我正在编写一个地形模块,它创建了一个带有多个别名的实体。我是一个无法查找别名身份验证后端。我是不是错过了什么。非常感谢您的帮助。
data "vault_auth_backend" "b" {
provider = vault.this
for_each = {
for alias in var.entity.aliases :
alias.type => alias
}
path = each.value.auth_path
}
resource "vault_identity_entity_alias" "alias" {
provider = vault.this
for_each = {
for alias in var.entity.aliases :
alias.name => alias
}
name = each.key
mount_accessor = lookup(data.vault_auth_backend.b[each.key], "accessor", null)
canonical_id = vault_identity_entity.entity.id
}
地形图输出:
Error: Invalid index
on .terraform/modules/vault_dba_entity/main.tf line 31, in resource "vault_identity_entity_alias" "alias":
31: mount_accessor = lookup(data.vault_auth_backend.b[each.key], "accessor", null)
|----------------
| data.vault_auth_backend.b is object with 2 attributes
| each.key is "ldap-team-foo"
The given key does not identify an element in this collection value.
Error: Invalid index
on .terraform/modules/vault_dba_entity/main.tf line 31, in resource "vault_identity_entity_alias" "alias":
31: mount_accessor = lookup(data.vault_auth_backend.b[each.key], "accessor", null)
|----------------
| data.vault_auth_backend.b is object with 2 attributes
| each.key is "aws-team-foo"
您的for_each块不同:在vault_auth_backend中,您使用别名的type作为密钥,而在vault_identity_entity_alias中,您则使用其name。然后,您尝试使用名称在vault_auth_backend中查找,这将不起作用,因为它使用type作为密钥。
将vault_auth_backend更改为使用alias.name => alias而不是alias.type => alias。