
source = "./modules/identity-provider"
}
module "saml-role1" {
source = "./modules/saml-roles/"
}
================
resource "aws_iam_role" "role1" {
name = "saml-role1"
description = "Blah Blah"
path = "/"
assume_role_policy = "${data.aws_iam_policy_document.assume_role.json}"
permissions_boundary = ""
max_session_duration = 43200
resource "aws_iam_role_policy_attachment" "Read-Only" {
role = "${aws_iam_role.role1.name}"
policy_arn = "arn:aws:iam::aws:policy/ReadOnlyAccess"
}
==================
output "Role1-ARN" {
value = "${module.saml-role1.arn}"
}
Terraform 仅捕获并显示根模块的输出。 如果您需要将输出从模块传递到根模块,则必须显式执行此操作(例如,您无权访问根模块创建的所有资源,只能访问指定为输出的值)。 如果您在模块文件中包含如下输出:
resource "aws_iam_role" "role1" {
name = "saml-role1"
description = "Blah Blah"
path = "/"
assume_role_policy = "${data.aws_iam_policy_document.assume_role.json}"
permissions_boundary = ""
max_session_duration = 43200
resource "aws_iam_role_policy_attachment" "Read-Only" {
role = "${aws_iam_role.role1.name}"
policy_arn = "arn:aws:iam::aws:policy/ReadOnlyAccess"
}
output "saml-role1-arn" {
value = "aws_iam_role.role1.arn"
}
然后从根模块中您可以访问输出:
module "saml-role1" {
source = "./modules/saml-roles/"
}
output "saml-role1-arn" {
value = "${module.saml-role1.saml-role1-arn}"
}
当您在模块中保留“count”变量时,则需要在outputs.tf文件中使用*。
示例:
output "Role1-ARN" {
value = "${module.saml-role1.*.Role1-ARN}"
}
您还需要另一个 output.tf 文件以及 main.tf 文件来捕获模块的输出。
以下是output.tf文件的内容。
output "Role1-ARN" {
value = "${module.saml-role1.Role1-ARN}"
}