我在variables.tf 文件中有以下变量:
variable tenants {
description = "Map of project names to configuration."
type = list(object({
name = string
dname = string
desc = string
site = list(string)
}))
default = [{
name = "Tenant-1",
dname = "Tenant-1",
desc = "Test Tenant 1",
site = ["site1", "site2"]
},
{
name = "Tenant-2",
dname = "Tenant-2",
desc = "Test Tenant 2",
site = ["site1"]
}]
}
在我的 main.tf 文件中,我想循环遍历这个列表。我在 main.tf 文件中有以下代码:
resource "mso_tenant" "restenant" {
for_each = {for i, v in var.tenants: i => v}
name = each.value.name
display_name = each.value.dname
description = each.value.desc
site_associations {
site_id = each.value.site
}
}
因此最终结果应该是使用变量文件中指定的属性创建 2 个租户。因此,一旦创建,tenant1 将有 2 个 site_associations,tenant2 将有 1 个关联。
结果应该是:
name = "Tenant-1"
display_name = "Tenant-1"
description = "Test Tenant 1"
site_associations {
site_id = site1
site_id = site2
}
和
name = "Tenant-2"
display_name = "Tenant-2"
description = "Test Tenant 2"
site_associations {
site_id = site1
}
我尝试了以下方法:
resource "mso_tenant" "restenant" {
for_each = {for i, v in var.tenants: i => v}
name = each.value.name
display_name = each.value.dname
description = each.value.desc
site_associations {
site_id = each.value.site
}
}
这适用于
namednamedesceach.value.site 是包含 1 个元素的字符串列表 不适当的值 对于属性“site_id”:需要字符串。
尝试解决如下:
resource "mso_tenant" "restenant" {
for_each = {for i, v in var.tenants: i => v}
name = each.value.name
display_name = each.value.dname
description = each.value.desc
site_associations {
site_id = [for site in each.value.site: site]
}
}
但这也给出了:
each.value.site 是包含 2 个元素的字符串列表 属性“site_id”的值不合适:需要字符串。
您正在寻找的是动态块:https://developer.hashicorp.com/terraform/language/expressions/dynamic-blocks
原文:
site_associations {
site_id = each.value.site
}
动态:
dynamic "site_associations"{
for_each = each.value.site
content {
site_id = site_associations.value
}
}
dynamicfor_eacheach.value.site注意:动态块内的值是使用块名称引用的
site_associations.value整个main.tf:
variable tenants {
description = "Map of project names to configuration."
type = list(object({
name = string
dname = string
desc = string
site = list(string)
}))
default = [{
name = "Tenant-1",
dname = "Tenant-1",
desc = "Test Tenant 1",
site = ["site1", "site2"]
},
{
name = "Tenant-2",
dname = "Tenant-2",
desc = "Test Tenant 2",
site = ["site1"]
}]
}
resource "mso_tenant" "restenant" {
for_each = {for i, v in var.tenants: i => v}
name = each.value.name
display_name = each.value.dname
description = each.value.desc
dynamic "site_associations"{
for_each = each.value.site
content {
site_id = site_associations.value
}
}
}
计划输出:
# mso_tenant.restenant["0"] will be created
+ resource "mso_tenant" "restenant" {
+ description = "Test Tenant 1"
+ display_name = "Tenant-1"
+ id = (known after apply)
+ name = "Tenant-1"
+ site_associations {
+ aws_access_key_id = (known after apply)
+ aws_account_id = (known after apply)
+ aws_secret_key = (known after apply)
+ azure_access_type = (known after apply)
+ azure_active_directory_id = (known after apply)
+ azure_application_id = (known after apply)
+ azure_client_secret = (known after apply)
+ azure_subscription_id = (known after apply)
+ is_aws_account_trusted = (known after apply)
+ site_id = "site1"
+ vendor = (known after apply)
}
+ site_associations {
+ aws_access_key_id = (known after apply)
+ aws_account_id = (known after apply)
+ aws_secret_key = (known after apply)
+ azure_access_type = (known after apply)
+ azure_active_directory_id = (known after apply)
+ azure_application_id = (known after apply)
+ azure_client_secret = (known after apply)
+ azure_subscription_id = (known after apply)
+ is_aws_account_trusted = (known after apply)
+ site_id = "site2"
+ vendor = (known after apply)
}
+ user_associations {
+ user_id = (known after apply)
}
}
# mso_tenant.restenant["1"] will be created
+ resource "mso_tenant" "restenant" {
+ description = "Test Tenant 2"
+ display_name = "Tenant-2"
+ id = (known after apply)
+ name = "Tenant-2"
+ site_associations {
+ aws_access_key_id = (known after apply)
+ aws_account_id = (known after apply)
+ aws_secret_key = (known after apply)
+ azure_access_type = (known after apply)
+ azure_active_directory_id = (known after apply)
+ azure_application_id = (known after apply)
+ azure_client_secret = (known after apply)
+ azure_subscription_id = (known after apply)
+ is_aws_account_trusted = (known after apply)
+ site_id = "site1"
+ vendor = (known after apply)
}
+ user_associations {
+ user_id = (known after apply)
}
}
Plan: 2 to add, 0 to change, 0 to destroy.