I'd like to use Fn::ForEach available in CloudFormation. In the documentation we can find this sentence:
Fn::ForEach can contain other intrinsic functions, including Fn::ForEach itself, and be used within the Conditions, Outputs, Resources (including the resource properties) sections
...
Mappings:
FancyMapping:
a:
Values:
- optionAValue1
b:
Values:
- optionAValue1
c:
Values:
- optionAValue1
...
Resources:
...
- PolicyName: SSMPolicy
PolicyDocument:
Version: 2012-10-17
Statement:
- Effect: Allow
Action:
- ssm:GetParameter
Resource:
Fn::ForEach:Resources:
- Iterator
- !FindInMap [ FancyMapping, !Ref SomeChoice, Values ]
- !Sub arn:aws:ssm:${Iterator}:${AWS::AccountId}:*
Unfortunately when I run sam validate -t <template.yaml> --region <region> --lint. It will throw an error that the Iterator cannot be found in Sub function.
Is it possible to use this Fn::ForEach for Resource properties, or not?