Re: [ansible-project] Re: 2 levels nested loop with variables

Thu, 13 Aug 2020 12:40:54 -0700 

Thanks Racke, I should have had some context. policy_name can vary, 
actually in the real task I have other policies with other names, hence the 
use of a loop for item.name and item.policy .
Just this specific one named rds_foo_bar  needs the nested arguments from 
my vars list(or dict I am not sure) .
Although I can create a dedicate task just for that policy if that is too 
complicated, I just thought I could do some nested loop over variables.
Interesting facts, with nested it actually loop over each character in the 
key:value 
*Couldn't create policy rds-dev-[[u'r', u'e', u'g', u'i', u'o', u'n', 
u's'], [u'r', u'o', u'l', u'e']]* 
the actual play  looks like: 

iam_managed_policy:
    policy_name: "{{ item.name }}"
    policy: "{{ item.policy }}"
    state: present
  loop:
    - { name: rds-prod-{{ mysql_privilege }}-{{rds_region}}, policy: "{{ 
lookup('template', rds-prod.json.j2) }}" }
    # - { name: rds-dev, 
policy: "{{ lookup('template', rds_dev.json.j2) }}" }
    # - { name: cloudwatch, policy: "{{ lookup('template','cloudwatch.json.j2') 
}}" }
    # other policies with name and policy
  vars:
    mysql_privilege:
      role:
        - rw
        - ro
     rds_region:
        - us-west-1
        - us-west-2

And rds-prod.json.j2 also reuses the variables from  mysql_privilege dict 
as: 
...
"Action": [
                "rds-db:connect"
            ],
            "Resource": "arn:aws:rds-db:{{ rds_region }}{{ aws_id 
}}:dbuser:*/username-{{ role }}"
...


Le jeudi 13 août 2020 à 11:39:26 UTC-7, brae...@gmail.com a écrit :

> On 8/13/20 8:00 PM, Nick-H wrote:
> > so, I have been trying with lookup('dict')  but still not quite close to 
> the expected result 
> > I get: " An unhandled exception occurred while running the lookup plugin 
> 'dict'. Error was a <class
> > 'ansible.errors.AnsibleError'>, original message: with_dict expects a 
> dict"
> > her is the last code :
> > 
> >   iam_managed_policy:
> >     policy_name: "{{ item.name }}"
> >     policy: "{{ item.policy }}"
> >     state: present
> >   loop:
> > 
>     - { name: "rds-{{ lookup('dict', mysql_privilege[0].value ) }} ", policy: 
> "{{ lookup('template', 'template.json.j2') }}" }
> > 
>     # - { name: "rds-{{ lookup('nested', mysql_privilege[role] ) }} ", 
> policy: "{{ lookup('template', 'template.json.j2') }}" }
> >   vars:
> >     mysql_privilege:
> >         role:
> >           - rw
> >           - ro
> >         regions:    
> >           - us-west-1
> >           - us-west-2
> > 
>
> What are the possible values for policy_name? The value for the "policy" 
> seems to the same lookup so you don't need in
> the loop.
>
> I'm pretty sure that you are running into brick walls for a possibly 
> simple problem.
>
> So please explain / give examples how the policy_name is constructed.
>
> Regards
> Racke
>
> > 
> > 
> > 
> > Le mercredi 12 août 2020 à 17:27:22 UTC-7, Nick-H a écrit :
> > 
> > Hi, I have been looking into /nested /, /subelements /and other /lookups 
> /with no luck to make this working , using
> > ansible 2.8. 
> > Basically , I'd like to construct a loop than can itself iterate over 
> other variables (list or dict). 
> > *  iam_managed_policy:*
> > *    policy_name: "{{ item.name <http://item.name> }}"*
> > *    policy: "{{ item.policy }}"*
> > *    state: present*
> > *  loop:*
> > *    - { name: "rds-{{mysql_privilege}}-{{regions}}", policy: 
> "{{ lookup('template', template.json.j2') }}" }*
> > *  vars:*
> > *    mysql_privilege:**  *
> > *        - rw*
> > *        - ro*
> > *    regions:    *
> > *        - us-west-1*
> > *        - us-west-2*
> > 
> > but it end up with such result:
> > "Couldn't create policy rds-prod-[u'rw', u'ro'] - [u'ca-central-1', 
> u'us-west-1']"
> > 
> > What i d like is each loop would build a 2 dimensions array with the 
> vars elements ( rw-us-west-1 , rw-us-west-2, 
> > ro-us-west-1, ro-us-west-2)
> > 
> > Is that even possible to achieve with ansible ? 
> > thanks
> > 
> > -- 
> > You received this message because you are subscribed to the Google 
> Groups "Ansible Project" group.
> > To unsubscribe from this group and stop receiving emails from it, send 
> an email to
> > ansible-proje...@googlegroups.com <mailto:
> ansible-proje...@googlegroups.com>.
> > To view this discussion on the web visit
> > 
> https://groups.google.com/d/msgid/ansible-project/bacb4345-c3a7-4663-9931-91b3f0225175n%40googlegroups.com
> > <
> https://groups.google.com/d/msgid/ansible-project/bacb4345-c3a7-4663-9931-91b3f0225175n%40googlegroups.com?utm_medium=email&utm_source=footer
> >.
>
>
> -- 
> Ecommerce and Linux consulting + Perl and web application programming.
> Debian and Sympa administration. Provisioning with Ansible.
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/77bddbed-7c9d-428b-acbd-873bda13e609n%40googlegroups.com.

Reply via email to