Hi, Thanks for the video. How can I differentiate that the first value of ingress.port is for example = 443 and then the ingress.port in the following line is = 80? is it by the order in which you have the elements in the list of objects?
struggling a bit with this, I have a array of complex objects in my locals, in my configuration I want to iterate over these objects and create an array of objects with my custom content injecting the vars. With your example you get repeated keys: "ingress": {...}, "ingress": {...} I'm trying to get to: "ingress": [{...},{...}] any ideas?
Great video. Just wonder how you would add an additional egress rule set or maybe do this for ipv4 with 0.0.0.0/0 and for ipv6 with ::/0. You know what I mean get more of the dynamic resources into
Using the same from_port and to_port blocks the traffic as even the Load Balancer can't reach or health monitor the instance. It should be from any port to 443 and 80.
I loved your video...I had a quick question related to dynamic block for the below requirement : I need to find all the vpcs under a aws account and create flow logs to those vpcs to s3 excluding the default vpc. locals { vpc_id = ["${data.aws_vpc.example}"] } resource "aws_flow_log" "terraform_vpc_flow_logs" { traffic_type = "ALL" dynamic "vpc_id" { for_each = local.vpc_id content { log_destination_type = "s3" traffic_type = "ALL" max_aggregation_interval = "60" log_destination = "${aws_s3_bucket.terraform_vpc_flow_logs.arn}" } } } can you please help me in correcting the logic.
@@WillBrock thanks for ur reply. I understood why we use dynamic block. But the way we configure is confusing. Why do we have to link it up with local values? Moreover, this statement : description = ingress.value.description.
I've watched these videos 2 years ago and still find relevance in it today. Simply explained and great demonstrations
Thanks, glad they've been useful. It's nice that the terraform api hasn't changed much and the videos are still relevant after a few years
I read the documentation and hardly understood it. And then found ur video and understood everything in one go. Great work!
Awesome, glad to hear
Thank you so much for this playlist!!! we all really appreciate it!
Great video, love your way of explanation , very easy to understand. Expecting more videos on some complex interpolation.
Thanks for this great video. Exactly what I was after. A simple example and code.
Glad it was helpful :)
You are very good at explaining the details!
Thanks! Glad it was helpful
Thank you , it is so useful. Very easy to understand!
Awesome!
Really good illustration. Wonderful Job will
Thanks
I just subscribed to your channel after one video. You are doing a great job.
Well explained. THankyou
@4:50 we used `for_each`
can't we do it like `each.value.description` instead of `ingress.value.description` inside dynamic ingress block?
In terraform tuts series we have two times same video #13
Hi, will, excellent video, thanks for sharing. I have a question: Can I apply this policy to Resource Location Restriction in GCP? thanks
Great Video, instead of using a local for this to call could you set this to get values from the .var file
Hi, Thanks for the video.
How can I differentiate that the first value of ingress.port is for example = 443 and then the ingress.port in the following line is = 80? is it by the order in which you have the elements in the list of objects?
why not in this example ?
description = "Port ${ingress.value.port}"
from_port = ingress.value.port
You can do that if you want. I can't remember the exact example that is in the video off the top of my head.
struggling a bit with this, I have a array of complex objects in my locals, in my configuration I want to iterate over these objects and create an array of objects with my custom content injecting the vars. With your example you get repeated keys:
"ingress": {...}, "ingress": {...}
I'm trying to get to:
"ingress": [{...},{...}]
any ideas?
This is clear .. thanks
One thing.. lets say, we want to have different from_port and to_port
in this example...how do we accomplish this with dynamic blocks ?
You can set the to and from ports in the ingress_rules list and then reference them in the dynamic block like below.
locals {
ingress_rules = [{
from_port = 100
to_port = 200
description = "Port 443"
},
{
from_port = 201
to_port = 300
description = "Port 80"
}]
}
resource "aws_security_group" "main" {
dynamic "ingress" {
for_each = local.ingress_rules
content {
description = ingress.value.description
from_port = ingress.value.from_port
to_port = ingress.value.to_port
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
}
}
Great video. Just wonder how you would add an additional egress rule set or maybe do this for ipv4 with 0.0.0.0/0 and for ipv6 with ::/0. You know what I mean get more of the dynamic resources into
perfect and about output.tf if you want put in a output variable the SG id ?, how do you declare it in output.tf ?
Using the same from_port and to_port blocks the traffic as even the Load Balancer can't reach or health monitor the instance. It should be from any port to 443 and 80.
Can you do dynamic blocks on complete resources?
I loved your video...I had a quick question related to dynamic block for the below requirement :
I need to find all the vpcs under a aws account and create flow logs to those vpcs to s3 excluding the default vpc.
locals {
vpc_id = ["${data.aws_vpc.example}"]
}
resource "aws_flow_log" "terraform_vpc_flow_logs" {
traffic_type = "ALL"
dynamic "vpc_id" {
for_each = local.vpc_id
content {
log_destination_type = "s3"
traffic_type = "ALL"
max_aggregation_interval = "60"
log_destination = "${aws_s3_bucket.terraform_vpc_flow_logs.arn}"
}
}
}
can you please help me in correcting the logic.
How you enable variables auto suggestions.?
Hi. You have doubled #13 video
Thanks for letting me know
Hi, can the local accommodate but ingress and egrees rules like below
rules {
ingress_rules= [{
port = 443
description = "HTTPS"
},
{
port = 80
description = "HTTP"
}]
egress_rules= [{
port = 443
description = "HTTPS"
},{
port = 25
description = "SMTP"
}, { port = 443
description = "HTTPS"
},{
port = 53
description = "DNS"
}
}]
Yes
@@WillBrock high brock, sadly it didn't work, can you help me check the syntax
Hmm, does the below example code help?
github.com/WillBrock/terraform-course-examples/blob/master/dynamic-blocks/main.tf
@@WillBrock yes , it only has ingress rules, can it hold both ingress and egress?
It makes code less readable. I would prefer using the classic way instead of dynamic blocks.
from security standpoint, i like to see what IP addresses explicitly define in each ingress and egress and it's description
Hi Will,
Pretty nice, thank you for sharing. By the way #13 is duplicated on your list.
Yep and this can be replaced with a dynamic block of identical data
Confusing topic. Didn't understand anything.
Dynamic blocks can be confusing. What don't you understand after watching the video. Maybe I can explain in more detail in a comment.
@@WillBrock thanks for ur reply. I understood why we use dynamic block. But the way we configure is confusing. Why do we have to link it up with local values? Moreover, this statement : description = ingress.value.description.