Module output into locals for different module

Hi guys.

I’m writing modules for one of our project and I have the following situation. The first module is elastic beanstalk with locals and the second one is for aws_iam_role. My folder structure is below:

-modules/
  -- module-1
      -- main.tf
      -- outputs.tf
      -- locals.tf
  --module-2
     -- main.tf
     -- outputs.tf
     -- locals.tf
main.tf
outputs.tf
locals.tf

For my elastic beanstalk module I have the following locals defined with aws_iam_role resource"

modules/module-1

       ...
       namespace = "aws:autoscaling:launchconfiguration"
       name      = "IamInstanceProfile"
       value     = aws_iam_role.app_role.name # How to pass the name argument from aws_iam role here?
       resource  = ""
       },{
     ## Security
       namespace = "aws:autoscaling:launchconfiguration"
       name      = "IamInstanceProfile"
       value     = aws_iam_role.app_role.name # How to pass the name argument from aws_iam role here?
       resource  = ""
       }, {
      ...

modules/module-2

In the second module folder I have outputs.tf with the content below:

output "iam_role_name" {
  value = "${aws_iam_role.app_role.name}"
}

Also the main.tf file like below

resource "aws_iam_instance_profile" "app_instance_profile" {
  provider = aws.alias
  name     = "${local.resource_name_prefix}-role"
  role     = "${aws_iam_role.app_role.name}"
}


resource "aws_iam_role" "app_role" {
  provider = aws.alias
  name     = "${local.resource_name_prefix}-role"
  managed_policy_arns = [
    "arn:aws:iam::aws:policy/AWSElasticBeanstalkTier",
  ]
  assume_role_policy = jsonencode(
    {
      Statement = [
        {
          Action = "sts:AssumeRole"
          Effect = "Allow"
          Principal = {
            Service = [
              "lambda.amazonaws.com",
              "ec2.amazonaws.com",
            ]
          }
        },
      ]
      Version = "2012-10-17"
    }
  )
  inline_policy {
    name = "SM"
    policy = jsonencode(
      {
        Statement = [
          {
            Action = [
              "secretsmanager:GetResourcePolicy",
              "secretsmanager:GetSecretValue",
              "secretsmanager:DescribeSecret",
              "secretsmanager:ListSecretVersionIds",
            ]
            Effect   = "Allow"
            Resource = aws_secretsmanager_secret.app_secret.arn
          },
          {
            Action = [
              "secretsmanager:GetRandomPassword",
              "secretsmanager:ListSecrets",
            ]
            Effect   = "Allow"
            Resource = "*"
          },
        ]
        Version = "2012-10-17"
      }
    )
  }
}

In my root folder I have the following main.tf

module "aws_iam_role" {
  source = "../modules/module-1"

  providers = {
    aws.alias= aws.alias
  }

}

module "eb_api" {
  source = "../modules/module-2"

    providers = {
    aws.alias= aws.alias
  }
}

I need to pass the name argument from iam_role_name as input to elastic beanstalk locals. Any help?

Regards,

1 post - 1 participant

Read full topic