terraform

How to correctly use each.value in for_each in terraform?

二次信任 提交于 2021-01-05 07:23:44
问题 I am trying to create a files for each user with the projects assigned to them as content of the file. I amunable to get the "${each.value}" as it is a list of strings. Any way around this please? locals { data = { "project1" = { user_assigned = ["user1", "user2", "user3"] } "project2" = { user_assigned = ["user2", "user3", "user4"] } } ` resource "local_file" "foo" { for_each = transpose(zipmap(keys(local.data), values(local.data)[*].user_assigned)) content = "${each.value}" filename = "$

Skip stage with manual approval in Azure DevOps Pipelines (YAML)

邮差的信 提交于 2021-01-04 06:42:07
问题 For our Terraform Deployment, we use an Azure DevOps pipeline that has 3 stages: plan apply (manual approval) test For the apply stage we use a deployment job with an environment that has a manual approval (check). What we would like to have is "skipping" the apply and test stage, if the plan stage has shows no changes. Therefore we try to use the following yaml configuration for the apply stage: - stage: ApplyShared dependsOn: PlanShared jobs: - job: CheckSharedChanges steps: - task:

Terraform - re-use an existing subnetwork to create a cloud sql instance on GCP

亡梦爱人 提交于 2021-01-03 07:09:12
问题 I am attempting to create a cloud sql instance on GCP using terraform. I want to use an existing VPC subnetwork created in an earlier step but there does not seem to be a way to refer to it. Instead all examples seem to require a new IP range to be setup. This is my current code that creates the new IP range: provider = google-beta project = "project_name" name = "private_range" purpose = "VPC_PEERING" address_type = "INTERNAL" prefix_length = 18 network = "projects/project_name/global

Unknown token IDENT aws_region

杀马特。学长 韩版系。学妹 提交于 2021-01-03 06:54:38
问题 I have just run Terraform upgrade. My code was updated but now it shows some errors. The first was: variable "s3_bucket_name" { type = list(string) default = [ "some_bucket_name", "other_bucket_name", ... ] } It doesn't like list(string) . I went back to square one and redid the entire Getting Started tutorial. It said that I could either explicitly state type = list or I could implicitly state it by leaving out type and just using the [square brackets]. I saw here: unknown token IDENT list

azurerm_resource_group_template_deployment ignoring parameter file

和自甴很熟 提交于 2021-01-01 17:51:16
问题 I am attempting to use terraform and embedded ARM templates to permit creating a simple logic app in Azure. I have the resource block in terraform as: resource "azurerm_resource_group_template_deployment" "templateTEST" { name = "arm-Deployment" resource_group_name = azurerm_resource_group.rg.name deployment_mode = "Incremental" template_content = file("${path.module}/arm/createLogicAppsTEST.json") parameters_content = jsonencode({ logic_app_name = { value = "logic-${var.prefix}" } }) } and

Terraform local-exec Provisioner to run on multiple Azure virtual machines

前提是你 提交于 2021-01-01 06:45:29
问题 I had a working TF setup to spin up multiple Linux VMs in Azure. I was running a local-exec provisioner in a null_resource to execute an Ansible playbook. I was extracting the private IP addresses from the TF state file. The state file was stored locally. I have recently configured Azure backend and now the state file is stored in a storage account. I have modified the local provisioner and am trying to obtain all the private IP addresses to run the Ansible playbook against, as follows:

Terraform 实践后篇

两盒软妹~` 提交于 2020-12-29 10:12:05
接下来我们就实际演示下Terraform是怎么部署资源的,以Azure为例,我们首先需要准备Azure CLI,CLI可以用来做身份验证,terraform本身是没有身份验证功能的,如何判定我们是否有权限进行资源的部署/更改主要还是靠云平台本身,所以我们需要首先验证好我们的身份,然后才能进行云资源的部署和变更。 Azure CLI可以使用service principle进行登录,我们首先可以先创建一个SP $sp = New-AzADServicePrincipal -Scope /subscriptions/6dxxxxxxxxxxxxxxxxxx 可以在application registration里看到新建的sp 然后可以针对这个sp进行授权,可以先给这个sp一个资源组的contributor权限或者subscription权限 接下来就可以在Azure CLI里登录了,首先将登录环境指定为中国 az cloud set --name AzureChinaCloud az login 弹出浏览器登录窗口,输入密码登陆 云环境已经准备完毕,接下来就可以编写Terraform代码了,如果只是简单创建一台虚拟机,其实terraform代码会很简单,至于创建虚拟机时候需要指定的参数,比如虚拟机的名称,size等等我们都可以定义成变量,这点和其他编程语言非常类似 Terraform

How can I create a route53 record to an alb?

强颜欢笑 提交于 2020-12-29 05:39:48
问题 I want to create a new alb and a route53 record that points to it. I see I have the DNS name: ${aws_lb.MYALB.dns_name} Is it possible to create a cname to the public DNS name with aws_route53_record resource? 回答1: See the Terraform Route53 Record docs You can add a basic CNAME entry with the following: resource "aws_route53_record" "cname_route53_record" { zone_id = "${aws_route53_zone.primary.zone_id}" # Replace with your zone ID name = "www.example.com" # Replace with your subdomain, Note:

Is it possible to execute a CloudFormation file in Terraform?

浪尽此生 提交于 2020-12-29 03:23:43
问题 One team has already written a cloudformation template as a .yml file that provisions a stack of resources. Is it possible to leverage this file by executing it from within Terraform? Or does it have to be rewritten? I'm new to terraform and just getting started. If I were using the AWS CLI I would execute a command like this, aws cloudformation create-stack --stack-name my-new-stack --template-body file://mystack.yml --parameters ParameterKey=AmiId I'd like to include the equivalent of this

玩转阿里云 Terraform(二):Terraform 的几个关键概念

久未见 提交于 2020-12-17 11:03:08
上一篇《 玩转阿里云Terraform(一):Terraform 是什么 》介绍了 Terraform 的基本定义和特点之后,本文将着重介绍几个Terraform中的关键概念。 Terraform 关键概念 在使用Terraform的过程中,通常接触到很多名词,如configuration,provider,resource,datasource,state,backend,provisioner等,本文将一一跟大家介绍这些概念。 Configuration:基础设施的定义和描述 “基础设施即代码(Infrastructure as Code)”,这里的Code就是对基础设施资源的代码定义和描述,也就是通过代码表达我们想要管理的资源。 # VPC 资源 resource "alicloud_vpc" "vpc" { name = "tf_vpc" cidr_block = "172.16.0.0/16" } # VSwitch 资源 resource "alicloud_vswitch" "vswitch" { vpc_id = alicloud_vpc.vpc.id cidr_block = "172.16.1.0/24" availability_zone = "cn-beijing-a" } 对所有资源的代码描述都需要定义在一个以 tf
订阅 terraform