TechQA.

Read terraform dynamic nested object

33 views Asked by At

I'm developing an AWS Image builder pipeline that should share the baked image across the accounts in various regions however, the target account ID accepts the list of the IDs but I'm unable to read them from the variables. hence while configuring ami distribution the terraform only accepts one region per account therefore, I am unable to share the image for similar regions in other accounts.

I tried to achieve this using a dynamic parameter block, below is what my terraform code looks like.

variable.tf

  variable "target_account_ids" {
    type = list(map(string))
    default = [ {
      "region" = "eu-west-1"
      "account_id" = "123456789012"
    } ]
  }

main.tf

  resource "aws_imagebuilder_distribution_configuration" "this" {
    name  = "image_builder_distribution_configuration"
    dynamic "distribution" {
      for_each = var.target_account_ids
      content {
        region = distribution.value["region"]
        ami_distribution_configuration {
          name               = "<name>"
          description        = "<description>"
          target_account_ids = [distribution.value["account_id"]]
          ami_tags = var.tags

        }
      }  
    }
    tags = var.tags
  }

above code is working if we have provided two different regions.

eg:

resources main.tf

target_account_ids = [ 
  {
    "region" = "eu-central-1"
    "account_id" = "123456789012"
  },
  {
    "region" = "eu-west-1"
    "account_id" = "123456789014"
  }]

but it is not working if we have two accounts with the same region with different account ids:

eg:

target_account_ids = [ 
  {
    "region" = "eu-central-1"
    "account_id" = "123456789012"
  },
  {
    "region" = "eu-central-1"
    "account_id" = "123456789013"
  },
  {
    "region" = "eu-west-1"
    "account_id" = "123456789014"
  }]

error:

Error: updating Image Builder Distribution Configuration (arn:aws:imagebuilder:<region>:<account_id>:distribution-configuration/<image-builder-distribution>): InvalidParameterValueException: The value supplied for parameter 'distributions' is not valid. A region may appear in a distribution configuration at most once.

expected results:

resource "aws_imagebuilder_distribution_configuration" "this" {
  name  = "image_builder_distribution_configuration"
  dynamic "distribution" {
    for_each = var.target_account_ids
    content {
      region = "eu-central-1"
      ami_distribution_configuration {
        name               = "<name>"
        description        = "<description>"
        target_account_ids = ["123456789012", "123456789013"]
        ami_tags = var.tags

      }
    }  
  }
  tags = var.tags
}

Need help to build dynamic block with lookup or flatten.

terraform terraform-provider-aws amazon-ami
Original Q&A
1

There are 1 answers

0
L_sama On

This is solved with the below changes.

variable.tf

variable "target_account_ids" {
  type = map(any)
  default = {
    "eu-central-1" = [
      "123456789012",
      "123456789013"
    ],
    "eu-west-1" = [
      "123456789014"
    ],
    "ap-south-1" = [
      "123456789015"
    ],
  }
}

main.tf

resource "aws_imagebuilder_distribution_configuration" "this" {
  name = "image_builder_distribution_configuration

  dynamic "distribution" {
    for_each = var.target_account_ids

    content {
      region = distribution.key

      ami_distribution_configuration {
        name               = "<name>"
        description        = "<description>"
        target_account_ids = distribution.value
        ami_tags           = var.tags
      }
    }
  }

  tags = var.tags
}

Related Questions in TERRAFORM

Related Questions in TERRAFORM-PROVIDER-AWS

Related Questions in AMAZON-AMI

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json

Trending Questions