Terraform 从不同的 ACM 证书创建相同数量的 R53 记录

问题描述 投票:0回答:1

我需要从 2 个不同的 ACM 证书创建 2 个 R53 记录。我正在使用 for_each 迭代用户输入,这将创建证书。

locals {
    custom_domain_api = [
        {
            acm_name_api = join("",["api-",var.app_region,"-",var.application,"-",var.environment,lookup(var.r53_domain,var.environment)])
            customdomain_api = join("",["api-",var.app_region,"-",var.application,"-",var.environment,lookup(var.r53_domain,var.environment)])
        },
        {
            acm_name_api = join("",["ui-",var.app_region,"-",var.application,"-",var.environment,lookup(var.r53_domain,var.environment)])
            customdomain_api = join("",["ui-",var.app_region,"-",var.application,"-",var.environment,lookup(var.r53_domain,var.environment)])
        }
    ]
}


resource "aws_acm_certificate" "acm_api" {
    provider = aws.main
    for_each = {
        for index, api in local.custom_domain_api:
        api.customdomain_api => api
    }
    domain_name = each.value.acm_name_api
    validation_method = "DNS"
    tags = merge(
        {NAME = each.value.acm_name_api},
        local.common_tags
    )
}

上面的代码工作正常,但是当我到达 R53 创建部分时,我读过和尝试过的解决方案都没有
为我工作。我已经使用了 for_each 和 for_each/for 循环,但我只是得到一个错误。

#1
resource "aws_route53_record" "acm_r53" {
    for_each = {
        for dvo in flatten(aws_acm_certificate.acm_api[*].domain_validation_options.domain_name) :
        dvo.domain_name => {
            name   = dvo.resource_record_name
            record = dvo.resource_record_value
        }
    }
    zone_id = local.r53_zoneid
    name = each.value.name
    type = "CNAME"
    ttl = "300"
    records = [each.value.record]
}


------

#2
resource "aws_route53_record" "acm_r53" {
    for_each = aws_acm_certificate.acm_api[each.key].domain_validation_options
    zone_id = local.r53_zoneid
    name = tolist(aws_acm_certificate.acm_api[each.key].domain_validation_options).resource_record_name
    type = "CNAME"
    ttl = "300"
    records = [tolist(aws_acm_certificate.acm_api[each.key].domain_validation_options).resource_record_value]
}


-----

#3
resource "aws_route53_record" "acm_r53" {
    for_each = aws_acm_certificate.acm_api[each.key].domain_validation_options
    zone_id = local.r53_zoneid
    name = tolist(aws_acm_certificate.acm_api[each.key].domain_validation_options)[0].resource_record_name
    type = "CNAME"
    ttl = "300"
    records = [tolist(aws_acm_certificate.acm_api[each.key].domain_validation_options)[0].resource_record_value]
}

使用循环有什么解决方案吗?我不想尽可能使用单独的资源块来创建证书和记录,因为这会不必要地延长代码。

For_each、For_each/For 循环

amazon-web-services terraform amazon-route53
1个回答
0
投票

使用外部模块有什么限制吗?

对我来说,模块 https://github.com/terraform-aws-modules/terraform-aws-acm/ 工作完美,只需几行代码即可创建 ACM。

最新问题
© www.soinside.com 2019 - 2024. All rights reserved.