TransWikia.com

Terraform foreach multiple map variables

DevOps Asked by stravze on January 16, 2021

I need to do the following in Terraform but can’t work out how

Here is what I have

local {
app_config = {
    test-web = {
      name            = "test-web-${local.environment}"
      websockets      = false
      subnet          = "backend"
      audience_subnet = "frontend"
      url             = "https://test-web-${local.environment}.mydomain.com"
    }
    test-api  = {
      name            = "test-api-${local.environment}"
      websockets      = false
      subnet          = "backend"
      audience_subnet = "frontend"
      url             = "https://test-api-${local.environment}.mydomain.com"
    }
  }


keyvault_secrets = {
    aat = {
        test-api = {
            application_id = "1111"
            client_id = "2222"
            administrator_pass = "3333"
        }
        test-web = {
            application_id = "4444"
            client_id = "5555"
            administrator_pass = "6666"
        }
    }
    Demo = {
        test-api = {
            application_id = "1212"
            client_id = "2323"
            administrator_pass = "3434"
        }
        test-web = {
            application_id = "4545"
            client_id = "5656"
            administrator_pass = "6767"
        }
    }
    Dev = {
        test-api = {
            application_id = "9999"
            client_id = "8888"
            administrator_pass = "7777"
        }
        test-web = {
            application_id = "9898"
            client_id = "8787"
            administrator_pass = "7676"
        }
    }
}

resource "azurerm_key_vault_secret" "app_id" {
  for_each = var.apps_config

  name         = var.apps_config
  value        = each.value.application_id
  key_vault_id = data.azurerm_key_vault.mykv.id
}

resource "azurerm_key_vault_secret" "client_id" {
  for_each = var.apps_config

  name         = var.apps_config
  value        = each.value.client_id
  key_vault_id = data.azurerm_key_vault.mykv.id
}

resource "azurerm_key_vault_secret" "admin_pass" {
  for_each = var.apps_config

  name         = var.apps_config
  value        = each.value.administrator_pass
  key_vault_id = data.azurerm_key_vault.mykv.id
}

What I can’t work out is how you do the following:
For every app_config defined, for example:
test-web
test-api

A Key Vault secret are created by the environment defined when running:

Terraform plan or apply -var="environment=dev"

I want it to create the 3 secrets for each app_config

terraform

One Answer

Is something like the below what you are looking for?

locals {
  apps = keys(var.app_config)
}

resource "azurerm_key_vault_secret" "app_id" {
  for_each = toset(local.apps)

  name         = each.key
  value        = var.keyvault_secrets[var.environment][each.key]["application_id"]
  key_vault_id = data.azurerm_key_vault.mykv.id
}

Answered by Mikhail Advani on January 16, 2021

Add your own answers!

Ask a Question

Get help from others!

Recent Answers

Recent Questions

© 2024 TransWikia.com. All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP