У меня есть модуль для google_service_account, только что преобразованный в Terraform-12 (0.12.24)
resource "google_service_account" "service_account" {
count = var.enabled ? 1 : 0
account_id = var.account_id
display_name = var.display_name
}
output.tf retrieves the email
output "email" {
value = try(google_service_account.service_account.*.email, null)
# value = element( --> Commented out part works fine
# concat(google_service_account.service_account.*.email, [""]),
# 0,
# )
description = "The e-mail address of the service account. Usually use this when constructing IAM policies."
При использовании этого модуля на другом ресурсе следующим образом
resource "google_storage_bucket_iam_member" "registry_bucket_iam" {
bucket = "artifacts.${var.project}.appspot.com"
role = "roles/storage.objectViewer"
member = "serviceAccount:${module.k8s-node-service-account.email}"
}
Я получаю следующую ошибку
48: member = "serviceAccount:${module.k8s-node-service-account.email}"
|----------------
| module.k8s-node-account.email is tuple with 1 element
Cannot include the given value in a string template: string required.
Как это можно решить?
