迭代地图列表的列表

tag-icon tag-icon terraform
迭代地图列表的列表

我正在尝试从我的证​​书中添加 route53 记录以进行验证,但无法正常工作。我无法获取正确的信息。以下是一个例子。

variable "my_certificates" {
  default = [
    {
      zone      = "aws.example.com"
      zone_id   = "ZXXXXXXXXXXXXX"
      name      = "aws.example.com"
      alt_names = "*.example.com,*.aws.example.com"
    },
    {
      zone      = "aws.example.net"
      zone_id   = "ZXXXXXXXXXXXXY"
      name      = "aws.example.net"
      alt_names = "*.aws.example.net"
    },
  ]
}

variable "certificate_domains_count" {
  default = 5
}

resource "aws_acm_certificate" "my_certificates" {
  count = "${length(var.my_certificates)}"

  domain_name               = "${lookup(var.my_certificates[count.index], "name")}"
  subject_alternative_names = "${split(",", lookup(var.my_certificates[count.index], "alt_names"))}"
  validation_method         = "DNS"
}

resource "aws_route53_record" "certificates_validation_records" {
  # Can't count on computed, use static.
  #count = "${length(aws_acm_certificate.certificates.domain_validation_options)}"
  count = "${var.certificate_domains_count}"

  zone_id = "${lookup(var.my_certificates[count.index], "zone_id")}"
  # Problem with the following 3 lines.
  # I'm stuck.
  name = "${lookup(aws_acm_certificate.my_certificates.*.domain_validation_options[count.index], "resource_record_name")}"

  type    = "${lookup(aws_acm_certificate.my_certificates.*.domain_validation_options[count.index], "resource_record_type")}"
  records = ["${lookup(aws_acm_certificate.my_certificates.*.domain_validation_options[count.index], "resource_record_value")}"]
  ttl     = 60
}

我的问题是这样一行:

"${lookup(aws_acm_certificate.my_certificates.*.domain_validation_options[count.index], "resource_record_name")}"

我找不到一种方法来循环遍历 my_certificates 数组,同时访问数组元素内的映射值

答案1

在 terraform 12 语法中使用 for_each 可以更轻松地完成这些事情。请注意,我确实将变量切换为映射而不是列表。

variable "my_certificates" {
  default = {
    "aws.example.com" = {
      zone      = "aws.example.com"
      zone_id   = "ZXXXXXXXXXXXXX"
      name      = "aws.example.com"
      alt_names = "*.example.com,*.aws.example.com"
    },
    "aws.example.net" = {
      zone      = "aws.example.net"
      zone_id   = "ZXXXXXXXXXXXXY"
      name      = "aws.example.net"
      alt_names = "*.aws.example.net"
    },
  }
}

variable "certificate_domains_count" {
  default = 5
}

resource "aws_acm_certificate" "my_certificates" {
  for_each = var.my_certificates

  domain_name               = each.key
  subject_alternative_names = split(",", each.value.alt_names)
  validation_method         = "DNS"
}

resource "aws_route53_record" "certificates_validation_records" {
  for_each = var.my_certificates

  zone_id = each.value.zone_id
  name    = aws_acm_certificate.my_certificates[each.key].domain_validation_options.0.resource_record_name

  type    = aws_acm_certificate.my_certificates[each.key].domain_validation_options.0.resource_record_type
  records = [aws_acm_certificate.my_certificates[each.key].domain_validation_options.0.resource_record_value]
  ttl     = 60
}

相关内容