使用 for_each 访问嵌套映射中的变量
Access variable in nested map with for_each
我有局部变量:
locals {
bucket = {
firstBucket = {
sse = true
lifecycle_rules = [
{
id = "firstBucket"
enabled = true
expiration = {
days = 7
}
}
]
}
secondBucket = {
sse = false
lifecycle_rules = [
{
id = "secondBucket"
enabled = true
expiration = {
days = 7
}
}
]
}
}
}
我希望第一个存储桶加密 (sse=true),第二个存储桶应该加密 (sse=false)
然后我尝试使用模块创建两个 s3 桶。我想使用在局部变量中定义的 sse 字段来设置安全选项:
module "gitlab_bucket" {
for_each = local.bucket
/* some stuff */
server_side_encryption_configuration = lookup(each.value, "sse", null) ? var.security_cofig : {}
}
但是returns错误The given key does not identify an element in this collection value
语法似乎没问题,但条件表达式的默认值(当缺少 sse 属性时)必须是布尔值(true 或 false,因此不能为 null)。
我在 terraform 13.5 中测试了下面的代码,它给出了预期的结果。
locals {
bucket = {
firstBucket = {
sse = true
lifecycle_rules = [
{
id = "firstBucket"
enabled = true
expiration = {
days = 7
}
}
]
}
secondBucket = {
#sse = false
lifecycle_rules = [
{
id = "secondBucket"
enabled = true
expiration = {
days = 7
}
}
]
}
}
}
resource "random_pet" "example" {
for_each = local.bucket
keepers = {
sse = lookup(each.value, "sse", false) ? jsonencode({x = "yes"}) : jsonencode({})
}
}
计划结果如下:
An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
+ create
Terraform will perform the following actions:
# random_pet.example["firstBucket"] will be created
+ resource "random_pet" "example" {
+ id = (known after apply)
+ keepers = {
+ "sse" = jsonencode(
{
+ x = "yes"
}
)
}
+ length = 2
+ separator = "-"
}
# random_pet.example["secondBucket"] will be created
+ resource "random_pet" "example" {
+ id = (known after apply)
+ keepers = {
+ "sse" = jsonencode({})
}
+ length = 2
+ separator = "-"
}
Plan: 2 to add, 0 to change, 0 to destroy.
我有局部变量:
locals {
bucket = {
firstBucket = {
sse = true
lifecycle_rules = [
{
id = "firstBucket"
enabled = true
expiration = {
days = 7
}
}
]
}
secondBucket = {
sse = false
lifecycle_rules = [
{
id = "secondBucket"
enabled = true
expiration = {
days = 7
}
}
]
}
}
}
我希望第一个存储桶加密 (sse=true),第二个存储桶应该加密 (sse=false)
然后我尝试使用模块创建两个 s3 桶。我想使用在局部变量中定义的 sse 字段来设置安全选项:
module "gitlab_bucket" {
for_each = local.bucket
/* some stuff */
server_side_encryption_configuration = lookup(each.value, "sse", null) ? var.security_cofig : {}
}
但是returns错误The given key does not identify an element in this collection value
语法似乎没问题,但条件表达式的默认值(当缺少 sse 属性时)必须是布尔值(true 或 false,因此不能为 null)。
我在 terraform 13.5 中测试了下面的代码,它给出了预期的结果。
locals {
bucket = {
firstBucket = {
sse = true
lifecycle_rules = [
{
id = "firstBucket"
enabled = true
expiration = {
days = 7
}
}
]
}
secondBucket = {
#sse = false
lifecycle_rules = [
{
id = "secondBucket"
enabled = true
expiration = {
days = 7
}
}
]
}
}
}
resource "random_pet" "example" {
for_each = local.bucket
keepers = {
sse = lookup(each.value, "sse", false) ? jsonencode({x = "yes"}) : jsonencode({})
}
}
计划结果如下:
An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
+ create
Terraform will perform the following actions:
# random_pet.example["firstBucket"] will be created
+ resource "random_pet" "example" {
+ id = (known after apply)
+ keepers = {
+ "sse" = jsonencode(
{
+ x = "yes"
}
)
}
+ length = 2
+ separator = "-"
}
# random_pet.example["secondBucket"] will be created
+ resource "random_pet" "example" {
+ id = (known after apply)
+ keepers = {
+ "sse" = jsonencode({})
}
+ length = 2
+ separator = "-"
}
Plan: 2 to add, 0 to change, 0 to destroy.