1. 首页
  2. 问答
  3. 如何遍历terraform中的所有aws_instances?

如何遍历terraform中的所有aws_instances?

2017-07-25 171 views
1

我对terraform比较陌生,我试图遍历所有aws_instances以应用null_resource。你可以使用多个splats来访问所有的实例,不管他们的名字是什么?如何遍历terraform中的所有aws_instances?

的EC2实例由三种类型的细分:

aws_instance.web.* (3 instances) 
aws_instance.app.* (3 instances) 
aws_instance.db.* (2 instances)

这是我尝试将null_resource适用于所有八个aws_instances:

resource "null_resource" "install_security_package" { 

    #count = "${length(aws_instance)}" #terraform error: resource count can't reference variable: aws_instance 
    #count = "${length(aws_instance.*)}" #terraform error: resource variables must be three parts: TYPE.NAME.ATTR 
    count = "${length(aws_instance.*.*)}" #terraform error: unknown resource 'aws_instance.*' 

    connection { 
    type  = "ssh" 
    host  = "${element(aws_instance.*.private_ip, count.index)}" 
    user  = "${lookup(var.user, var.platform)}" 
    private_key = "${file("${var.private_key_path}")}" 
    timeout  = "2m" 
    } 

    provisioner "remote-exec" { 
    inline = [ 
     "sudo rpm -Uvh http://www.example.com/security/repo/security_baseline.rpm", 
    ] 
    } 
}

来源

2017-07-25 skohrs

回答

2

这是目前无法比拟的所有资源一个给定的类型。正如您所见,“splat”语法只允许选择从特定资源块创建的所有实例。

今天你可以得到这个与Terraform最接近的是不同的资源串连在一起:

concat(aws_instance.web.*.private_ip, aws_instance.app.*.private_ip, aws_instance.db.*.private_ip)

在Terraform的当前版本为这个答案,有必要使用一些共享的解决方法的github issue #4084,以避免在多个地方复制该复杂表达式。即将推出的一项名为Local Values的功能将在不久的将来使这一点更加简单,从而允许列表中的名称可以在多个地方重复使用:

# Won't work until Terraform PR#15449 is merged and released 
locals { 
    aws_instance_addrs = "${concat(aws_instance.web.*.private_ip, aws_instance.app.*.private_ip, aws_instance.db.*.private_ip)}" 
} 

resource "null_resource" "install_security_package" { 

    count = "${length(local.aws_instance_addrs)}" 

    connection { 
    type  = "ssh" 
    host  = "${local.aws_instance_addrs[count.index]}" 
    user  = "${lookup(var.user, var.platform)}" 
    private_key = "${file("${var.private_key_path}")}" 
    timeout  = "2m" 
    } 

    provisioner "remote-exec" { 
    inline = [ 
     "sudo rpm -Uvh http://www.example.com/security/repo/security_baseline.rpm", 
    ] 
    } 
}

来源

2017-07-26 20:54:34

相关问题

 相关问题