Terraform - 在 variables.tf 中为 type = map(object()) 添加验证 [英] Terraform - Adding Validation for type = map(object()) in variables.tf

问题描述

首先感谢这篇文章 在 variavles.tf 中为 type = map(object()) 添加一个默认字段，这回答了我在获取默认值以使用 type map(object()) 时遇到的第一部分难题.我要开始工作的最后一部分是如何验证输入值.

First thanks for this post Adding a default field for type = map(object()) in variavles.tf, this answered the first part of the struggle that I had in getting default values to work with type map(object()). The last part that I am trying to get working is how to do validation of the input values.

terraform {
  experiments = [module_variable_optional_attrs]
}

variable "dns_server" {
  description = "Add DNS Servers for domain resolution.  You can configure a maximum of two servers.  Only one can be preferred 'true'."
  type = map(object({
    preferred = optional(bool)
    server    = optional(string)
  }))
  default = {
    default = {
      preferred = false
      server    = "198.18.1.1"
    }
  }
  validation {
    condition = (
      can(regexall("^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$", var.dns_server["server"]))
    )
    error_message = "The DNS Server is not a valid IPv4 Address."
  }
}

locals {
  dns_server = {
    for k, v in var.dns_server : k => {
      preferred = coalesce(v.preferred, false)
      server = coalesce(v.server, "198.18.1.1")
    }
  }
}

我知道的变量字段中的默认值未使用，但我将其用作 terraform 文档输出的占位符.

The defaults value in the variable field I know isn't used but I am using it as a placeholder for the terraform docs output.

我也知道我上面的验证是不正确的，因为如果用户使用默认服务器 IPv4，直到本地定义才会设置.我只是不知道如何进行验证，因为我信任的谷歌搜索没有找到任何类似的例子.

I also know what I have above for validation is not correct because if the user used the default server IPv4 that wouldn't be set until the locals definition. I just don't know of a way to do the validation because I my trusty google search hasn't pulled up any similar examples.

如果您需要有关如何使用它的更多详细信息，该代码位于此处:

The code is located here if you need more details about how it is being used:

https://github.com/scotttyso/terraform-aci-fabric/tree/main/test

如果我注释掉验证，其他一切都可以正常工作.提前致谢.

If I comment out the validation everything else is working fine. Thanks in advance.

推荐答案

这就是你想要的吗?

variable "mapobject" {
 type = map(object({
   cidr_block = string
   destination_type = string
   }
  ))

 validation {
  condition = alltrue([
     for o in var.mapobject : contains(["CIDR_BLOCK","NETWORK_SECURITY_GROUP","SERVICE_CIDR_BLOCK"],o.destination_type)])  error_message = "All destination_types must be one of CIDR_BLOCK,NETWORK_SECURITY_GROUP or SERVICE_CIDR_BLOCK!"
   }
}

用变量赋值

mapobject = {
 "r0" = {cidr_block = "10.1.1.0/24",destination_type = "CIDR_BLOCK" }
}

验证成功，如下失败(根据需要)

The validation succeeds, where as the following fails (as required)

mapobject = {

r0"= {cidr_block = "10.1.1.0/24",destination_type = "CIRD_BLOCK";}}

"r0" = {cidr_block = "10.1.1.0/24",destination_type = "CIRD_BLOCK" } }

Error: Invalid value for variable

  on main.tf line 86:
  86: variable "mapobject" {

All destination_types must be one of CIDR_BLOCK,NETWORK_SECURITY_GROUP or
SERVICE_CIDR_BLOCK!

This was checked by the validation rule at main.tf:93,2-12.

如果是这样，那么荣誉就在这里:https://discuss.hashicorp.com/t/validate-list-object-variables/18291/2

If it is, then kudos goes here: https://discuss.hashicorp.com/t/validate-list-object-variables/18291/2

这篇关于Terraform - 在 variables.tf 中为 type = map(object()) 添加验证的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！