gpt4 book ai didi

amazon-web-services - Terraform:如何从 VPC id 获取 VPC CIDR?

转载 作者:行者123 更新时间:2023-12-04 17:34:54 26 4
gpt4 key购买 nike

我正在尝试获取 PIV4_CIDR 对于给定的 VPC,首先使用 aws_vpcs 数据源识别 VPC 并从 ID 获取 CIDR - 是否可能?

只是一点背景知识,出于某种设计原因,我们在不同的 VPC 中提供服务。说,例如。我有三个 VPC:xxxprod-n , xxxprod-lxxxprod-h我想为整个子网添加 SG 规则以允许访问特定端口。这是我尝试过的:

data "aws_vpcs" "prod" {
tags = {
Name = "${var.project}prd-*"
}
}

resource "aws_security_group_rule" "pa-allow" {
count = length(data.aws_vpcs.prod.ids)
type = "ingress"
from_port = 8140
to_port = 8140
protocol = "tcp"
cidr_blocks = [sort(data.aws_vpcs.prod.ids)[count.index].cidr_block]
security_group_id = aws_security_group.secg.id
description = "allow from ${sort(data.aws_vpcs.prod.ids)[count.index]}"
}

我收到错误:

Error: Unsupported attribute

on ../../modules/mgt/ec2.tf line 42, in resource "aws_security_group_rule" "pa-allow": 42: cidr_blocks = [sort(data.aws_vpcs.prod.ids)[count.index].cidr_block]

This value does not have any attributes.



我试过了,基于这个页面: https://www.terraform.io/docs/providers/aws/d/vpc.html ,认为 aws_vpc 和 aws_vpcs 会做类似的事情,但似乎没有。知道我该怎么做吗?

最佳答案

您可以获得SET (不是列表)使用 data.aws_vpcs 的 vpc。 (我认为文档是错误的...)
然后您可以使用 data.aws_vpcs 获取 data.aws_vpc 列表,您可以获取它们的 cidr 块。

data "aws_vpcs" "prod" {
tags = {
Name = "${var.project}prd-*"
}
}

data "aws_vpc" "prod" {
count = length(data.aws_vpcs.prod.ids)
id = tolist(data.aws_vpcs.prod.ids)[count.index]
}

resource "aws_security_group_rule" "pa-allow" {
count = length(data.aws_vpcs.prod.ids)
type = "ingress"
from_port = 8140
to_port = 8140
protocol = "tcp"
cidr_blocks = [data.aws_vpc.prod[count.index].cidr_block]
security_group_id = aws_security_group.secg.id
description = "allow from ${tolist(data.aws_vpcs.prod.ids)[count.index]}"
}

关于amazon-web-services - Terraform:如何从 VPC id 获取 VPC CIDR?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/57099036/

26 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com