The post below shows how to create security policy groups for NSX-T with Terraform nested for_each loop and dynamic.
The variables are made from one map of list. Each list represents one group composed of tags.
https://www.hashicorp.com/blog/hashicorp-terraform-0-12-preview-for-and-for-each
variable "mapgroups" { type = map default = { NBO = ["NBO"] NBO-PROD = ["NBO","PROD"] } } resource "nsxt_policy_group" "nbogroups" { for_each = var.mapgroups display_name = each.key criteria { dynamic "condition" { for_each = each.
The steps below are what I have followed to create a terraform-bundle to use terraform with non default providers on a server that doesn’t have access to Internet. You can find the tool explanation in the below link.
https://github.com/hashicorp/terraform/tree/master/tools/terraform-bundle
installation of golang with msi downloaded here
https://golang.org/doc/install
Clone the terraform repository to get the tool
https://github.com/hashicorp/terraform.git
cd terraform-master go install .\tools\terraform-bundle Check the terraform version C:\Users\noyel\Desktop\tfforeach\nsxt>terraform version Terraform v0.
An extended explanation of the differences between for_each, for and count can be find on the link below https://blog.gruntwork.io/terraform-tips-tricks-loops-if-statements-and-gotchas-f739bbae55f9
The two main drawbacks of using count are :
- Can’t be used to loop over inline blocks
- Difficult to remove entry from a list because it changes the index and those Terraform may want to destroy the resource because it has a different index
Below is an example of the variables used to create subnets within AWS VPCs and the main file with the for_each.