0

我正在尝试开发一个模块,如果变量DeployPrivateEndpoint == true将部署私有端点,如果为 false,则不会部署。

我目前有以下代码:

resource "azurerm_container_registry" "ACR" {
  count                    = length(var.ACR_Name)
  name                     = var.ACR_Name[count.index]
  resource_group_name      = var.resourcegroup_name
  location                 = var.location
  sku                      = var.ACR_Sku
  admin_enabled            = var.ACR_AdminEnabled
  georeplication_locations = var.ACR_GeoRepLocation
}

resource "azurerm_private_dns_zone" "PDZ" {
  count                     = var.DeployPrivateEndpoint == true ? 1 : 0
  name                      = "privatelink.azurecr.io"
  resource_group_name       = var.resourcegroup_name
}

resource "azurerm_private_endpoint" "PEP" {
  count                     = var.DeployPrivateEndpoint == true ? length(var.PEP_Name) : 0
  name                      = var.PEP_Name[count.index]
  location                  = var.location
  resource_group_name       = var.resourcegroup_name
  subnet_id                 = element(concat(var.subnet_id[*], [""]), count.index)

  private_dns_zone_group {
    name                            = "private-dns-zone-group"
    private_dns_zone_ids            =  element(concat(azurerm_private_dns_zone.PDZ.*.id, [""]), count.index)
  }

  private_service_connection {
    name                            = var.PEP_Name[count.index]
    private_connection_resource_id  = element(concat(azurerm_container_registry.ACR.*.id, [""]), count.index)
    subresource_names               = [ "registry" ]
    is_manual_connection            = false
  }

}

private_dns_zone_group如果变量的值为 false,则此时代码只会在部件上崩溃。Terraform 预计private_dns_zone_ids将给出 a,但由于变量设置为 false,因此未创建它。我收到以下错误:

错误:无效索引

在 .terraform\modules\containerRegistry\outputs.tf 第 10 行,在输出 "ACR_PDZID": 10: value = azurerm_private_dns_zone.PDZ.0.id |---------------- | azurerm_private_dns_zone.PDZ 是空元组

任何帮助表示赞赏!

编辑:

该模块通过如下所示的 main 调用:

terraform {
  required_version = ">= 0.13"

  required_providers {
    azurerm = {
      source = "hashicorp/azurerm"
      version = "2.47.0"
    }
  }

}

provider "azurerm" {
  subscription_id = "****"
  client_id = "****"
  client_secret = "*****"
  tenant_id = "*****"

  features {}
}

module "ResourceGroups" {
  source                        = "git::https://***@dev.azure.com/***/AzureTerraformModules/_git/ResourceGroup"
  location                      = var.location
  RG_Name                       = var.RG_Name
}

module "VirtualNetwork" {
  source                        = "git::https://***@dev.azure.com/***/AzureTerraformModules/_git/VirtualNetwork"
  resourcegroup_name            = module.ResourceGroups.RG_Name[0]
  location                      = var.location  
  VNET_Name                     = var.vnet_name
  VNET_Cidr                     = var.vnet_cidr
}

module "Subnet" {
  source                        = "git::https://***@dev.azure.com/***/AzureTerraformModules/_git/Subnet"
  resourcegroup_name            = module.ResourceGroups.RG_Name[0]
  location                      = var.location  
  VNET_name                     = module.VirtualNetwork.VNET_Name[0]
  SNET_cidr                     = var.subnet_cidr
  SNET_name                     = var.subnet_names
}

module "containerRegistry" {
  source                        = "git::https://***@dev.azure.com/***/AzureTerraformModules/_git/ContainerRegistry"
  resourcegroup_name            = module.ResourceGroups.RG_Name[0]
  location                      = var.location  
  subnet_id                     = module.Subnet.SNET_ID
  PEP_Name                      = ["****", "*****"]
  ACR_Name                      = ["****", "*****" ]
  ACR_Sku                       = "Premium"
  DeployPrivateEndpoint         = false
}

模块中的 output.tf 文件如下所示:

output "ACR_ID" {
  value = azurerm_container_registry.ACR.*.id
}

output "ACR_LoginServer" {
  value = azurerm_container_registry.ACR.*.login_server
}

output "ACR_PDZID" {
   value       = azurerm_private_dns_zone.PDZ.0.id
}

output "ACR_PEPID" {
   value       = azurerm_private_endpoint.PEP.*.id
}
4

1 回答 1

2

您应该调整一下 ACR_PDZID 输出,将 0 更改为 *

output "ACR_PDZID"应该是这样的:

output "ACR_PDZID" {
   value       = azurerm_private_dns_zone.PDZ.*.id
}
于 2021-02-18T09:46:29.477 回答