search

terraform-aws-modules / terraform-aws-iam

Terraform module to create AWS IAM resources πŸ‡ΊπŸ‡¦
https://registry.terraform.io/modules/terraform-aws-modules/iam/aws
Apache License 2.0
779 stars 985 forks source link

[iam-role-for-service-accounts-eks] Using count causes "Can't access attributes" #460

Closed s1rc closed 6 months ago

s1rc commented 6 months ago

Description

Using a count attribute/input even if it is count = 1 causes referencing iam-role-for-service-accounts-eks module resource error: Can't access attributes on a list of objects. Did you mean to access attribute "iam_role_arn" for a specific element of the list, or across all elements of the list?

The purpose of the count in this implementation is to enable deployment of this IRSA and accompanying resources based on a variable, e.g. deploy in a staging environment but not production

Versions

Reproduction Code [Required]

module "test_irsa" {
  count   = 1

  source  = "terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts-eks"
  version = "5.34.0"

  role_name        = "test-role"
  role_policy_arns = {
    policy = "arn:aws:iam::aws:policy/AdministratorAccess"
  }
  oidc_providers = {
    main = {
      provider_arn               = module.eks.oidc_provider_arn
      namespace_service_accounts = [
        "default:test-service-account"
      ]
    }
  }
}

Steps to reproduce the behavior:

  1. Add count attribute to iam-role-for-service-accounts-eks module
  2. Run terraform plan

Expected behavior

Actual behavior

bryantbiggs commented 6 months ago

we already provide a conditional creation variable create_role which can be used to toggle resource creation on/off

github-actions[bot] commented 5 months ago

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.