search

CrowdStrike / terraform-kubectl-falcon

Module to manage CrowdStrike Falcon Sensor and the Kubernetes Protection Agent on a Kubernetes cluster.
https://registry.terraform.io/modules/CrowdStrike/falcon/kubectl/latest
The Unlicense
7 stars 14 forks source link

kubectl_manifest - for each error #55

Open barakvbzz opened 1 month ago

barakvbzz commented 1 month ago

i use the module inside another model. the resource: resource "kubectl_manifest" "falcon_operator" { for_each = data.kubectl_file_documents.docs.manifests yaml_body = each.value }

When i try to apply, an error appears:

for_each = data.kubectl_file_documents.docs.manifests │ ├──────────────── │ │ data.kubectl_file_documents.docs.manifests is a map of string, known only after apply │ │ The "for_each" map includes keys derived from resource attributes that cannot be determined until apply, and so Terraform cannot determine the full set of keys that will identify the instances │ of this resource. │ │ When working with unknown values in for_each, it's better to define the map keys statically in your configuration and place apply-time results only in the map values. │ │ Alternatively, you could use the -target planning option to first apply only the resources that the for_each value depends on, and then apply a second time to fully converge. ╵

ffalor commented 1 month ago

Can you give the full example of your code? With any sensitive information redacted.

barakvbzz commented 1 month ago

data "aws_secretsmanager_secret" "falcon_by_name" { name = var.falcon_secret }

data "aws_secretsmanager_secret_version" "falcon_version" { secret_id = data.aws_secretsmanager_secret.falcon_by_name.id }

locals { secrets = jsondecode(data.aws_secretsmanager_secret_version.falcon_version.secret_string)

}

module "crowdstrike_operator" { count = var.CreateCluster ? 1 : 0 source = "github.com/CrowdStrike/terraform-kubectl-falcon//modules/operator?ref=v0.4.0"

client_id = local.secrets["client_id"] client_secret = local.secrets["client_secret"] environment = length(aws_eks_cluster.cluster) > 0 ? aws_eks_cluster.cluster[0].name : "" depends_on = [ aws_eks_cluster.cluster ] }

module "crowdstrike_kpa" { count = var.CreateCluster ? 1 : 0 source = "github.com/CrowdStrike/terraform-kubectl-falcon//modules/k8s-protection-agent?ref=v0.1.0"

cid = local.secrets["cid"] client_id = local.secrets["client_id"] client_secret = local.secrets["client_secret"] cloud = "eu-1" cluster_name = length(aws_eks_cluster.cluster) > 0 ? aws_eks_cluster.cluster[0].name : "" docker_api_token = local.secrets["api_token"] depends_on = [ aws_eks_cluster.cluster ] }

this is my reference to the modules. it is inside of an EKS module.

i use the count parameter here also.

when i set CreateCluster = true, the error would appear