具有可变对象的 Terraform 条件动态块

Question

我试图使用对象的变量列表来定义值的类型和默认值，并在动态块中使用它。我知道有一个实验性功能，但只是想知道如果没有实验性功能我将如何做到这一点？

\n

变量.rf

\n

variable "identity" {\n  type = list(object({\n    type = string\n    identity_ids = list(string)\n  }))\n  default = [\n    {\n      type = null\n      identity_ids = null\n    }\n  ]\n}\n

\n

主.tf

\n

resource "azurerm_cognitive_account" "azure" {\n  # Required\n  name                = var.name\n  location            = var.location\n  resource_group_name = var.resource_group_name\n  kind                = var.kind\n  sku_name            = var.sku_name\n\n  dynamic "identity" {\n    for_each = var.identity\n    content {\n      type         = identity.value.type\n      identity_ids = identity.value.identity_ids\n    }\n  }\n}\n

\n

作为模块使用

\n

module "cognitive_account" {\n  source                = "../modules/cognitive-account"\n  name                  = "name"\n  location              = "Australia East"\n  resource_group_name   = module.rg.name\n  kind                  = "TextAnalytics"\n  sku_name              = "S"\n  custom_subdomain_name = "unique-name"\n\n\n  identity = [{\n    type = "SystemAssigned"\n  }]\n}\n

\n

使用该代码给我一个错误：

\n

\xe2\x94\x82 Error: Invalid value for module argument\n\xe2\x94\x82\n\xe2\x94\x82   on main.tf line 66, in module "cognitive_account":\n\xe2\x94\x82   66:   identity = [{\n\xe2\x94\x82   67:     type = "SystemAssigned"\n\xe2\x94\x82   68:   }]\n\xe2\x94\x82\n\xe2\x94\x82 The given value is not suitable for child module variable "identity" defined at .terraform\\modules\\cognitive_account\\variables.tf:123,1-20: element 0:\n\xe2\x94\x82 attribute "identity_ids" is required.\n

\n

我不确定如何处理identity_ids对象块中的省略，我认为默认值null会处理它。

\n

Answer 1

@marcin，感谢您的提示，需要做更多的工作才能使其正常工作：

变量.tf

variable "identity" {
  type = any
  description = <<EOT
    type = Specifies the type of Managed Service Identity that should be configured on the Cognitive Account. Possible values are SystemAssigned, UserAssigned, SystemAssigned, UserAssigned (to enable both).
    identity_ids = A list of IDs for User Assigned Managed Identity resources to be assigned.
  EOT
  default = null
}

主.tf

resource "azurerm_cognitive_account" "azure" {
  # Required
  name                = var.name
  location            = var.location
  resource_group_name = var.resource_group_name
  kind                = var.kind
  sku_name            = var.sku_name

  dynamic "identity" {
    for_each = var.identity == null ? [] : [true]
    content {
      type         = lookup(var.identity, "type", null)
      identity_ids = lookup(var.identity, "identity_ids", null)
    }
  }
}

使用模块

module "cognitive_account" {
  source                = "../modules/cognitive-account"
  name                  = "name"
  location              = "Australia East"
  resource_group_name   = module.rg.name
  kind                  = "TextAnalytics"
  sku_name              = "S"
  custom_subdomain_name = "unique-name"

  identity = {
    type = "SystemAssigned"
  }
}

现在，当未提供时，标识块将被省略，并且可以使用标识变量中的每个对象，而无需指定所有值。