在 terraform 中构建输出地图 [英] Build output map in terraform
问题描述
我有一个要创建的用户列表、一个 sns 主题列表并创建策略以授予用户对主题的权限.这些都是针对用户的命名空间...
给定:
main.tf
<预><代码>提供者aws"{region = "eu-west-1"profile = "地形"}模块主题"{source = "./queues/topics"}模块用户"{来源 = "./users"}模块政策"{来源 = "./policies"sns_topics = "${module.topics.sns_topics}"}./queues/topics.tf
资源aws_sns_topic"svc_topic"{count = "${length(var.sns_topics)}"name = "${element(var.sns_topics, count.index)}"}./queues/topics/vars.tf
# 主题列表变量sns_topics"{类型=列表"默认 = ["主题","b 主题","c 主题",]}./queues/topics/output.tf
输出sns_topics"{value = "${var.sns_topics}"}./users/main.tf
资源aws_iam_user"usrs"{count = "${length(var.topic_user)}"name = "usr-msvc-${element(var.topic_user, count.index)}"}./users/vars.tf
变量topic_user"{类型=列表"默认=["用户-a","用户-b","用户-c",]}./users/output.tf
输出topic_user"{value = "${var.topic_user}"}./policies/main.tf
资源aws_iam_policy"sns_publisher"{count = "${length(var.sns_topics)}"name = "sns-${element(var.sns_topics, count.index)}-publisher"政策 = <<政策{"版本": "2012-10-17",陈述": [{"Effect": "允许","Action": "sns:Publish","资源": "arn:aws:sns:*:*:${element(var.sns_topics, count.index)}"}]}政策}这是我想在输出中构建地图的地方将用户映射到主题
输出usr_topic_map"{价值 = {"user-a" = "a-topic"user-b" = "c-topic"user-c" = "c-topic}}我可以将用户列表传递给策略模块,但我不知道如何在输出中生成此地图.
我想用它来将策略附加到相应的用户.
如果能简化任务,也愿意改进结构.
您可以使用 Terraform 函数 zipmap.由于您的键从 users 模块作为列表输出 module.users.topic_user 而您的值从 topics 模块作为列表输出module.topics.sns_topics(模块输出文档),您可以将它们作为输出中函数的参数:
输出user_topic_map"{value = "${zipmap(module.users.topic_user, module.topics.sns_topics)}"}请记住,zipmap 的两个参数列表需要具有相同的长度,因此可能会在资源/变量/输出块中的某个位置保护代码.
I have a list of users to create, a list of sns topics and to create policies to give permissions to users on topics. These are all namespaced against the user...
Given:
main.tf
provider "aws" {
region = "eu-west-1"
profile = "terraform"
}
module "topics" {
source = "./queues/topics"
}
module "users" {
source = "./users"
}
module "policies" {
source = "./policies"
sns_topics = "${module.topics.sns_topics}"
}
./queues/topics.tf
resource "aws_sns_topic" "svc_topic" {
count = "${length(var.sns_topics)}"
name = "${element(var.sns_topics, count.index)}"
}
./queues/topics/vars.tf
# List of topics
variable "sns_topics" {
type = "list"
default = [
"a-topic",
"b-topic",
"c-topic",
]
}
./queues/topics/output.tf
output "sns_topics" {
value = "${var.sns_topics}"
}
./users/main.tf
resource "aws_iam_user" "usrs" {
count = "${length(var.topic_user)}"
name = "usr-msvc-${element(var.topic_user, count.index)}"
}
./users/vars.tf
variable "topic_user" {
type = "list"
default =[
"user-a",
"user-b",
"user-c",
]
}
./users/output.tf
output "topic_user" {
value = "${var.topic_user}"
}
./policies/main.tf
resource "aws_iam_policy" "sns_publisher" {
count = "${length(var.sns_topics)}"
name = "sns-${element(var.sns_topics, count.index)}-publisher"
policy = <<POLICY
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "sns:Publish",
"Resource": "arn:aws:sns:*:*:${element(var.sns_topics, count.index)}"
}
]
}
POLICY
}
This is where I'd like to build a map in the output to map user to topic
output "usr_topic_map" {
value = {
"user-a" = "a-topic
"user-b" = "c-topic
"user-c" = "c-topic
}
}
I can pass the list of users in to the policy module but I've no idea how to generate this map in the output.
I want to use this to attach the policy to the corresponding user.
Open to improving structure too if it simplifies tasks.
You can do this with the Terraform function zipmap. Since your keys are output from the users module as the list module.users.topic_user and your values are output from the topics modules as the list module.topics.sns_topics (module output doc), you can make them the arguments to the function in the output:
output "user_topic_map" {
value = "${zipmap(module.users.topic_user, module.topics.sns_topics)}"
}
Remember that the two argument lists to zipmap need to be of equal length, so possibly guard code around that too somewhere in the resource/variable/output blocks.
这篇关于在 terraform 中构建输出地图的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
