azure - Terraform 映射并将值传递给模块
问题描述
我正在为 AD 组和组分配创建模块,需要帮助将 group_ids 与其他 member_ids 一起分配,其中两个值都在模块内传递。
在环境中:var.tf
variable "azuread_group_name" {
type = map(object({
display_name = string
description = string
}))
default = {
"Group1" = {
display_name = "Group1"
description = ""
}
"Group2" = {
display_name = "Group2"
description = ""
}
"Group3" = {
display_name = "Group3"
description = "Desc of group 3"
}
"Group4" = {
display_name = "Group4"
description = "Desc of group 4"
}
"Group5" = {
display_name = "Group5"
description = "Desc of group5"
}
}
}
在模块中:main.tf
resource "azuread_group" "azuread_group_name" {
for_each = var.azuread_group_name
display_name = each.value.display_name
description = each.value.description
}
#Need help here to get values back
resource "azuread_group_member" "example" {
for_each: something to loop through local.project
group_object_id = read each value of azuread_group_object_id
member_object_id = read each value of azuread_member_object_id
}
保存上面创建的每个组的输出:output.tf
output adgroup_id {
value = azuread_group.azuread_group_name
}
能够读取每个对象 id 的输出值,但在 module/main.tf 中进行组分配:
resource "azuread_group_member" "example" {
group_object_id = azuread_group.example.id
member_object_id = data.azuread_user.example.id
}
基本上:我将在 local.tf 中有一个类似这样的列表:
project = {
first = {
"azuread_group_object_id" = [
module.main.adgroup_id["Group1"].id
],
"azuread_member_object_id" = [
module.main.adgroup_id["Group2"].id,
module.main.adgroup_id["Group3"].id,
module.main.adgroup_id["Group4"].id,
]
}
second = {
"azuread_group_object_id" = [
module.main.adgroup_id["Group2"].id,
module.main.adgroup_id["Group3"].id,
],
"azuread_member_object_id" = [
module.main.adgroup_id["Group4"].id
module.main.adgroup_id["Group5"].id
]
}
}
并且需要传递个人 id 以便它可以将 group_object_id 分配给 member_object_id 示例:首先采用所有可能的选项,然后在第二个中采用所有可能的选项。
首先:
1. group_object_id -> module.main.adgroup_id["Group1"].id
member_object_id -> module.main.adgroup_id["Group2"].id
2. group_object_id -> module.main.adgroup_id["Group1"].id
member_object_id -> module.main.adgroup_id["Group3"].id
3. group_object_id -> module.main.adgroup_id["Group1"].id
member_object_id -> module.main.adgroup_id["Group4"].id
第二:
4. group_object_id -> module.main.adgroup_id["Group2"].id
member_object_id -> module.main.adgroup_id["Group4"].id
5. group_object_id -> module.main.adgroup_id["Group2"].id
member_object_id -> module.main.adgroup_id["Group5"].id
6. group_object_id -> module.main.adgroup_id["Group3"].id
member_object_id -> module.main.adgroup_id["Group4"].id
7. group_object_id -> module.main.adgroup_id["Group3"].id
member_object_id -> module.main.adgroup_id["Group5"].id
有人可以帮忙吗
解决方案
您可以按如下方式执行此操作(我将您的模块变量设为字符串,以便运行代码):
locals {
project = {
first = {
"azuread_group_object_id" = [
"module.main.adgroup_id[Group1].id"
],
"azuread_member_object_id" = [
"module.main.adgroup_id[Group2].id",
"module.main.adgroup_id[Group3].id",
"module.main.adgroup_id[Group4].id"
]
}
second = {
"azuread_group_object_id" = [
"module.main.adgroup_id[Group2].id",
"module.main.adgroup_id[Group3].id",
],
"azuread_member_object_id" = [
"module.main.adgroup_id[Group4].id",
"module.main.adgroup_id[Group5].id"
]
}
}
reshaped = {
for k,v in local.project:
k => setproduct(v["azuread_group_object_id"], v["azuread_member_object_id"])
}
}
output "test" {
value = local.reshaped
}
给出:
test = {
"first" = tolist([
[
"module.main.adgroup_id[Group1].id",
"module.main.adgroup_id[Group2].id",
],
[
"module.main.adgroup_id[Group1].id",
"module.main.adgroup_id[Group3].id",
],
[
"module.main.adgroup_id[Group1].id",
"module.main.adgroup_id[Group4].id",
],
])
"second" = tolist([
[
"module.main.adgroup_id[Group2].id",
"module.main.adgroup_id[Group4].id",
],
[
"module.main.adgroup_id[Group2].id",
"module.main.adgroup_id[Group5].id",
],
[
"module.main.adgroup_id[Group3].id",
"module.main.adgroup_id[Group4].id",
],
[
"module.main.adgroup_id[Group3].id",
"module.main.adgroup_id[Group5].id",
],
])
}
或者,如果您想连接所有内容(点很重要,请不要删除它们):
output "test" {
value = concat(values(local.reshaped)...)
}
这使:
test = tolist([
[
"module.main.adgroup_id[Group1].id",
"module.main.adgroup_id[Group2].id",
],
[
"module.main.adgroup_id[Group1].id",
"module.main.adgroup_id[Group3].id",
],
[
"module.main.adgroup_id[Group1].id",
"module.main.adgroup_id[Group4].id",
],
[
"module.main.adgroup_id[Group2].id",
"module.main.adgroup_id[Group4].id",
],
[
"module.main.adgroup_id[Group2].id",
"module.main.adgroup_id[Group5].id",
],
[
"module.main.adgroup_id[Group3].id",
"module.main.adgroup_id[Group4].id",
],
[
"module.main.adgroup_id[Group3].id",
"module.main.adgroup_id[Group5].id",
],
])
推荐阅读
- reactjs - 如何使用 Webpack 构建显示 console.logs?
- aws-codebuild - 无法更新 CodeBuild 中的服务角色,出现错误“该策略未附加到角色”
- java - 可选的 Spring web NullPointer 异常
- javascript - 如何在javascript中附加孩子的孩子?
- java - 如何在 AWS Lambda Java 代码中启用断言?
- c# - 如何使用 C# 代码中的产品代码或通过命令行卸载程序
- c - OpenMP 中的多个函数与 C
- javascript - 公共 LinkedIn 页面需要在 Puppeteer 中进行身份验证,但在 Chromium/Chrome 中手动粘贴 url 时不需要
- java - 来自文本文件的二维数组
- ios - 将数据从 ViewController 传递到 SwiftUI View