Ask Your Question

Revision history [back]

click to hide/show revision 1
initial version

how create condition with for_each variable

I have a need to create a condition using a for_each variable to be used with a if statement inside of the for_each template. Look at the cond_icmp below and how I am trying to use it inside of the for each, the result is that when I get protocol icmp the port_max is getting the value of 65535 instead of 255. If what I want to do is not possible, please feel free to suggest an alternative.

heat_template_version: 2018-08-31

parameters:
  SecGrpName: "ud,ems,uir,hss_data,calea,prov,core_direct,hsl,proxy"
  SecGrpdir: "ingress,egress"
  SecGrpProt: "tcp,udp,icmp"
  secIndex:
    type: number

conditions: 
  cond_diam_ss7: { or: [ { equals : [ { get_param: secIndex }, 1 ] } , { equals : [ { get_param: secIndex }, 2 ] } ] }
  cond_general: { and: [ { not: { equals : [ { get_param: secIndex }, 10 ] } } , { not: { equals : [ { get_param: secIndex }, 11 ] } } ] }
  cond_icmp: { equals: [<%secprot%>, 'icmp'] }

resources:
  security_group_general:
    type: OS::Neutron::SecurityGroup
    condition: cond_general
    properties:
      name: { list_join: [ '_', [ 'FTC-ATTLAB', { get_param: [ SecGrpName, { get_param: secIndex } ] }, 'sec_group_name'] ] }
      rules:
        repeat:
          for_each:
            <%secdir%>: { get_param: SecGrpdir }
            <%secprot%>: { get_param: SecGrpProt }
          template:
            direction: <%secdir%>
            ethertype: IPv4
            port_range_min: { if: [equals: [<%secprot%>, "icmp"],0,1 ] }
            port_range_max: { if: [equals: [<%secprot%>, "icmp"],255,65535 ] }
            protocol: <%secprot%>
            remote_ip_prefix: 0.0.0.0/0