Azure FrontDoor 的 terraform 模块中的嵌套循环

Nested loops within terraform module for Azure FrontDoor

我正在尝试部署 Azure Front Door 及其自定义 https 配置资源的列表。我有一个像这个伪代码一样部署的 Azure Front Door 资源列表。它们工作正常(尽管没有自定义 https 配置)

resource "azurerm_frontdoor" "front_door" {
  count = length(local.frontdoors)
... config
}

然后我尝试添加一些 terraform 来创建自定义 https 配置,并使用terraform azure frontdoor custom https config docs 以下片段:

resource "azurerm_frontdoor_custom_https_configuration" "custom_https_configuration" {
  count                             = length(local.frontdoors)
  for_each                          = { for frontend in azurerm_frontdoor.front_door[count.index].frontend_endpoint : frontend.id => frontend_id }
  frontend_endpoint_id              = each.value.frontend_id
  custom_https_provisioning_enabled = each.key != "front_door" ? local.frontend_https_configurations[each.key].custom_https_provisioning_enabled : false
  dynamic "custom_https_configuration" {
    for_each = (each.key != "front_door" ? local.frontend_https_configurations[each.key].custom_https_provisioning_enabled : false) ? [1] : []
    content {
      certificate_source                         = "AzureKeyVault"
      azure_key_vault_certificate_secret_name    = XXXX
      azure_key_vault_certificate_secret_version = XXXX
      azure_key_vault_certificate_vault_id       = XXXX
    }
  }
}

我遇到了这个语法错误:

错误:“count”和“for_each”的组合无效

如果我尝试删除计数,并改用 for_each 结构:

resource "azurerm_frontdoor_custom_https_configuration" "custom_https_configuration" {
  for_each                          = { 
      for frontdoor in azurerm_frontdoor.front_door :
      [
        for key, value in frontdoor.frontend_endpoint: value.frontend.id => frontend_id
      ]
  }
  frontend_endpoint_id              = each.value.frontend_id
  custom_https_provisioning_enabled = each.key != "front_door" ? local.frontend_https_configurations[each.key].custom_https_provisioning_enabled : false
  dynamic "custom_https_configuration" {
    for_each = (each.key != "front_door" ? local.frontend_https_configurations[each.key].custom_https_provisioning_enabled : false) ? [1] : []
    content {
      certificate_source                         = "AzureKeyVault"
      azure_key_vault_certificate_secret_name    = XXXX
      azure_key_vault_certificate_secret_version = XXXX
      azure_key_vault_certificate_vault_id       = XXXX
    }
  }
}

我得到的是这个错误:

错误:'for' 表达式无效

在 main.tf 第 25 行,在资源“azurerm_frontdoor_custom_https_configuration”“custom_https_configuration”中: 173:for_each={ 174:对于 azurerm_frontdoor.front_door 中的前门: 175:[ 176:对于键,frontdoor.frontend_endpoint 中的值:value.frontend.id => frontend_id 177:] 178:}

构建对象时需要键表达式。

我怎样才能有一个嵌套循环,以便我可以成功部署 f

当你需要嵌套for循环时,你需要结合使用flatten function (for lists) or the merge函数和...列表扩展运算符(对于地图)。

基本上是这样的:

// To make a list
for_each = flatten([
  for idx1, val1 in var.list1:
  [
    for idx2, val2 in val2.list_field:
      // Here is where you construct whatever value/object for each element
  ]
])

// To make a list
for_each = merge([
  for key1, val1 in var.map1:
  {
    for key2, val2 in val1.map_field:
    // Some key/value pair, such as:
    "${key1}-${key2}" => val2
  }
]...)

你的地图理解也key/value颠倒了。试试这个:

for_each = merge([ 
      for idx, frontdoor in azurerm_frontdoor.front_door :
      {
        for key, value in frontdoor.frontend_endpoints: 
        "${idx}-${key}" => {
           endpoint_key = key
           endpoint_id = value
        }
      }
  ]...)

现在,在您的资源范围内,您可以使用 each.value.endpoint_keyeach.value.endpoint_id