I'm looking for a way to split up my config list/map. Reason for this is that we are looking for a way to share resources with other AWS Accounts, by using the aws_ram_principal.
resource "aws_ram_principal_association" "vpc" {
count = length(module.custom_local.accounts)
principal = lookup(module.custom_local.accounts[count.index], "shared") == true ? lookup(module.custom_local.accounts[count.index], "id") : null
resource_share_arn = aws_ram_resource_share.vpc.arn
}
The module.custom_local.accounts variable looks as followed.
accounts = [
{
"name" = "account_a",
"id" = "111111111111",
"shared" = false
},
{
"name" = "account_b"
"id" = "222222222222"
"shared" = true
},
{
"name" = "account_c"
"id" = "333333333333"
"shared" = true
}
]
The problem in this is that it works as long as all shared values are true, in case of a false the principal is invalid and complains: The argument "principal" is required, but no definition was found.
Now I was wondering if I can create a local variable that only contains the account ids of the accounts that are true.
Something in the lines of
locals {
share_accounts = ....
}
Im not sure if this is even possible but my attempts using below didn't get me anywhere.
share_accounts = { for s in module.custom_local.accounts : s => ... }
- or -
share_accounts = [ for index in range(0, length(module.custom_local.accounts) ... ]
Any help is much appreciated - ty.
For statements take a conditional. You could do it like so:
share_accounts = [ for s in module.custom_local.accounts : s if s.shared ]