Newbie on terraform .I am doing something like this as of now .
module "vote_service_sg" {
source = "terraform-aws-modules/security-group/aws"
for_each = var.inpparameter
// count = length(local.mergesubnets)
name = "user-service"
description = "Security group"
vpc_id = each.value.name=="vpc2"?"vpc-03fca892776900aa1":"vpc-07a77da5bec5f9583"
ingress_cidr_blocks = ["0.0.0.0/0"]
ingress_rules = ["all-tcp"]
egress_cidr_blocks = each.value.name=="vpc1"?["0.0.0.0/0"]:[]
egress_rules = each.value.name=="vpc1"?["all-tcp","ssh-tcp"]:[]
}
Is there a way to do check if my vpc is vpc1 then I assign all the resource attributes to a set of values and if it isn't another set of values ,instead of checking the condition on each of the parameters?
Newbie on terraform .I am doing something like this as of now .
module "vote_service_sg" {
source = "terraform-aws-modules/security-group/aws"
for_each = var.inpparameter
// count = length(local.mergesubnets)
name = "user-service"
description = "Security group"
vpc_id = each.value.name=="vpc2"?"vpc-03fca892776900aa1":"vpc-07a77da5bec5f9583"
ingress_cidr_blocks = ["0.0.0.0/0"]
ingress_rules = ["all-tcp"]
egress_cidr_blocks = each.value.name=="vpc1"?["0.0.0.0/0"]:[]
egress_rules = each.value.name=="vpc1"?["all-tcp","ssh-tcp"]:[]
}
Is there a way to do check if my vpc is vpc1 then I assign all the resource attributes to a set of values and if it isn't another set of values ,instead of checking the condition on each of the parameters?
Share Improve this question asked Nov 19, 2024 at 14:33 satya18948satya18948 173 bronze badges 3- Are there any errors with the code you have? If so, please add it to the question. – Marko E Commented Nov 19, 2024 at 15:13
- 2 You should probably avoid this entirely by managing the vpc security groups with separate module declarations. This will likely cause issues for you otherwise. – Matthew Schuchard Commented Nov 19, 2024 at 15:15
- There are no Errors .As i am learning I wanted to know if there are ways to do the stuff. – satya18948 Commented Nov 19, 2024 at 16:10
1 Answer
Reset to default 0The most typical way to do this would be to include the values that vary between instances of your module as attributes in the elements of your var.inppararameter.
For example:
variable "inpparameter" {
type = map(object({
vpc_id = optional(string, "vpc-07a77da5bec5f9583")
egress_cidr_blocks = optional(set(string), [])
egress_rules = optional(set(string), [])
}))
}
module "vote_service_sg" {
source = "terraform-aws-modules/security-group/aws"
for_each = var.inpparameter
name = "user-service"
description = "Security group"
vpc_id = each.value.vpc_id
ingress_cidr_blocks = ["0.0.0.0/0"]
ingress_rules = ["all-tcp"]
egress_cidr_blocks = each.value.egress_cidr_blocks
egress_rules = each.value.egress_rules
}
To match your example as closely as possible I made all of the attributes optional with the default set to whatever your conditional expressions would've returned for any non-matching VPC. Therefore you could get the same result as your example by populating this input variable like this:
inpparameter = {
"vpc1" = {
egress_cidr_blocks = ["0.0.0.0/0"]
egress_rules = ["all-tcp","ssh-tcp"]
# (vpc_id defaults to "vpc-07a77da5bec5f9583")
}
"vpc2" = {
vpc_id = "vpc-03fca892776900aa1"
# (the other two arguments default to empty)
}
}