循环 iam 资源 terraform
[英]Loop iam resources terraform
问题描述
I'm trying to create a loop inside the resources bloc on a aws_iam_policy_document statement.
我正在尝试在aws_iam_policy_document语句的resources块内创建一个循环。
I do have a local variable accounts_to_protect which is a list of AWS's account's ID我确实有一个本地变量 accounts_to_protect,它是 AWS 账户 ID 的列表
locals {
accounts_to_protect = tolist(setsubtract(var.all_accounts, var.blocked_accounts))
}
Currently, I just use the first index of my list目前,我只使用列表的第一个索引
resources = [
"arn:aws:ec2::${local.accounts_to_protect.0}:*"
]
I don't know how I can iterate it inside the resources block.我不知道如何在资源块内迭代它。 I tried to add a for but it seems to not work.我试图添加一个 for 但它似乎不起作用。 I would like to have a resource arn per account id.我希望每个帐户 ID 都有一个资源 arn。
1 个解决方案
解决方案1
0 2021-10-22 00:23:50
One possible solution is already in comments.一种可能的解决方案已经在评论中。 The second one, would be:第二个,将是:
resources = [for account in local.accounts_to_protect: "arn:aws:ec2::${account}:*"]
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.