我正在尝试开发一个模块,如果变量DeployPrivateEndpoint == true
将部署私有端点,如果为 false,则不会部署。
我目前有以下代码:
resource "azurerm_container_registry" "ACR" {
count = length(var.ACR_Name)
name = var.ACR_Name[count.index]
resource_group_name = var.resourcegroup_name
location = var.location
sku = var.ACR_Sku
admin_enabled = var.ACR_AdminEnabled
georeplication_locations = var.ACR_GeoRepLocation
}
resource "azurerm_private_dns_zone" "PDZ" {
count = var.DeployPrivateEndpoint == true ? 1 : 0
name = "privatelink.azurecr.io"
resource_group_name = var.resourcegroup_name
}
resource "azurerm_private_endpoint" "PEP" {
count = var.DeployPrivateEndpoint == true ? length(var.PEP_Name) : 0
name = var.PEP_Name[count.index]
location = var.location
resource_group_name = var.resourcegroup_name
subnet_id = element(concat(var.subnet_id[*], [""]), count.index)
private_dns_zone_group {
name = "private-dns-zone-group"
private_dns_zone_ids = element(concat(azurerm_private_dns_zone.PDZ.*.id, [""]), count.index)
}
private_service_connection {
name = var.PEP_Name[count.index]
private_connection_resource_id = element(concat(azurerm_container_registry.ACR.*.id, [""]), count.index)
subresource_names = [ "registry" ]
is_manual_connection = false
}
}
private_dns_zone_group
如果变量的值为 false,则此时代码只会在部件上崩溃。Terraform 预计private_dns_zone_ids
将给出 a,但由于变量设置为 false,因此未创建它。我收到以下错误:
错误:无效索引
在 .terraform\modules\containerRegistry\outputs.tf 第 10 行,在输出 "ACR_PDZID": 10: value = azurerm_private_dns_zone.PDZ.0.id |---------------- | azurerm_private_dns_zone.PDZ 是空元组
任何帮助表示赞赏!
编辑:
该模块通过如下所示的 main 调用:
terraform {
required_version = ">= 0.13"
required_providers {
azurerm = {
source = "hashicorp/azurerm"
version = "2.47.0"
}
}
}
provider "azurerm" {
subscription_id = "****"
client_id = "****"
client_secret = "*****"
tenant_id = "*****"
features {}
}
module "ResourceGroups" {
source = "git::https://***@dev.azure.com/***/AzureTerraformModules/_git/ResourceGroup"
location = var.location
RG_Name = var.RG_Name
}
module "VirtualNetwork" {
source = "git::https://***@dev.azure.com/***/AzureTerraformModules/_git/VirtualNetwork"
resourcegroup_name = module.ResourceGroups.RG_Name[0]
location = var.location
VNET_Name = var.vnet_name
VNET_Cidr = var.vnet_cidr
}
module "Subnet" {
source = "git::https://***@dev.azure.com/***/AzureTerraformModules/_git/Subnet"
resourcegroup_name = module.ResourceGroups.RG_Name[0]
location = var.location
VNET_name = module.VirtualNetwork.VNET_Name[0]
SNET_cidr = var.subnet_cidr
SNET_name = var.subnet_names
}
module "containerRegistry" {
source = "git::https://***@dev.azure.com/***/AzureTerraformModules/_git/ContainerRegistry"
resourcegroup_name = module.ResourceGroups.RG_Name[0]
location = var.location
subnet_id = module.Subnet.SNET_ID
PEP_Name = ["****", "*****"]
ACR_Name = ["****", "*****" ]
ACR_Sku = "Premium"
DeployPrivateEndpoint = false
}
模块中的 output.tf 文件如下所示:
output "ACR_ID" {
value = azurerm_container_registry.ACR.*.id
}
output "ACR_LoginServer" {
value = azurerm_container_registry.ACR.*.login_server
}
output "ACR_PDZID" {
value = azurerm_private_dns_zone.PDZ.0.id
}
output "ACR_PEPID" {
value = azurerm_private_endpoint.PEP.*.id
}