terraform如何使用条件if in for_将每个对象映射到地图对象中
我有这样的变量映射: users.tfvarsterraform如何使用条件if in for_将每个对象映射到地图对象中,terraform,Terraform,我有这样的变量映射: users.tfvars users = { "testterform" = { path = "/" force_destroy = true email_address = "testterform@example.com" group_memberships = [ "test1" ] tags = { department :
users = {
"testterform" = {
path = "/"
force_destroy = true
email_address = "testterform@example.com"
group_memberships = [ "test1" ]
tags = { department : "test" }
ssh_public_key = "ssh-rsa AAAAB3NzaC1yc2EAAA4l7"
}
"testterform2" = {
path = "/"
force_destroy = true
email_address = "testterform2@example.com"
group_memberships = [ "test1" ]
tags = { department : "test" }
ssh_public_key = ""
}
我只想在用户的ssh\u public\u key
不为空时上载ssh密钥。但我不知道如何检查这个
#main.tf
您可以使用for循环排除这些空格。
例如,您可以在本地执行此操作:
variable "users" {
default = {
"testterform" = {
path = "/"
force_destroy = true
tags = { department : "test" }
ssh_public_key = "ssh-rsa AAAAB3NzaC1yc2EAAA4l7"
}
"testterform2" = {
path = "/"
force_destroy = true
tags = { department : "test" }
ssh_public_key = ""
}
}
}
locals {
public_key = flatten([
for key, value in var.users :
value.ssh_public_key if ! contains([""], value.ssh_public_key)
])
}
output "myout" {
value = local.public_key
}
这将产生:
myout = [
"ssh-rsa AAAAB3NzaC1yc2EAAA4l7",
]
如您所见,空的内容已被删除,您可以在包含数组的内容中添加其他要排除的内容。然后您可以在
for_each
中为您的ssh密钥使用local.public_密钥
,听起来您需要的是一个派生的“具有非空ssh密钥的用户”映射。可以使用的if
子句从现有集合派生新集合,同时过滤掉一些元素:
resource "aws_iam_user_ssh_key" "this" {
for_each = {
for name, user in var.users : name => user
if user.ssh_public_key != ""
}
username = each.key
encoding = "SSH"
public_key = each.value.ssh_public_key
depends_on = [aws_iam_user.this]
}
这里的派生映射使用与原始
var.users
相同的键和值,但只是缺少其中一些。这意味着each.key
结果将相互关联,因此您仍将获得与预期相同的username
值,并且您的实例将具有类似aws\u iam\u user\u ssh\u key的地址。这个[“testterform”]
不是我所需要的,但您给了我另一个案例的想法。谢谢。这个答案完全符合我的需要,谢谢。我们已经重新组织了表达式文档,使其不那么滚动。对于任何正在查看的人,表达式的新页面是。
resource "aws_iam_user_ssh_key" "this" {
for_each = {
for name, user in var.users : name => user
if user.ssh_public_key != ""
}
username = each.key
encoding = "SSH"
public_key = each.value.ssh_public_key
depends_on = [aws_iam_user.this]
}