时间戳

首页 > 解决方案 > Processing Terraform output to give a list

azure - Processing Terraform output to give a list

问题描述

I'm looking for a way to pull specific values out of a complex data structure in my Terraform output. The output looks like this:

user_assigned_identities = [
  {
    "storage-contributor" = {
      "client_id" = "xxxx-xxxxx-xxxxx-xxxxx"
      "id" = "/subscriptions/xxxx-xxxxx-xxxxx-xxxxx/resourcegroups/rg-mgmt-jenkins/providers/Microsoft.ManagedIdentity/userAssignedIdentities/test-identity-1"
      "location" = "uksouth"
      "name" = "test-identity-1"
      "principal_id" = "xxxx-xxxxx-xxxxx-xxxxx"
      "resource_group_name" = "rg-mgmt-jenkins"
      "tags" = {}
    }
    "test-identity" = {
      "client_id" = "187806c3-7676-4869-abb5-0121de175780"
      "id" = "/subscriptions/xxxx-xxxxx-xxxxx-xxxxx/resourcegroups/rg-mgmt-jenkins/providers/Microsoft.ManagedIdentity/userAssignedIdentities/test-identity-2"
      "location" = "uksouth"
      "name" = "test-identity-2"
      "principal_id" = "xxxx-xxxxx-xxxxx-xxxxx"
      "resource_group_name" = "rg-mgmt-jenkins"
      "tags" = {}
    }
  },
]

I would like to get output like:

identity_ids = [
  "/subscriptions/xxxx-xxxxx-xxxxx-xxxxx/resourcegroups/rg-mgmt-jenkins/providers/Microsoft.ManagedIdentity/userAssignedIdentities/test-identity-1"
  "/subscriptions/xxxx-xxxxx-xxxxx-xxxxx/resourcegroups/rg-mgmt-jenkins/providers/Microsoft.ManagedIdentity/userAssignedIdentities/test-identity-2"
]

...using local{} which I can then feed into the identity block of the VM or AKS configuration. I can't work out, though, how to do that using Terraform functions and expressions. I have managed it with jq:

[map(.[]) | .[].id]

标签: azureazure-active-directoryterraform

解决方案

假设您总是有一个只有 1 个元素的列表,然后将不同的身份作为映射中的键,那么您可以在列表中的第一个元素上使用for表达式,如下所示:

locals {
  user_assigned_identities = [
    {
      "storage-contributor" = {
        "client_id"           = "xxxx-xxxxx-xxxxx-xxxxx"
        "id"                  = "/subscriptions/xxxx-xxxxx-xxxxx-xxxxx/resourcegroups/rg-mgmt-jenkins/providers/Microsoft.ManagedIdentity/userAssignedIdentities/test-identity-1"
        "location"            = "uksouth"
        "name"                = "test-identity-1"
        "principal_id"        = "xxxx-xxxxx-xxxxx-xxxxx"
        "resource_group_name" = "rg-mgmt-jenkins"
        "tags"                = {}
      }
      "test-identity" = {
        "client_id"           = "187806c3-7676-4869-abb5-0121de175780"
        "id"                  = "/subscriptions/xxxx-xxxxx-xxxxx-xxxxx/resourcegroups/rg-mgmt-jenkins/providers/Microsoft.ManagedIdentity/userAssignedIdentities/test-identity-2"
        "location"            = "uksouth"
        "name"                = "test-identity-2"
        "principal_id"        = "xxxx-xxxxx-xxxxx-xxxxx"
        "resource_group_name" = "rg-mgmt-jenkins"
        "tags"                = {}
      }
    },
  ]
}

output "identity_ids" {
  value = [ for identity in local.user_assigned_identities[0] : identity.id ] 
}

输出以下内容:

identity_ids = [
  "/subscriptions/xxxx-xxxxx-xxxxx-xxxxx/resourcegroups/rg-mgmt-jenkins/providers/Microsoft.ManagedIdentity/userAssignedIdentities/test-identity-1",
  "/subscriptions/xxxx-xxxxx-xxxxx-xxxxx/resourcegroups/rg-mgmt-jenkins/providers/Microsoft.ManagedIdentity/userAssignedIdentities/test-identity-2",
]

推荐阅读