Unable to iterate security group using for_each in Terraform v0.13-CodePudding

I am trying to use for_each key value pair but getting error like This object does not have an attribute named "destination_address_prefix". This object does not have an attribute named "source_address_prefix".

resource "azurerm_network_security_group" "nsg" {
  
  
  name                = "testsg"
  location            = "east us"
  resource_group_name = "test-rg"
  
 dynamic security_rule {
    for_each = var.securitygroup
    content {
    name                       = security_rule.name
    priority                   = security_rule.priority
    direction                  = security_rule.direction
    access                     = security_rule.access
    protocol                   = security_rule.protocol
    source_port_range          = security_rule.source_port_range
    destination_port_range     = security_rule.destination_port_range
    source_address_prefix      = security_rule.source_address_prefix
    destination_address_prefix = security_rule.destination_address_prefix

    }

  }

}

Var.tf:

variable "securitygroup" {

    type = map 
    default = {
    name                       = "test123"
    priority                   = "100"
    direction                  = "Inbound"
    access                     = "Allow"
    protocol                   = "Tcp"
    source_port_range          = "*"
    destination_port_range     = "*"
    source_address_prefix      = "*"
    destination_address_prefix = "*"   

    }

}

CodePudding user response：

You don't need dynamic block for your use-case, as you have only one rule and there is nothing to iterate over, except individual items in this single rule. Thus it should be:

resource "azurerm_network_security_group" "nsg" {
    
  name                = "testsg"
  location            = "east us"
  resource_group_name = "test-rg"
  
 security_rule  {
    name                       = var.securitygroup.name
    priority                   = var.securitygroup.priority
    direction                  = var.securitygroup.direction
    access                     = var.securitygroup.access
    protocol                   = var.securitygroup.protocol
    source_port_range          = var.securitygroup.source_port_range
    destination_port_range     = var.securitygroup.destination_port_range
    source_address_prefix      = var.securitygroup.source_address_prefix
    destination_address_prefix = var.securitygroup.destination_address_prefix
   }
  }
}

CodePudding user response：

Your variable is not a list or set type of variable, it is a single object type of variable, so you don't need iteration logic on your azurerm_network_security_group, here is the example:

resource "azurerm_network_security_group" "nsg" {
  
  name                = "testsg"
  location            = "east us"
  resource_group_name = "test-rg"

  security_rule = var.securitygroup

}