我想将两个资源的两个输出合并到一个文件中。
我有这个模块来创建用户
module "iam_user_git_admin" {
source = "../modules/terraform-aws-iam/modules/iam-user/"
for_each = var.users
name = each.value.name
create_iam_user_login_profile = each.value.create_login_profile
create_iam_access_key = each.value.create_access_key
skip
}
然后我为AWS Codecommit 创建登录名和密码
resource "aws_iam_service_specific_credential" "codecommit" {
for_each = toset([for u in module.iam_user_git_admin : u.iam_user_name])
service_name = "codecommit.amazonaws.com"
user_name = each.value
}
然后我为每个用户创建一个带有凭据的文件。我知道,它不安全。:(
resource "local_sensitive_file" "user_credentials" {
for_each = module.iam_user_git_admin
file_permission = "0644"
content = templatefile("${path.module}/template/user-credentials.tpl", {
iam_user_name = coalesce(each.value.iam_user_name, "The data wasn't provided")
skip
})
filename = "./user_credentials-${each.value.iam_user_name}.txt"
}
和第二个文件,带有codecomi 的凭证
resource "local_sensitive_file" "user_credentials_codecommit" {
for_each = aws_iam_service_specific_credential.codecommit
file_permission = "0644"
content = templatefile("${path.module}/template/user-credentials-codecommit.tpl", {
service_password = coalesce(each.value.service_password, "The data wasn't provided")
skip
})
filename = "./user_credentials-${each.value.service_user_name}.txt"
}
请提示我,如何将其合并为一个文件。
当您使用for_each
创建一组资源时,您可以通过在用于创建资源的键上对资源进行索引来访问该资源的单个实例。因此,您可以执行以下操作:
locals {
users_map = { for u in var.users : u.name => u }
}
module "iam_user_git_admin" {
for_each = local.users_map
source = "../modules/terraform-aws-iam/modules/iam-user/"
name = each.key
create_iam_user_login_profile = each.value.create_login_profile
create_iam_access_key = each.value.create_access_key
# skip
}
resource "aws_iam_service_specific_credential" "codecommit" {
for_each = local.users_map
service_name = "codecommit.amazonaws.com"
user_name = each.key
}
resource "local_sensitive_file" "user_credentials" {
for_each = local.users_map
file_permission = "0644"
filename = "./user_credentials-${each.key}.txt"
content = templatefile("${path.module}/template/user-credentials.tpl", {
iam_user_name = coalesce(module.iam_user_git_admin[each.key].iam_user_name, "The data wasn't provided")
service_password = coalesce(aws_iam_service_specific_credential.codecommit[each.key].service_password, "The data wasn't provided")
# skip
})
}