For_each substitution in a dynamic block

Terraform
1

I would like to process each value in a nested map for dynamic “port”

How I can substitution all keys?

app_01 - has three ports
app_02 - has one ports

If is use for_each = local.k8_manifest.app_01.containerport it works well
but for_each = local.k8_manifest[*].containerport - doesn’t work

locals {
...
  k8_manifest = {
    "app_01" = {
     ...
      restartPolicy                 = "Always"
      containerport = [
        {
          port     = "9093"
          protocol = "TCP"
        },
        {
          port     = "9094"
          protocol = "TCP"
        },
        {
          port     = "9096"
          protocol = "TCP"
        }
      ]
      ...
    },
    "app_02" = {
     ...
      restartPolicy                 = "Always"
      containerport = [
        {
          port     = "9097"
          protocol = "TCP"
        },

  }

resource "kubernetes_deployment" "victoriametrics" {
  for_each = local.k8_manifest
    metadata {
...
    spec {
        dns_policy                       = "ClusterFirst"
        termination_grace_period_seconds = 30
        restart_policy                   = "Always"

        container {
          image = "111111111111.dkr.ecr.us-east-2.amazonaws.com/alertmanager:0.23.0" 
          name  = "app_01"

          dynamic "port" {
            for_each = local.k8_manifest.app_01.containerport
            #for_each = local.k8_manifest
            content {
              container_port = port.value.port
              protocol       = port.value.protocol
            }
          }
...

p.s.This code isn’t completed yet.

2

so you want a for_each on the kuberneets_deployment resource as well as the port{} block using the same data structure? That seems wrong. I’m guessing that your dynamic resource should be doing a for_each = each.value["containerport"]

3

It should be like this

...
    spec:
      containers:
        - name: alertmanager
          image: 714154805721.dkr.ecr.us-east-1.amazonaws.com/alertmanager:0.23.0
          ports:
            - containerPort: 9093
            - containerPort: 9094
            - containerPort: 9096
              protocol: TCP
          env:
            - name: Name
              value: alertmanager
          resources:
            limits:
              cpu: '1'
              memory: 512Mi
            requests:
              cpu: 250m
              memory: 150Mi
...

I have found a solution. I sure it might be improved.

locals {
...
k8_manifest = {
    "alertmanager" = {
      name            = "alertmanager"
      namespace       = "victoriametrics"
      label_k8s-app   = "alertmanager"
      label_purpose   = "victoriametrics"
      description     = "Prometheus alert manager for send"
      replicas_number = 1
      # container_image_address       = lookup(data.terraform_remote_state.docker_names.outputs.docker_registry_image_list, "alertmanager", "alertmanager")
      restartPolicy                 = "Always"
      terminationGracePeriodSeconds = "30"
      dnsPolicy                     = "ClusterFirst"
      schedulerName                 = "default-scheduler"
      strategy_type_update          = "RollingUpdate"
      resources_cpu                 = "1"
      resources_memory              = "1Gi"
      containerport = [
        {
          port     = "9093"
          protocol = "TCP"
        },
        {
          port     = "9094"
          protocol = "TCP"
        },
        {
          port     = "9096"
          protocol = "TCP"
        }
      ]
      maxUnavailable          = "25%"
      maxSurge                = "25%"
      revisionHistoryLimit    = "10"
      progressDeadlineSeconds = "30"
    },
  }
....

resource "kubernetes_deployment" "victoriametrics" {
  for_each = local.k8_manifest
  metadata {
    name      = "alertmanager"
    namespace = kubernetes_namespace.victoriametrics.id
    annotations = {
      name = "Prometheus alert manager for send"
    }
...

          dynamic "port" {
            for_each = lookup(local.k8_manifest[each.key], "containerport", [])
            content {
              container_port = port.value.port
              protocol       = port.value.protocol
            }
          }
....