在 Terraform 中动态创建要在模块内使用的对象列表
Dynamically create a list of objects to be used inside a module in Terraform
我正在尝试在 Terraform 模块中动态创建对象列表,因此我不需要对不必要的重复值进行硬编码。我在 Terraform Registry 上找到了一个模块,它是我正在做的事情的基础。该模块位于 https://github.com/cloudposse/terraform-aws-sso。在模块“sso_account_assignments”的 examples/complete/main.tf 中,它们复制了不同 AWS 账户的 AdministratorAccess 权限集。我的问题是我有将近 30 个帐户,我想在其中分配相同的权限集,但我不想重复代码中的条目,只是帐号不同。我对 Python 很有经验,我用 Python 编写它的方式如下所示:
如果我写在Python
account_list = ['11111111111', '22222222222', '33333333333']
account_assignments = []
for acct in account_list:
obj = {
"account": acct,
"permission_set_arn": "Some value......",
"permission_set_name": "AdministratorAccess",
"principal_type": "GROUP",
"principal_name": "Administrators"
}
account_assignments.append(obj)
print(account_assignments)
输出
[
{
"account":"11111111111",
"permission_set_arn":"Some value......",
"permission_set_name":"AdministratorAccess",
"principal_type":"GROUP",
"principal_name":"Administrators"
},
{
"account":"22222222222",
"permission_set_arn":"Some value......",
"permission_set_name":"AdministratorAccess",
"principal_type":"GROUP",
"principal_name":"Administrators"
},
{
"account":"33333333333",
"permission_set_arn":"Some value......",
"permission_set_name":"AdministratorAccess",
"principal_type":"GROUP",
"principal_name":"Administrators"
}
]
基本上我无法弄清楚如何在 Terraform 中动态构建对象列表。我确信它可以用 for_each 或 for 循环来解决,但没有弄清楚。希望这是有道理的。
尝试编写代码,但它不起作用并且出错。我查看了 HashiCorp 的文档,但没有成功。
您可以通过一个简单的 for 循环完成此操作:
variable "account_list" {
default = ["11111111111", "22222222222", "33333333333"]
}
locals {
account_assignments = [for account_id in var.account_list : {
"account" : account_id,
"permission_set_arn" : "Some value......",
"permission_set_name" : "AdministratorAccess",
"principal_type" : "GROUP",
"principal_name" : "Administrators"
}]
}
output "account_assignments" {
value = local.account_assignments
}
我正在尝试在 Terraform 模块中动态创建对象列表,因此我不需要对不必要的重复值进行硬编码。我在 Terraform Registry 上找到了一个模块,它是我正在做的事情的基础。该模块位于 https://github.com/cloudposse/terraform-aws-sso。在模块“sso_account_assignments”的 examples/complete/main.tf 中,它们复制了不同 AWS 账户的 AdministratorAccess 权限集。我的问题是我有将近 30 个帐户,我想在其中分配相同的权限集,但我不想重复代码中的条目,只是帐号不同。我对 Python 很有经验,我用 Python 编写它的方式如下所示:
如果我写在Python
account_list = ['11111111111', '22222222222', '33333333333']
account_assignments = []
for acct in account_list:
obj = {
"account": acct,
"permission_set_arn": "Some value......",
"permission_set_name": "AdministratorAccess",
"principal_type": "GROUP",
"principal_name": "Administrators"
}
account_assignments.append(obj)
print(account_assignments)
输出
[
{
"account":"11111111111",
"permission_set_arn":"Some value......",
"permission_set_name":"AdministratorAccess",
"principal_type":"GROUP",
"principal_name":"Administrators"
},
{
"account":"22222222222",
"permission_set_arn":"Some value......",
"permission_set_name":"AdministratorAccess",
"principal_type":"GROUP",
"principal_name":"Administrators"
},
{
"account":"33333333333",
"permission_set_arn":"Some value......",
"permission_set_name":"AdministratorAccess",
"principal_type":"GROUP",
"principal_name":"Administrators"
}
]
基本上我无法弄清楚如何在 Terraform 中动态构建对象列表。我确信它可以用 for_each 或 for 循环来解决,但没有弄清楚。希望这是有道理的。
尝试编写代码,但它不起作用并且出错。我查看了 HashiCorp 的文档,但没有成功。
您可以通过一个简单的 for 循环完成此操作:
variable "account_list" {
default = ["11111111111", "22222222222", "33333333333"]
}
locals {
account_assignments = [for account_id in var.account_list : {
"account" : account_id,
"permission_set_arn" : "Some value......",
"permission_set_name" : "AdministratorAccess",
"principal_type" : "GROUP",
"principal_name" : "Administrators"
}]
}
output "account_assignments" {
value = local.account_assignments
}