terraform - 如何跳过使用 Terraform 配置资源的某些部分
问题描述
# main.tf
resource "azurerm_api_management" "apim_demo" {
name = var.apim_instance_name
location = azurerm_resource_group.apim_rg.location
resource_group_name = azurerm_resource_group.apim_rg.name
publisher_name = var.apim_publisher_name
publisher_email = var.apim_publisher_email
sku_name = var.apim_sku_name
identity {
type = "SystemAssigned"
}
hostname_configuration {
proxy {
default_ssl_binding = true
host_name = "qtech"
key_vault_id = "https://ssl-key-test789.vault.azure.net/secrets/my-ssl-certificate"
negotiate_client_certificate = true
}
proxy {
default_ssl_binding = false
host_name = "ftech"
key_vault_id = "https://ssl-key-test789.vault.azure.net/secrets/my-ssl-certificate2"
negotiate_client_certificate = true
#custom = var.custom_block
#count = var.test_condition ? 1 : 0
}
}
}
# variables.tf
variable "apim_instance_name" {}
variable "apim_publisher_name" {}
variable "apim_publisher_email" {}
variable "apim_sku_name" {}
variable "tenant_id" {
# description "Enter Tenant ID"
}
variable "client_id" {
# description "Enter Tenant ID"
}
variable "subscription_id" {
# description "Enter Subscription ID"
}
variable "client_secret" {
# description "Enter client secret"
}
variable "apim_resource_group_name" {
# description "RG-2"
}
variable "apim_location" {
type = map(any)
default = {
location1 = "eastus"
location2 = "westus"
}
}
#variable "subnets" {
# type = "list"
# default = ["10.0.1.0/24", "10.0.2.0/24"]
#}
variable "test_condition" {
type = bool
default = true
}
variable "custom_block" {
default = null
}
从上面的 terraform 代码中,我想避免/跳过资源的以下(第二个代理块)部分被配置
proxy {
default_ssl_binding = false
host_name = "ftech"
key_vault_id = "https://ssl-key-test789.vault.azure.net/secrets/my-ssl-certificate2"
negotiate_client_certificate = true
# custom = var.custom_block
# count = var.test_condition ? 1 : 0
}
我确实尝试使用计数逻辑来避免,但我想它会在完整的资源块上工作,而不是在资源块的某个部分。无论如何,我使用计数逻辑收到以下错误
Error: Unsupported argument
│
│ on apim-instance.tf line 35, in resource "azurerm_api_management" "apim_demo":
│ 35: count = var.test_condition ? 1 : 0
│
│ An argument named "count" is not expected here.
╵
我也尝试使用空逻辑来避免,但我想它也适用于完整的资源块,而不是资源块的某个部分。无论如何,我使用空逻辑得到了以下错误。
│ Error: Unsupported argument
│
│ on apim-instance.tf line 34, in resource "azurerm_api_management" "apim_demo":
│ 34: custom = var.custom_block
│
│ An argument named "custom" is not expected here.
╵
解决方案
使用动态块。它将解决您的查询。
https://www.terraform.io/docs/language/expressions/dynamic-blocks.html
variable "proxy" {
type = any
default = [
{
default_ssl_binding = true
host_name = "qtech"
key_vault_id = "https://ssl-key-test789.vault.azure.net/secrets/my-ssl-certificate"
negotiate_client_certificate = true
}
{
default_ssl_binding = true
host_name = "qtech"
key_vault_id = "https://ssl-key-test789.vault.azure.net/secrets/my-ssl-certificate"
negotiate_client_certificate = true
}
]
}
像下面这样使用。
hostname_configuration {
dynamic "proxy" {
for_each = var.proxy
content {
default_ssl_binding = proxy.value.default_ssl_binding
host_name = proxy.value.host_name
key_vault_id = proxy.value.key_vault_id
negotiate_client_certificate = proxy.value.negotiate_client_certificate
}
}
}
推荐阅读
- c - bash - 像 C 一样的函数声明?
- c# - 通过 web api 上传文件,文件以 byte[] 形式发送
- powershell - AzureDevOps Powershell 任务命令行参数未在 Powershell 脚本中正确呈现
- network-programming - ESP32 全 WiFi 网状网络
- c# - 如何取消 _doPostBack
- linker - 为什么不能将 R_X86_64_PC32 与共享库一起使用
- c# - 如何在 ASP.NET MVC 中添加下拉列表
- php - PHP 将我的函数视为未定义(oop)给出致命错误
- php - 防止 Guzzle 使用流明响应返回文本/html 响应
- python - Python 字典列表聚合值