文档建议反馈控制台
首页
学习
活动
专区
圈层
工具
MCP广场
文章/答案/技术大牛
发布
首页
学习
活动
专区
圈层
工具
MCP广场
返回腾讯云官网
社区首页 >问答首页 >terraform aws_ram_principal_association exlcude主帐户id

terraform aws_ram_principal_association exlcude主帐户id
EN

Stack Overflow用户
提问于 2022-01-13 15:31:39
回答 1查看 248关注 0票数 0

是否可以从aws_ram_principal_association中排除包含某些共享资源的"523134851043“帐户的字符串?

settings.yaml

代码语言:javascript
运行
复制
aws:
  - accounts: ciss-goesaws-test
    id: "523134851043"
    private_subnets:
      -
        nat_gw: true
        az: eu-central-1a
        short: a
        cidr: 10.44.4.96/27
      -
        nat_gw: false
        az: eu-central-1b
        short: b
        cidr: 10.44.5.128/27
      -
        nat_gw: false
        az: eu-central-1c
        short: c
        cidr: 10.44.6.160/27

variables.tf

代码语言:javascript
运行
复制
variable "aws" {
  type = list(object({
    accounts: string
    id: string
    public_subnets: list(object({
      nat_gw: bool
      az: string
      short: string
      cidr: string
    }))
    private_subnets: list(object({
      nat_gw: bool
      az: string
      short: string
      cidr: string
    }))
  }))
}
代码语言:javascript
运行
复制
locals {
  public_ram = flatten([
    for a in var.aws : [
      for ps in a.public_subnets : {
        id = a.id
        cidr = ps.cidr
      }
    ]
  ])
}

resource "aws_ram_principal_association" "public_principal_association" {
  for_each = {
    for account_id in local.public_ram : account_id.id => account_id...
  }

  principal          = each.key
  resource_share_arn = aws_ram_resource_share.ci_vpc_share.arn
}

我循环帐户,它包括"523134851043“帐户id,这导致了这个错误。

代码语言:javascript
运行
复制
│ Error: error reading RAM Resource Share (arn:aws:ram:eu-central-1:523134851043:resource-share/d958c0c7-555e-411b-ac6b-3302a901408b) Principal Association (523134851043), status not associating or associated: FAILED
│
│   with aws_ram_principal_association.public_principal_association["523134851043"],
│   on ram.tf line 47, in resource "aws_ram_principal_association" "public_principal_association":
│   47: resource "aws_ram_principal_association" "public_principal_association" {

我更新了Matt提到的for表达式

代码语言:javascript
运行
复制
resource "aws_ram_principal_association" "private_principal_association" {
  for_each = {
    for account_id in local.private_ram : account_id.id => account_id... if !(can(regex("523134851043", account_id)))

  }

但是terraform仍然希望创建这个资源。

代码语言:javascript
运行
复制
  # aws_ram_principal_association.private_principal_association["523134851043"] will be created
  + resource "aws_ram_principal_association" "private_principal_association" {
      + id                 = (known after apply)
      + principal          = "523134851043"
      + resource_share_arn = (known after apply)
    }
terraform
EN

回答 1

Stack Overflow用户

回答已采纳

发布于 2022-01-19 15:37:08

这个解决方案是给我的

代码语言:javascript
运行
复制
resource "aws_ram_principal_association" "public_principal_association" {
  for_each = {
    for account_id in local.public_ram : account_id.id => account_id... if ! contains(values(account_id), "523134851043")
  }

  principal          = each.key
  resource_share_arn = aws_ram_resource_share.ci_vpc_share.arn
}

How to remove values from a map in Terraform that match a key value

票数 0
EN
页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:

https://stackoverflow.com/questions/70699122

复制
相关文章

相似问题

领券

腾讯云开发者

扫码关注腾讯云开发者

扫码关注腾讯云开发者

领取腾讯云代金券

热门产品

热门推荐

更多推荐

Copyright © 2013 - 2025 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有 

深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 深公网安备号 44030502008569

腾讯云计算(北京)有限责任公司 京ICP证150476号 |  京ICP备11018762号 | 京公网安备号11010802020287

问题归档专栏文章快讯文章归档关键词归档开发者手册归档开发者手册 Section 归档