variables.tf
variable "custom_ids" {
type = set(string)
default = ["b4d2d", "c928f140e8"]
}
main.tf
resource "azuread_application" "my-test-app" {
for_each = var.custom_ids
display_name = "testing-application"
owners = [data.azuread_client_config.current.object_id , each.value ]
}
resource "azuread_service_principal" "testing-sp" {
for_each = azuread_application.my-test-app
application_id = azuread_application.my-test-app.application_id
app_role_assignment_required = false
owners = [data.azuread_client_config.current.object_id , each.value]
}
And the error message is:
Error: Missing resource instance key Because azuread_application.my-test-app has "for_each" set, its attributes must be accessed on specific instances. │ │ For example, to correlate with indices of a referring resource, use: │ azuread_application.my-test-app[each.key]
Referred this : https://developer.hashicorp.com/terraform/language/meta-arguments/for_each#chaining-for_each-between-resources
What's the issue here?
New Error:
│ Error: Unsupported attribute │ │ on my-service-principals.tf line 24, in resource "azuread_service_principal" "testing-sp": │ 24: application_id = each.value.application_id │ ├──────────────── │ │ each.value is a set of string │ │ This value does not have any attributes.
Since chaining with for_each
means you will be using key value pairs, you can fix this by doing the following:
resource "azuread_application" "my-test-app" {
for_each = var.custom_ids
display_name = "testing-application"
owners = [data.azuread_client_config.current.object_id , each.value ]
}
resource "azuread_service_principal" "testing-sp" {
for_each = azuread_application.my-test-app
application_id = each.value.application_id
app_role_assignment_required = false
owners = each.value.owners
}
EDIT: since the goal of the question is different than the original post, here is how this should be set up based on the comments:
variable "custom_ids" {
type = list(string)
default = ["b4d2d", "c928f140e8"]
}
resource "azuread_application" "my-test-app" {
display_name = "testing-application"
owners = concat([data.azuread_client_config.current.object_id], var.custom_ids]
}
resource "azuread_service_principal" "testing-sp" {
application_id = azuread_application.my-test-app.application_id
app_role_assignment_required = false
owners = azuread_application.my-test-app.owners
}