terraform - Terraform 动态块缺少参数或块定义
问题描述
我正在尝试使用一个dynamic块在一个资源中定义多个 ip_rules 和 virtual_network 异常。出于某种原因,当我尝试将变量用作for_each循环时,它会显示以下错误。
variable "vnet_subnet_ids" {
description = "List of strings that are VNet Subnet IDs to whitelist."
type = list(string)
default = [
"/subscriptions/${subscription_id}/resourceGroups/${rg_name}/providers/Microsoft.Network/virtualNetworks/nonprod-vnet-gp-kubernetes/subnets/pods_pub_subnet_01",
"/subscriptions/${subscription_id}/resourceGroups/${rg_name}/providers/Microsoft.Network/virtualNetworks/nonprod-vnet-gp-kubernetes/subnets/pods_pub_subnet_02",
]
sensitive = false
}
resource "azurerm_container_registry" "devops" {
name = var.acr_name
resource_group_name = var.rg_name
location = var.rg_location
sku = var.acr_sku
admin_enabled = false
georeplication_locations = var.acr_geo_rep_locations
network_rule_set {
default_action = "Deny"
dynamic "ip_rule" {
for_each = [1]
content {
action = "Allow"
ip_range = "xxx.xxx.xxx.xxx/32"
}
}
#dynamic "ip_rule" {
# for_each = var.acr_ip_rules
# content {
# action = "Allow"
# ip_range = ip_rule.value
# }
#}
dynamic "virtual_network" {
for_each = var.vnet_subnet_ids
content {
action = "Allow"
subnet_id = virtual_network.value
}
}
tags = var.company_tags
}
但是,我收到以下错误:
│ Error: Argument or block definition required
│
│ On ../../modules/azure/acr/main.tf line 41: An argument or block definition is required here.
╵
有ip_rule作品的部分,但virtual_network没有的部分。我不懂为什么。
解决方案
似乎有一个与此相关的开放错误。我目前无法对此进行测试,但请查看此变体是否适合您:
variable "acr_name" { default = "acr_name" }
variable "rg_location" { default = "rg_location" }
variable "acr_sku" { default = "acr_sku" }
variable "subscription_id" { default = "subscription_id" }
variable "rg_name" { default = "rg_name" }
variable "acr_geo_rep_locations" { default = "acr_geo_rep_locations" }
variable "company_tags" { default = "company_tags" }
variable "acr_ip_rules" { default = ["1", "2"]}
variable "vnet_subnet_ids" { default = ["1", "2"]}
terraform {
required_providers {
azurerm = {
source = "hashicorp/azurerm"
version = "=2.79.1"
}
}
}
provider "azurerm" {
features {}
}
locals {
allowed_ips = [for ip in var.acr_ip_rules : {
action = "Allow",
ip_range = ip
}]
allowed_virtual_networks = [for sub in var.vnet_subnet_ids : {
action = "Allow",
subnet_id = sub
}]
}
resource "azurerm_container_registry" "devops" {
name = var.acr_name
resource_group_name = var.rg_name
location = var.rg_location
sku = var.acr_sku
admin_enabled = false
georeplication_locations = var.acr_geo_rep_locations
network_rule_set {
default_action = "Deny"
ip_rule = local.allowed_ips
virtual_network = local.allowed_virtual_networks
}
tags = var.company_tags
}
推荐阅读
- sql - 返回计数值为 0 的 table_name 和 partition_name
- asp.net-core - 在 C# 中启动 2 个网络服务器
- python - 从 SmartSheet API 创建 Pandas DataFrame(嵌套、笨拙、JSON)
- ios - “可滚动内容大小与“ScrollView”不明确
- apache-kafka - 我们可以为生产者配置“delivery.timeout.ms”设置自定义值吗?
- python - 在 Python 中创建多项式类
- android - 如何以编程方式最小化 Android 上的通知
- python - Django - 试图将模型字段的实例传递给表单字段
- c# - 在 .NET 中使用 iText7 检查 PDF 中的复选框
- powershell - Delphi Tokyo 10.2 的 Powershell 静默/无人值守安装 - 用于在 win docker 容器中使用 CI