terraform-aws-github-oidc icon indicating copy to clipboard operation
terraform-aws-github-oidc copied to clipboard

Published 20 hours ago verified publisher icon philips-labs

fix: Move policy attachment to the role.

Open GuptaNavdeep1983 opened this issue 1 year ago • 1 comments

This PR avoids the reapplication (in second terraform apply) of policy to the roles as depicted in screen shot below by attaching policies directly to the role. In the absence of this change, the terraform apply(2nd time) shows that there is still some change in state.

image

Is there any problem in specifying the list of policies as part of role creation?

GuptaNavdeep1983 avatar Mar 02 '23 20:03 GuptaNavdeep1983

This change is breaking the option to attach policies to the role. The role is also an output of the module.

Another option would be (breaking) to drop the va.role_policiy_arns. And let users do the attachement outside the module. Which I think is a cleaner approach.

What do you think?

I am not sure how its breaking the option to attach policies! We are using the var role_policy_arns to attach passed policies directly to the role.

GuptaNavdeep1983 avatar Mar 08 '23 13:03 GuptaNavdeep1983

stale

ScottGuymer avatar Aug 21 '24 08:08 ScottGuymer