pdn*_*dna 3 dictionary terraform
我有一个具有许多值的映射变量(NACL规则).我正在尝试相应地添加规则
variable "rules" {
default = {
a = "200,false,tcp,allow,0.0.0.0/0,23,23"
b = "100,true,tcp,allow,0.0.0.0/0,1024,65535"
}
}
resource "aws_network_acl_rule" "bar" {
network_acl_id = "<id>"
rule_number = "${split(",",element(values(var.rules),count.index))[0]}"
egress = "${split(",",element(values(var.rules),count.index))[1]}"
protocol = "${split(",",element(values(var.rules),count.index))[2]}"
rule_action = "${split(",",element(values(var.rules),count.index))[3]}"
cidr_block = "${split(",",element(values(var.rules),count.index))[4]}"
from_port = "${split(",",element(values(var.rules),count.index))[5]}"
to_port = "${split(",",element(values(var.rules),count.index))[6]}"
count = "${length(values(var.rules))}"
}
错误:
expected "}" but found "["
由于不支持带有列表作为值的映射,因此我尝试拆分值并进行迭代
Ale*_*exT 13
另一种选择,更容易阅读,是lookup():
variable "rules" {
default = [
{
rule_number = 200
egress = false
protocol = "tcp"
rule_action = "allow"
cidr_block = "0.0.0.0/0"
from_port= 23
to_port = 23
},
{
rule_number = 100
egress = true
procotol = "tcp"
rule_action = "allow"
cidr_block = "0.0.0.0/0"
from_port = 1024
to_port = 65535
},
]
}
resource "aws_network_acl_rule" "bar" {
count = "${length(var.rules)}"
network_acl_id = "<id>"
rule_number = "${lookup(var.rules[count.index], "rule_number")}"
egress = "${lookup(var.rules[count.index], "egress")}"
protocol = "${lookup(var.rules[count.index], "protocol")}"
rule_action = "${lookup(var.rules[count.index], "rule_action")}"
cidr_block = "${lookup(var.rules[count.index], "cidr_block")}"
from_port = "${lookup(var.rules[count.index], "from_port")}"
to_port = "${lookup(var.rules[count.index], "to_port")}"
}
这是处理地图的更简单方法 rules
variable "rules" {
default = {
"0" = "200,false,tcp,allow,0.0.0.0/0,23,23"
"1" = "100,true,tcp,allow,0.0.0.0/0,1024,65535"
}
}
resource "aws_vpc" "main" {
cidr_block = "10.0.0.0/16"
}
resource "aws_network_acl" "bar" {
vpc_id = "${aws_vpc.main.id}"
}
resource "aws_network_acl_rule" "bar" {
count = "${length(var.rules)}"
network_acl_id = "${aws_network_acl.bar.id}"
rule_number = "${element(split(",",var.rules[count.index]),0)}"
egress = "${element(split(",",var.rules[count.index]),1)}"
protocol = "${element(split(",",var.rules[count.index]),2)}"
rule_action = "${element(split(",",var.rules[count.index]),3)}"
cidr_block = "${element(split(",",var.rules[count.index]),4)}"
from_port = "${element(split(",",var.rules[count.index]),5)}"
to_port = "${element(split(",",var.rules[count.index]),6)}"
}
如果您坚持使用旧地图,键为“ a,b,...”,则需要将资源调整为
variable "rules" {
default = {
"a" = "200,false,tcp,allow,0.0.0.0/0,23,23"
"b" = "100,true,tcp,allow,0.0.0.0/0,1024,65535"
}
}
resource "aws_network_acl_rule" "bar" {
count = "${length(var.rules)}"
network_acl_id = "${aws_network_acl.bar.id}"
rule_number = "${element(split(",",element(values(var.rules),count.index)),0)}"
egress = "${element(split(",",element(values(var.rules),count.index)),1)}"
protocol = "${element(split(",",element(values(var.rules),count.index)),2)}"
rule_action = "${element(split(",",element(values(var.rules),count.index)),3)}"
cidr_block = "${element(split(",",element(values(var.rules),count.index)),4)}"
from_port = "${element(split(",",element(values(var.rules),count.index)),5)}"
to_port = "${element(split(",",element(values(var.rules),count.index)),6)}"
}
| 归档时间: |
|
| 查看次数: |
6217 次 |
| 最近记录: |