terraform模块中的Ommit可选块
目前,我正在尝试在Terraform中创建一个通用sql_数据库模块。我想控制要包含在此资源中的参数。例如,有一次我只需要必需的参数,但下一次在另一个项目中,我需要它们加上带有所有嵌套参数的威胁检测策略块terraform模块中的Ommit可选块,terraform,terraform-provider-azure,hcl,Terraform,Terraform Provider Azure,Hcl,目前,我正在尝试在Terraform中创建一个通用sql_数据库模块。我想控制要包含在此资源中的参数。例如,有一次我只需要必需的参数,但下一次在另一个项目中,我需要它们加上带有所有嵌套参数的威胁检测策略块 modules/sql\u database.tf resource "azurerm_sql_database" "sql-db" { name = var.sql-db-name resource_group_name
modules/sql\u database.tf
resource "azurerm_sql_database" "sql-db" {
name = var.sql-db-name
resource_group_name = data.azurerm_resource_group.rg-name.name
location = var.location
server_name = var.server-name
edition = var.sql-db-edition
collation = var.collation
create_mode = var.create-mode
requested_service_objective_name = var.sql-requested-service-objective-name
read_scale = var.read-scale
zone_redundant = var.zone-redundant
extended_auditing_policy {
storage_endpoint = var.eap-storage-endpoint
storage_account_access_key = var.eap-storage-account-access-key
storage_account_access_key_is_secondary = var.eap-storage-account-access-key-is-secondary
retention_in_days = var.eap-retention-days
}
import = {
storage_uri = var.storage-uri
storage_key = var.storage-key
storage_key_type = var.storage-key-type
administrator_login = var.administrator-login
administrator_login_password = var.administrator-login-password
authentication_type = var.authentication-type
operation_mode = var.operation-mode
}
threat_detection_policy = {
state = var.state
disabled_alerts = var.disabled-alerts
email_account_admins = var.email-account-admins
email_addresses = var.email-addresses
retention_days = var.retention-days
storage_account_access_key = var.storage-account-access-key
storage_endpoint = var.storage-endpoint
use_server_default = var.use-server-default
}
}
module "sql_database" {
source = "./modules/sql_database"
sql-db-name = "sqldbs-example"
location = "westus"
server-name = "sqlsrv-example"
storage-uri = "" #some values
storage-key = ""
storage-key_type = ""
administrator-login = ""
administrator-login-password = ""
authentication-type = ""
operation-mode = ""
sql-db-edition = "Standard"
collation = "SQL_LATIN1_GENERAL_CP1_CI_AS"
create-mode = "Default"
sql-requested_service_objective_name = "S0"
requested_service_objective_id = ""
read-scale = "false"
zone_redundant = ""
source_database_id = ""
restore_point_in_time = ""
max_size_bytes = ""
source_database_deletion_date = ""
elastic_pool_name = ""
#variables below should be all optional
state = ""
disabled_alerts = ""
email_account_admins = ""
email_addresses = ""
retention_days = 6
storage_account_access_key = ""
storage_endpoint = ""
use_server_default = ""
storage_endpoint = ""
storage_account_access_key = ""
storage_account_access_key_is_secondary = "false"
retention_in_days = 6
}
模块/变量.tf
(几个sql\u数据库变量)
main.tf
resource "azurerm_sql_database" "sql-db" {
name = var.sql-db-name
resource_group_name = data.azurerm_resource_group.rg-name.name
location = var.location
server_name = var.server-name
edition = var.sql-db-edition
collation = var.collation
create_mode = var.create-mode
requested_service_objective_name = var.sql-requested-service-objective-name
read_scale = var.read-scale
zone_redundant = var.zone-redundant
extended_auditing_policy {
storage_endpoint = var.eap-storage-endpoint
storage_account_access_key = var.eap-storage-account-access-key
storage_account_access_key_is_secondary = var.eap-storage-account-access-key-is-secondary
retention_in_days = var.eap-retention-days
}
import = {
storage_uri = var.storage-uri
storage_key = var.storage-key
storage_key_type = var.storage-key-type
administrator_login = var.administrator-login
administrator_login_password = var.administrator-login-password
authentication_type = var.authentication-type
operation_mode = var.operation-mode
}
threat_detection_policy = {
state = var.state
disabled_alerts = var.disabled-alerts
email_account_admins = var.email-account-admins
email_addresses = var.email-addresses
retention_days = var.retention-days
storage_account_access_key = var.storage-account-access-key
storage_endpoint = var.storage-endpoint
use_server_default = var.use-server-default
}
}
module "sql_database" {
source = "./modules/sql_database"
sql-db-name = "sqldbs-example"
location = "westus"
server-name = "sqlsrv-example"
storage-uri = "" #some values
storage-key = ""
storage-key_type = ""
administrator-login = ""
administrator-login-password = ""
authentication-type = ""
operation-mode = ""
sql-db-edition = "Standard"
collation = "SQL_LATIN1_GENERAL_CP1_CI_AS"
create-mode = "Default"
sql-requested_service_objective_name = "S0"
requested_service_objective_id = ""
read-scale = "false"
zone_redundant = ""
source_database_id = ""
restore_point_in_time = ""
max_size_bytes = ""
source_database_deletion_date = ""
elastic_pool_name = ""
#variables below should be all optional
state = ""
disabled_alerts = ""
email_account_admins = ""
email_addresses = ""
retention_days = 6
storage_account_access_key = ""
storage_endpoint = ""
use_server_default = ""
storage_endpoint = ""
storage_account_access_key = ""
storage_account_access_key_is_secondary = "false"
retention_in_days = 6
}
提前感谢您的帮助 对于您的需求,我认为一种可能的方法是在模块内设置默认值,并使默认值发挥您未设置它们的作用。例如,在
threat\u detection\u policy
块中,属性use\u server\u default
,如果未设置该属性,则默认值为Disabled
。当您想要设置它们时,只需在模块块中输入值 我觉得threat\u detection\u policy
块是可选的,您不能设置默认值吗?当然是可选的。你是说default=null
还是default=my\u default\u value
?你能提供你的变量文件或在GitHub上创建一个最小的项目吗。。。您的注释模块中的地形行为希望我输入所有值,必需的和可选的非常奇怪。。。我猜你们称之为可选的东西并不是真正编码为可选的,那么在部署过程中它们会被省略吗?我无法理解您的句子使默认值发挥作用,因为您没有设置它们。已经发生的事情是模块希望我输入参数的所有值,包括必需值和可选值。@Bater55默认值意味着您在部署它时不输入值。这是Terraform一直使用的方式。但它们都是以默认值部署的,但我不希望它们被部署。@Bater55如果在部署后不进行设置,你怎么知道它没有设置它?当Terraform提供该属性时,它还具有默认值,因为您没有设置它。当您设置它时,它会根据您的需要进行操作。你认为Terraform会在设置和不设置之间为你提供多个模块吗?恐怕不行。非常感谢你的答复。事实上我做到了。我所做的是使用与此类似的解决方案,使用dynamic
块。