Terraform 映射并将值传递给模块
Terraform mapping and passing values to the module
我正在为 AD 组和组分配创建模块,需要帮助将 group_ids 分配给其他 member_ids,这两个值都在模块内部传递。
在环境中:
var.tf
variable "azuread_group_name" {
type = map(object({
display_name = string
description = string
}))
default = {
"Group1" = {
display_name = "Group1"
description = ""
}
"Group2" = {
display_name = "Group2"
description = ""
}
"Group3" = {
display_name = "Group3"
description = "Desc of group 3"
}
"Group4" = {
display_name = "Group4"
description = "Desc of group 4"
}
"Group5" = {
display_name = "Group5"
description = "Desc of group5"
}
}
}
在模块中:
main.tf
resource "azuread_group" "azuread_group_name" {
for_each = var.azuread_group_name
display_name = each.value.display_name
description = each.value.description
}
#Need help here to get values back
resource "azuread_group_member" "example" {
for_each: something to loop through local.project
group_object_id = read each value of azuread_group_object_id
member_object_id = read each value of azuread_member_object_id
}
保存上面创建的每个组的输出:
output.tf
output adgroup_id {
value = azuread_group.azuread_group_name
}
能够读取每个对象 ID 的输出值,但在 module/main.tf:
中遇到组分配问题
resource "azuread_group_member" "example" {
group_object_id = azuread_group.example.id
member_object_id = data.azuread_user.example.id
}
基本上:
我将在 local.tf:
中列出类似这样的列表
project = {
first = {
"azuread_group_object_id" = [
module.main.adgroup_id["Group1"].id
],
"azuread_member_object_id" = [
module.main.adgroup_id["Group2"].id,
module.main.adgroup_id["Group3"].id,
module.main.adgroup_id["Group4"].id,
]
}
second = {
"azuread_group_object_id" = [
module.main.adgroup_id["Group2"].id,
module.main.adgroup_id["Group3"].id,
],
"azuread_member_object_id" = [
module.main.adgroup_id["Group4"].id
module.main.adgroup_id["Group5"].id
]
}
}
并且需要传递个人 ID,以便它可以将 group_object_id 分配给 member_object_id
例子:
先取所有可能的选项,再取所有可能的选项。
首先:
1. group_object_id -> module.main.adgroup_id["Group1"].id
member_object_id -> module.main.adgroup_id["Group2"].id
2. group_object_id -> module.main.adgroup_id["Group1"].id
member_object_id -> module.main.adgroup_id["Group3"].id
3. group_object_id -> module.main.adgroup_id["Group1"].id
member_object_id -> module.main.adgroup_id["Group4"].id
第二个:
4. group_object_id -> module.main.adgroup_id["Group2"].id
member_object_id -> module.main.adgroup_id["Group4"].id
5. group_object_id -> module.main.adgroup_id["Group2"].id
member_object_id -> module.main.adgroup_id["Group5"].id
6. group_object_id -> module.main.adgroup_id["Group3"].id
member_object_id -> module.main.adgroup_id["Group4"].id
7. group_object_id -> module.main.adgroup_id["Group3"].id
member_object_id -> module.main.adgroup_id["Group5"].id
有人可以帮忙吗
您可以按如下方式执行此操作(我将您的模块变量设为字符串,以便我可以 运行 代码):
locals {
project = {
first = {
"azuread_group_object_id" = [
"module.main.adgroup_id[Group1].id"
],
"azuread_member_object_id" = [
"module.main.adgroup_id[Group2].id",
"module.main.adgroup_id[Group3].id",
"module.main.adgroup_id[Group4].id"
]
}
second = {
"azuread_group_object_id" = [
"module.main.adgroup_id[Group2].id",
"module.main.adgroup_id[Group3].id",
],
"azuread_member_object_id" = [
"module.main.adgroup_id[Group4].id",
"module.main.adgroup_id[Group5].id"
]
}
}
reshaped = {
for k,v in local.project:
k => setproduct(v["azuread_group_object_id"], v["azuread_member_object_id"])
}
}
output "test" {
value = local.reshaped
}
给出:
test = {
"first" = tolist([
[
"module.main.adgroup_id[Group1].id",
"module.main.adgroup_id[Group2].id",
],
[
"module.main.adgroup_id[Group1].id",
"module.main.adgroup_id[Group3].id",
],
[
"module.main.adgroup_id[Group1].id",
"module.main.adgroup_id[Group4].id",
],
])
"second" = tolist([
[
"module.main.adgroup_id[Group2].id",
"module.main.adgroup_id[Group4].id",
],
[
"module.main.adgroup_id[Group2].id",
"module.main.adgroup_id[Group5].id",
],
[
"module.main.adgroup_id[Group3].id",
"module.main.adgroup_id[Group4].id",
],
[
"module.main.adgroup_id[Group3].id",
"module.main.adgroup_id[Group5].id",
],
])
}
或者,如果您想连接所有内容(点很重要,请不要删除它们):
output "test" {
value = concat(values(local.reshaped)...)
}
给出:
test = tolist([
[
"module.main.adgroup_id[Group1].id",
"module.main.adgroup_id[Group2].id",
],
[
"module.main.adgroup_id[Group1].id",
"module.main.adgroup_id[Group3].id",
],
[
"module.main.adgroup_id[Group1].id",
"module.main.adgroup_id[Group4].id",
],
[
"module.main.adgroup_id[Group2].id",
"module.main.adgroup_id[Group4].id",
],
[
"module.main.adgroup_id[Group2].id",
"module.main.adgroup_id[Group5].id",
],
[
"module.main.adgroup_id[Group3].id",
"module.main.adgroup_id[Group4].id",
],
[
"module.main.adgroup_id[Group3].id",
"module.main.adgroup_id[Group5].id",
],
])
我正在为 AD 组和组分配创建模块,需要帮助将 group_ids 分配给其他 member_ids,这两个值都在模块内部传递。
在环境中: var.tf
variable "azuread_group_name" {
type = map(object({
display_name = string
description = string
}))
default = {
"Group1" = {
display_name = "Group1"
description = ""
}
"Group2" = {
display_name = "Group2"
description = ""
}
"Group3" = {
display_name = "Group3"
description = "Desc of group 3"
}
"Group4" = {
display_name = "Group4"
description = "Desc of group 4"
}
"Group5" = {
display_name = "Group5"
description = "Desc of group5"
}
}
}
在模块中: main.tf
resource "azuread_group" "azuread_group_name" {
for_each = var.azuread_group_name
display_name = each.value.display_name
description = each.value.description
}
#Need help here to get values back
resource "azuread_group_member" "example" {
for_each: something to loop through local.project
group_object_id = read each value of azuread_group_object_id
member_object_id = read each value of azuread_member_object_id
}
保存上面创建的每个组的输出: output.tf
output adgroup_id {
value = azuread_group.azuread_group_name
}
能够读取每个对象 ID 的输出值,但在 module/main.tf:
中遇到组分配问题resource "azuread_group_member" "example" {
group_object_id = azuread_group.example.id
member_object_id = data.azuread_user.example.id
}
基本上: 我将在 local.tf:
中列出类似这样的列表project = {
first = {
"azuread_group_object_id" = [
module.main.adgroup_id["Group1"].id
],
"azuread_member_object_id" = [
module.main.adgroup_id["Group2"].id,
module.main.adgroup_id["Group3"].id,
module.main.adgroup_id["Group4"].id,
]
}
second = {
"azuread_group_object_id" = [
module.main.adgroup_id["Group2"].id,
module.main.adgroup_id["Group3"].id,
],
"azuread_member_object_id" = [
module.main.adgroup_id["Group4"].id
module.main.adgroup_id["Group5"].id
]
}
}
并且需要传递个人 ID,以便它可以将 group_object_id 分配给 member_object_id 例子: 先取所有可能的选项,再取所有可能的选项。
首先:
1. group_object_id -> module.main.adgroup_id["Group1"].id
member_object_id -> module.main.adgroup_id["Group2"].id
2. group_object_id -> module.main.adgroup_id["Group1"].id
member_object_id -> module.main.adgroup_id["Group3"].id
3. group_object_id -> module.main.adgroup_id["Group1"].id
member_object_id -> module.main.adgroup_id["Group4"].id
第二个:
4. group_object_id -> module.main.adgroup_id["Group2"].id
member_object_id -> module.main.adgroup_id["Group4"].id
5. group_object_id -> module.main.adgroup_id["Group2"].id
member_object_id -> module.main.adgroup_id["Group5"].id
6. group_object_id -> module.main.adgroup_id["Group3"].id
member_object_id -> module.main.adgroup_id["Group4"].id
7. group_object_id -> module.main.adgroup_id["Group3"].id
member_object_id -> module.main.adgroup_id["Group5"].id
有人可以帮忙吗
您可以按如下方式执行此操作(我将您的模块变量设为字符串,以便我可以 运行 代码):
locals {
project = {
first = {
"azuread_group_object_id" = [
"module.main.adgroup_id[Group1].id"
],
"azuread_member_object_id" = [
"module.main.adgroup_id[Group2].id",
"module.main.adgroup_id[Group3].id",
"module.main.adgroup_id[Group4].id"
]
}
second = {
"azuread_group_object_id" = [
"module.main.adgroup_id[Group2].id",
"module.main.adgroup_id[Group3].id",
],
"azuread_member_object_id" = [
"module.main.adgroup_id[Group4].id",
"module.main.adgroup_id[Group5].id"
]
}
}
reshaped = {
for k,v in local.project:
k => setproduct(v["azuread_group_object_id"], v["azuread_member_object_id"])
}
}
output "test" {
value = local.reshaped
}
给出:
test = {
"first" = tolist([
[
"module.main.adgroup_id[Group1].id",
"module.main.adgroup_id[Group2].id",
],
[
"module.main.adgroup_id[Group1].id",
"module.main.adgroup_id[Group3].id",
],
[
"module.main.adgroup_id[Group1].id",
"module.main.adgroup_id[Group4].id",
],
])
"second" = tolist([
[
"module.main.adgroup_id[Group2].id",
"module.main.adgroup_id[Group4].id",
],
[
"module.main.adgroup_id[Group2].id",
"module.main.adgroup_id[Group5].id",
],
[
"module.main.adgroup_id[Group3].id",
"module.main.adgroup_id[Group4].id",
],
[
"module.main.adgroup_id[Group3].id",
"module.main.adgroup_id[Group5].id",
],
])
}
或者,如果您想连接所有内容(点很重要,请不要删除它们):
output "test" {
value = concat(values(local.reshaped)...)
}
给出:
test = tolist([
[
"module.main.adgroup_id[Group1].id",
"module.main.adgroup_id[Group2].id",
],
[
"module.main.adgroup_id[Group1].id",
"module.main.adgroup_id[Group3].id",
],
[
"module.main.adgroup_id[Group1].id",
"module.main.adgroup_id[Group4].id",
],
[
"module.main.adgroup_id[Group2].id",
"module.main.adgroup_id[Group4].id",
],
[
"module.main.adgroup_id[Group2].id",
"module.main.adgroup_id[Group5].id",
],
[
"module.main.adgroup_id[Group3].id",
"module.main.adgroup_id[Group4].id",
],
[
"module.main.adgroup_id[Group3].id",
"module.main.adgroup_id[Group5].id",
],
])