Browse Source

fix: count on `data "aws_iam_policy_document" "kms_key_*"`, don't run when `! var.use_default_kms_key`

tags/3.0.4^2
Julien Cabillot 7 months ago
parent
commit
1f79e2b6d1
Signed by: julien.cabillot <julien.cabillot@fxinnovation.com> GPG Key ID: 7E48074A18431329
2 changed files with 3 additions and 2 deletions
  1. +1
    -0
      CHANGELOG.md
  2. +2
    -2
      main.tf

+ 1
- 0
CHANGELOG.md View File

@@ -2,6 +2,7 @@

## 3.0.4

* fix: count on `data "aws_iam_policy_document" "kms_key_*"`, don't run when `! var.use_default_kms_key`
* fix: change version constraint for aws provider (only `>= 2.47`)
* chore: for examples, move providers versions to `versions.tf`
* chore: for examples, move providers to `providers.tf`


+ 2
- 2
main.tf View File

@@ -102,7 +102,7 @@ data "aws_iam_policy_document" "read_only" {
}

data "aws_iam_policy_document" "kms_key_read_only" {
count = var.enabled && var.iam_policy_create && var.use_default_kms_key ? 1 : 0
count = var.enabled && var.iam_policy_create && !var.use_default_kms_key ? 1 : 0

statement {
sid = "Allow${replace(replace(var.prefix, "-", ""), "/", "")}SSMParameterKMSAccess"
@@ -149,7 +149,7 @@ data "aws_iam_policy_document" "read_write" {
}

data "aws_iam_policy_document" "kms_key_read_write" {
count = var.enabled && var.iam_policy_create && var.use_default_kms_key ? 1 : 0
count = var.enabled && var.iam_policy_create && !var.use_default_kms_key ? 1 : 0

statement {
sid = "Allow${replace(replace(var.prefix, "-", ""), "/", "")}SSMParameterKMSAccess"


Loading…
Cancel
Save