Search code examples
terraformterraform-provider-aws

Get ARNs of subnets and iterate over them

I have created some subnets. I want to share those subnets with other accounts. For that I need to retrieve the ARN of the subnets.

I am able to get a list of ARNs like this

data "aws_subnets" "dev_subnet" {
  filter {
    name   = "vpc-id"
    values = [module.vpc.vpc_id]
  }

  tags = {
    Environment = "dev-*"
  }
}

data "aws_subnet" "dev_subnet" {
  for_each = toset(data.aws_subnets.dev_subnet.ids)
  id       = each.value
}

output "dev_subnet_arns" {
  value = [for s in data.aws_subnet.dev_subnet : s.arn]
}

This results in

  + dev_subnet_arns = [
      + "arn:aws:ec2:ca-central-1:0097747:subnet/subnet-013987fd9651c3545",
      + "arn:aws:ec2:ca-central-1:0477747:subnet/subnet-015d76b264280321a",
      + "arn:aws:ec2:ca-central-1:0091747:subnet/subnet-026cd0402fe283c33",
    ]

Now I want to take the list of arns of the subnets and associate them with the resource_share_arn

What Im trying is something like this

resource "aws_ram_resource_association" "example" {
  for_each = toset(data.aws_subnets.dev_subnet.ids)

  resource_arn       =  each.value
  resource_share_arn = aws_ram_resource_share.share_subnets_with_dev_account.arn
}

But this fails since it only gets the subnets ids and thats wrong

error associating RAM Resource Share: MalformedArnException: The specified resource ARN subnet-0c4afd736c18b3c28 is not valid. Verify the ARN and try again.

This also fails

resource "aws_ram_resource_association" "example" {
  for_each = toset(data.aws_subnets.dev_subnet.arn)

  resource_arn       =  each.value
  resource_share_arn = aws_ram_resource_share.share_subnets_with_dev_account.arn
}

since arn is not an attribute. What am I missing here ?

Solution

  • You need to loop over the ARNs of the subnets and pass the ARN value for the resource_arn:

    resource "aws_ram_resource_association" "example" {
  for_each     = toset([for s in data.aws_subnet.dev_subnet : s.arn])

  resource_arn       = each.value
  resource_share_arn = aws_ram_resource_share.share_subnets_with_dev_account.arn
}

    Or another solution would be:

    resource "aws_ram_resource_association" "example" {
  for_each     = toset(values(data.aws_subnet.dev_subnet)[*].arn)

  resource_arn       = each.value
  resource_share_arn = aws_ram_resource_share.share_subnets_with_dev_account.arn
}