fix(ecs/task/role): role could be used before policies have been assigned

codequest-eu / terraform-modules

Terraform modules commonly used in our projects

5 stars 4 forks source link

fix(ecs/task/role): role could be used before policies have been assigned #143

Closed mskrajnowski closed 2 years ago

mskrajnowski commented 2 years ago

IAM role created by ecs/task/role could have been assigned to an ECS task before policies have been added to the role. This could result in some nasty race conditions, e.g. ECS failing to start a task due to missing permissions.

Added explicit depends_on to the name and arn outputs to ensure policies are assigned before the role is used.