如何获取用for_each创建的资源的ARN列表/数组?
# DynamoDB
resource "aws_dynamodb_table" "terraform_state" {
for_each = var.aws_shared_accounts
name = "${each.key}-terraform-state"
read_capacity = 5
write_capacity = 5
hash_key = "LockID"
attribute {
resource "aws_iam_role" "infra_github_role" {
name = "TerraformBackendRole"
inline_policy {
name = "TerrafomBackendPolicy"
policy = jsonencode({
Version = "2012-10-17"
Statement = [
{
Action = "*"
Effect = "Allow"
Resource = [
concat(
[aws_s3_bucket.terraform_bucket.arn, "${aws_s3_bucket.terraform_bucket.arn}/*"],
aws_dynamodb_table.terraform_state[*].arn
)
]
},
]
})
}
}
如果没有aws_iam_role,我可以运行terraform plan并查看资源
# aws_dynamodb_table.terraform-state["main"] will be created
+ resource "aws_dynamodb_table" "terraform-state" {
# aws_dynamodb_table.terraform-state["main-dev"] will be created
+ resource "aws_dynamodb_table" "terraform-state" {
添加aws_iam_role后我收到的错误
Error: Unsupported attribute
on 03-iam.tf line 16, in resource "aws_iam_role" "infra_github_role":
16: aws_dynamodb_table.terraform_state[*].arn
由于您使用了for_each,要获得arn值,您应该执行以下操作:
values(aws_dynamodb_table.terraform_state)[*].arn