I’m trying to create azure key vault access policies to multiple users. I have tried the following way. But I’m getting an error.
This is how my vars.tf looks like
variable "mycustomvar" {
type = list(object({
description = string
object_id = string
permissions = list(string)
}))
default = [
{
description = "One"
object_id = "abc123"
secret_permissions = ["Get", "List"]
},
{
description = "Two"
object_id = "def345"
secret_permissions = ["Get"]
}
]
}
And my resource.tf
resource "azurerm_key_vault_access_policy" "policy" {
key_vault_id = azurerm_key_vault.test.id
tenant_id = "123"
for_each = var.mycustomvar
object_id = each.value
secret_permissions = each.value
}
And getting the below error.
The given "for_each" argument value is unsuitable: the "for_each" argument must be a map, or set of strings, and you have provided a value of type list of object.
>Solution :
Even though I think this is a duplicate, the way you can achieve this is:
resource "azurerm_key_vault_access_policy" "policy" {
for_each = {for i in var.mycustomvar: i.description => i}
key_vault_id = azurerm_key_vault.test.id
tenant_id = "123"
object_id = each.value.object_id
secret_permissions = each.value.secret_permissions
}