Can a resource’s depends_on be used against all elements in a "resource list". For example, in the resource below, the source_ids’ property is enumerated, however, I get an error when I attempt to concat() those elements in the depends_on with other elements. The code below is valid and deploys, however, I don’t know if that… Read More Can a List of Resources be used in the depends_on Property
I have a main.tf that looks like this: resource "aws_s3_bucket" "s3_notifications_bucket" { bucket = local.s3_bucket_name force_destroy = true } module "s3_notification" { source = "…" s3_bucket_name = local.s3_bucket_name function_name = module.lambda.lambda_function_name lambda_function_arn = module.lambda.lambda_arn } Module s3_notification uses a reference for that bucket. The reason for that is because when I am running locally, I… Read More S3 bucket resource not being found using data
So I have an I am policy and i want to be able to reference my athena workgroup arn as part of the principals section in my policy. Am not sure what the correct approach is for this. So far I have the following in my outputs.tf output "workgroup_arn" { description = "arn of newly… Read More How to reference an output value within an iam policy as a principal using terraform
I’m quite new to Terraform, so I guess I consider Terraform modules as "functions" that I can re-use but that’s wrong. I had a scenario where I had to deploy a static web site to cloudfront and s3 bucket. At first, I configured this as raw files in my project: https://github.com/tal-rofe/tf-old/tree/main/terraform/core – you can see… Read More How can I re-use a configuration (local module) with my Terraform project?
I’m creating an EC2 instance and attempting to capture the public IP as an output before using it in a bash script that I’d like to execute upon successfully creating the instance: output "public_ip" { value = aws_instance.example.public_ip } resource "aws_instance" "example" { ami = "ami-0a606d8395a538502" instance_type = "t2.micro" vpc_security_group_ids = [aws_security_group.sg.id] user_data = "${data.template_file.user_data.rendered}"… Read More Can I use an output from a resource in a provisioner which is part of the same resource?
I am trying to use the default_tag available for the aws terraform provider. Documentation: https://registry.terraform.io/providers/hashicorp/aws/latest/docs#argument-reference example how to use: https://registry.terraform.io/providers/hashicorp/aws/latest/docs#default_tags-configuration-block From the doc, it says: This functionality is supported in all resources that implement tags, with the exception of the aws_autoscaling_group resource. So, for all resources I have it works very well, except for aws_instance.root_block_device.… Read More Terraform: aws default_tag not supported in root_block_device?
I am trying to get the output to show me the names of the IAM users being created. resource "aws_iam_user" "lb" { name = var.elb_names[count.index] count = 3 path = "/system/" } variable "elb_names" { type = list default = ["dev-lb", "qa-lb", "prod-lb"] } output "elb_names" { value = aws_iam_user.lb.name[count.index] } I expect to get… Read More In Terraform, how to output values from a list?
I am trying to get the output to show me the names of the IAM users being created. resource "aws_iam_user" "lb" { name = var.elb_names[count.index] count = 3 path = "/system/" } variable "elb_names" { type = list default = ["dev-lb", "qa-lb", "prod-lb"] } output "elb_names" { value = aws_iam_user.lb.name[count.index] } I expect to get… Read More In Terraform, how to output values from a list?
I want to create a resource policy for a Secrets Manager secret. I am following the official example on the docs resource "aws_secretsmanager_secret_policy" "this" { count = var.create_resource_policy ? 1 : 0 secret_arn = aws_secretsmanager_secret.mysecret.arn policy = <<POLICY { "Version": "2012-10-17", "Statement": [ { "Sid": "EnableAnotherAWSAccountToReadTheSecret", "Effect": "Allow", "Principal": { "AWS": "arn:aws:iam::123456789012:root" }, "Action": "secretsmanager:GetSecretValue",… Read More Create parameterized resource policy on terraform
I am trying to combine all subnets to be able to attach an ACL to them. I have two subnets that exist which different resource names, so it’s forcing me to have two ACL blocks which I don’t want. Right now the ACL subnet_id blocks for both ACL blocks read as: resource "aws_network_acl" "prod_public" {… Read More How to combine aws_subnet.prod_subnet.*.id with aws_subnet.prod2_subnet.*.id into a single list