Skip to content

Commit

Permalink
fix: Use lookup() on computed resource attribute lookups in `for_ea…
Browse files Browse the repository at this point in the history
…ch` loop (#18)
  • Loading branch information
bryantbiggs authored Nov 3, 2023
1 parent 8cdc5b6 commit a206e43
Show file tree
Hide file tree
Showing 3 changed files with 13 additions and 12 deletions.
4 changes: 2 additions & 2 deletions .pre-commit-config.yaml
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
repos:
- repo: https://github.com/antonbabenko/pre-commit-terraform
rev: v1.77.0
rev: v1.83.5
hooks:
- id: terraform_fmt
- id: terraform_validate
Expand All @@ -23,7 +23,7 @@ repos:
- '--args=--only=terraform_standard_module_structure'
- '--args=--only=terraform_workspace_remote'
- repo: https://github.com/pre-commit/pre-commit-hooks
rev: v4.4.0
rev: v4.5.0
hooks:
- id: check-merge-conflict
- id: end-of-file-fixer
7 changes: 3 additions & 4 deletions examples/complete/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ provider "aws" {

locals {
region = "eu-west-1"
name = "efs-ex-${replace(basename(path.cwd), "_", "-")}"
name = "ex-${basename(path.cwd)}"

azs = slice(data.aws_availability_zones.available.names, 0, 3)

Expand Down Expand Up @@ -135,9 +135,8 @@ module "vpc" {
public_subnets = ["10.99.0.0/24", "10.99.1.0/24", "10.99.2.0/24"]
private_subnets = ["10.99.3.0/24", "10.99.4.0/24", "10.99.5.0/24"]

enable_nat_gateway = false
single_nat_gateway = true
map_public_ip_on_launch = false
enable_nat_gateway = false
single_nat_gateway = true

tags = local.tags
}
Expand Down
14 changes: 8 additions & 6 deletions main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -129,10 +129,12 @@ resource "aws_efs_mount_target" "this" {

locals {
security_group_name = try(coalesce(var.security_group_name, var.name), "")

create_security_group = var.create && var.create_security_group && length(var.mount_targets) > 0
}

resource "aws_security_group" "this" {
count = var.create && var.create_security_group && length(var.mount_targets) > 0 ? 1 : 0
count = local.create_security_group ? 1 : 0

name = var.security_group_use_name_prefix ? null : local.security_group_name
name_prefix = var.security_group_use_name_prefix ? "${local.security_group_name}-" : null
Expand All @@ -149,7 +151,7 @@ resource "aws_security_group" "this" {
}

resource "aws_security_group_rule" "this" {
for_each = { for k, v in var.security_group_rules : k => v if var.create && var.create_security_group }
for_each = { for k, v in var.security_group_rules : k => v if local.create_security_group }

security_group_id = aws_security_group.this[0].id

Expand All @@ -158,11 +160,11 @@ resource "aws_security_group_rule" "this" {
from_port = try(each.value.from_port, 2049)
to_port = try(each.value.to_port, 2049)
protocol = try(each.value.protocol, "tcp")
cidr_blocks = try(each.value.cidr_blocks, null)
ipv6_cidr_blocks = try(each.value.ipv6_cidr_blocks, null)
prefix_list_ids = try(each.value.prefix_list_ids, null)
cidr_blocks = lookup(each.value, "cidr_blocks", null)
ipv6_cidr_blocks = lookup(each.value, "ipv6_cidr_blocks", null)
prefix_list_ids = lookup(each.value, "prefix_list_ids", null)
self = try(each.value.self, null)
source_security_group_id = try(each.value.source_security_group_id, null)
source_security_group_id = lookup(each.value, "source_security_group_id", null)

lifecycle {
create_before_destroy = true
Expand Down

0 comments on commit a206e43

Please sign in to comment.