Update for_each examples

code/terraform/05-tips-and-tricks/loops-and-if-statements/live/global/three-iam-users-for-each/README.md

@@ -0,0 +1,42 @@
+# IAM user for_each example
+
+This folder contains example [Terraform](https://www.terraform.io/) configuration that create several 
+[IAM](https://aws.amazon.com/iam/) users in an [Amazon Web Services (AWS) account](http://aws.amazon.com/). 
+
+For more info, please see Chapter 5, "Terraform Tips & Tricks: Loops, If-Statements, Deployment, and Gotchas", of 
+*[Terraform: Up and Running](http://www.terraformupandrunning.com)*.
+
+## Pre-requisites
+
+* You must have [Terraform](https://www.terraform.io/) installed on your computer. 
+* You must have an [Amazon Web Services (AWS) account](http://aws.amazon.com/).
+
+Please note that this code was written for Terraform 0.12.x.
+
+## Quick start
+
+**Please note that this example will deploy real resources into your AWS account. We have made every effort to ensure 
+all the resources qualify for the [AWS Free Tier](https://aws.amazon.com/free/), but we are not responsible for any
+charges you may incur.** 
+
+Configure your [AWS access 
+keys](http://docs.aws.amazon.com/general/latest/gr/aws-sec-cred-types.html#access-keys-and-secret-access-keys) as 
+environment variables:
+
+```
+export AWS_ACCESS_KEY_ID=(your access key id)
+export AWS_SECRET_ACCESS_KEY=(your secret access key)
+```
+
+Deploy the code:
+
+```
+terraform init
+terraform apply
+```
+
+Clean up when you're done:
+
+```
+terraform destroy
+```

code/terraform/05-tips-and-tricks/loops-and-if-statements/live/global/three-iam-users-for-each/main.tf

@@ -0,0 +1,16 @@
+terraform {
+  required_version = ">= 0.12, < 0.13"
+}
+
+provider "aws" {
+  region = "us-east-2"
+
+  # Allow any 2.x version of the AWS provider
+  version = "~> 2.0"
+}
+
+resource "aws_iam_user" "example" {
+  for_each = toset(var.user_names)
+  name     = each.value
+}
+

code/terraform/05-tips-and-tricks/loops-and-if-statements/live/global/three-iam-users-for-each/outputs.tf

@@ -0,0 +1,7 @@
+output "all_arns" {
+  value = values(aws_iam_user.example)[*].arn
+}
+
+output "all_users" {
+  value = aws_iam_user.example
+}

code/terraform/05-tips-and-tricks/loops-and-if-statements/live/global/three-iam-users-for-each/variables.tf

@@ -0,0 +1,5 @@
+variable "user_names" {
+  description = "Create IAM users with these names"
+  type        = list(string)
+  default     = ["neo", "trinity", "morpheus"]
+}

code/terraform/05-tips-and-tricks/loops-and-if-statements/live/global/three-iam-users-unique-names/main.tf

@@ -14,27 +14,6 @@ resource "aws_iam_user" "example" {
   name  = var.user_names[count.index]
 }
 
-resource "aws_iam_policy" "ec2_read_only" {
-
-  name = "${var.policy_name_prefix}ec2-read-only"
-
-  policy = data.aws_iam_policy_document.ec2_read_only.json
-}
-
-data "aws_iam_policy_document" "ec2_read_only" {
-  statement {
-    effect    = "Allow"
-    actions   = ["ec2:Describe*"]
-    resources = ["*"]
-  }
-}
-
-resource "aws_iam_user_policy_attachment" "ec2_access" {
-  count      = length(var.user_names)
-  user       = element(aws_iam_user.example[*].name, count.index)
-  policy_arn = aws_iam_policy.ec2_read_only.arn
-}
-
 resource "aws_iam_policy" "cloudwatch_read_only" {
 
   name   = "${var.policy_name_prefix}cloudwatch-read-only"