azure 如何使用for each循环和使用对象Map在多个订阅上部署订阅模块

bybem2ql 于 2023-06-07 发布在其他

关注(0)|答案(1)|浏览(166)

1.我必须使用模块和带有对象Map的for_each循环在多个订阅上创建安全中心、服务协议和资源提供程序`
1.下面是变量文件和terraform.tfvars文件。
1.请让我知道我如何使用这个tfvars文件和模块在多个订阅上部署这些资源。

variable "subscriptions_configurations" {
      type = map(object({
        Defender = map(object({
          contact = object({
            name                = string
            email               = string
            phone               = string
            alert_notifications = bool
            alerts_to_admins    = bool
          })
          setting = object({
            setting_name = string
            enabled      = bool
          })
          pricing = object({
            tier          = string
            resource_type = string
            subplan       = optional(string)
          })
          auto_provisioning = object({
            auto_provision = string
          })
        }))
        marketplace_agreement = map(object({
          publisher = string
          offer     = string
          plan      = string
        }))
        resource_provider_registration = map(object({
          feature = object({
            name       = string
            registered = bool
          })
        }))
      }))
    }
    
    subscriptions_configurations = {
      "subscription1" = {
        Defender = {
          contact = {
            name                = "contact"
            email               = "contact@xyz.com"
            phone               = "+1-341-676-1248"
            alert_notifications = false
            alerts_to_admins    = false
          }
          setting = {
            setting_name = "MCAS"
            enabled      = false
          }
          pricing = {
            tier          = "Free"
            resource_type = "VirtualMachines"
          }
          auto_provisioning = {
            auto_provision = "On"
          }
        }
        marketplace_agreement = {
          "agreement1" = {
            publisher = "barracudanetworks"
            offer     = "waf"
            plan      = "hourly"
          }
        }
        resource_provider_registration = {
          "Microsoft.ContainerService" = {
            feature = {
              name       = "AKS-DataPlaneAutoApprove"
              registered = true
            }
          }
        }
      }
    }

module "subscriptions_configurations" {
  source                         = "./modules/security_center"
  for_each                       = var.subscriptions_configurations
  defender                       = each.value.defender
  marketplace_agreement          = each.value.marketplace_agreement
  resource_provider_registration = each.value.resource_provider_registration
}

Azure

来源：https://stackoverflow.com/questions/76323726/how-to-deploy-subscription-module-on-multiple-subscription-using-for-each-loop-a

1条答案

按热度按时间

kq0g1dla1#

我试着在我的www.example.com和variables.tfvars中使用下面的代码main.tf，代码适用于多个订阅，对于每个块：-
我参考了Charles Xu的SO thread answer代码，并使用for each和variables修改了它。tfvars

我的main.tf：-

terraform {
  required_providers {
    azurerm = {
      source  = "hashicorp/azurerm"
      version = "=3.58.0"
    #   configuration_aliases = [ azurerm, azurerm.sub2 ]
    }
  }
}

variable "departments" {
  type = list(object({
    name     = string
    provider = string
    region   = string
    email    = string
  }))
  default = []
}

provider "azurerm" {
  subscription_id = "xxxx-44d6-bxxxx"
  tenant_id = "xxxxxxaf9038592395"
  client_id = "xxxxxx5-b838-6d26a31435cb"
  client_secret = "xxxxxZhbDqgdxxxx"
  skip_provider_registration = true
  features {
  resource_group {
    prevent_deletion_if_contains_resources = false
  }
}
}

provider "azurerm" {
  alias = "sub2"
  subscription_id = "xxxxx-44fb-xxxx"
  tenant_id = "xxxx-41af-91ab-xxxx"
  client_id = "xxxxx-45b2-a091-3aa2xxx"
  client_secret = "xxxxxy~R50Uw27bsGNbJ8"
  skip_provider_registration = true
  features {
  resource_group {
    prevent_deletion_if_contains_resources = false
  }
}
}

resource "azurerm_resource_group" "example" {
  for_each = { for d in var.departments : d.name => d }
  provider = azurerm.sub2
#   configuration_aliases = [ azurerm, azurerm.sub2 ]
  name     = each.key
  location = each.value.region
  tags = {
    email = each.value.email
  }
}

resource "azurerm_resource_group" "example1" {
  for_each = { for d in var.departments : d.name => d }
  provider = azurerm
#   configuration_aliases = [ azurerm, azurerm.sub2 ]
  name     = each.key
  location = each.value.region
  tags = {
    email = each.value.email
  }
}

我的变量.tfvars：-

departments = [
  {
    name     = "test"
    provider = "azurerm"
    region   = "West Europe"
    email    = "something@something.com"
  },
  {
    name     = "test2"
    provider = "azurerm.sub2"
    region   = "West Europe"
    email    = "someone@something.com"
  }
]

输出：-

您不能将两个提供程序一起添加或通过字符串插值添加到Terraform中的特定资源，在这里，您可以通过引用Martin阿特金斯的Answer1和Michael Aicher的Answer2，在上面的代码中创建一个单独的模块和别名，一个用于azurerm，另一个用于azurrm.sub2

附加参考：-

Defining provider aliases with string interpolation not working in Terraform 0.12 - Terraform - HashiCorp Discuss By appartlymart

赞(0）回复(0）举报 2023-06-07

我来回答

azure 如何使用for each循环和使用对象Map在多个订阅上部署订阅模块

1条答案

相关问题

热门标签

最新问答