在资源级别使用 for / for_each 迭代嵌套数据

Question

我正在尝试解决如何使用 Terraform 0.12.10 从以下 tfvars 文件中给出的复杂对象中迭代嵌套变量：

例子.tfvars

virtual_network_data = {
  1 = {
    product_instance_id              = 1
    location                         = "somewhere"
    address_space                    = ["192.168.0.0/23"]
    dns_servers                      = []
    custom_tags                      = {"test":"test value"}
    subnets                          = [
      {
        purpose = "mgmt"
        newbits = 4
        item = 0
      },
      {
        purpose = "transit"
        newbits = 4
        item = 1
      }
    ]
  }
}

例子.tf

variable "virtual_network_data" {} #Data comes from example.tfvars

variable "resource_group_name" {
    default = "my_resource_group"
}

variable "virtual_network_name" {
    default = "my_virtual_network"
}

####

resource "azurerm_subnet" "pool" {
    for_each             = var.virtual_network_data

    name                 = format("%s%s%02d", "subnet_", s.purpose, s.item)
    resource_group_name  = var.resource_group_name
    virtual_network_name = var.virtual_network_name
    address_prefix       = cidrsubnet(each.value["address_space"], s.newbits, s.item)

}

在example.tfI 中，我可以使用each.value["address_space"]来获取顶级变量，但我无法弄清楚如何获取subnets( s.purpose, s.item& s.newbits) 中的项目。

我使用了动态块，作为父资源（如下）的一部分，它可以工作，但在这种情况下，我需要将子网移动到它自己的资源中。简单地说，我如何让第一个在动态块中for_each表现得像第二个一样for_each？

resource "azurerm_virtual_network" "pool" {
  for_each                  = var.virtual_network_data

  name                      = format("%s%02d", local.resource_name, each.key)
  resource_group_name       = var.resource_group_name
  location                  = each.value["location"]
  address_space             = each.value["address_space"]
  dns_servers               = each.value["dns_servers"]
  tags                      = merge(local.tags, each.value["custom_tags"])

  dynamic "subnet" {
    for_each = [for s in each.value["subnets"]: {
      name   = format("%s%s%02d", "subnet_", s.purpose, s.item)
      prefix = cidrsubnet(element(each.value["address_space"],0), s.newbits, s.item)
    }]

    content {
      name            = subnet.value.name
      address_prefix  = subnet.value.prefix
    }
  }
}

厚颜无耻的奖金，有没有办法s.item用像each.key或这样的东西代替count.index？

TIA

Answer 1

这种情况下的技术是使用其他 Terraform 语言功能将您的集合转换为适合for_each参数的形状：每个资源实例一个元素。

对于嵌套数据结构，您可以flatten与两个或多个for表达式结合使用以生成每个嵌套对象一个元素的平面数据结构：

locals {
  network_subnets = flatten([
    for network_key, network in var.virtual_network_data : [
      for subnet in network.subnets : {
        network_key       = network_key
        purpose           = subnet.purpose
        parent_cidr_block = network.address_space[0]
        newbits           = subnet.newbits
        item              = subnet.item
      }
    ]
  ])
}

然后你可以使用local.network_subnets作为重复的基础：

resource "azurerm_subnet" "pool" {
    # Each instance must have a unique key, so we'll construct one
    # by combining the network key, the subnet "purpose", and the "item".
    for_each = {
      for ns in local.network_subnets : "${ns.network_key}.${ns.purpose}${ns.item}" => ns
    }

    name                 = format("%s%s%02d", "subnet_", each.value.purpose, each.value.item)
    resource_group_name  = var.resource_group_name
    virtual_network_name = var.virtual_network_name
    address_prefix       = cidrsubnet(each.value.parent_cidr_block, each.value.newbits, each.value.item)
}

还有一个类似的例子中的flatten文件，一些附加的上下文。