Wil*_*ill 2 list object flatten kubernetes terraform
我尝试解析以下变量:
变量.tf
variable "rbac_roles" {
type = object(
{
view = list(object({
group_name = string,
group_id = string,
namespaces = list(string)
})),
edit = list(object({
group_name = string,
group_id = string,
namespaces = list(string)
})),
admin = list(object({
group_name = string,
group_id = string,
namespaces = list(string)
}))
}
)
}
变量.tfvars
rbac_roles = {
view = [
{
group_name = "group1",
group_id = "123",
namespaces = ["default", "namespace1"]
},
{
group_name = "group2",
group_id = "456",
namespaces = ["namespace2"]
}
],
edit = [
{
group_name = "group1",
group_id = "123",
namespaces = ["namespace2"]
}
],
admin = [
{
group_name = "group3",
group_id = "789",
namespaces = ["default, namespace1, namespace2"]
},
]
}
我尝试创建以下资源:
resource "kubernetes_role_binding" "view_cluster_role_binding" {
metadata {
name = ${group}-${namespace}-viewer-binding
namespace = ${namespace}
}
role_ref {
api_group = "rbac.authorization.k8s.io"
kind = "Role"
name = "view"
}
subject {
kind = "Group"
name = ${group}
api_group = "rbac.authorization.k8s.io"
}
}
resource "kubernetes_role_binding" "edit_cluster_role_binding" {
metadata {
name = ${group}-${namespace}-viewer-binding
namespace = ${namespace}
}
role_ref {
api_group = "rbac.authorization.k8s.io"
kind = "Role"
name = "edit"
}
subject {
kind = "Group"
name = ${group}
api_group = "rbac.authorization.k8s.io"
}
}
resource "kubernetes_role_binding" "admin_cluster_role_binding" {
metadata {
name = ${group}-${namespace}-viewer-binding
namespace = ${namespace}
}
role_ref {
api_group = "rbac.authorization.k8s.io"
kind = "Role"
name = "admin"
}
subject {
kind = "Group"
name = ${group}
api_group = "rbac.authorization.k8s.io"
}
}
到目前为止,我已经尝试了我的列表并用andflatten()循环它,但我还没有成功。据我了解,我需要使用 a来实现我的目标,但我无法获得正确的语法。任何帮助将不胜感激 !forforeachlocals{}
首先这是错误的["default, namespace1, namespace2"]。它应该是["default", "namespace1", "namespace2"]。解决这个问题后,您可以按如下方式展平数据结构:
locals {
flat_rbac_roles = merge([
for role, groups in var.rbac_roles:
merge([
for group_idx, group in groups:
{
for namespace_idx, namespace in group["namespaces"]:
"${role}-${group_idx}-${namespace_idx}" => {
role_name = role
group_name = group["group_name"]
group_id = group["group_id"]
namespace = namespace
}
}
]...)
]...)
}
这使:
{
"admin-0-0" = {
"group_id" = "789"
"group_name" = "group3"
"namespace" = "default"
"role_name" = "admin"
}
"admin-0-1" = {
"group_id" = "789"
"group_name" = "group3"
"namespace" = "namespace1"
"role_name" = "admin"
}
"admin-0-2" = {
"group_id" = "789"
"group_name" = "group3"
"namespace" = "namespace2"
"role_name" = "admin"
}
"edit-0-0" = {
"group_id" = "123"
"group_name" = "group1"
"namespace" = "namespace2"
"role_name" = "edit"
}
"view-0-0" = {
"group_id" = "123"
"group_name" = "group1"
"namespace" = "default"
"role_name" = "view"
}
"view-0-1" = {
"group_id" = "123"
"group_name" = "group1"
"namespace" = "namespace1"
"role_name" = "view"
}
"view-1-0" = {
"group_id" = "456"
"group_name" = "group2"
"namespace" = "namespace2"
"role_name" = "view"
}
}
| 归档时间: |
|
| 查看次数: |
14719 次 |
| 最近记录: |