fix: fixed timing issue with auth policy when creating multiple buckets with buckets submodule

[Soaib024]

Description

Fixed timing issue with auth policy when creating multiple buckets with buckets submodule https://github.com/terraform-ibm-modules/terraform-ibm-cos/issues/573

Requirements

Requirement 1. We need to find a way to ensure that if any bucket configuration requires an authorization policy, NO buckets should be created until the policy is created.

• All required authorization policies will be created in the buckets submodule instead of the main module. Since bucket creation starts in parallel, it won’t be possible to control the creation of authorization policies in the main module.

Requirement 2. We should also implement a fast fail mechanism if we detect that multiple buckets have skip_iam_authorization_policy set to false, as this would result in duplicate policy creation and failure.

• Added validation to detect duplicate authorization policies. Policies are deemed duplicate if source_resource_instance_id (resource_instance_id) and target_resource_instance_id (kms_guid) are the same.
• If duplicate authorization policies exist and the resource_instance_id is available at the plan phase (i.e., an existing COS instance is used), an error will be flagged during the plan phase. If a new COS instance is being created, validation will be deferred until the COS CRN is available during apply.

Caught while plan

Caught while apply

Release required?

• [ ] No release
• [x] Patch release (x.x.X)
• [ ] Minor release (x.X.x)
• [ ] Major release (X.x.x)

Release notes content

Fix timing issue with auth policy when creating multiple buckets with buckets submodule

Run the pipeline

If the CI pipeline doesn't run when you create the PR, the PR requires a user with GitHub collaborators access to run the pipeline.

Run the CI pipeline when the PR is ready for review and you expect tests to pass. Add a comment to the PR with the following text:

/run pipeline

Checklist for reviewers

• [ ] If relevant, a test for the change is included or updated with this PR.
• [ ] If relevant, documentation for the change is included or updated with this PR.

For mergers

• Use a conventional commit message to set the release level. Follow the guidelines.
• Include information that users need to know about the PR in the commit message. The commit message becomes part of the GitHub release notes.
• Use the Squash and merge option.

[Soaib024]

/run pipeline

[Soaib024]

/run pipeline

[terraform-ibm-modules-ops]

:tada: This PR is included in version 8.2.7 :tada:

The release is available on:

• GitHub release
• v8.2.7

Your semantic-release bot :package::rocket: