小贝子编程

Terraform将for_each的两个资源合并为一个输出,这可能吗



我想将两个资源的两个输出合并到一个文件中。

我有这个模块来创建用户

module "iam_user_git_admin" {
source                        = "../modules/terraform-aws-iam/modules/iam-user/"
for_each                      = var.users
name                          = each.value.name
create_iam_user_login_profile = each.value.create_login_profile
create_iam_access_key         = each.value.create_access_key
skip
}

然后我为AWS Codecommit 创建登录名和密码

resource "aws_iam_service_specific_credential" "codecommit" {
for_each     = toset([for u in module.iam_user_git_admin : u.iam_user_name])
service_name = "codecommit.amazonaws.com"
user_name    = each.value
}

然后我为每个用户创建一个带有凭据的文件。我知道,它不安全。:(

resource "local_sensitive_file" "user_credentials" {
for_each        = module.iam_user_git_admin
file_permission = "0644"
content = templatefile("${path.module}/template/user-credentials.tpl", {
iam_user_name                             = coalesce(each.value.iam_user_name, "The data wasn't provided")
skip
})
filename = "./user_credentials-${each.value.iam_user_name}.txt"
}

和第二个文件,带有codecomi 的凭证

resource "local_sensitive_file" "user_credentials_codecommit" {
for_each        = aws_iam_service_specific_credential.codecommit
file_permission = "0644"
content = templatefile("${path.module}/template/user-credentials-codecommit.tpl", {
service_password               = coalesce(each.value.service_password, "The data wasn't provided")
skip
})
filename = "./user_credentials-${each.value.service_user_name}.txt"
}

请提示我,如何将其合并为一个文件。

当您使用for_each创建一组资源时,您可以通过在用于创建资源的键上对资源进行索引来访问该资源的单个实例。因此,您可以执行以下操作:

locals {
users_map = { for u in var.users : u.name => u }
}
module "iam_user_git_admin" {
for_each = local.users_map
source                        = "../modules/terraform-aws-iam/modules/iam-user/"
name                          = each.key
create_iam_user_login_profile = each.value.create_login_profile
create_iam_access_key         = each.value.create_access_key
# skip
}
resource "aws_iam_service_specific_credential" "codecommit" {
for_each = local.users_map
service_name = "codecommit.amazonaws.com"
user_name    = each.key
}
resource "local_sensitive_file" "user_credentials" {
for_each = local.users_map
file_permission = "0644"
filename = "./user_credentials-${each.key}.txt"
content = templatefile("${path.module}/template/user-credentials.tpl", {
iam_user_name    = coalesce(module.iam_user_git_admin[each.key].iam_user_name, "The data wasn't provided")
service_password = coalesce(aws_iam_service_specific_credential.codecommit[each.key].service_password, "The data wasn't provided")
# skip
})
}

相关内容

最新更新


热门标签:

javascript python java c# php android html jquery c++ css ios sql mysql arrays asp.net json python-3.x ruby-on-rails .net sql-server django objective-c excel regex ruby linux ajax iphone xml vba spring asp.net-mvc database wordpress string postgresql wpf windows xcode bash git oracle list vb.net multithreading eclipse algorithm macos powershell visual-studio image forms numpy scala function api selenium