azure - Terraform:如何迭代 map 输入的键值对并使用键作为索引

Question

这里是示例代码:

    locals {
  helper_list = [
    {
    "keyname" = "app_primary_key"
    "name" = "AppPrimary--ReadWriteKey"
    "value" = "dont know yet"
    "env" = "user"
  },
    {
    "keyname" = "storage_account_key"
    "name" = "StorageAccount--ReadWriteConnectionString"
    "value" = "dont know yet"
    "env" = "app"
  },
  ]
}

resource "azurerm_key_vault_secret" "injections" {
    for_each = { for idx, v in local.helper_list: idx => v }
    name = each.value.name
    value = each.value.value
    key_vault_id = azurerm_key_vault.example.id
}

我点击此链接生成了上面的代码 Terraform: how to iterate over key-value pairs of map input via json file除了索引键之外，一切都很好。

当我进行地形规划时，这是示例输出:

An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
  + create

Terraform will perform the following actions:

  # azurerm_key_vault_secret.injections["0"] will be created
  + resource "azurerm_key_vault_secret" "injections" {
      + id             = (known after apply)
      + key_vault_id   = "/subscriptions/c-abe849261f68/resourceGroups/storageRG/providers/Microsoft.KeyVault/vaults/keyvaultinjection"
      + name           = "AppPrimary--ReadWriteKey"
      + value          = (sensitive value)
      + version        = (known after apply)
      + versionless_id = (known after apply)
    }

  # azurerm_key_vault_secret.injections["1"] will be created
  + resource "azurerm_key_vault_secret" "injections" {
      + id             = (known after apply)
      + key_vault_id   = "/subscriptions/c-abe849261f68/resourceGroups/storageRG/providers/Microsoft.KeyVault/vaults/keyvaultinjection"
      + name           = "StorageAccount--ReadWriteConnectionString"
      + value          = (sensitive value)
      + version        = (known after apply)
      + versionless_id = (known after apply)
    }

Plan: 2 to add, 0 to change, 0 to destroy.

我需要的是将索引号替换为键名:

来自

azurerm_key_vault_secret.injections["0"] azurerm_key_vault_secret.injections["1"]

至

azurerm_key_vault_secret.injections["app_primary_key"] azurerm_key_vault_secret.injections["storage_account_key"]

我怎样才能告诉它使用键名作为索引？谢谢，

Answer 1

经过一番摸索，我终于明白了。更新了 for_each 以使用键名作为索引。

resource "azurerm_key_vault_secret" "injections" {
    for_each = { for inst in local.helper_list: inst.keyname => inst }
    name = each.value.name
    value = each.value.value
    key_vault_id = azurerm_key_vault.example.id
}

这是更新后的样子

An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
  + create

Terraform will perform the following actions:

  # azurerm_key_vault_secret.injections["app_primary_key"] will be created
  + resource "azurerm_key_vault_secret" "injections" {
      + id             = (known after apply)
      + key_vault_id   = "/subscriptions/c-abe849261f68/resourceGroups/storageRG/providers/Microsoft.KeyVault/vaults/keyvaultinjection"
      + name           = "AppPrimary--ReadWriteKey"
      + value          = (sensitive value)
      + version        = (known after apply)
      + versionless_id = (known after apply)
    }

  # azurerm_key_vault_secret.injections["storage_account_key"] will be created
  + resource "azurerm_key_vault_secret" "injections" {
      + id             = (known after apply)
      + key_vault_id   = "/subscriptions/c-abe849261f68/resourceGroups/storageRG/providers/Microsoft.KeyVault/vaults/keyvaultinjection"
      + name           = "StorageAccount--ReadWriteConnectionString"
      + value          = (sensitive value)
      + version        = (known after apply)
      + versionless_id = (known after apply)
    }

Plan: 2 to add, 0 to change, 0 to destroy.