我的变量的定义如下
variable "iam_assume_principal_list" {
description = "IAM principal ARN that can assume the role"
type = "map"
default = {
test = <<IAM_ARN_TEST
"arn:aws:iam::0211111111:user/j2nh~123",
"arn:aws:iam::3512241111:user/ikmz~"
IAM_ARN_TEST
prod = <<IAM_ARN_PROD
"arn:aws:iam::02115555:user/j2nh~123",
"arn:aws:iam::35122555:user/ikmz~7655"
IAM_ARN_PROD
}
}
现在我需要在〜上拆分字符串
arn:aws:iam :: 0211111111:user / j2nh〜123变为“ arn:aws:iam :: 0211111111:user / j2nh”和“ 123” arn:aws:iam :: 3512241111:user / ikmz〜变为“ arn:aws:iam :: 3512241111:user / ikmz”&null
下面是我的代码
data "template_file" "iam-assume-arn-stmt" {
template = <<IAM_ASSUM_STMT
{
"Sid": "Assume",
"Effect": "Allow",
"Principal": {
"AWS": [
$${iam_assume_principal_list}
]
},
"Action": "sts:AssumeRole",
"Condition": {
"StringEquals": {
"sts:ExternalId": [
$${iam_assume_external_list}
]
}
}
}
IAM_ASSUM_STMT
vars {
iam_assume_principal_list = "${element(split("~",lookup(var.iam_assume_principal_list[count.index],var.environment)),0)}"
iam_assume_external_list = "${element(split("~",lookup(var.iam_assume_principal_list[count.index],var.environment)),1)}"
}
}
我遇到错误了
Error: data.template_file.iam-assume-arn-stmt: 1 error(s) occurred:
* data.template_file.iam-assume-arn-stmt: At column 21, line 1: lookup: argument 1 should be type map, got type string in:
${element(split("~",lookup(var.iam_assume_principal_list[count.index],var.environment)),0)}
这是一个简单的场景:
variable "ip_cidr" {
default = "1.1.1.1/32,2.2.2.2/32,3.3.3.3/32"
}
我要在下面
ip_1 = 1.1.1.1
ip_cidr_1 = 32
ip_2 = 2.2.2.2
ip_cidr_2 = 32
ip_3 = 3.3.3.3
ip_cidr_3 = 32