CODEWITHSUNDEEP
amazon-web-servicesterraformamazon-kms
plv
plv

Reputation: 13

Iterate over map of objects in Terraform

I working on a module, provided below, to manage AWS KMS keys via Terraform and I'm using the flatten function but the output I'm getting is empty when I call this module.

Any thought why I'm getting empty output?

module

main.tf

locals {
  kms_keys = flatten([
    for key, kms_key in var.kms_key_list : [
      for index in range(kms_key.key_id) : {
        key_id                      = index
        aws_kms_alias               = kms_key.alias
        is_rotating                 = kms_key.enable_key_rotation
        deletion_window_in_days     = kms_key.deletion_window_in_days
        is_enabled                  = kms_key.is_enabled
        description                 = kms_key.description
        policy                      = kms_key.policy
      }
    ]
  ])
}

resource "aws_kms_key" "main" {
  for_each = {
    for k, v in local.kms_keys: k => v if v.key_id > 0
  }
  deletion_window_in_days = each.value.deletion_window_in_days
  is_enabled              = each.value.is_enabled
  enable_key_rotation     = each.value.enable_key_rotation
  description             = each.value.description
  policy                  = each.value.policy
  tags = merge({
    Name = each.value.aws_kms_alias
  }, var.common_tags)
}

resource "aws_kms_alias" "alias" {
  for_each      = aws_kms_key.main
  name          = "alias/${each.value.tags.Name}"
  target_key_id = each.value.key_id
}

variables.tf

variable "kms_key_list" {
  type = map(object({
      key_id                    = number
      deletion_window_in_days   = number
      is_enabled                = bool
      enable_key_rotation       = bool
      description               = string
      policy                    = string
      key_usage                 = string
      customer_master_key_spec  = string
      alias                     = string
  }))
}

calling the module in main.tf

module "kms_keys" {

  source = "../module/kms"

  kms_key_list = local.kms_keys
}

kms_keys.tf

locals {
  kms_keys = {
    name_1 = {
      key_id                    = 1
      deletion_window_in_days   = 7
      is_enabled                = true
      enable_key_rotation       = true
      description               = "description_1"
      policy                    = ""
      key_usage                 = "ENCRYPT_DECRYPT"
      customer_master_key_spec  = "SYMMETRIC_DEFAULT"
      alias                     = "alias_1"
    }
  }
}

TF Plan Output looks like this:

Changes to Outputs:
  + kms_info = {
      + kms_key = {}
    }

Upvotes: 1

Views: 1804

Answers (1)

Jordan
Jordan

Reputation: 4502

This seems odd:

for index in range(kms_key.key_id)

This is going to loop through all values from 0 to the key_id value; is that really what you want? To add an entry into kms_keys for each value from 0 to key_id?

I doubt it, because the way you have this coded, if your var.kms_key_list contains a key config with key_id = 10, it's going to create 10 different KMS keys, all with the same configuration values.

Essentially, I'm not understanding the purpose of the nested for loop.

If you can provide samples of:

  1. The input variable, but with a key_id > 1
  2. The output that you expect to see

Then we might be able to help. Also, I don't see any output declared either in the module or in the parent file, so those must be missing; please include them.

Upvotes: 1

Related Questions