我在yaml文件中定义了资源输入。如果我使用yamldecode检索资源属性。一般情况下,它的工作,当我有字符串值的角色"角色:ADMIN"。但我需要我的资源迭代基于列表值定义的角色。请建议。
我已经试过terrtransform "count"参数,我得到如下错误
错误:无效的"count"组合和";for_each"││on main。在资源"snowflake_schema_grant"中的第214行"grant"│214:for_each = {for ac in local。Acs: ac.databasename =>ac}││"计数";和";for_each"元参数是互斥的,只有一个参数可以用来明确要创建的资源的数量。
grants:
- schemaname: SCHEMA1
databasename: DEMO
privilege: MODIFY
roles: [ADMIN,SYSADMIN]
- schemaname: SCHEMA2
databasename: DEMO
privilege: USAGE
roles: [USER1,USER2]
locals {
acs = yamldecode(file("./access.yaml"))
}
resource "snowflake_schema_grant" "grant" {
for_each = { for ac in local.acs.grants : ac.schemaname => ac }
#count = length(each.value.privilege)
database_name = each.value.databasename
schema_name = each.value.schemaname
privilege = each.value.privilege
roles = each.value.roles
}
我想运行我的资源迭代4次,如下所示
- DEMO, SCHEMA1,MODIFY, AMDIN demo、schema1、modify、sysadmin
- demo, schema2, usage, user1 demo, schema2, usage, user2
预期的输出令人困惑。例如,它包含不属于您的yaml的TESTSCH
。您的yaml有SCHEMA2
,这是不使用的。所以我只能猜你想做什么。
for_each
。可以这样做:
locals {
acs = yamldecode(file("./access.yaml"))
acs_flat = merge([
for idx, ac in local.acs["grants"]:
{
for role in ac["roles"]:
"${idx}-${role}" => {
schemaname = ac["schemaname"]
role = role
privilege = ac["privilege"]
databasename = ac["databasename"]
}
}
]...)
}
resource "snowflake_schema_grant" "grant" {
for_each = local.acs_flat
database_name = each.value.databasename
schema_name = each.value.schemaname
privilege = each.value.privilege
roles = [each.value.role]
}