我有一個如下所示的地形代碼。
locals {
org_sub_accounts = [
"111111111111",
"222222222222,
"333333333333",
]
role_arns = [
"arn:aws:iam::111111111111:role/DataConnector1",
"arn:aws:iam::222222222222:role/DataConnector2",
"arn:aws:iam::333333333333:role/DataConnector3",
]
}
resource "aws_cloudformation_stack_set_instance" "stack" {
count = length(local.org_sub_accounts)
account_id = local.org_sub_accounts[count.index]
region = "ap-east-1"
parameter_overrides = {
RoleName = local.role_arns[count.index]
}
stack_set_name = aws_cloudformation_stack_set.stackset.name
}我的問題是我RoleName應該是DataConnector藥水(在 / 之后),而不是aws_cloudformation_stack_set_instance. 如何DataConnector*在每個索引中傳遞 RoleName?
注意,這里我定義了本地變數來展示我的用例。但實際上這些來自其他資源輸出。
uj5u.com熱心網友回復:
這可以通過使用split內置函式來實作:
locals {
role_names = [for arn in local.role_arns : split("/", arn)[1]]
}
在這一部分split("/", arn)[1]中,您將 IAM 角色 ARN 分成兩部分(在 之前和之后/),并且通過索引[1],您可以有效地獲得該串列的第二部分。然后,您必須更改代碼以反映:
resource "aws_cloudformation_stack_set_instance" "stack" {
count = length(local.org_sub_accounts)
account_id = local.org_sub_accounts[count.index]
region = "ap-east-1"
parameter_overrides = {
RoleName = local.role_names[count.index]
}
stack_set_name = aws_cloudformation_stack_set.stackset.name
}
[1] https://developer.hashicorp.com/terraform/language/functions/split
轉載請註明出處,本文鏈接:https://www.uj5u.com/net/526585.html
標籤:亚马逊网络服务地形terraform-provider-aws