From a25984a61410ab1ee372b217e703f91cb9d6b99c Mon Sep 17 00:00:00 2001 From: Arpan Adhikari Date: Sat, 24 Jul 2021 17:01:36 +1000 Subject: [PATCH 1/6] replaced list with tolist --- iam-policy-documents.tf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/iam-policy-documents.tf b/iam-policy-documents.tf index d89bc34..14dcaf0 100644 --- a/iam-policy-documents.tf +++ b/iam-policy-documents.tf @@ -8,7 +8,7 @@ data "aws_iam_policy_document" "backend_assume_role_all" { principals { type = "AWS" - identifiers = length(var.all_workspaces_details) > 0 ? var.all_workspaces_details : list(data.aws_caller_identity.current.account_id) + identifiers = length(var.all_workspaces_details) > 0 ? var.all_workspaces_details : tolist([data.aws_caller_identity.current.account_id]) } } } @@ -38,7 +38,7 @@ data "aws_iam_policy_document" "backend_assume_role_restricted" { principals { type = "AWS" - identifiers = "${length(each.value) > 0 ? each.value : list(data.aws_caller_identity.current.account_id)}" + identifiers = "${length(each.value) > 0 ? each.value : tolist([data.aws_caller_identity.current.account_id])}" } } } From 9af0787f3769e9ba477e7f7d526aeeb9fc8b1d4e Mon Sep 17 00:00:00 2001 From: Arpan Adhikari Date: Sat, 24 Jul 2021 17:15:02 +1000 Subject: [PATCH 2/6] removed interpolation char --- iam-policy-documents.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/iam-policy-documents.tf b/iam-policy-documents.tf index 14dcaf0..d6e62bc 100644 --- a/iam-policy-documents.tf +++ b/iam-policy-documents.tf @@ -38,7 +38,7 @@ data "aws_iam_policy_document" "backend_assume_role_restricted" { principals { type = "AWS" - identifiers = "${length(each.value) > 0 ? each.value : tolist([data.aws_caller_identity.current.account_id])}" + identifiers = "length(each.value) > 0 ? each.value : tolist([data.aws_caller_identity.current.account_id])" } } } From 12552e0520caad68bf75b8f16901f910dd7f76fe Mon Sep 17 00:00:00 2001 From: Arpan Adhikari Date: Sat, 24 Jul 2021 17:21:35 +1000 Subject: [PATCH 3/6] fixed typo --- iam-policy-documents.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/iam-policy-documents.tf b/iam-policy-documents.tf index d6e62bc..b7e68ae 100644 --- a/iam-policy-documents.tf +++ b/iam-policy-documents.tf @@ -38,7 +38,7 @@ data "aws_iam_policy_document" "backend_assume_role_restricted" { principals { type = "AWS" - identifiers = "length(each.value) > 0 ? each.value : tolist([data.aws_caller_identity.current.account_id])" + identifiers = ["length(each.value) > 0 ? each.value : tolist([data.aws_caller_identity.current.account_id])"] } } } From 2f627350bef473a39ac078c112500cb3cbb08d24 Mon Sep 17 00:00:00 2001 From: Arpan Adhikari Date: Sat, 24 Jul 2021 17:36:18 +1000 Subject: [PATCH 4/6] removed extra [] --- iam-policy-documents.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/iam-policy-documents.tf b/iam-policy-documents.tf index b7e68ae..7b7aa5e 100644 --- a/iam-policy-documents.tf +++ b/iam-policy-documents.tf @@ -38,7 +38,7 @@ data "aws_iam_policy_document" "backend_assume_role_restricted" { principals { type = "AWS" - identifiers = ["length(each.value) > 0 ? each.value : tolist([data.aws_caller_identity.current.account_id])"] + identifiers = length(each.value) > 0 ? each.value : tolist([data.aws_caller_identity.current.account_id]) } } } From 723a9d3e3ee59bf912c6bdad9e55d05860a9b489 Mon Sep 17 00:00:00 2001 From: Arpan Adhikari Date: Sat, 24 Jul 2021 21:14:16 +1000 Subject: [PATCH 5/6] added kms_key_id output. required for multi environment setups --- outputs.tf | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/outputs.tf b/outputs.tf index 899d9e4..a132879 100644 --- a/outputs.tf +++ b/outputs.tf @@ -9,3 +9,7 @@ output "dynamo_lock_table" { output "iam_roles" { value = concat(aws_iam_role.backend_all[*].arn, values(aws_iam_role.backend_restricted)[*].arn) } + +output "kms_key_id"{ + value = var.enable_customer_kms_key ? aws_kms_key.backend[0].arn: null +} \ No newline at end of file From aa156757171745cfacaa43d6e488fabc8868e477 Mon Sep 17 00:00:00 2001 From: Arpan Adhikari Date: Mon, 1 Nov 2021 10:34:22 +1100 Subject: [PATCH 6/6] show id instead of arn --- outputs.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/outputs.tf b/outputs.tf index a132879..49f8655 100644 --- a/outputs.tf +++ b/outputs.tf @@ -11,5 +11,5 @@ output "iam_roles" { } output "kms_key_id"{ - value = var.enable_customer_kms_key ? aws_kms_key.backend[0].arn: null + value = var.enable_customer_kms_key ? aws_kms_key.backend[0].id: null } \ No newline at end of file