我正在尝试在 Terraform 模块中动态创建对象列表,因此我不需要对不必要的重复值进行硬编码。我在 Terraform 注册表上找到了一个模块,它是我正在做的事情的基础。该模块位于https://github.com/cloudposse/terraform-aws-sso。在模块“sso_account_assignments”的 Examples/complete/main.tf 中,它们为不同的 AWS 账户复制了 AdministratorAccess 权限集。我的问题是我有近 30 个帐户,我想在其中分配相同的权限集,但我不想在代码中重复条目,只是帐号不同。我对 Python 有丰富的经验,我用 Python 编写它的方式如下所示:
如果我用 Python 编写
account_list = ['11111111111', '22222222222', '33333333333']
account_assignments = []
for acct in account_list:
obj = {
"account": acct,
"permission_set_arn": "Some value......",
"permission_set_name": "AdministratorAccess",
"principal_type": "GROUP",
"principal_name": "Administrators"
}
account_assignments.append(obj)
print(account_assignments)
输出
[
{
"account":"11111111111",
"permission_set_arn":"Some value......",
"permission_set_name":"AdministratorAccess",
"principal_type":"GROUP",
"principal_name":"Administrators"
},
{
"account":"22222222222",
"permission_set_arn":"Some value......",
"permission_set_name":"AdministratorAccess",
"principal_type":"GROUP",
"principal_name":"Administrators"
},
{
"account":"33333333333",
"permission_set_arn":"Some value......",
"permission_set_name":"AdministratorAccess",
"principal_type":"GROUP",
"principal_name":"Administrators"
}
]
基本上,我无法弄清楚如何在 Terraform …
terraform ×1