v0.3.2
cloudpossebot
released this
22 Apr 14:00
·
38 commits
to refs/heads/main
since this release
π Enhancements
Attempt to fix `Invalid for_each argument` for `var.custom_iam_policy_arns` @jamengual (#11)
what
-
Attempt to fix dependency logic when policy is created at the same time as the lambda function - Expand tests to include an iam policy
- Output IAM role name
- Output IAM role ARN
- Fix remaining test
TestExamplesCompleteDisabled
cc: @mcalhoun for guidance
why
- The error message
β·
β Error: Invalid for_each argument
β
β on ../../iam-role.tf line 77, in resource "aws_iam_role_policy_attachment" "custom":
β 77: for_each = local.enabled ? toset(var.custom_iam_policy_arns) : toset([])
β βββββββββββββββββ
β β local.enabled is true
β β var.custom_iam_policy_arns is list of string with 2 elements
β
β The "for_each" value depends on resource attributes that cannot be determined until apply, so Terraform cannot predict how many instances will be created. To work around this, use
β the -target argument to first apply only the resources that the for_each depends on.
Basically, we cannot pass in a policy arn that isn't already created.
We get around this in the test by creating a local input var for the policy name and pass that local to both the aws_iam_policy
resource as well as the var.custom_iam_policy_arns
of the module.
Another way around this is to attach the custom policies outside of this module by using the role_name
output
references
- Previous PR #8
- Previous release https://github.com/cloudposse/terraform-aws-lambda-function/releases/tag/0.3.0
- cloudposse/terraform-aws-iam-role#45