Home > OS >  Terraform add all resources from for_each to policy document
Terraform add all resources from for_each to policy document

Time:10-25

I have a resource created by using for_each:

module "compactor_sqs" {
  source = "..."
  for_each = var.enabled_providers
  ...
}

Single module.compactor_sqs has .arn property so previously I was able to do:

data "aws_iam_policy_document" "generator_sqs_document" {
  statement {
    actions   = ["sqs:*"]
    resources = [module.compactor_sqs.arn]
  }
}

Now that the resource is created using for_each I tried to change policy to this:

data "aws_iam_policy_document" "generator_sqs_document" {
  statement {
    actions   = ["sqs:*"]
    resources = [module.compactor_sqs[*].arn]
  }
}

But terraform doesn't like it. It tells me that:

│ Error: Incorrect attribute value type
│ 
│   on lambda.tf line 66, in data "aws_iam_policy_document" "generator_sqs_document":
│   66:     resources = [module.compactor_sqs[*].arn]
│     ├────────────────
│     │ module.compactor_sqs is object with 2 attributes
│ 
│ Inappropriate value for attribute "resources": element 0: string required.
╵
╷
│ Error: Unsupported attribute
│ 
│   on lambda.tf line 66, in data "aws_iam_policy_document" "generator_sqs_document":
│   66:     resources = [module.compactor_sqs[*].arn]
│ 
│ This object does not have an attribute named "arn".

How do I pass all resources' property to this?

CodePudding user response:

Since you have used for_each, to access arn you have to use values:

 resources = values(module.compactor_sqs)[*].arn

Page link:https//www.codepudding.com/os/587924.html

Prev:Cannot ssh into an AWS ECS instance Permission denied (publickey)
Next:Is there a way to predefine an arn for AWS lambdas?
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding