长期潜伏者第一次张贴海报
寻求你们所有人的一些指导。我试图复制aws命令来获取参数(ssm get-parameters-by-path),然后遍历参数并获取它们然后循环并将它们放入一个新参数(ssm put-parameter)
我知道在TF中有一个for循环表达式,但是对于我的生命,我不能把我如何实现这一点放在一起。所以多亏了下面的精彩分析,我离目标更近了!但是有一个问题。下列代码:
provider "aws" {
region = "us-east-1"
}
data "aws_ssm_parameters_by_path" "parameters" {
path = "/${var.old_env}"
recursive = true
}
output "old_params_by_path" {
value = data.aws_ssm_parameters_by_path.parameters
sensitive = true
}
locals {
names = toset(data.aws_ssm_parameters_by_path.parameters.names)
}
data "aws_ssm_parameter" "old_param_name" {
for_each = local.names
name = each.key
}
output "old_params_names" {
value = data.aws_ssm_parameter.old_param_name
sensitive = true
}
resource "aws_ssm_parameter" "new_params" {
for_each = local.names
name = replace(data.aws_ssm_parameter.old_param_name[each.key].name, var.old_env, var.new_env)
type = data.aws_ssm_parameter.old_param_name[each.key].type
value = data.aws_ssm_parameter.old_param_name[each.key].value
}
我有另一个文件,如如何帮助海报提到并创建初始数据集。但有趣的是,当你在第二个集合之后创建这个集合时,它会覆盖第一个集合!我的想法是,我将能够告诉terraform,我有这个当前的SSM参数集,我希望你复制该信息(值,类型)并创建一个全新的参数集(而不是破坏任何已经存在的东西)。
任何和所有的帮助将不胜感激!
我明白,一开始并不容易。我将逐步详细说明我是如何做到这一点的。
无论如何,包含你之前尝试过的任何代码都是很好的,即使它不起作用。
因此,首先我创建了一些示例参数:# create_parameters.tf
resource "aws_ssm_parameter" "p" {
count = 3
name = "/test/${count.index}/p${count.index}"
type = "String"
value = "test-${count.index}"
}
然后我试着查看它们:
# example.tf
data "aws_ssm_parameters_by_path" "parameters" {
path = "/test/"
recursive = true
}
output "params_by_path" {
value = data.aws_ssm_parameters_by_path.parameters
sensitive = true
}
作为我收到的输出:terraform output params_by_path
{
"arns" = tolist([
"arn:aws:ssm:eu-central-1:999999999999:parameter/test/0/p0",
"arn:aws:ssm:eu-central-1:999999999999:parameter/test/1/p1",
"arn:aws:ssm:eu-central-1:999999999999:parameter/test/2/p2",
])
"id" = "/test/"
"names" = tolist([
"/test/0/p0",
"/test/1/p1",
"/test/2/p2",
])
"path" = "/test/"
"recursive" = true
"types" = tolist([
"String",
"String",
"String",
])
"values" = tolist([
"test-0",
"test-1",
"test-2",
])
"with_decryption" = true
}
如果没有额外的处理,aws_ssm_parameters_by_path是不可用的,所以我们需要使用另一个数据源,为所提供的参数的副本获得合适的对象。在文档中我找到了aws_ssm_parameter。但是,要使用它,我需要参数的全名。
在上一阶段检索到的参数名列表,因此现在只需要遍历它们:
# example.tf
locals {
names = toset(data.aws_ssm_parameters_by_path.parameters.names)
}
data "aws_ssm_parameter" "param" {
for_each = local.names
name = each.key
}
output "params" {
value = data.aws_ssm_parameter.param
sensitive = true
}
结果,我得到:terraform output params
{
"/test/0/p0" = {
"arn" = "arn:aws:ssm:eu-central-1:999999999999:parameter/test/0/p0"
"id" = "/test/0/p0"
"name" = "/test/0/p0"
"type" = "String"
"value" = "test-0"
"version" = 1
"with_decryption" = true
}
"/test/1/p1" = {
"arn" = "arn:aws:ssm:eu-central-1:999999999999:parameter/test/1/p1"
"id" = "/test/1/p1"
"name" = "/test/1/p1"
"type" = "String"
"value" = "test-1"
"version" = 1
"with_decryption" = true
}
"/test/2/p2" = {
"arn" = "arn:aws:ssm:eu-central-1:999999999999:parameter/test/2/p2"
"id" = "/test/2/p2"
"name" = "/test/2/p2"
"type" = "String"
"value" = "test-2"
"version" = 1
"with_decryption" = true
}
}
每个参数对象都已被检索,因此现在可以创建新参数了——可以这样做:
# example.tf
resource "aws_ssm_parameter" "new_param" {
for_each = local.names
name = "/new_path${data.aws_ssm_parameter.param[each.key].name}"
type = data.aws_ssm_parameter.param[each.key].type
value = data.aws_ssm_parameter.param[each.key].value
}