Hi guys, I am currently using for_each set of a values inside a map(list(string)) type for resource creation and need to take the output value ID and provide it if the values inside my map(list(string)) belong to the output value ID or its map keys.
So I have following var:
tree = {
fks = ["tao", "mon", "dzek"]
fkz = ["giggs-dev", "mers"]
}
inside resource creation:
resource "aws_organizations_organizational_unit" "this" {
for_each = toset(flatten(keys(var.tree)))
name = each.key
parent_id = aws_organizations_organization.this.roots.0.id}
resource "aws_organizations_account" "this" {
for_each = toset(flatten(values(var.tree)))
name = each.key
email = "${each.key}${var.email}"
iam_user_access_to_billing = var.billing
parent_id = aws_organizations_organizational_unit.this[each.key].id
role_name = var.role_name
lifecycle { ignore_changes = ["role_name"] }
}
Basically I want to set parent_id argument of the aws_organizations_account resource to be one of either fks or fkz depending on which list the current organization unit name belongs to. Perhaps implementing conditional key lookup…
Error: Invalid index
on components/organization/main.tf line 24, in resource "aws_organizations_account" "this":
24: parent_id = aws_organizations_organizational_unit.this[each.key].id
aws_organizations_organizational_unit.this is object with 2 attributes each.key is "tao"
Hi @legokid!
Would you mind editing your question so that the code examples are marked as code using the “Preformatted Text” (<>) button on the editor toolbar? Unfortunately right now the forum is not formatting it in a readable way.
Also, if you tried this and saw a specific error message it would help to see the error you saw to guide what part of the configuration you shared needs the most attention. Thanks!
Hi @apparentlymart ! Thanks for the reply. I formatted the question right this time, including the code blocks 
What do you think, would conditional key lookup be possible in this case? Am I setting my variable wrong as map(list(string)))?
I posted this question on /r/terraform as well today, got 1 answer but was hoping for you to take a look. Thanks in advance !
Hi @legokid!
Unfortunately I have a feeling you might be hitting issue #22407, which causes a resource with for_each to be misinterpreted as a single object when referenced in some cases.
Specifically, I think the “object with 2 attributes” mentioned in the error message is talking about a single instance of aws_organizations_organizational_unit.this and its two attributes name and parent_id, which is the symptom of that bug. It should instead be a map with five elements.
The fix for that issue is merged in master ready to be included in the 0.12.7 release, which should be out soon. I’m not sure if we have a general workaround for it in the mean time, but if you’re migrating this from a previous state where these resources already existed but were using count or were not using any repetition at all then it might be possible to help Terraform understand what’s changed using terraform state mv.
Could you run terraform show and look for any instances of aws_organizations_organizational_unit.this and share their full instance ids (which might have [0] or similar on the end of them) with me if they exist? If they do, I may be able to suggest a terraform state mv command line to help Terraform understand how to migrate this.