创建一个用于aws秘密创建的地形代码,我不确定应该使用哪种变量类型
在这个例子中我应该使用哪个变量类型?
主要。Tf包含此内容以提供
data "vault_generic_secret" "aws_secrets" {
for_each = var.aws_secrets
path = each.value.vault_path
}
resource "aws_secretsmanager_secret_version" "aws_secrets" {
for_each = var.aws_secrets
secret_id = aws_secretsmanager_secret.aws_secrets.id
secret_string = jsonencode(data.vault_generic_secret.aws_secrets[each.value.vault_field])
}
aws_secrets = [
{
aws_secret_id = "foo"
vault_path = "/path1"
vault_field = "foo"
},
{
aws_secret_id = "bar"
vault_path = "/path2"
vault_field = "bar"
}
]
哪个应该适合变量。tf?
variable "aws_secrets" {
type = list(
object({
aws_secret_id = string,
vault_path = string,
vault_field = string,
})
)
default = []
}
有了这个,我得到这个错误
The given "for_each" argument value is unsuitable: the "for_each" argument must be a map, or set of strings, and you have provided a value of type list of object.
或
与
aws_secrets = {
object = {
aws_secret_id = "foo"
vault_path = "/path1"
vault_field = "foo"
},
{
aws_secret_id = "bar"
vault_path = "/path2"
vault_field = "bar"
}
}
variable "aws_secrets" {
type = map(
object({
aws_secret_id = string,
vault_path = string,
vault_field = string,
})
)
default = {}
}
这看起来好多了,但是我得到了另一个问题,我不能在这里解释清楚。我想在进一步进行任何方向之前澄清变量类型。
您可以将您的地图列表转换为地图的地图,如下所示:
for_each = {for idx, val in var.aws_secrets: idx => val}
否则将变量更改为map的map:
aws_secrets = {
"foo" = {
aws_secret_id = "foo"
vault_path = "/path1"
vault_field = "foo"
},
"bar" = {
aws_secret_id = "bar"
vault_path = "/path2"
vault_field = "bar"
}
}