问题描述
我正在编写一个terraform模块来创建具有多个别名的单个实体。我无法查找别名身份验证后端。我错过了什么吗?任何帮助都将不胜感激。
data "vault_auth_backend" "b" {
provider = vault.this
for_each = {
for alias in var.entity.aliases :
alias.type => alias
}
path = each.value.auth_path
}
resource "vault_identity_entity_alias" "alias" {
provider = vault.this
for_each = {
for alias in var.entity.aliases :
alias.name => alias
}
name = each.key
mount_accessor = lookup(data.vault_auth_backend.b[each.key],"accessor",null)
canonical_id = vault_identity_entity.entity.id
}
Error: Invalid index
on .terraform/modules/vault_dba_entity/main.tf line 31,in resource "vault_identity_entity_alias" "alias":
31: mount_accessor = lookup(data.vault_auth_backend.b[each.key],null)
|----------------
| data.vault_auth_backend.b is object with 2 attributes
| each.key is "ldap-team-foo"
The given key does not identify an element in this collection value.
Error: Invalid index
on .terraform/modules/vault_dba_entity/main.tf line 31,null)
|----------------
| data.vault_auth_backend.b is object with 2 attributes
| each.key is "aws-team-foo"
解决方法
您的for_each块是不同的:在vault_auth_backend中,您使用别名的type作为密钥,而在vault_identity_entity_alias中,您使用的是别名name。然后,您尝试使用该名称在vault_auth_backend中查找,因为该名称使用type作为其密钥,所以该名称将无效。
将vault_auth_backend更改为使用alias.name => alias而不是alias.type => alias。