我正在尝试在 terraform 中使用嵌套循环。我有两个列表变量list_of_allowed_accountsand list_of_images,并希望遍历 list list_of_images,然后遍历 list list_of_allowed_accounts。
这是我的 terraform 代码。
variable "list_of_allowed_accounts" {
type = "list"
default = ["111111111", "2222222"]
}
variable "list_of_images" {
type = "list"
default = ["alpine", "java", "jenkins"]
}
data "template_file" "ecr_policy_allowed_accounts" {
template = "${file("${path.module}/ecr_policy.tpl")}"
vars {
count = "${length(var.list_of_allowed_accounts)}"
account_id = "${element(var.list_of_allowed_accounts, count.index)}"
}
}
resource "aws_ecr_repository_policy" "repo_policy_allowed_accounts" {
count = "${length(var.list_of_images)}"
repository = "${element(aws_ecr_repository.images.*.id, count.index)}"
count = "${length(var.list_of_allowed_accounts)}"
policy = "${data.template_file.ecr_policy_allowed_accounts.rendered}"
}
这相当于我正在尝试做的 bash。
for image in …我正在尝试使用由中间 CA 签名的 SSL 证书(用于服务器和客户端)配置双向 SSL。这是我在本教程之后所做的。
服务器 - nginx 应用程序
Nginx 配置了 SSL 证书(由中间 CA 签名)。
server {
listen 443;
server_name app-ca.test.com;
ssl on;
ssl_certificate /root/ca/intermediate/certs/app-plus-intermediate.pem;
ssl_certificate_key /root/ca/intermediate/private/app-ca-interm-ca.test.com.key.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
# I have also tried adding the Intermediate CA cert in vain
# ssl_client_certificate /root/client_rootca_intermediate.crt;
ssl_client_certificate /root/client_rootca.crt;
ssl_verify_client on;
location / {
root /usr/share/nginx/massl;
index index.html index.htm;
}
}
客户端 - curl 或 OpenSSL s_client
我有一个由其他一些中间 CA 签名的客户端证书,但失败了 400 The SSL certificate …