Я пытаюсь добавить записи route53 из сертификатов для проверки, но не могу заставить их работать. Я не могу получить нужную информацию. Вот вам пример.
variable "my_certificates" {
default = [
{
zone = "aws.example.com"
zone_id = "ZXXXXXXXXXXXXX"
name = "aws.example.com"
alt_names = "*.example.com,*.aws.example.com"
},
{
zone = "aws.example.net"
zone_id = "ZXXXXXXXXXXXXY"
name = "aws.example.net"
alt_names = "*.aws.example.net"
},
]
}
variable "certificate_domains_count" {
default = 5
}
resource "aws_acm_certificate" "my_certificates" {
count = "${length(var.my_certificates)}"
domain_name = "${lookup(var.my_certificates[count.index], "name")}"
subject_alternative_names = "${split(",", lookup(var.my_certificates[count.index], "alt_names"))}"
validation_method = "DNS"
}
resource "aws_route53_record" "certificates_validation_records" {
# Can't count on computed, use static.
#count = "${length(aws_acm_certificate.certificates.domain_validation_options)}"
count = "${var.certificate_domains_count}"
zone_id = "${lookup(var.my_certificates[count.index], "zone_id")}"
# Problem with the following 3 lines.
# I'm stuck.
name = "${lookup(aws_acm_certificate.my_certificates.*.domain_validation_options[count.index], "resource_record_name")}"
type = "${lookup(aws_acm_certificate.my_certificates.*.domain_validation_options[count.index], "resource_record_type")}"
records = ["${lookup(aws_acm_certificate.my_certificates.*.domain_validation_options[count.index], "resource_record_value")}"]
ttl = 60
}
Моя проблема в таких строках:
"${lookup(aws_acm_certificate.my_certificates.*.domain_validation_options[count.index], "resource_record_name")}"
Где я не могу найти способ перебрать массив my_certificates при доступе к сопоставленным значениям внутри элемента массива
Такие вещи намного проще в синтаксисе terraform 12 с for_each. Обратите внимание, что я переключил переменную на карту вместо списка.
variable "my_certificates" {
default = {
"aws.example.com" = {
zone = "aws.example.com"
zone_id = "ZXXXXXXXXXXXXX"
name = "aws.example.com"
alt_names = "*.example.com,*.aws.example.com"
},
"aws.example.net" = {
zone = "aws.example.net"
zone_id = "ZXXXXXXXXXXXXY"
name = "aws.example.net"
alt_names = "*.aws.example.net"
},
}
}
variable "certificate_domains_count" {
default = 5
}
resource "aws_acm_certificate" "my_certificates" {
for_each = var.my_certificates
domain_name = each.key
subject_alternative_names = split(",", each.value.alt_names)
validation_method = "DNS"
}
resource "aws_route53_record" "certificates_validation_records" {
for_each = var.my_certificates
zone_id = each.value.zone_id
name = aws_acm_certificate.my_certificates[each.key].domain_validation_options.0.resource_record_name
type = aws_acm_certificate.my_certificates[each.key].domain_validation_options.0.resource_record_type
records = [aws_acm_certificate.my_certificates[each.key].domain_validation_options.0.resource_record_value]
ttl = 60
}