英文:
Terraform: If duplicates are expected, use the ellipsis (...) after the value expression
问题
我正在使用Terraform来创建AWS WAF Web_ACL和ALB之间的关联。我们有两个名为"internal"和"external"的web_acl。我们有三个名为"1"、"2"和"3"的ALB。现在我想将web_acl "internal"与ALB "1"关联,将"external"与ALB "2"和"3"关联。
这是我用于关联的代码。
resource "aws_wafv2_web_acl_association" "example" {
for_each = { for web_acl in var.web_acl : web_acl.name => web_acl }
resource_arn = aws_alb.example[each.value.alb].arn
web_acl_arn = aws_wafv2_web_acl.example[each.value.name].arn
}
这是example.tfvars中var.web_acl的定义。
web_acl = [
{
name = "internal"
ip_set = "internal"
alb = "1"
action = "BLOCK"
},
{
name = "external"
ip_set = "external"
alb = "2"
action = "ALLOW"
},
{
name = "external"
ip_set = "external"
alb = "3"
action = "ALLOW"
}
]
错误消息是"在此 'for' 表达式中生成了两个不同的项目的键 "external"。如果期望重复项,请在值表达式之后使用省略号 (...) 启用按键分组。
基本上,我想将两个ALB与一个web_acl关联起来。我尝试在for循环的末尾添加"...",就像这样:"for_each = { for web_acl in var.web_acl : web_acl.name => web_acl... }"。但这没有起作用。
请问您如何解决这个问题?任何帮助将不胜感激。谢谢。
英文:
I'm using Terraform to create association between AWS WAF Web_ACL and ALBs.
We have two web_acl called "internal" and "external". We have three ALBs called "1", "2" and "3".
Now I want to associate web_acl "internal" with ALB "1", "external" with ALB "2" and "3".
Here's my code for the association.
resource "aws_wafv2_web_acl_association" "example" {
for_each = { for web_acl in var.web_acl : web_acl.name => web_acl }
resource_arn = aws_alb.example[each.value.alb].arn
web_acl_arn = aws_wafv2_web_acl.example[each.value.name].arn
}
Here's the definition of var.web_acl in example.tfvars.
web_acl = [
{
name = "internal"
ip_set = "internal"
alb = "1"
action = "BLOCK"
},
{
name = "external"
ip_set = "external"
alb = "2"
action = "ALLOW"
},
{
name = "external"
ip_set = "external"
alb = "3"
action = "ALLOW"
}
]
The error is "Two different items produced the key "external" in this 'for' expression. If duplicates are expected, use the ellipsis (...) after the value expression to enable grouping by key.
Basically, I wanted to associate two ALB with one web_acl. I've tried to add "..." to the end of the for loop like "for_each = { for web_acl in var.web_acl : web_acl.name => web_acl... }". But it didn't work.
Could you please advise how to solve this? Any help will be appreciated.
Thanks.
答案1
得分: 0
关于 for_each 的规则是,你必须为你打算声明的每个资源实例在映射中有一个元素。关于映射的规则是,键必须是唯一的。因此,为了使这个工作,你需要构建一个映射,其键对于你想要声明的所有实例都是唯一的。
根据你的描述,似乎你需要将 name 和 alb 结合在一起,以使最终的键唯一,因为你说你希望能够关联相同 name 的两个 ALB。
为了实现这一点,你可以更改你的 for 表达式的键构建部分,以生成一个包含使其唯一所需的两个值的键:
for_each = {
for web_acl in var.web_acl :
"${web_acl.name}:${web_acl.alb}" => web_acl
}
上面的代码将生成类似于这样的键,因此应该都是唯一的:
internal:1external:2external:3
我选择用冒号分隔两个部分纯属任意。只要它包含使每个键唯一所需的两个值,你可以使用你找到直观的任何字符串格式。
英文:
The rule for for_each is that you must have one element in the map for each resource instance you intend to declare. The rule for maps is that keys must be unique. Therefore for this to work you need to build a map whose keys are unique for all instances that you want to declare.
From what you've described it seems like you would need to combine name and alb together to make the final keys unique, since you've said that you want to be able to have two ALBs associated with the same name.
To achieve that you can change the key-building part of your for expression to produce a key that includes both values needed to make it unique:
for_each = {
for web_acl in var.web_acl :
"${web_acl.name}:${web_acl.alb}" => web_acl
}
The above will generate keys like this, which should therefore all be unique:
internal:1external:2external:3
My choice to separate the two parts with a colon was arbitrary. You can use whatever string format you find intuitive as long as it includes both of the values needed to make each key unique.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论