I have a folder /modules/firehose where i’ve declared a file as such:
resource "aws_kinesis_firehose_delivery_stream" "purchase_logs_firehose_stream" {
name = var.firehose_stream_name
destination = "extended_s3"
extended_s3_configuration {
role_arn = var.firehose_role_arn
buffer_interval = 60
buffer_size = 64
bucket_arn = var.destination_bucket_arn
}
}
variable "firehose_stream_name" {
description = "name of your stream"
}
variable "firehose_role_arn" {
}
variable "destination_bucket_arn" {
}
I then import the module in the root directory as such:
module "purchase_logs_firehose_prod" {
source = "./modules/firehose"
firehose_stream_name = "purchase_logs_firehose_prod"
firehose_role_arn = aws_iam_role.purchase_logs_firehose_role.arn
destination_bucket_arn = aws_s3_bucket.purchase_logs_destination_prod.arn
}
resource "aws_s3_bucket" "purchase_logs_destination_prod" {
bucket = "purchase-logs-prod-dump"
}
According to the documentation there is an attribute arn which i can reference afterwards. However when i try to reference it else where as module.purchase_logs_firehose_prod.arn i get an error
│ Error: Unsupported attribute
│
│ on iam.tf line 83, in resource "aws_iam_policy" "ec2_policy":
│ 83: ${module.purchase_logs_firehose_prod.arn}
│ ├────────────────
│ │ module.purchase_logs_firehose_prod is a object
│
│ This object does not have an attribute named "arn".
I’m really not sure what the source of the error is. If I even check the state file (after removing the code causing the error and running terraform apply, i see an arn attribute for the resource in question). Any input appreciated!
Here is the file iam.tf where i try to reference it
resource "aws_iam_policy" "ec2_policy" {
name = "ec2-policy"
policy = <<EOF
{
"Version":"2012-10-17",
"Statement":[
{
"Effect":"Allow",
"Action":[
"*"
],
"Resource":[
"${module.purchase_logs_firehose_prod.arn}"
]
}
]
}
EOF
}
>Solution :
For this to work, you have to define an output at the module level:
resource "aws_kinesis_firehose_delivery_stream" "purchase_logs_firehose_stream" {
name = var.firehose_stream_name
destination = "extended_s3"
extended_s3_configuration {
role_arn = var.firehose_role_arn
buffer_interval = 60
buffer_size = 64
bucket_arn = var.destination_bucket_arn
}
}
variable "firehose_stream_name" {
description = "name of your stream"
}
variable "firehose_role_arn" {
}
variable "destination_bucket_arn" {
}
output "firehose_prod_arn" {
description = "Kinesis Firehose ARN."
value = aws_kinesis_firehose_delivery_stream.purchase_logs_firehose_stream.arn
}
Then, you can reference it in the iam.tf file like this:
resource "aws_iam_policy" "ec2_policy" {
name = "ec2-policy"
policy = <<EOF
{
"Version":"2012-10-17",
"Statement":[
{
"Effect":"Allow",
"Action":[
"*"
],
"Resource":[
module.purchase_logs_firehose_prod.firehose_prod_arn
]
}
]
}
EOF
}
More information about using outputs can be found in the docs, while the exact explanation on how referencing the module outputs works is a subsection.