I have two sets of input data , like this:
default_groups = [
"Admins",
"Billing",
....
]
policy_attachment = {
Admins = [
"AccessManager",
"KmsAdmin",
]
}
Using the new custom validation, I tried this:
variable "policy_attachment" {
default = {}
type = map(list(string))
validation {
condition = ! contains([
for key in keys(var.policy_attachment) :
contains(var.default_groups, key)
], false)
error_message = "Role MUST exist for policy attachment."
}
}
to validate any key in policy_attachment must exists in default_groups list but getting the error:
The condition for variable “policy_attachment” can only refer to the variable
itself, using var.policy_attachment.
Is there a way to achieve that at all? Thanks in advance for any assistance.
-San