Attempt to fix Invalid for_each argument for var.custom_iam_policy_arns

[jamengual]

what

• Attempt to fix dependency logic when policy is created at the same time as the lambda function
• Expand tests to include an iam policy
• Output IAM role name
• Output IAM role ARN
• Fix remaining test TestExamplesCompleteDisabled cc: @mcalhoun for guidance

why

• The error message

╷
│ Error: Invalid for_each argument
│
│   on ../../iam-role.tf line 77, in resource "aws_iam_role_policy_attachment" "custom":
│   77:   for_each   = local.enabled ? toset(var.custom_iam_policy_arns) : toset([])
│     ├────────────────
│     │ local.enabled is true
│     │ var.custom_iam_policy_arns is list of string with 2 elements
│
│ The "for_each" value depends on resource attributes that cannot be determined until apply, so Terraform cannot predict how many instances will be created. To work around this, use
│ the -target argument to first apply only the resources that the for_each depends on.

Basically, we cannot pass in a policy arn that isn't already created.

We get around this in the test by creating a local input var for the policy name and pass that local to both the aws_iam_policy resource as well as the var.custom_iam_policy_arns of the module.

Another way around this is to attach the custom policies outside of this module by using the role_name output

references

• Previous PR Add custom policy to lambda role #8
• Previous release https://github.com/cloudposse/terraform-aws-lambda-function/releases/tag/0.3.0
• Add enabled check to data source terraform-aws-iam-role#45

[jamengual]

/test all

[nitrocode]

Please see comments

[jamengual]

/test all

[jamengual]

/test all

[nitrocode]

/test all

[nitrocode]

/test all

[nitrocode]

/test all

[nitrocode]

/test test/terratest

[nitrocode]

/test test/terratest

[nitrocode]

/test all

[nitrocode]

/test all

[nitrocode]

/test all

[nitrocode]

/test all