Menu
variable "iam_action" {
type = "list"
default = ["ec2.amazonaws.com","ecs.amazonaws.com"]
}
resource "aws_iam_role" "s3_role" {
name = "abcd"
assume_role_policy = <<EOF
{
"Version": "2012-10-17",
"Statement": [
{
"Action": "sts:AssumeRole",
"Principal": {
"Service": [ "${var.iam_action}"
]
},
"Effect": "Allow,
"Sid": ""
}
]
}
EOF
}
Error:
At column 1, line 1: output of an HIL expression must be a string, or a single list (argument 2 is TypeList) in:
I tried join function but i need output to be a list ["a","b","c"] join function gives output like ["a,b,c"]
547
The Terraform index() function can be used to lookup the index location of a value in a list . The function accepts an argument that is a reference to the list to search, and an argument that is the value to lookup the index for within the list .
Steps: Clone the repo from here. Change your directory to ./terraform/passing-outputs so you can list modules directory, variables.tf and main.tf files. Change the variables in root variables.tf file according to your needs.
Using a variableA variable's value can be accessed from within the terraform module block by using var. <variable_name> . Below we have an example demonstrating this. The variable's value can only be accessed in an expression within the modules where it was declared.
Additionally, input variable values can also be set using Terraform environment variables. To do so, simply set the environment variable in the format TF_VAR_<variable name> . The variable name part of the format is the same as the variables declared in the variables.tf file.
I fix it with jsonencode by template_file
First create below json file
$ cat s3_policy.json
{
"Version": "2012-10-17",
"Statement": [
{
"Action": "sts:AssumeRole",
"Principal": {
"Service": ${iam_action}
},
"Effect": "Allow",
"Sid": ""
}
]
}
Update the tf file
variable "iam_action" {
type = "list"
default = ["ec2.amazonaws.com", "ecs.amazonaws.com"]
}
data "template_file" "s3_role" {
template = "${file("${path.module}/s3_policy.json")}"
vars {
iam_action = "${jsonencode(var.iam_action)}"
}
}
resource "aws_iam_role" "s3_role" {
name = "abcd"
assume_role_policy = "${data.template_file.s3_role.rendered}"
}
run template plan
+ aws_iam_role.s3_role
arn: "<computed>"
assume_role_policy: "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": \"sts:AssumeRole\",\n \"Principal\": {\n \"Service\": [\"ec2.amazonaws.com\",\"ecs.amazonaws.com\"]\n },\n \"Effect\": \"Allow\",\n \"Sid\": \"\"\n }\n ]\n}\n"
create_date: "<computed>"
force_detach_policies: "false"
name: "abcd"
path: "/"
unique_id: "<computed>"
refer:
terraform interpolation
jsonencode(item) - Returns a JSON-encoded representation of the given item, which may be a string, list of strings, or map from string to string. Note that if the item is a string, the return value includes the double quotes.
The reason I can't directly use vars with "${var.iam_action}"in template_file is explained here:
vars - (Optional) Variables for interpolation within the template. Note that variables must all be primitives. Direct references to lists or maps will cause a validation error.
185
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
