Terraform Azure - for_each 变量混淆

Question

这是我第一次深入研究 Terraform，请在某个问题上提供一些指导。

我正在尝试在同一个资源组中创建两个 azure 虚拟网络网关（因为它们每个都需要 30 分钟来配置），但是当我运行代码时，它在包含映射对象的变量文件中出错 - 要么说它不能引用其中的其他变量 URI 无效：

main.tf

terraform {
  required_providers {
    azurerm = {
      source  = "hashicorp/azurerm"
      version = ">= 2.26"
    }
  }

  required_version = ">= 0.14.9"
}

provider "azurerm" {
  skip_provider_registration = true
  features {}
}


resource "azurerm_virtual_network" "vnet1" {
    name                = "vnet1"
    address_space       = ["10.0.0.0/23"]
    location            = var.region
    resource_group_name = var.rg

  dynamic "subnet" {
    for_each = var.vnet1_subnets
    content {
      name = subnet.value["name"]
      address_prefix  = subnet.value["address_prefix"]
    }
  }
}


resource "azurerm_virtual_network" "vnet2" {
    name                = "vnet2"
    address_space       = ["10.0.10.0/23"]
    location            = var.region
    resource_group_name = var.rg

  dynamic "subnet" {
    for_each = var.vnet2_subnets
    content {
      name = subnet.value["name"]
      address_prefix  = subnet.value["address_prefix"]
    }
  }
}


resource "azurerm_public_ip" "vnet1_gateway_public_ip" {
  name                = "vnet1_gateway_ip"
  location            = var.region
  resource_group_name = var.rg
  allocation_method = "Dynamic"
}

resource "azurerm_public_ip" "vnet2_gateway_public_ip" {
  name                = "vnet2_gateway_ip"
  location            = var.region
  resource_group_name = var.rg
  allocation_method = "Dynamic"
}

resource "azurerm_virtual_network_gateway" "vnet_gateway" {

  #for_each = {for gateway in var.vnet_gateways: gateway.name => name}

  for_each = var.vnet_gateways
  name                = each.value.name
  location            = var.region
  resource_group_name = var.rg

  type     = "Vpn"
  vpn_type = "RouteBased"

  active_active = false
  enable_bgp    = true
  sku           = "Basic"

  ip_configuration {
    name                          = "vnetGatewayConfig"
    public_ip_address_id          = each.value.public_ip
    private_ip_address_allocation = "Dynamic"
    subnet_id                     = each.value.subnet
  }
}

变量.tf

variable "rg" {
  type    = string
  default = "rg_name"
}

variable "region" {
  type    = string
  default = "east"
}

variable "vnet1_subnets" {
  type = list(object({
    name = string
    address_prefix = string
  }))
  default = [
    {
      name = "vnet1_main"
      address_prefix = "10.0.0.0/24"
    },
    {
      name = "GatewaySubnet"
      address_prefix = "10.0.1.0/27"
    }
  ]
}

variable "vnet2_subnets" {
  type = list(object({
    name = string
    address_prefix = string
  }))
  default = [
    {
      name = "vnet2_main"
      address_prefix = "10.0.10.0/24"
    },
    {
      name = "GatewaySubnet"
      address_prefix = "10.0.11.0/27"
    }
  ]
}

variable "vnet_gateways" {
  type = map(object({
    name = string
    public_ip = string
    subnet = string
  }))

  default = {
      vnet1_gateway = {
          name = "vnet1_gateway",
          public_ip = "azurerm_public_ip.vnet1_gateway_public_ip.id"
          subnet = "azurerm_subnet.vnet1_gatewaysubnet.id"
      },
      vnet2_gateway = {
          name = "vnet2_gateway",
          public_ip = "azurerm_public_ip.vnet2_gateway_public_ip.id",
          subnet = "azurerm_subnet.vnet2_gatewaysubnet.id"
      }
  }
}

#if I run like this terraform says its an invalid URI for public_ip and subnet (these are supposed to reference that resources the Azure resource ID)
#if the quotes are taken away it says you can't place a variable in a variable 

我对此感到困惑，如果有人可以在正确的方向上推动我如何在我在 main.tf 中迭代的变量映射对象中引用资源 id，那将不胜感激。或者方法本身可能是不正确的，在这种情况下，我也欢迎有关如何改进它的反馈。

提前致谢

Answer 1

这里：

  ip_configuration {
    public_ip_address_id          = each.value.public_ip
    subnet_id                     = each.value.subnet
  }

这两个期望资源 ID。但是你输入的是字符串，例如"azurerm_public_ip.vnet1_gateway_public_ip.id"

整个模板对我来说看起来很复杂。您不应定义两个 VNet 资源和两个公共 IP，而应为每个资源创建一个循环。然后，您可以在 azurerm_virtual_network_gateway 资源中再次动态引用这些资源 - 您已经使用循环正确部署了这些资源。