Terraform 在地形资源aws\u iam\u策略中计数不正确
我已为给定作业名称列表的log_组创建了资源Terraform 在地形资源aws\u iam\u策略中计数不正确,terraform,terraform-provider-aws,Terraform,Terraform Provider Aws,我已为给定作业名称列表的log_组创建了资源 resource "aws_cloudwatch_log_group" "logGroups" { count = length(var.jobnames) name = format("/aws/lambda/%s", format(local.function_name_format, var.jobnames[count.index])) retention_in_days = 7
resource "aws_cloudwatch_log_group" "logGroups" {
count = length(var.jobnames)
name = format("/aws/lambda/%s", format(local.function_name_format, var.jobnames[count.index]))
retention_in_days = 7
}
and now for the each log resource i am creating an iam policy
resource "aws_iam_policy" "base_iam_policy" {
count = length(var.jobnames)
name = format(local.base_iam_policy_name_format, var.jobnames[count.index])
path = "/"
description = "Base IAM policy for creating a lambda"
policy = <<EOF
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"logs:CreateLogStream",
"logs:PutLogEvents"
],
"Resource": [
"${element(aws_cloudwatch_log_group.logGroups.*.arn, count.index)}*"
]
},
{
"Action": [
"cloudwatch:PutMetricData",
"cloudwatch:GetMetricData",
"cloudwatch:GetMetricStatistics",
"cloudwatch:ListMetrics"
],
"Resource": "*",
"Effect": "Allow"
},
{
"Effect": "Allow",
"Action": [
"ec2:CreateNetworkInterface",
"ec2:DescribeNetworkInterfaces",
"ec2:DeleteNetworkInterface"
],
"Resource": "*",
"Condition": {
"StringEquals": {
"aws:RequestedRegion": "${var.region}"
}
}
}
]
}
EOF
}
资源“aws\u cloudwatch\u日志组”“日志组”{
计数=长度(变量jobnames)
name=格式(“/aws/lambda/%s”,格式(local.function\u name\u格式,var.jobnames[count.index]))
保留天数=7天
}
现在,我正在为每个日志资源创建一个iam策略
资源“aws_iam_策略”“基本iam_策略”{
计数=长度(变量jobnames)
名称=格式(local.base\u iam\u policy\u name\u格式,var.jobnames[count.index])
path=“/”
description=“用于创建lambda的基本IAM策略”
policy=老实说,这似乎是terraform中的一个bug
"${aws_cloudwatch_log_group.logGroups[count.index].arn}*"
老实说,这似乎是terraform中的一个bug
"${aws_cloudwatch_log_group.logGroups[count.index].arn}*"