我们是否可以使用Terraform for Azure中的Dynamic在虚拟网络资源块或子网块中创建子网、路由表和NSG?
请让我知道或任何人都可以提供简短的例子代码。
resource "azurerm_subnet" "subnets" {
for_each = var.subnets
name = each.key
resource_group_name = var.resource_group_name
address_prefixes = [each.value.addressPrefix]
virtual_network_name = azurerm_virtual_network.Virtual_Network.name
private_endpoint_network_policies_enabled = each.value.privateEndpointNetworkPolicies
private_link_service_network_policies_enabled = each.value.privateLinkServiceNetworkPolicies
service_endpoints = each.value.service_endpoints
dynamic "route_table" {
for_each = subnets.value.route_table
content {
name = route_table.value.name
disable_bgp_route_propagation = route_table.value.disableBgpRoutePropagation
dynamic "route" {
for_each = route_table.value.routes
content {
name = route.value.name
address_prefix = route.value.addressPrefix
next_hop_type = route.value.nextHopType
next_hop_ip_address = route.value.nextHopIpAddress
}
}
}
}
variable "subnets" {
type = map(object({
addressPrefix = string
privateEndpointNetworkPolicies = string
privateLinkServiceNetworkPolicies = string
service_endpoints = list(string)
route_tables = object({
name = string
disableBgpRoutePropagation = bool
routes = list(object({
name = string
addressPrefix = string
nextHopType = string
nextHopIpAddress = string
}))
})
}))
}
1条答案
按热度按时间iqjalb3h1#
Azure子网、路由表、安全组和虚拟网络可以在Terraform中配置动态块。
例如,以下是如何迭代问题中的“subsets”变量:
上面避免了内联子网,以限制嵌套。“for_each”用于迭代“subnets”变量,因为它是一个Map,“for”表达式用于迭代路由,因为它是一个列表。
参见dynamic blocks、"for" expressions和azurerm_subnet的文档