我想在3个vpc子网和7个cidr之间创建vpn客户端路由。每个CIDR都应该创建到每个子网的路由。怎么做呢?
`variable "cidr_blocks" {
description = ""
default = {
"192.10.0.0/16" = 1
"192.15.0.0/16" = 2
"192.19.0.0/16" = 3
"192.16.0.0/16" = 4
"192.29.0.0/16" = 5
"192.14.0.0/16" = 6
"192.71.0.0/16" = 7
}
}
data "aws_subnet_ids" "test_subnet_ids" {
vpc_id = "vpc-0ad0aa09b316f37a7"
}
data "aws_subnet" "test_subnet" {
count = "${length(data.aws_subnet_ids.test_subnet_ids.ids)}"
id = "${tolist(data.aws_subnet_ids.test_subnet_ids.ids)[count.index]}"
}
output "subnet_cidr_blocks" {
value = ["${data.aws_subnet.test_subnet.*.id}"]
}
resource "aws_ec2_client_vpn_route" "example" {
for_each = var.cidr_blocks
client_vpn_endpoint_id = aws_ec2_client_vpn_endpoint.test-vpn.id
destination_cidr_block = each.key
target_vpc_subnet_id = "${data.aws_subnet.test_subnet.*.id}"
}`
期望看到路由。Error: Incorrect attribute value type │ │ on main.tf line 172, in resource "aws_ec2_client_vpn_route" "example": │ 172: target_vpc_subnet_id = "${data.aws_subnet.test_subnet.*.id}" │ ├──────────────── │ │ data.aws_subnet.test_subnet is tuple with 3 elements
您需要通过索引访问test_subnet。您的cidr_blocks值可以用于它。
resource "aws_ec2_client_vpn_route" "example" {
for_each = var.cidr_blocks
client_vpn_endpoint_id = aws_ec2_client_vpn_endpoint.test-vpn.id
destination_cidr_block = each.key
target_vpc_subnet_id = data.aws_subnet.test_subnet[each.value].id
}
但是根据错误信息,你只有3个子网,在这种情况下你想使用7个cidr。您将得到另一个错误。
resource "aws_ec2_client_vpn_route" "example" {
for_each = var.cidr_blocks
client_vpn_endpoint_id = aws_ec2_client_vpn_endpoint.test-vpn.id
destination_cidr_block = each.key
target_vpc_subnet_id = data.aws_subnet.test_subnet[each.value % len(data.aws_subnet.test_subnet)].id
}