1. 首頁
  2. 問答
  3. 如何遍歷terraform中的所有aws_instances?

如何遍歷terraform中的所有aws_instances?

2017-07-25 175 views
1

我對terraform比較陌生,我試圖遍歷所有aws_instances以應用null_resource。你可以使用多個splats來訪問所有的實例,不管他們的名字是什麼?如何遍歷terraform中的所有aws_instances?

的EC2實例由三種類型的細分:

aws_instance.web.* (3 instances) 
aws_instance.app.* (3 instances) 
aws_instance.db.* (2 instances)

這是我嘗試將null_resource適用於所有八個aws_instances:

resource "null_resource" "install_security_package" { 

    #count = "${length(aws_instance)}" #terraform error: resource count can't reference variable: aws_instance 
    #count = "${length(aws_instance.*)}" #terraform error: resource variables must be three parts: TYPE.NAME.ATTR 
    count = "${length(aws_instance.*.*)}" #terraform error: unknown resource 'aws_instance.*' 

    connection { 
    type  = "ssh" 
    host  = "${element(aws_instance.*.private_ip, count.index)}" 
    user  = "${lookup(var.user, var.platform)}" 
    private_key = "${file("${var.private_key_path}")}" 
    timeout  = "2m" 
    } 

    provisioner "remote-exec" { 
    inline = [ 
     "sudo rpm -Uvh http://www.example.com/security/repo/security_baseline.rpm", 
    ] 
    } 
}

來源

2017-07-25 skohrs

回答

2

這是目前無法比擬的所有資源一個給定的類型。正如您所見,「splat」語法只允許選擇從特定資源塊創建的所有實例。

今天你可以得到這個與Terraform最接近的是不同的資源串連在一起:

concat(aws_instance.web.*.private_ip, aws_instance.app.*.private_ip, aws_instance.db.*.private_ip)

在Terraform的當前版本爲這個答案,有必要使用一些共享的解決方法的github issue #4084,以避免在多個地方複製該複雜表達式。即將推出的一項名爲Local Values的功能將在不久的將來使這一點更加簡單,從而允許列表中的名稱可以在多個地方重複使用:

# Won't work until Terraform PR#15449 is merged and released 
locals { 
    aws_instance_addrs = "${concat(aws_instance.web.*.private_ip, aws_instance.app.*.private_ip, aws_instance.db.*.private_ip)}" 
} 

resource "null_resource" "install_security_package" { 

    count = "${length(local.aws_instance_addrs)}" 

    connection { 
    type  = "ssh" 
    host  = "${local.aws_instance_addrs[count.index]}" 
    user  = "${lookup(var.user, var.platform)}" 
    private_key = "${file("${var.private_key_path}")}" 
    timeout  = "2m" 
    } 

    provisioner "remote-exec" { 
    inline = [ 
     "sudo rpm -Uvh http://www.example.com/security/repo/security_baseline.rpm", 
    ] 
    } 
}

來源

2017-07-26 20:54:34

相關問題

 相關問題