英文:
Terragrunt - make dynamic group optional
问题
我正在使用Okta提供程序来创建okta_app_oauth和okta_app_group_assignments。我的模块如下所示:
resource "okta_app_oauth" "app" {
label = var.label
type = var.type
grant_types = var.grant_types
redirect_uris = var.type != "service" ? var.redirect_uris : null
response_types = var.response_types
login_mode = var.login_mode
login_uri = var.login_uri
post_logout_redirect_uris = var.post_logout_redirect_uris
consent_method = var.consent_method
token_endpoint_auth_method = var.token_endpoint_auth_method
pkce_required = var.token_endpoint_auth_method == "none" ? true : var.pkce_required
lifecycle {
ignore_changes = [
client_basic_secret, groups
]
}
}
resource "okta_app_group_assignments" "app" {
app_id = okta_app_oauth.app.id
dynamic "group" {
for_each = var.app_groups
content {
id = group.value["id"]
priority = group.value["priority"]
}
}
}
当我将组分配给应用程序时,它可以正常工作,但是当我不想分配组时,我会收到错误:
│ Error: Invalid index
│
│ on main.tf line 26, in resource "okta_app_group_assignments" "app":
│ 26: id = group.value["id"]
│ ├────────────────
│ │ group.value is empty map of dynamic
│
│ The given key does not identify an element in this collection value.
另外,我的app_groups 变量看起来像这样:
variable "app_groups" {
description = "Groups assigned to app"
type = list(map(any))
default = [{}]
}
我尝试使用 lookup(group, "priority", null),但它没有解决我的问题。有人可以帮助我解决这个问题吗?
英文:
I'm using Okta provider to create okta_app_oauth and okta_app_group_assignments. My module looks like:
resource "okta_app_oauth" "app" {
label = var.label
type = var.type
grant_types = var.grant_types
redirect_uris = var.type != "service" ? var.redirect_uris : null
response_types = var.response_types
login_mode = var.login_mode
login_uri = var.login_uri
post_logout_redirect_uris = var.post_logout_redirect_uris
consent_method = var.consent_method
token_endpoint_auth_method = var.token_endpoint_auth_method
pkce_required = var.token_endpoint_auth_method == "none" ? true : var.pkce_required
lifecycle {
ignore_changes = [
client_basic_secret, groups
]
}
}
resource "okta_app_group_assignments" "app" {
app_id = okta_app_oauth.app.id
dynamic "group" {
for_each = var.app_groups
content {
id = group.value["id"]
priority = group.value["priority"]
}
}
}
And it works when I assign groups to application, but when I don't want to assign groups, I get error:
│ Error: Invalid index
│
│ on main.tf line 26, in resource "okta_app_group_assignments" "app":
│ 26: id = group.value["id"]
│ ├────────────────
│ │ group.value is empty map of dynamic
│
│ The given key does not identify an element in this collection value.
in addition, my app_groups variable looks like:
variable "app_groups" {
description = "Groups assigned to app"
type = list(map(any))
default = [{}]
}
I was trying to use lookup(group, "priority", null), but it wasn't resolving my problem. Can somebody help me with solving this?
答案1
得分: 1
你可以按如下方式使该块变为可选项:
dynamic "group" {
for_each = length(var.app_groups) > 0 ? var.app_groups : []
content {
id = group.value["id"]
priority = group.value["priority"]
}
}
此外,你的 app_groups 的 default 值应该是:
variable "app_groups" {
description = "分配给应用的组"
type = list(map(any))
default = []
}
英文:
You can make the block optional as follows:
dynamic "group" {
for_each = length(var.app_groups) > 0 : var.app_groups : []
content {
id = group.value["id"]
priority = group.value["priority"]
}
}
also your default value for app_groups should be:
variable "app_groups" {
description = "Groups assigned to app"
type = list(map(any))
default = []
}
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论