根据多个标签筛选 AWS Secrets Manager 数据源

huangapple go评论62阅读模式
英文:

Filter based on multiple tags in aws secretsmanager data source

问题

我需要获取数据块中的机密列表,我想要获取满足两个标签值,即ClusterID和provider的机密列表。
但当前行为是,我获取了与任何一个标签匹配的机密。
要求:我们希望机密匹配这两个标签才能获取

data "aws_secretsmanager_secrets" "fetch_secrets" {
  filter {
    name   = "tag-value"
    values = ["${var.ClusterID}","${var.provider}"]
  }
}
aws_secretsmanager_secrets 数据块**不接受**标签nameprefix或lifecycle块
英文:

I need to get list of secrets in data block , I want to get list of secrets which satisfy both tag value i,e ClusterID and provider.
But current behavior is I get secrets wherein if they match any one of the tag.
Required: we want secrets if they match both tags

data "aws_secretsmanager_secrets" "fetch_secrets" {

  filter {
    name   = "tag-value"
    values = ["${var.ClusterID}","${var.provider}"]
  }
}

aws_secretsmanager_secrets datablock doesn't accept tags , nameprefix , lifecycle block

答案1

得分: 2

在这种情况下,您需要为每个标签使用单独的“filter”块来确保交集,而不是并集:

data "aws_secretsmanager_secrets" "fetch_secrets" {
  filter {
    name   = "tag-value"
    values = [var.ClusterID]
  }

  filter {
    name   = "tag-value"
    values = [var.provider]
  }
}

“value”参数允许任何匹配,而过滤器组合要求匹配所有过滤器。

英文:

In this situation you would need a separate filter block for each tag to ensure an intersection, and not a union:

data "aws_secretsmanager_secrets" "fetch_secrets" {
  filter {
    name   = "tag-value"
    values = [var.ClusterID]
  }

  filter {
    name   = "tag-value"
    values = [var.provider]
  }
}

The value parameter allows any match, whereas the filters combine to mandate a match against all filters.

huangapple
  • 本文由 发表于 2023年7月13日 15:09:08
  • 转载请务必保留本文链接:https://go.coder-hub.com/76676765.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定