I have a list like this
## Create a new rancher2 Projects
locals {
projects = {
"demo" = {
name = "Demo",
description = "DEV project for Demo",
pod_security_policy_template_id = "restricted",
limits_cpu = "2001m",
limits_memory = "1001Mi",
requests_cpu = "11m",
requests_memory = "21Mi",
requests_storage_project = "5001Mi",
requests_storage_namespace = "5001Mi"
members = {
"all-ro" = {
name="ALL_ReadOnly"
role="my-project-member-id"
}
"ro" = {
name="Demo_ReadOnly"
role="my-read-only-id"
}
"pm" = {
name="Demo_ProjectMember"
role="my-project-member-id"
}
}
},
...
}
I want to dynamically create a list for the project_role_template_binding doing So
locals {
prtbs = flatten([
for projectname,project in local.projects: [
for role, details in project.members : {
"${projectname}-${role}" = {
project_name = "${projectname}"
role_template_id = "data.terraform_remote_state.local-state.outputs.${details.role}"
group_principal_id = "activedirectory_group://CN=${details.name},OU=Groups,DC=wyssmann,DC=com"
}
}
]
])
}
Which generates local.prtbs which I can check in tf console
prtbs = [
"demo-ro" = {ββββββββ
"group_principal_id" = "activedirectory_group://CN=Demo_ReadOnly,OU=Groups,DC=wyssmann,DC=com"
"project_name" = "demo"
"role_template_id" = "data.terraform_remote_state.local-state.outputs.my-read-only-id"
}ββββββββ
}ββββββββ,
]
Now I would like to use the values as follows
resource "rancher2_project_role_template_binding" "prtb" {ββββββββ
for_each = {ββββββββ
for key, value in local.prtbs:
key => value
}ββββββββ
name = "prtb-${ββββββββeach.key}ββββββββ"
project_id = rancher2_project.pr["${ββββββββeach.value.project_name}ββββββββ"].id
role_template_id = data.terraform_remote_state.nop-local-state.outputs.sc-project-member-id
group_principal_id = each.value.group_principal_id
}ββββββββ
While tf plan complains
Error: Unsupported attribute
on dyn_project_ns.tf line 21, in resource "rancher2_project_role_template_binding" "prtb":
21: project_id = rancher2_project.pr["${βββββββeach.value.project_name}βββββββ"].id
βββββββββββββββββ
β each.value is object with 1 attribute "demo-ro"
This object does not have an attribute named "project_name".
Error: Unsupported attribute
on dyn_project_ns.tf line 23, in resource "rancher2_project_role_template_binding" "prtb":
23: group_principal_id = each.value.group_principal_id
βββββββββββββββββ
β each.value is object with 1 attribute "demo-ro"
This object does not have an attribute named "group_principal_id".
I assume the error is cause the keys are quotes with " i.e. "group_principal_id" instead group_principal_id. What am I doing wrong? is it even possible to do what I want to?