For each support for aws_rds_token

[advdv]

I have a setup where multiple tenants are deployed on an AWS RDS postgres cluster. Each tenant's owner user (a postgres role) can only login with IAM. Atlas supports this in the simple case but I can't get it work in case i want to it for several tenants. I'm looking to do something like this:

locals {
  db_cluser_endpoint = "foo.rds.amazonaws.com:5432"
  deployments        = toset(["foobar", "rabfoo"])
}

data "aws_rds_token" "owner" {
  for_each = local.deployments

  endpoint = local.db_cluser_endpoint
  username = "d_${each.key}_owner"
  region   = "eu-central-1"
  profile  = "default"
}

env "deployment" {
  for_each = local.deployments

  src = data.composite_schema.main.url
  dev = docker.postgres.dev.url
  url = "postgres://d_${each.key}_owner:${urlescape(data.aws_rds_token.owner[each.key])}@${local.db_cluser_endpoint}/d_${each.key}"
  migration {
    dir = data.template_dir.main.url
  }
}

But atlas will given an error with the following:

Error: data.aws_rds_token.owner: decoding body: atlas.hcl:56,3-11: Unsupported argument; An argument named "for_each" is not expected here., and 2 other diagnostic(s)

That seems to indicate that for_each is simply not supported for the data sources. Since the "username" part is variable for each tenant i'm not sure how else i would achieve this (Apart from not using for_each at all). Am i missing something?