Terraform 和导出 Azure Key Vault 属性的块版本
Terraform and exporting block versions of Attributes for Azure Key Vault
将 Terraform 与 Azure 搜索服务结合使用,它将 query_keys 作为一个“块”导出为 key 和 name...
在“属性参考”部分...
https://www.terraform.io/docs/providers/azurerm/r/search_service.html
我已经将 ID 和主键从 Terraform 代码导出到 Azure KeyVault,但是如何为属性“块”执行此操作?
# Key vault secrets
resource "azurerm_key_vault_secret" "go-1a" {
name = "secret-Search01-ID"
value = azurerm_search_service.go-1.id
key_vault_id = data.azurerm_key_vault.env-keyvault.id
}
resource "azurerm_key_vault_secret" "go-1b" {
name = "secret-Search01-PrimaryKey"
value = azurerm_search_service.go-1.primary_key
key_vault_id = data.azurerm_key_vault.env-keyvault.id
}
提前致谢
query_keys 是一个对象列表。
示例代码
provider "azurerm" {
version = "~>2.19.0"
features {}
}
resource "azurerm_resource_group" "example" {
name = "example-resources"
location = "East US"
}
resource "azurerm_search_service" "example" {
name = "example-search-service"
resource_group_name = azurerm_resource_group.example.name
location = azurerm_resource_group.example.location
sku = "standard"
}
output "query_keys_key" {
value = azurerm_search_service.example.query_keys[0].key
}
output "query_keys_name" {
value = azurerm_search_service.example.query_keys[0].name
}
示例输出
> terraform apply
azurerm_resource_group.example: Refreshing state... [id=/subscriptions/redacted/resourceGroups/example-resources]
azurerm_search_service.example: Refreshing state... [id=/subscriptions/redacted/resourceGroups/example-resources/providers/Microsoft.Search/searchServices/example-search-service]
Apply complete! Resources: 0 added, 0 changed, 0 destroyed.
Outputs:
query_keys_key = 662EEE1DD452E082922C1AF00B0BBFA9
query_keys_name =
运行一个terraform show看
> terraform show
# azurerm_resource_group.example:
resource "azurerm_resource_group" "example" {
id = "/subscriptions/redacted/resourceGroups/example-resources"
location = "eastus"
name = "example-resources"
}
# azurerm_search_service.example:
resource "azurerm_search_service" "example" {
id = "/subscriptions/redacted/resourceGroups/example-resources/providers/Microsoft.Search/searchServices/example-search-service"
location = "eastus"
name = "example-search-service"
partition_count = 1
primary_key = "3EE7E9F80715E0451EEBC25196808563"
query_keys = [
{
key = "662EEE1DD452E08292BC1AF01B0BBFA9"
name = ""
},
]
replica_count = 1
resource_group_name = "example-resources"
secondary_key = "11CCA067EEC7E04FC1F39582FD01C316"
sku = "standard"
}
将 Terraform 与 Azure 搜索服务结合使用,它将 query_keys 作为一个“块”导出为 key 和 name...
在“属性参考”部分... https://www.terraform.io/docs/providers/azurerm/r/search_service.html
我已经将 ID 和主键从 Terraform 代码导出到 Azure KeyVault,但是如何为属性“块”执行此操作?
# Key vault secrets
resource "azurerm_key_vault_secret" "go-1a" {
name = "secret-Search01-ID"
value = azurerm_search_service.go-1.id
key_vault_id = data.azurerm_key_vault.env-keyvault.id
}
resource "azurerm_key_vault_secret" "go-1b" {
name = "secret-Search01-PrimaryKey"
value = azurerm_search_service.go-1.primary_key
key_vault_id = data.azurerm_key_vault.env-keyvault.id
}
提前致谢
query_keys 是一个对象列表。
示例代码
provider "azurerm" {
version = "~>2.19.0"
features {}
}
resource "azurerm_resource_group" "example" {
name = "example-resources"
location = "East US"
}
resource "azurerm_search_service" "example" {
name = "example-search-service"
resource_group_name = azurerm_resource_group.example.name
location = azurerm_resource_group.example.location
sku = "standard"
}
output "query_keys_key" {
value = azurerm_search_service.example.query_keys[0].key
}
output "query_keys_name" {
value = azurerm_search_service.example.query_keys[0].name
}
示例输出
> terraform apply
azurerm_resource_group.example: Refreshing state... [id=/subscriptions/redacted/resourceGroups/example-resources]
azurerm_search_service.example: Refreshing state... [id=/subscriptions/redacted/resourceGroups/example-resources/providers/Microsoft.Search/searchServices/example-search-service]
Apply complete! Resources: 0 added, 0 changed, 0 destroyed.
Outputs:
query_keys_key = 662EEE1DD452E082922C1AF00B0BBFA9
query_keys_name =
运行一个terraform show看
> terraform show
# azurerm_resource_group.example:
resource "azurerm_resource_group" "example" {
id = "/subscriptions/redacted/resourceGroups/example-resources"
location = "eastus"
name = "example-resources"
}
# azurerm_search_service.example:
resource "azurerm_search_service" "example" {
id = "/subscriptions/redacted/resourceGroups/example-resources/providers/Microsoft.Search/searchServices/example-search-service"
location = "eastus"
name = "example-search-service"
partition_count = 1
primary_key = "3EE7E9F80715E0451EEBC25196808563"
query_keys = [
{
key = "662EEE1DD452E08292BC1AF01B0BBFA9"
name = ""
},
]
replica_count = 1
resource_group_name = "example-resources"
secondary_key = "11CCA067EEC7E04FC1F39582FD01C316"
sku = "standard"
}