Skip to content

Commit

Permalink
fixes: Changing task_exec_policy_arns or task_policy_arns cause recre…
Browse files Browse the repository at this point in the history 
…ations #167 (#178)

* fix: role uses count

* update other policies

* solves policy updates and fixes outputs

* cleanup

* cleanup

* Auto Format

Co-authored-by: cloudpossebot <11232728+cloudpossebot@users.noreply.github.com>
  • Loading branch information
@Benbentwo @cloudpossebot
Benbentwo and cloudpossebot committed Dec 1, 2022
1 parent cb4f26e commit 14008fc
Show file tree
Hide file tree
Showing 2 changed files with 14 additions and 10 deletions.
16 changes: 8 additions & 8 deletions main.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -159,8 +159,8 @@ resource "aws_iam_role" "ecs_task" {
}

resource "aws_iam_role_policy_attachment" "ecs_task" {
count = local.create_task_role ? length(var.task_policy_arns) : 0
policy_arn = var.task_policy_arns[count.index]
for_each = local.create_task_role ? toset(var.task_policy_arns) : toset([])
policy_arn = each.value
role = join("", aws_iam_role.ecs_task.*.id)
}

Expand Down Expand Up @@ -279,15 +279,15 @@ data "aws_iam_policy_document" "ecs_exec" {
}

resource "aws_iam_role_policy" "ecs_exec" {
count = local.create_exec_role ? 1 : 0
name = module.exec_label.id
policy = join("", data.aws_iam_policy_document.ecs_exec.*.json)
role = join("", aws_iam_role.ecs_exec.*.id)
for_each = local.create_exec_role ? toset(["true"]) : toset([])
name = module.exec_label.id
policy = join("", data.aws_iam_policy_document.ecs_exec.*.json)
role = join("", aws_iam_role.ecs_exec.*.id)
}

resource "aws_iam_role_policy_attachment" "ecs_exec" {
count = local.create_exec_role ? length(var.task_exec_policy_arns) : 0
policy_arn = var.task_exec_policy_arns[count.index]
for_each = local.create_exec_role ? toset(var.task_exec_policy_arns) : toset([])
policy_arn = each.value
role = join("", aws_iam_role.ecs_exec.*.id)
}

Expand Down
8 changes: 6 additions & 2 deletions outputs.tf
View file
Original file line number Diff line number Diff line change
@@ -1,11 +1,15 @@
output "ecs_exec_role_policy_id" {
description = "The ECS service role policy ID, in the form of `role_name:role_policy_name`"
value = join("", aws_iam_role_policy.ecs_exec.*.id)
value = join("", [
for k, v in aws_iam_role_policy.ecs_exec : v.id
])
}

output "ecs_exec_role_policy_name" {
description = "ECS service role name"
value = join("", aws_iam_role_policy.ecs_exec.*.name)
value = join("", [
for k, v in aws_iam_role_policy.ecs_exec : v.name
])
}

output "service_name" {
Expand Down

0 comments on commit 14008fc

Please sign in to comment.