我有一组 9 条安全组规则,需要将其应用于 4 个不同的源。我想将其构建为一个模块,因此不需要多次复制/粘贴同一块,我只需将端口和源作为变量传递即可。
我尝试创建一个模块,该模块可以for_each在动态块中获取端口,并传递源,因为我未能为源count提供额外的动态块。for_each
resource "aws_security_group" "test" {
name = "test2"
count = length(var.groups)
vpc_id = var.vpc_id
dynamic "ingress_tcp" {
for_each = var.tcp_ports
content {
from_port = ingress_tcp.value
to_port = ingress_tcp.value
protocol = "tcp"
security_groups = [var.groups[*].id]
}
}
dynamic "ingress_udp" {
for_each = var.udp_ports
content {
from_port = ingress_udp.value
to_port = ingress_udp.value
protocol = "udp"
security_groups = [var.groups[*].id]
}
}
}
module "rules" {
source = "./module/sg"
vpc_id = var.vpc_id …terraform ×1