-
-
Notifications
You must be signed in to change notification settings - Fork 51
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: Add role name suffix #64
feat: Add role name suffix #64
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
role_suffix
is not needed
@@ -126,7 +126,7 @@ resource "aws_iam_role_policy_attachment" "logs" { | |||
resource "aws_iam_role" "service_role" { | |||
for_each = local.service_roles_with_specific_policies | |||
|
|||
name = lookup(each.value, "service_role_name", "${each.key}-role") | |||
name = "${lookup(each.value, "service_role_name", "${each.key}-role")}${var.role_suffix}" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You need to specify service_role_name
argument in services
to achieve what you want.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
not sure what you mean by services
undocumented field of maps passed into datasources variable?
i think that's what you're implying
will try to validate next week
might update pull request to be documentation-focused if it validates
speaking of variables/inputs with nested maps, are you aware of any prior art for documenting schemas for these complex inputs?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
My bad, it was not services
, but datasources
:
datasources = {
lambda1 = {
# omitted...
service_role_name = "whatever-you-want-as-a-role-name"
}
}
Regarding documenting nested map types, I am not sure I understand what you mean or whether it is related to this module.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
validated service_role_name. thanks.
Regarding documenting nested map types, I am not sure I understand what you mean or whether it is related to this module.
not this module specifically...
the terraform authors gave us a way to document variables and specify types for them, but i've seen no guidance on any pattern to document the contents of a map, especially with nested fields.
oh wow - i've been sleeping on the tf docs - this exists! https://developer.hashicorp.com/terraform/language/v1.5.x/expressions/type-constraints#optional-object-type-attributes
well, i guess one of us might should make a pr updating the variables types
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
take a look at #65 and let me know if i'm on the right track. ty.
Description
add optional input whose value is appended to generated role names to prevent collisions in same account
Motivation and Context
if you want to deploy multiple instances of a configuration using this module in the same account, without this change, the role names would collide
Breaking Changes
no
How Has This Been Tested?
examples/*
to demonstrate and validate my change(s)examples/*
projectspre-commit run -a
on my pull requestI used this module in the development of an application config module.
The issue was discovered by invoking my module twice.
Collisions were resolved in other resources in my module.
The appsync module provided needed forked because there was no provision to change the generated datasource roles.
After the changes were made and the proper inputs provided, I was able to deploy two side by side instances of my app module.