I am sure this is not a unique requirement and I have delt with this type of issue using eval() syntax in few other programming and scripting environments.

My problem: I am trying to create a azurerm_pim_active_role_assignment based on a local variable which inter is created based on a map object. If you see the below code, I am specifically facing issue about role_definition_id = "${data.azurerm_subscription.primary.id}${local.DataFactoryContributor}" because I have to created different such resource blocks for each role definition type (e.g. DataFactoryContributor) as I am not able to do something like this: eval("${data.azurerm_subscription.primary.id}${local.${group.role}).
Is it even possible to do something like this or I will have to create different resource code blocks for each role definition?

Variable object that holds all the role and Entra group details (only 1 shared as example)

variable "groupsetuparray"{
    type = list(object({
        name       = string,
        group_name = string,
        resource_group_name = string,
        resource_name = string,
        group_roles = list(string),
        members    = list(string)
    }))
    default = [
        {
        name = "DFDeveloperTeam",
        group_name = "DFDeveloperTeam",
        resource_group_name = "",
        resource_name = "",
        group_roles = ["DataFactoryContributor","SQLServerContributor"]
        members = []
        }

Local variable to generate group roles

locals {
  group_roles = flatten([for group in var.groupsetuparray : [
      for role in group.group_roles : {
        name = group.name
        role = role
        rg = group.resource_group_name
      }
    ]
  ])
DataFactoryContributor = data.azurerm_role_definition.DataFactoryContributor.id
SQLServerContributor = data.azurerm_role_definition.SQLServerContributor.id
}

data resources to reference the inbuilt role definitions

data "azurerm_role_definition" "DataFactoryContributor" {
  name = "Data Factory Contributor"
}

data "azurerm_role_definition" "SQLServerContributor" {
  name = "SQL Server Contributor"
}

Resource for creating PIM activation role assignment using for each loop

resource "azurerm_pim_active_role_assignment" "DataFactoryContributorAssignment" {
  for_each = { for group in local.group_roles : "${group.name}-${group.role}" => group if group.role == "DataFactoryContributor" }
  scope              = data.azurerm_subscription.primary.id
  role_definition_id = "${data.azurerm_subscription.primary.id}${local.DataFactoryContributor}"
  principal_id       = azuread_group.group[each.value.name].object_id
  schedule {
    start_date_time = time_static.example.rfc3339
    expiration {
      duration_hours = 8
    }
  }
  justification = "Expiration Duration Set"
    ticket {
    number = "1"
    system = "example ticket system"
  }

}

I am still learning TF HCL (as you might feel after looking at above code) so it will be great help if someone can please point me in correct direction.

What I have already tried: I tried to use lookup function, but that doesn’t work. Also I have tried different ways of expressions and interpolation but none worked.