我有一个使用for_each:创建的资源
module "compactor_sqs" {
source = "..."
for_each = var.enabled_providers
...
}
单个module.compactor_sqs具有.arn属性,因此之前我可以执行:
data "aws_iam_policy_document" "generator_sqs_document" {
statement {
actions = ["sqs:*"]
resources = [module.compactor_sqs.arn]
}
}
既然资源是使用for_each创建的,我尝试将策略更改为:
data "aws_iam_policy_document" "generator_sqs_document" {
statement {
actions = ["sqs:*"]
resources = [module.compactor_sqs[*].arn]
}
}
但地形不喜欢它。它告诉我:
│ Error: Incorrect attribute value type
│
│ on lambda.tf line 66, in data "aws_iam_policy_document" "generator_sqs_document":
│ 66: resources = [module.compactor_sqs[*].arn]
│ ├────────────────
│ │ module.compactor_sqs is object with 2 attributes
│
│ Inappropriate value for attribute "resources": element 0: string required.
╵
╷
│ Error: Unsupported attribute
│
│ on lambda.tf line 66, in data "aws_iam_policy_document" "generator_sqs_document":
│ 66: resources = [module.compactor_sqs[*].arn]
│
│ This object does not have an attribute named "arn".
如何将所有资源的属性传递给此?
由于使用了for_each,因此要访问arn,必须使用values:
resources = values(module.compactor_sqs)[*].arn