0

Forgive me if this question is a little basic, I'm quite new to both AWS and Terraform.

I'm trying to create a lambda function via a terraform module. The source of the module is pointing at this repo https://github.com/terraform-aws-modules/terraform-aws-lambda/tree/master.

I am trying to follow the complete example provided starting at 130 of terraform-aws-lambda/examples/complete/main.tf but in my case I need to set 2 policies rather than 1.

I have:

   number_of_policy_jsons = 2

   policy_jsons = [
    <<-EOT
      {
          "Version": "2012-10-17",
          "Statement": [
              {
                  "Effect": "Allow",
                  "Action": [
                      "xray:*"
                  ],
                  "Resource": ["*"]
              }
          ]
      },
      {
          "Version": "2012-10-17",
          "Statement": [
              {
                  "Effect": "Allow",
                  "Action": [
                      "s3:*"
                  ],
                  "Resource": ["*"]
              }
          ]
      }
    EOT
  ]

I'm guessing I've formatted the json incorrectly but I can not figure out how it is supposed to be done. No matter what I try I get this error.

     Error: Invalid index
    │ 
    │  126:   policy = var.policy_jsons[count.index] 
    │     ├────────────────
    │     │ count.index is 1
    │     │ var.policy_jsons is list of string with 1 element
    │ 
    │ The given key does not identify an element in this collection value: the given index is greater than or
    │ equal to the length of the collection.

If someone could explain how this is supposed to be used that would be so helpful.

Marko E
  • 13,362
  • 2
  • 19
  • 28
16069229
  • 11
  • 3

1 Answers1

1

Hey you should format your list like this :

policy_jsons = [<<EOF
{
      "Version": "2012-10-17",
      "Statement": [
          {
              "Effect": "Allow",
              "Action": [
                  "xray:*"
              ],
              "Resource": ["*"]
          }
      ]
  }
EOF,
<<EOF
{
      "Version": "2012-10-17",
      "Statement": [
          {
              "Effect": "Allow",
              "Action": [
                  "s3:*"
              ],
              "Resource": ["*"]
          }
      ]
  }
EOF

]

It's not very pretty to look at, another solution is to us Data Source: aws_iam_policy_document

data "aws_iam_policy_document" "xray" {
    statement {
        actions = ["xray:*"]
        resources = ["*"]
    }
}
data "aws_iam_policy_document" "s3" {
    statement {
        actions = ["s3:*"]
        resources = ["*"]
    }
}

and then

policy_jsons = [
    data.aws_iam_policy_document.xray.json,
    data.aws_iam_policy_document.s3.json
]
Lauden
  • 88
  • 1
  • 8