Error: 'threat_detection_policy' : attribute supports 1 item maximum, config has 2 declared
Error: 'threat_detection_policy' : attribute supports 1 item maximum, config has 2 declared
预期行为
我正在尝试启用 'threat detection policy' 并将警报发送到电子邮件地址列表
实际行为
抛出错误(参见错误输出)
错误输出
Error: threat_detection_policy: attribute supports 1 item maximum, config has 2 declared
on ..\mysql-module-test\example-location\main.tf line 20, in resource "azurerm_mysql_server" "instance":
20: resource "azurerm_mysql_server" "instance" {
Terraform(和 AzureRM 提供程序)版本
受影响的资源
azurerm_v2.41.0
terraform v0.13.0
Terraform 配置文件
Main.tf
resource "azurerm_mysql_server" "instance" {
name = "${var.names.product_name}-${var.names.environment}-${var.server_id}"
location = var.location
resource_group_name = var.resource_group_name
tags = var.tags
administrator_login = local.administrator_login
administrator_login_password = local.administrator_password
sku_name = var.sku_name
storage_mb = var.storage_mb
version = var.mysql_version
auto_grow_enabled = (var.create_mode == "Replica" ? true : var.auto_grow_enabled)
backup_retention_days = var.backup_retention_days
geo_redundant_backup_enabled = var.geo_redundant_backup_enabled
infrastructure_encryption_enabled = var.infrastructure_encryption_enabled
public_network_access_enabled = (((length(var.service_endpoints) > 0) || (length(var.access_list) > 0)) ? true : false)
ssl_enforcement_enabled = var.ssl_enforcement_enabled
ssl_minimal_tls_version_enforced = var.ssl_enforcement_enabled ? "TLS1_2" : "TLSEnforcementDisabled"
create_mode = var.create_mode
creation_source_server_id = (var.create_mode == "Replica" ? var.creation_source_server_id : null)
dynamic "threat_detection_policy" { # Error: threat_detection_policy: attribute supports 1 item maximum, config has 2 declared
for_each = (var.threat_detection_policy != null ? var.threat_detection_policy : null)
content {
enabled = var.threat_detection_policy.enable_threat_detection_policy
email_addresses = var.threat_detection_policy.threat_detection_email_addresses
}
}
}
Variables.tf
# Advanced threat protection policy settings
variable "threat_detection_policy" {
description = "Threat detection policy configuration. If not input, threat detection will be disabled."
type = object({
enable_threat_detection_policy = bool
threat_detection_email_addresses = list(string)
})
default = null
}
模块调用
# advanced threat protection policy
threat_detection_policy = {
enable_threat_detection_policy = true
threat_detection_email_addresses = ["first.last@contoso.com", "first.last@contoso.com"]
}
错误输出
Error: threat_detection_policy: attribute supports 1 item maximum, config has 2 declared
on ..\mysql-module-test\example-location\main.tf line 20, in resource "azurerm_mysql_server" "instance":
20: resource "azurerm_mysql_server" "instance" {
当您在地图(或对象)上使用 for_each
时,Terraform 会迭代键。所以它试图为键 enable_threat_detection_policy
和 threat_detection_email_addresses
.
创建两个 threat_detection_policy
块
动态块对您的场景没有实际意义,因为 azurerm_mysql_server 资源只能有一个 threat_detection_policy
块。这样的配置可能有效:
threat_detection_policy {
enabled = var.threat_detection_policy != null
email_addresses = var.threat_detection_policy != null ? var.threat_detection_policy.threat_detection_email_addresses : []
}
预期行为
我正在尝试启用 'threat detection policy' 并将警报发送到电子邮件地址列表
实际行为
抛出错误(参见错误输出)
错误输出
Error: threat_detection_policy: attribute supports 1 item maximum, config has 2 declared
on ..\mysql-module-test\example-location\main.tf line 20, in resource "azurerm_mysql_server" "instance":
20: resource "azurerm_mysql_server" "instance" {
Terraform(和 AzureRM 提供程序)版本
受影响的资源
azurerm_v2.41.0
terraform v0.13.0
Terraform 配置文件
Main.tf
resource "azurerm_mysql_server" "instance" {
name = "${var.names.product_name}-${var.names.environment}-${var.server_id}"
location = var.location
resource_group_name = var.resource_group_name
tags = var.tags
administrator_login = local.administrator_login
administrator_login_password = local.administrator_password
sku_name = var.sku_name
storage_mb = var.storage_mb
version = var.mysql_version
auto_grow_enabled = (var.create_mode == "Replica" ? true : var.auto_grow_enabled)
backup_retention_days = var.backup_retention_days
geo_redundant_backup_enabled = var.geo_redundant_backup_enabled
infrastructure_encryption_enabled = var.infrastructure_encryption_enabled
public_network_access_enabled = (((length(var.service_endpoints) > 0) || (length(var.access_list) > 0)) ? true : false)
ssl_enforcement_enabled = var.ssl_enforcement_enabled
ssl_minimal_tls_version_enforced = var.ssl_enforcement_enabled ? "TLS1_2" : "TLSEnforcementDisabled"
create_mode = var.create_mode
creation_source_server_id = (var.create_mode == "Replica" ? var.creation_source_server_id : null)
dynamic "threat_detection_policy" { # Error: threat_detection_policy: attribute supports 1 item maximum, config has 2 declared
for_each = (var.threat_detection_policy != null ? var.threat_detection_policy : null)
content {
enabled = var.threat_detection_policy.enable_threat_detection_policy
email_addresses = var.threat_detection_policy.threat_detection_email_addresses
}
}
}
Variables.tf
# Advanced threat protection policy settings
variable "threat_detection_policy" {
description = "Threat detection policy configuration. If not input, threat detection will be disabled."
type = object({
enable_threat_detection_policy = bool
threat_detection_email_addresses = list(string)
})
default = null
}
模块调用
# advanced threat protection policy
threat_detection_policy = {
enable_threat_detection_policy = true
threat_detection_email_addresses = ["first.last@contoso.com", "first.last@contoso.com"]
}
错误输出
Error: threat_detection_policy: attribute supports 1 item maximum, config has 2 declared
on ..\mysql-module-test\example-location\main.tf line 20, in resource "azurerm_mysql_server" "instance":
20: resource "azurerm_mysql_server" "instance" {
当您在地图(或对象)上使用 for_each
时,Terraform 会迭代键。所以它试图为键 enable_threat_detection_policy
和 threat_detection_email_addresses
.
threat_detection_policy
块
动态块对您的场景没有实际意义,因为 azurerm_mysql_server 资源只能有一个 threat_detection_policy
块。这样的配置可能有效:
threat_detection_policy {
enabled = var.threat_detection_policy != null
email_addresses = var.threat_detection_policy != null ? var.threat_detection_policy.threat_detection_email_addresses : []
}