Okay, I have figure out in my way, which is working fine for now. In my ec2 child-module, I have a data-source like this:
ec2/data.tf
// List of instance attributes by role
data "aws_instance" "by_role" {
for_each = {
for ic in range(var.inst_count): "${var.inst_role}0${ic+1}" => ic
}
instance_tags = {
Name = "${var.vpc_names[var.idx]}${each.key}"
}
instance_id = aws_instance.inst[substr(each.key,4,2)-1].id
}
//
output "inst_by_role" {
value = data.aws_instance.by_role
}
That returns a map like this:
inst_info = {
"asa01" = {
"ami" = "ami-06a5087891b6d8eb8"
"arn" = "arn:aws:ec2:us-east-1:619xx:instance/i-0939b2db7xx"
"associate_public_ip_address" = false
..........
}
"asa02" = {
"ami" = "ami-06a5087891b6d8eb8"
"arn" = "arn:aws:ec2:us-east-1:619xx:instance/i-0ab3f8dae7xx"
"associate_public_ip_address" = false
.........
}
}
and in the nlb child-module:
nlb/listener.tf
variable "inst_info" {
#type = map
description = "List of attributes of the NLB members"
}
// Attach the target groups to the instance(s)
resource "aws_lb_target_group_attachment" "tgr_attachment" {
for_each = {
for pair in setproduct(keys(aws_lb_target_group.nlb_target_groups), keys(var.inst_info)):
"${pair[0]}:${pair[1]}" => {
target_group = aws_lb_target_group.nlb_target_groups[pair[0]]
inst_name = var.inst_info[pair[1]]
}
}
target_group_arn = each.value.target_group.arn
target_id = each.value.inst_name.id
port = each.value.target_group.port
}
then feed the data in the root-module:
module "asa-nlb" {
source = "../../modules/nlb"
inst_role = "asa"
inst_info = module.dfw.inst_by_role
.......
}
this reply from @apparentlymart helped me a lot to look for a alternative way to get it working.
-San