Iterate ove yaml

Terraform
1

Hi,

I have the folowing yaml structure given and need to iterate over it vie some nested for loops. How can I achive this.

aws:
  ciss-goesaws-shared-services:
    name: "ciss-goesaws-shared-services"
    id: "277015281744"
    roles:
      AdministratorAccess:
        name: "AdministratorAccess"
        pipelines:
          custom-labor:
            name: "custom-labor"
            namespace: all
            project: all
          vault-auth01-labor:
            namespace: 110
            project: 207
          pipeline-includes-ubuntu-aws:
            namespace: 107
          project: 232
      Billing:
        name: "Billing"
      ViewOnlyAccess:
        name: "ViewOnlyAccess"

I tried with this. But how can I access the 3rd level values?

locals {
  roles = flatten([
    for a, roles in local.aws_accounts : [
      for r, pipeline in roles.roles : [
        for pl in pipeline.pipelines : {
          account_name    = a.name
          account_id      = a.id
          role_name       = r
          pipeline_name   = pl
        }
      ]
    ]
  ])
}

for_each = {
for s in local.roles : "custom--auth01--${s.account_id}-${s.account_name}--${s.role_name}--${s.pipeline_name}" => s
}
2

Hi @AlexanderWiechert,

Inside a flatten argument like that you can use as many nested levels of list as you need to traverse through levels of the data structure. flatten will stop flattening at the first level where it encounters a non-list, like the nested objects in the example you shared.

You can then include all of the various for expression iterator values inside the nested objects in order to track what each leaf item was nested inside.

3

I’ve changed a a bit the yaml structure, but I’m totaly stucked on how o acess this nested values.

4

I now run into “A null value cannot be used as the collection in a ‘for’ expression.” if there are now values. How can I achive reading the pipeline names if there are some and ignore if there are no values? I just want to create those who have values and ignore the others.

│   on modules/vault/aws-ciss.tf line 7, in locals:
│    6:       for role, pl  in id.roles : [
│    7:         for p in pl.pipelines  : {
│    8:           account_name    = name
│    9:           account_id      = id.accountid
│   10:           role_name       = role
│   11:           pipeline_name   = p
│   12:         }
│   13:       ]
│     ├────────────────
│     │ pl.pipelines is null