Closed thiagoalmeidasa closed 1 year ago
Found a bug? Maybe our Slack Community can help.
When creating buckets with replication without specifying an external context label variable (note it's not mandatory on this module), like this:
context label
data "aws_caller_identity" "current" {} locals { default_tags = { "omd_environment" : var.environment, "creator_arn" : data.aws_caller_identity.current.arn, } } module "terraform_state_backend" { source = "cloudposse/tfstate-backend/aws" version = "v0.38.1" providers = { aws = aws.one } s3_bucket_name = var.bucket_name dynamodb_table_name = var.dynamodb_table_name dynamodb_enabled = true enable_server_side_encryption = true billing_mode = "PAY_PER_REQUEST" force_destroy = true s3_replication_enabled = true s3_replica_bucket_arn = module.terraform_state_backend_replication.s3_bucket_arn tags = local.default_tags } module "terraform_state_backend_replication" { source = "cloudposse/tfstate-backend/aws" version = "v0.38.1" providers = { aws = aws.other } s3_bucket_name = "${var.bucket_name}-replica" force_destroy = true dynamodb_enabled = false tags = local.default_tags }
some resource names are being evaluated to invalid strings:
iam role
+ resource "aws_iam_role" "replication" { + arn = (known after apply) ... + name = "-replication" ... }
iam policy
+ resource "aws_iam_policy" "replication" { ... + name = "-replication" ... }
dynamic "replication_configuration" { for_each = var.s3_replication_enabled ? toset([var.s3_replica_bucket_arn]) : [] content { role = aws_iam_role.replication[0].arn rules { id = module.this.id ...
Replication resource names use the same logic as the bucket name:
bucket_name = var.s3_bucket_name != "" ? var.s3_bucket_name : module.this.id
iam role name use the same logic as bucket name.
iam policy use the same logic as bucket name.
replication rule id use the same logic as bucket name.
Found a bug? Maybe our Slack Community can help.
Describe the Bug
When creating buckets with replication without specifying an external
context labelvariable (note it's not mandatory on this module), like this:some resource names are being evaluated to invalid strings:
iam rolename gets evaluated to an invalid string:iam policygets evaluated to invalid string :Expected Behavior
Replication resource names use the same logic as the bucket name:
iam rolename use the same logic as bucket name.iam policyuse the same logic as bucket name.replication rule id use the same logic as bucket name.