Terraform Json条件创建

时间:2020-10-15 10:13:51

标签: terraform terraform-provider-aws

我正在尝试创建用于emr安全配置的json模板文件。目前,我有以下内容:

resource "aws_emr_security_configuration" "this" {
      name = "test-configuration"
      configuration = jsonencode({
          "EncryptionConfiguration": {
            "EnableInTransitEncryption": var.intransitencryption_enabled,
            "EnableAtRestEncryption": var.atrestencryption_enabled
            "InTransitEncryptionConfiguration": {
              "TLSCertificateConfiguration": {
                "CertificateProviderType": "PEM",
                "S3Object": var.s3_object
              }
            },
            "AtRestEncryptionConfiguration": {
              "S3EncryptionConfiguration": {
                "EncryptionMode": "SSE-KMS",
                "AwsKmsKey": var.kms_key_arn
              },
              "LocalDiskEncryptionConfiguration": {
                "EnableEbsEncryption": true,
                "EncryptionKeyProviderType": "AwsKms",
                "AwsKmsKey": var.kms_key_arn
              }
            }
          }
       })
 }

我要依赖var.intransitencryption_enabled变量(对或错)添加或删除以下部分:

"InTransitEncryptionConfiguration": {
  "TLSCertificateConfiguration": {
    "CertificateProviderType": "PEM",
    "S3Object": var.s3_object
  }
}

我尝试过

%{ if var.intransitencryption_enabled}
"InTransitEncryptionConfiguration": {
  "TLSCertificateConfiguration": {
    "CertificateProviderType": "PEM",
    "S3Object": var.s3_object
  }
}
{endif}

但是它不起作用。 terraform是否有这样做的有效决定?

0 个答案:

没有答案
相关问题
最新问题