Home > Net >  How can I create an IAM SID from a resource name?
How can I create an IAM SID from a resource name?

Time:10-19

Most AWS resources use dashed-name-format, while SIDs only accept alphanumeric characters, and are usually CamelCaseNamed.

I have a module that accepts a list of bucket names and creates s3 buckets. I'd like to create IAM statements for those that have descriptive SIDs, but I don't want to add it as another variable that developers optionally populate.

How can I convert something like s3-bucket-name to a value like S3BucketNameReadAccess?

CodePudding user response:

This is not exactly the cleanest solution, but without more intrinsic functions to invoke and no possibility of custom functions, then I am unsure what other optimal solution exists:

locals {
  bucket_name = "s3-bucket-name"
  bucket_sid  = "${replace(title(replace(local.bucket_name, "-", " ")), " ", "")}ReadAccess"
}
  • Inner replace replaces - characters with single whitespace characters.
  • title converts the first "letter" of each "word" (assuming regular expression matchers on both) to uppercase
  • Outer replace removes single whitespace characters (note intrinsic functions exist to remove whitespace at beginning and/or end of strings, but not within strings).
  • Interpolate return value of outer replace with literal string ReadAccess.

You can confirm for yourself with an output that the local.bucket_sid is the expected value.

  • Related