Terraform 地形合并两个具有相同结构的列表
需要这方面的帮助:如何为同一个应用合并两个相同的应用-id和值[app Role&Oauth scope] 感谢您的帮助Terraform 地形合并两个具有相同结构的列表,terraform,Terraform,需要这方面的帮助:如何为同一个应用合并两个相同的应用-id和值[app Role&Oauth scope] 感谢您的帮助 oauth_merge_permissions = [ { App1 = { role1 = "729e1819-d582-d503-deff-2be33394cee5" role2 = "fb9b9a2d-2653-ad21-556b-6
oauth_merge_permissions = [
{
App1 = {
role1 = "729e1819-d582-d503-deff-2be33394cee5"
role2 = "fb9b9a2d-2653-ad21-556b-67b40742f4e1"
role3 = "f9dbd854-e42e-298e-c7d6-ba068d67261d"
role4 = "5324f064-ac54-db19-16c0-0510a3b979dc"
role5 = "d1577294-3870-e465-c433-e036bd2d624c"
role6 = "c13d1bc7-ffc2-dd8c-001e-c42c7c1b32cc"
}
},
{
App1 = {
test = "da2a01d8-9865-412b-b7ef-f48f1e56e481"
user_impersonation = "7b31ca60-1333-4620-9582-012f25f4da05"
}
},
{
App2 = {
role5 = "d1577294-3870-e465-c433-e036bd2d624c"
role6 = "c13d1bc7-ffc2-dd8c-001e-c42c7c1b32cc"
}
}
]
期望输出:
我将获得以下输出,以便能够在azuread_应用程序API权限中使用此输出
Result = [
{
App1 = {
role1 = "729e1819-d582-d503-deff-2be33394cee5"
role2 = "fb9b9a2d-2653-ad21-556b-67b40742f4e1"
role3 = "f9dbd854-e42e-298e-c7d6-ba068d67261d"
role4 = "5324f064-ac54-db19-16c0-0510a3b979dc"
role5 = "d1577294-3870-e465-c433-e036bd2d624c"
role6 = "c13d1bc7-ffc2-dd8c-001e-c42c7c1b32cc"
test = "70efda02-14a2-48f2-9297-8d86e7737438"
user_impersonation = "e100b04b-fb46-b764-8ae9-513e1f1cd469"
}
},
{
App2 = {
role5 = "d1577294-3870-e465-c433-e036bd2d624c"
role6 = "7b31ca60-1333-4620-9582-012f25f4da05"
}
}
]
我认为要做到这一点需要两个步骤:首先按应用程序名称将对象聚集在一起,然后再将这些对象合并到这些组中 让我们从第一步开始:
locals {
oauth_merge_permissions = [
{
App1 = {
role1 = "729e1819-d582-d503-deff-2be33394cee5"
role2 = "fb9b9a2d-2653-ad21-556b-67b40742f4e1"
role3 = "f9dbd854-e42e-298e-c7d6-ba068d67261d"
role4 = "5324f064-ac54-db19-16c0-0510a3b979dc"
role5 = "d1577294-3870-e465-c433-e036bd2d624c"
role6 = "c13d1bc7-ffc2-dd8c-001e-c42c7c1b32cc"
}
},
{
App1 = {
test = "da2a01d8-9865-412b-b7ef-f48f1e56e481"
user_impersonation = "7b31ca60-1333-4620-9582-012f25f4da05"
}
},
{
App2 = {
role5 = "d1577294-3870-e465-c433-e036bd2d624c"
role6 = "c13d1bc7-ffc2-dd8c-001e-c42c7c1b32cc"
}
}
]
role_maps_by_app = {
for m in local.oauth_merge_permissions : one(keys(m)) => one(values(m))...
}
}
应用程序对象的值如下所示,输入如下:
role_maps_by_app = {
"App1" = [
{
"role1" = "729e1819-d582-d503-deff-2be33394cee5"
"role2" = "fb9b9a2d-2653-ad21-556b-67b40742f4e1"
"role3" = "f9dbd854-e42e-298e-c7d6-ba068d67261d"
"role4" = "5324f064-ac54-db19-16c0-0510a3b979dc"
"role5" = "d1577294-3870-e465-c433-e036bd2d624c"
"role6" = "c13d1bc7-ffc2-dd8c-001e-c42c7c1b32cc"
},
{
"test" = "da2a01d8-9865-412b-b7ef-f48f1e56e481"
"user_impersonation" = "7b31ca60-1333-4620-9582-012f25f4da05"
},
]
"App2" = [
{
"role5" = "d1577294-3870-e465-c433-e036bd2d624c"
"role6" = "c13d1bc7-ffc2-dd8c-001e-c42c7c1b32cc"
},
]
}
我在这里做了两个假设:
- 每个顶级映射中只有一个元素
- 您正在使用Terraform v0.15.0或更高版本,因此可以使用。如果没有,您可以使用类似于
keys(m)[0]
的表达式,唯一的区别是它将忽略映射中的多个元素,而不是引发错误
现在我们有了地图列表的地图,我们可以编写第二步,将每个列表中的所有地图合并为单个地图:
locals {
# (keep the other local values from above too)
roles_by_app = {
for app, role_maps in local.role_maps_by_app : app => merge(role_maps...)
}
}
local.roles\u by\u app
将具有以下值,这似乎符合您的要求:
roles_by_app = {
"App1" = {
"role1" = "729e1819-d582-d503-deff-2be33394cee5"
"role2" = "fb9b9a2d-2653-ad21-556b-67b40742f4e1"
"role3" = "f9dbd854-e42e-298e-c7d6-ba068d67261d"
"role4" = "5324f064-ac54-db19-16c0-0510a3b979dc"
"role5" = "d1577294-3870-e465-c433-e036bd2d624c"
"role6" = "c13d1bc7-ffc2-dd8c-001e-c42c7c1b32cc"
"test" = "da2a01d8-9865-412b-b7ef-f48f1e56e481"
"user_impersonation" = "7b31ca60-1333-4620-9582-012f25f4da05"
}
"App2" = {
"role5" = "d1577294-3870-e465-c433-e036bd2d624c"
"role6" = "c13d1bc7-ffc2-dd8c-001e-c42c7c1b32cc"
}
}
对于我使用的第二个步骤,它将许多映射作为参数,并返回单个映射,其中所有元素都通过键合并在一起。因为merge
需要可变数量的参数,而不是列表中的单个参数,所以我在role\u maps
参数中使用该参数告诉Terraform将该列表中的每个元素用作函数的单独参数。感谢Martin的回答并提供了详细的答案。我使用的是Terraform v0.14.7,所以使用了键(m)[0],它只接受“App1”和拒绝App2角色。是否有其他方法可以让数组计数动态?。再次感谢您在这方面的帮助。升级到Terraform的更新版本,但即使在“一”功能之后,也无法使用这种方法。抛出以下错误:│ 对于local.merge_权限中的m:一个(键(m))=>一个(值(m))。。。│ │ “list”参数的值无效:必须是包含零或一个元素的列表、集合或元组值。在实际配置中,是否有一个同时包含App1
和App2
的映射?我是根据您共享的示例工作的,其中每个地图只有一个元素。