I am trying to create three elasticache redis users using a randomly generated password. These ES Redis users each will have a different name hence i am using for_each to set the username based on a service_name. This works great! The issue I am running is using a random password for that user. I am using the random password generator with a count of 3 one for each user. I am not able to pass the password as a list and running into this error: Inappropriate value for attribute "passwords": set of string required. Any help will be appreciated.

resource "random_password" "my_passwords" {
  count = 3
  length           = 19
  special          = true
  override_special = "_%@"
}

resource "aws_elasticache_user" "my-users" {
  for_each = toset(var.my_service_names)
  user_id       = "${each.key}-${var.env}"
  user_name     = "${each.key}-${var.env}"
  access_string = "on ~*  @all"
  engine        = "REDIS"
  passwords     = "[for r random_password.my_passwords : r.result]"

CodePudding user response：

Instead of hardcoding the amount with a count on random_password I will use the same for loop...

See code below:

resource "random_password" "pws" {
  for_each         = toset(var.my_service_names)
  length           = 19
  special          = true
  override_special = "_%@"
}

resource "aws_elasticache_user" "my-users" {
  for_each      = toset(var.my_service_names)
  user_id       = "${each.key}-${var.env}"
  user_name     = "${each.key}-${var.env}"
  access_string = "on ~*  @all"
  engine        = "REDIS"
  passwords     = [ random_password.pws[each.key].result ]
}

That way the keys are the same on both resources, and we can access them from any resource that loops on the my_service_names just like I did there:
random_password.pws[each.key].result