Dictionary 如何在地形中分割地图的值以创建列表?
我有一个带有许多值的map变量(NACL规则)。我正在尝试添加相应的规则Dictionary 如何在地形中分割地图的值以创建列表?,dictionary,terraform,Dictionary,Terraform,我有一个带有许多值的map变量(NACL规则)。我正在尝试添加相应的规则 variable "rules" { default = { a = "200,false,tcp,allow,0.0.0.0/0,23,23" b = "100,true,tcp,allow,0.0.0.0/0,1024,65535" } } resource "aws_network_acl_rule" "bar" { network_acl_id = "<id>" ru
variable "rules" {
default = {
a = "200,false,tcp,allow,0.0.0.0/0,23,23"
b = "100,true,tcp,allow,0.0.0.0/0,1024,65535"
}
}
resource "aws_network_acl_rule" "bar" {
network_acl_id = "<id>"
rule_number = "${split(",",element(values(var.rules),count.index))[0]}"
egress = "${split(",",element(values(var.rules),count.index))[1]}"
protocol = "${split(",",element(values(var.rules),count.index))[2]}"
rule_action = "${split(",",element(values(var.rules),count.index))[3]}"
cidr_block = "${split(",",element(values(var.rules),count.index))[4]}"
from_port = "${split(",",element(values(var.rules),count.index))[5]}"
to_port = "${split(",",element(values(var.rules),count.index))[6]}"
count = "${length(values(var.rules))}"
}
变量“规则”{
默认值={
a=“200,false,tcp,allow,0.0.0.0/0,23,23”
b=“100,true,tcp,allow,0.0.0.0/0102465535”
}
}
资源“aws\U网络\U acl\U规则”“栏”{
网络acl\U id=“”
rule_number=“${split(,”,元素(值(var.rules),count.index))[0]}
出口=“${split(“,”,元素(值(var.rules),count.index))[1]}”
协议=“${split(“,”,元素(值(var.rules),count.index))[2]}”
rule_action=“${split(,”,元素(值(var.rules),count.index))[3]}
cidr_block=“${split(“,”,元素(值(var.rules),count.index))[4]}”
from_port=“${split(,”,元素(值(var.rules),count.index))[5]}
to_port=“${split(,”,元素(值(var.rules),count.index))[6]}
count=“${length(value(var.rules))}”
}
错误:
应为“}”,但找到“[”
由于不支持将列表作为值的映射,因此我尝试拆分这些值并迭代,这里有一种更简单的方法来处理映射
规则
variable "rules" {
default = {
"0" = "200,false,tcp,allow,0.0.0.0/0,23,23"
"1" = "100,true,tcp,allow,0.0.0.0/0,1024,65535"
}
}
resource "aws_vpc" "main" {
cidr_block = "10.0.0.0/16"
}
resource "aws_network_acl" "bar" {
vpc_id = "${aws_vpc.main.id}"
}
resource "aws_network_acl_rule" "bar" {
count = "${length(var.rules)}"
network_acl_id = "${aws_network_acl.bar.id}"
rule_number = "${element(split(",",var.rules[count.index]),0)}"
egress = "${element(split(",",var.rules[count.index]),1)}"
protocol = "${element(split(",",var.rules[count.index]),2)}"
rule_action = "${element(split(",",var.rules[count.index]),3)}"
cidr_block = "${element(split(",",var.rules[count.index]),4)}"
from_port = "${element(split(",",var.rules[count.index]),5)}"
to_port = "${element(split(",",var.rules[count.index]),6)}"
}
若你们坚持使用旧地图,关键是“a,b,…”,你们需要调整资源以适应
variable "rules" {
default = {
"a" = "200,false,tcp,allow,0.0.0.0/0,23,23"
"b" = "100,true,tcp,allow,0.0.0.0/0,1024,65535"
}
}
resource "aws_network_acl_rule" "bar" {
count = "${length(var.rules)}"
network_acl_id = "${aws_network_acl.bar.id}"
rule_number = "${element(split(",",element(values(var.rules),count.index)),0)}"
egress = "${element(split(",",element(values(var.rules),count.index)),1)}"
protocol = "${element(split(",",element(values(var.rules),count.index)),2)}"
rule_action = "${element(split(",",element(values(var.rules),count.index)),3)}"
cidr_block = "${element(split(",",element(values(var.rules),count.index)),4)}"
from_port = "${element(split(",",element(values(var.rules),count.index)),5)}"
to_port = "${element(split(",",element(values(var.rules),count.index)),6)}"
}
另一个更容易阅读的选项是使用
lookup()
:
变量“规则”{
默认值=[
{
规则编号=200
出口=假
协议=“tcp”
规则\u action=“允许”
cidr_block=“0.0.0.0/0”
from_port=23
至_端口=23
},
{
规则编号=100
出口=真
procotol=“tcp”
规则\u action=“允许”
cidr_block=“0.0.0.0/0”
from_port=1024
to_端口=65535
},
]
}
资源“aws\U网络\U acl\U规则”“栏”{
count=“${length(var.rules)}”
网络acl\U id=“”
rule_number=“${lookup(var.rules[count.index],“rule_number”)}
出口=“${lookup(var.rules[count.index],“出口”)}
protocol=“${lookup(var.rules[count.index],“protocol”)}
rule_action=“${lookup(var.rules[count.index],“rule_action”)}
cidr_块=“${lookup(var.rules[count.index],“cidr_块”)}”
from_port=“${lookup(var.rules[count.index],“from_port”)}
to_port=“${lookup(var.rules[count.index],“to_port”)}
}
variable "rules" {
default = [
{
rule_number = 200
egress = false
protocol = "tcp"
rule_action = "allow"
cidr_block = "0.0.0.0/0"
from_port= 23
to_port = 23
},
{
rule_number = 100
egress = true
procotol = "tcp"
rule_action = "allow"
cidr_block = "0.0.0.0/0"
from_port = 1024
to_port = 65535
},
]
}
resource "aws_network_acl_rule" "bar" {
count = "${length(var.rules)}"
network_acl_id = "<id>"
rule_number = "${lookup(var.rules[count.index], "rule_number")}"
egress = "${lookup(var.rules[count.index], "egress")}"
protocol = "${lookup(var.rules[count.index], "protocol")}"
rule_action = "${lookup(var.rules[count.index], "rule_action")}"
cidr_block = "${lookup(var.rules[count.index], "cidr_block")}"
from_port = "${lookup(var.rules[count.index], "from_port")}"
to_port = "${lookup(var.rules[count.index], "to_port")}"
}