Nested local value

Hi,
I have local values with groups memberships from other repo output like:

locals {
  group1_name = group1_members_from_output
  group2_name = group2_members_from_output
}

Other locals to control which groups membership should be included:

locals {
  iam_groups_to_revoke_members = [
    "group1_name",
    "group2_name"
  ]
}

Data block to get group name and makes sure that group exist:

data "aws_iam_group" "revoke" {
  for_each = toset(local.iam_groups_to_revoke_members)
  group_name = each.key
}

In the end group membership block:

resource "aws_iam_group_membership" "revoke" {
  for_each = toset(local.iam_groups_to_revoke_members)
  name = each.key
  group = data.aws_iam_group.revoke[each.value].group_name
  users = local.[each.value]
}

I have issue with users value. I’ve tried also with users = "${local.[each.value]}" but effect is the error: An attribute name is required after a dot..

How can I use “nested” local value which will be something like local.[each.value]?

Best Regards!

You can’t - the Terraform language doesn’t allow for this, so change the first code example in your post, so that the group names and values are all together in a single local variable of map type, and refer to them that way.

Thanks for confirmation, just rearranged the structure.

Just to provide the solution. After rearranging the local values I’m using:

locals {
  iam_groups_to_revoke_members = {
    groupname1 = local.members.groupname1_users
    groupname2 = local.members.groupname2_users
  }
}

data "aws_iam_group" "revoke" {
  for_each   = local.iam_groups_to_revoke_members
  group_name = each.key
}

resource "aws_iam_group_membership" "revoke" {
  for_each = local.iam_groups_to_revoke_members
  name     = each.key
  group    = data.aws_iam_group.revoke[each.key].group_name
  users    = each.value
}

Where local.members.groupname1_users is from data.terraform_remote_state in separated local.

Less means better