英文:
Terraform Nested For Loop on an Azure NSG Resource
问题
以下是您要翻译的内容:
Hi I have been trying to work out how to get this resource:
<!-- begin snippet: js hide: false console: true babel: false -->
<!-- language: lang-html -->
resource "azurerm_subnet_network_security_group_association" "example" {
subnet_id = azurerm_subnet.example.id
network_security_group_id = azurerm_network_security_group.example.id
}
<!-- end snippet -->
To step through my two maps one on NSGS and the other the subnets.
Here is the Subnet Resource Code:
<!-- begin snippet: js hide: false console: true babel: false -->
<!-- language: lang-html -->
resource "azurerm_subnet" "one_subnet" {
for_each = var.subnets
resource_group_name = data.azurerm_resource_group.one_rg.name
virtual_network_name = azurerm_virtual_network.one_vnet.name
name = each.value["name"]
address_prefixes = each.value["address_prefixes"]
}
<!-- end snippet -->
Subnet Variable File:
<!-- begin snippet: js hide: false console: true babel: false -->
<!-- language: lang-html -->
variable "subnets" {
type = map(any)
}
<!-- end snippet -->
Subnet TFVar
<!-- begin snippet: js hide: false console: true babel: false -->
<!-- language: lang-html -->
subnets = {
subnet_1 = {
name = "virtual-subnet"
address_prefixes = ["10.13.1.0/24"]
}
subnet_2 = {
name = "virtual-subnet"
address_prefixes = ["10.13.2.0/24"]
}
subnet_3 = {
name = "virtual-subnet"
address_prefixes = ["10.13.3.0/24"]
}
}
<!-- end snippet -->
NSG Code:
<!-- begin snippet: js hide: false console: true babel: false -->
<!-- language: lang-html -->
resource "azurerm_network_security_group" "one_nsgs" {
for_each = var.one_nsgs
name = each.value["name"]
location = data.azurerm_resource_group.one_rg.location
resource_group_name = data.azurerm_resource_group.one_rg.name
security_rule {}
}
<!-- end snippet -->
NSG Variable File
<!-- begin snippet: js hide: false console: true babel: false -->
<!-- language: lang-html -->
variable "one_nsgs" {
type = map(any)
}
<!-- end snippet -->
NSG Tfvars
<!-- begin snippet: js hide: false console: true babel: false -->
<!-- language: lang-html -->
one_nsgs = {
devwebnsg = {
name = "DevWebNSG"
}
devapinsg = {
name = "DevApiNSG"
}
devjobsnsg = {
name = "DevNSG"
}
}
<!-- end snippet -->
I have tried combining two of the variable maps into a nested map in my locals file and then passing that to the binding NSG resource. But what happens is the Binding NSG Resource wants the id of the resources not the names, which only happens through passing the resource block into the NSG bind resource.
I have also tried this on the NSG Binding Resource:
<!-- begin snippet: js hide: false console: true babel: false -->
<!-- language: lang-html -->
resource "azurerm_subnet_network_security_group_association" "bind_nsg_to_subnet" {
for_each = { for entry in local.combined_nsg_and_subnet: "${entry.subnet}.${entry.nsg}" => entry }
subnet_id = each.value.subnet.id
network_security_group_id = each.value.nsg.id
}
<!-- end snippet -->
This looks at my Locals file map
<!-- begin snippet: js hide: false console: true babel: false -->
<!-- language: lang-html -->
Nested loop over both lists, and flatten the result.
combined_nsg_and_subnet = distinct(flatten([
for subnet in var.subnets["name"] : [
for nsg in var.one_nsgs["name"] : {
subnet = subnet
nsg = nsg
}
]
]))
<!-- end snippet -->
But the Id of the resource is not passed in this way.
英文:
Hi I have been trying to work out how to get this resource:
<!-- begin snippet: js hide: false console: true babel: false -->
<!-- language: lang-html -->
resource "azurerm_subnet_network_security_group_association" "example" {
subnet_id = azurerm_subnet.example.id
network_security_group_id = azurerm_network_security_group.example.id
}
<!-- end snippet -->
To step through my two maps one on NSGS and the other the subnets.
Here is the Subnet Resource Code:
<!-- begin snippet: js hide: false console: true babel: false -->
<!-- language: lang-html -->
resource "azurerm_subnet" "one_subnet" {
for_each = var.subnets
resource_group_name = data.azurerm_resource_group.one_rg.name
virtual_network_name = azurerm_virtual_network.one_vnet.name
name = each.value["name"]
address_prefixes = each.value["address_prefixes"]
}
<!-- end snippet -->
Subnet Variable File:
<!-- begin snippet: js hide: false console: true babel: false -->
<!-- language: lang-html -->
variable "subnets" {
type = map(any)
}
<!-- end snippet -->
Subnet TFVar
<!-- begin snippet: js hide: false console: true babel: false -->
<!-- language: lang-html -->
subnets = {
subnet_1 = {
name = "virtual-subnet"
address_prefixes = ["10.13.1.0/24"]
}
subnet_2 = {
name = "virtual-subnet"
address_prefixes = ["10.13.2.0/24"]
}
subnet_3 = {
name = "virtual-subnet"
address_prefixes = ["10.13.3.0/24"]
}
}
<!-- end snippet -->
NSG Code:
<!-- begin snippet: js hide: false console: true babel: false -->
<!-- language: lang-html -->
resource "azurerm_network_security_group" "one_nsgs" {
for_each = var.one_nsgs
name = each.value["name"]
location = data.azurerm_resource_group.one_rg.location
resource_group_name = data.azurerm_resource_group.one_rg.name
security_rule {}
}
<!-- end snippet -->
NSG Variable File
<!-- begin snippet: js hide: false console: true babel: false -->
<!-- language: lang-html -->
variable "one_nsgs" {
type = map(any)
}
<!-- end snippet -->
NSG Tfvars
<!-- begin snippet: js hide: false console: true babel: false -->
<!-- language: lang-html -->
one_nsgs = {
devwebnsg = {
name = "DevWebNSG"
}
devapinsg = {
name = "DevApiNSG"
}
devjobsnsg = {
name = "DevNSG"
}
}
<!-- end snippet -->
I have tried combining two of the variable maps into a nested map in my locals file and then passing that to the binding NSG resource. But what happens is the Binding NSG Resource wants the id of the resources not the names, which only happens through passing the resource block into the NSG bind resource.
I have also tried this on the NSG Binding Resource:
<!-- begin snippet: js hide: false console: true babel: false -->
<!-- language: lang-html -->
resource "azurerm_subnet_network_security_group_association" "bind_nsg_to_subnet" {
for_each = { for entry in local.combined_nsg_and_subnet: "${entry.subnet}.${entry.nsg}" => entry }
subnet_id = each.value.subnet.id
network_security_group_id = each.value.nsg.id
}
<!-- end snippet -->
This looks at my Locals file map
<!-- begin snippet: js hide: false console: true babel: false -->
<!-- language: lang-html -->
# Nested loop over both lists, and flatten the result.
combined_nsg_and_subnet = distinct(flatten([
for subnet in var.subnets["name"] : [
for nsg in var.one_nsgs["name"] : {
subnet = subnet
nsg = nsg
}
]
]))
<!-- end snippet -->
But the Id of the resource is not passed in this way.
答案1
得分: 1
如果您真的想要将azurerm_subnet和azurerm_network_security_group组合在一个本地映射中,并将其用于ID,您需要使用资源属性,而不是变量。
例如:
combined_nsg_and_subnet = flatten([
for subnet in azurerm_subnet.one_subnet : [
for nsg in azurerm_network_security_group.one_nsgs : {
subnet_id = subnet.id
nsg_id = nsg.id
}
]
])
resource "azurerm_subnet_network_security_group_association" "bind_nsg_to_subnet" {
for_each = { for entry in local.combined_nsg_and_subnet: "${entry.subnet_id}.${entry.nsg_id}" => entry }
subnet_id = each.value.subnet_id
network_security_group_id = each.value.nsg_id
}
英文:
If you really want to combine both azurerm_subnet and azurerm_network_security_group in a local map and use it for ID, you have to do using resource attributes which will have ID, instead of variables.
For example:
combined_nsg_and_subnet = flatten([
for subnet in azurerm_subnet.one_subnet : [
for nsg in azurerm_network_security_group.one_nsgs : {
subnet_id = subnet.id
nsg_id = nsg.id
}
]
])
resource "azurerm_subnet_network_security_group_association" "bind_nsg_to_subnet" {
for_each = { for entry in local.combined_nsg_and_subnet: "${entry.subnet_id}.${entry.nsg_id}" => entry }
subnet_id = each.value.subnet_id
network_security_group_id = each.value.nsg_id
}
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论