Closed pedrorlmarques closed 3 weeks ago
antonbabenko
commented
3 weeks ago Hi!
You can create buses and rules in one place and targets in another. You will have to connect them, which is probably doable but can be tricky. See examples for more details.
pedrorlmarques
commented
3 weeks ago Hi @antonbabenko ,
Yes, I was able to create the rules and targets in different repositories. The issue I'm facing is that if, in one repository, I attach the SQS policy to the role, it will create the policy and the role. However, when I do the same in a second repository for another SQS queue, it fails because the policy and the role already exist. My expectation was that it would add the new SQS permissions to the existing SQS policy while retaining the previously created permissions.
pedrorlmarques
commented
3 weeks ago Hi @antonbabenko , I was thinking if it make sense to instead of
control the creation of the polices via create_role
count = local.create_role && var.attach_sqs_policy ? 1 : 0
we can have something like
count = local.attach_multiple_policy && var.attach_sqs_policy ? 1 : 0
or we can simple remove the local.create_role and allow to recrete the new var.sqs_target_arns that is added.
count = var.attach_sqs_policy ? 1 : 0
There is the need to see if the current policy exists and if it exists append the new target arns.
What do you think ?
I'm using the module to create the rules and the bus in a specific Git repository, and then in another Git repository, I'm creating the targets, which can be CloudWatch or SQS. I want to add the new ARNs, either for CloudWatch or SQS, to the existing policies created in the first Git repository. Does the module support this, or do I have to create the policies with all the target ARNs when I first create them?