我使用for_each循环创建了多个子网和多个 VPC 终端节点,如下所示:
### VARIABLES ###
variable "private_cidr_mask" {
default = {
"us-west-1a" = "10.0.1.0/24"
"us-west-1b" = "10.0.2.0/24"
}
}
variable "vpc_endpoints" {
default = [
"com.amazonaws.us-west-1.ecs-agent",
"com.amazonaws.us-west-1.ecs-telemetry",
"com.amazonaws.us-west-1.ecs"
]
}
### RESOURCES ###
resource "aws_subnet" "private_subnet" {
for_each = var.private_cidr_mask
vpc_id = aws_vpc.vpc.id
availability_zone = each.key
cidr_block = each.value
}
resource "aws_vpc_endpoint" "vpc_endpoint" {
for_each = toset(var.vpc_endpoints)
vpc_id = aws_vpc.vpc.id
vpc_endpoint_type = "Interface"
service_name = each.value
security_group_ids = [ aws_security_group.security_group.id ]
private_dns_enabled = true
}
现在,我必须使用以下命令将每个 VPC 终端节点分配给每个私有子网aws_vpc_endpoint_subnet_association:
resource "aws_vpc_endpoint_subnet_association" "vpc_endpoint_subnet_association" {
vpc_endpoint_id = <every endpoint>
subnet_id = <every subnet>
}
我如何在 Terraform 中实现这一目标?我尝试过嵌套的 for_each 循环但没有成功。
事实证明,它aws_vpc_endpoint接受一个列表subnet_ids,而我只是在文档中错过了它,所以我所要做的就是:
resource "aws_vpc_endpoint" "vpc_endpoint" {
for_each = toset(var.vpc_endpoints)
vpc_id = aws_vpc.vpc.id
vpc_endpoint_type = "Interface"
service_name = each.value
security_group_ids = [ aws_security_group.security_group.id ]
subnet_ids = [ for subnet in aws_subnet.private_subnet: subnet.id ]
private_dns_enabled = true
}
| 归档时间: |
|
| 查看次数: |
21718 次 |
| 最近记录: |