Terraform 设置一个变量，并有条件地存在另一个变量 [英] Terraform set a variable with conditional another variable present

问题描述

我想仅在存在值时设置变量.

我的变量是:

变量http_tcp_listeners"；{description = "aws_lb_listener";类型 = 地图(任何)默认 = {http = {# load_balancer_arn = aws_lb.nlb_test.arn端口 = 80"协议 = TCP"action_type =转发"；certificate_arn = "";alpn_policy = "";},https = {# load_balancer_arn = aws_lb.nlb_test.arn端口 = 443"协议=TLS"；action_type =转发"；certificate_arn = "arn:aws:acm:us-east-1:b447fa7953be";alpn_policy = "HTTP2Preferred";}}}

如果 http 侦听器，字符串 alpn_policy = each.value.alpn_policy 应该不存在.如果字符串为空 alpn_policy = "" 我们将得到错误 Error: expected alpn_policy to be one of [HTTP1Only HTTP2Only HTTP2Optional HTTP2Preferred None], got

如果我们设置任何值，我们将收到错误消息 不能为非安全侦听器设置 ALPN 策略

我想要这样的东西.伪代码.

...如果 val.alpn_policy != 空则certificate_arn = try(each.value.certificate_arn, false)alpn_policy = each.value.alpn_policy默认操作{别的certificate_arn = try(each.value.certificate_arn, false)默认操作{...

资源aws_lb_listener"frontend_http_tcp"{for_each = var.http_tcp_listenersload_balancer_arn = aws_lb.main.arn端口 = 每个.值.端口协议 = each.value.protocolcertificate_arn = try(each.value.certificate_arn, false)alpn_policy = each.value.alpn_policy默认操作{type = each.value.action_typetarget_group_arn = aws_lb_target_group.main[each.key].arn}依赖于 = [aws_lb.main,aws_lb_target_group.main，]}

解决方案

感谢 @RafaP 和 @Marcin 的想法.最后，代码看起来像这样.我删除了 VAR 中不需要的变量并使用 try 函数 alpn_policy= try(each.value.alpn_policy, null)

代替alpn_policy = lookup(var.https_listeners[count.index], "alpn_policy", null)

变量http_tcp_listeners"；{description = "aws_lb_listener";类型 = 地图(任何)默认 = {http = {端口 = 80"协议 = TCP"action_type =转发"；},https = {端口 = 443"协议=TLS"；action_type =转发"；certificate_arn = "arn:aws:acm:us-east-1:714154805721:certificate/c3be";alpn_policy = "HTTP2Preferred";}}}

资源aws_lb_listener"frontend_http_tcp"{for_each = var.http_tcp_listenersload_balancer_arn = aws_lb.main.arn端口 = each.value.port协议 = each.value.protocolcertificate_arn = try(each.value.certificate_arn, null)alpn_policy = try(each.value.alpn_policy, null)默认操作{type = each.value.action_typetarget_group_arn = aws_lb_target_group.main[each.key].arn}依赖于 = [aws_lb.main,aws_lb_target_group.main，]}

I would like to set a variable only if a value is present.

My variables are:

variable "http_tcp_listeners" {
  description = "aws_lb_listener"
  type        = map(any)
  default = {
    http = {
      # load_balancer_arn = aws_lb.nlb_test.arn
      port        = "80"
      protocol    = "TCP"
      action_type = "forward"
      certificate_arn = ""
      alpn_policy     = ""
    },
    https = {
      # load_balancer_arn = aws_lb.nlb_test.arn
      port        = "443"
      protocol    = "TLS"
      action_type = "forward"
      certificate_arn = "arn:aws:acm:us-east-1:b447fa7953be"
      alpn_policy     = "HTTP2Preferred"
    }
  }
}

In case http listener the string alpn_policy = each.value.alpn_policy should be absent. If the string is just empty alpn_policy = "" we will have got error Error: expected alpn_policy to be one of [HTTP1Only HTTP2Only HTTP2Optional HTTP2Preferred None], got

If we set any value we will have the error message that ALPN policy cannot be set for non secure listeners

I would like something like this. Pseudocode.

...
If val.alpn_policy != empty then
  certificate_arn = try(each.value.certificate_arn, false)
  alpn_policy = each.value.alpn_policy
  default_action {
else
  certificate_arn = try(each.value.certificate_arn, false)
  default_action {
...

resource "aws_lb_listener" "frontend_http_tcp" {
  for_each          = var.http_tcp_listeners
  load_balancer_arn = aws_lb.main.arn
  port              = each.value.port
  protocol          = each.value.protocol
  certificate_arn = try(each.value.certificate_arn, false)
  alpn_policy = each.value.alpn_policy
  default_action {
    type = each.value.action_type
    target_group_arn = aws_lb_target_group.main[each.key].arn
  }

  depends_on = [
    aws_lb.main,
    aws_lb_target_group.main,
  ]
}

解决方案

Thank @RafaP and @Marcin for the ideas. Finally, the code looks like this. I have deleted unwanted variables in VAR and uses try Function alpn_policy= try(each.value.alpn_policy, null)

instead of alpn_policy = lookup(var.https_listeners[count.index], "alpn_policy", null)

variable "http_tcp_listeners" {
  description = "aws_lb_listener"
  type        = map(any)
  default = {
    http = {
      port        = "80"
      protocol    = "TCP"
      action_type = "forward"
    },
    https = {
      port        = "443"
      protocol    = "TLS"
      action_type = "forward"
      certificate_arn = "arn:aws:acm:us-east-1:714154805721:certificate/c3be"
      alpn_policy     = "HTTP2Preferred"
    }
  }
}

resource "aws_lb_listener" "frontend_http_tcp" {
  for_each          = var.http_tcp_listeners
  load_balancer_arn = aws_lb.main.arn
  port              = each.value.port
  protocol          = each.value.protocol

  certificate_arn = try(each.value.certificate_arn, null)
  alpn_policy     = try(each.value.alpn_policy, null)

  default_action {
    type = each.value.action_type
    target_group_arn = aws_lb_target_group.main[each.key].arn
  }

  depends_on = [
    aws_lb.main,
    aws_lb_target_group.main,
  ]
}

这篇关于Terraform 设置一个变量，并有条件地存在另一个变量的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！