I can't seem to pass multiple cookies in the "items" list when in "cookies_config -> cookies"
Here is my variable:
variable "cache_policy_defaults" {
type = object({
name = string
comment = string
default_ttl = number
max_ttl = number
min_ttl = number
cookie_behavior = string
cookies_to_forward = optional(list(string))
header_behavior = string
headers_to_forward = optional(list(string))
query_string_behavior = string
query_strings_to_forward = optional(list(string))
}
)
default = {
name = ""
comment = ""
default_ttl = 60
max_ttl = 60
min_ttl = 60
cookie_behavior = "none"
cookies_to_forward = []
header_behavior = "none"
headers_to_forward = []
query_string_behavior = "none"
query_strings_to_forward = []
}
}
Here are my locals:
locals {
origin_id = "origin_${local.origin_config.domain_name}"
origin_config = merge(var.origin_defaults, var.origin_settings)
restrictions = merge(var.restrictions_defaults, var.restrictions_settings)
default_cache_behavior = merge(var.default_cache_behavior_defaults, var.default_cache_behavior_settings)
cache_policy = merge(var.cache_policy_defaults, var.cache_policy_settings)
cache_policy_name = "cache_policy_${var.name}"
}
Here is my tfvars:
"cache_policy_settings": {
"min_ttl": 30,
"max_ttl": 30,
"default_ttl": 30,
"cookie_behavior": "whitelist",
"cookies_to_forward": ["123", "456"]
}
Here is my main.tf:
resource "aws_cloudfront_cache_policy" "this" {
name = lookup(local.cache_policy, local.cache_policy.name, local.cache_policy_name)
comment = local.cache_policy.comment
default_ttl = local.cache_policy.default_ttl
max_ttl = local.cache_policy.max_ttl
min_ttl = local.cache_policy.min_ttl
parameters_in_cache_key_and_forwarded_to_origin {
cookies_config {
cookie_behavior = local.cache_policy.cookie_behavior
dynamic "cookies" {
for_each = local.cache_policy.cookies_to_forward != null ? local.cache_policy.cookies_to_forward : null
content {
items = local.cache_policy.cookies_to_forward
}
}
}
headers_config {
header_behavior = local.cache_policy.header_behavior
dynamic "headers" {
for_each = local.cache_policy.headers_to_forward != null ? local.cache_policy.headers_to_forward : null
content {
items = local.cache_policy.headers_to_forward
}
}
}
query_strings_config {
query_string_behavior = local.cache_policy.query_string_behavior
dynamic "query_strings" {
for_each = local.cache_policy.query_strings_to_forward != null ? local.cache_policy.query_strings_to_forward : null
content {
items = local.cache_policy.query_strings_to_forward
}
}
}
}
}
The docs state
items: (Required) A list of item names (cookies, headers, or query strings). https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudfront_cache_policy#items
However, the list does not accept multiple items.
Error: Too many list items
on main.tf line 57, in resource "aws_cloudfront_cache_policy" "this":
57: cookies_config {
Attribute supports 1 item maximum, but config has 2 declared.
It seems that I should just be able to pass a list of items? If I change the my input list to only contain a single value, then it works.
Here is the trick:
for_each = local.cache_policy.cookies_to_forward != null ? [1] : null
This tells Terraform to create exactly one block by making the true value of the ternary [1].
Thanks Jason for putting me on the right track.