With the order as it was, Terraform Cloud would report a change to the policy, presumably because the list coming back from AWS was sorted unlike the HCL.
# module.security_headers.aws_iam_role.lambda_at_edge has been changed
~ resource "aws_iam_role" "lambda_at_edge" {
~ assume_role_policy = jsonencode(
~ {
~ Statement = [
~ {
~ Principal = {
~ Service = [
- "edgelambda.amazonaws.com",
"lambda.amazonaws.com",
+ "edgelambda.amazonaws.com",
]
}
# (3 unchanged elements hidden)
},
]
# (1 unchanged element hidden)
}
)
dmattia
commented
3 years ago
With the order as it was, Terraform Cloud would report a change to the policy, presumably because the list coming back from AWS was sorted unlike the HCL.