From 4c939e5841f872380310a9c9969a3a01a09f1583 Mon Sep 17 00:00:00 2001 From: Clete Blackwell II Date: Mon, 19 Jun 2023 08:19:18 -0400 Subject: [PATCH] =?UTF-8?q?fix:=20=F0=9F=90=9B=20Add=20conditional=20for?= =?UTF-8?q?=20dynamic=20KMS=20permission?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- tf-lambda-iam-role.tf | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/tf-lambda-iam-role.tf b/tf-lambda-iam-role.tf index 22fc4e9..d5f95b6 100644 --- a/tf-lambda-iam-role.tf +++ b/tf-lambda-iam-role.tf @@ -40,9 +40,12 @@ data "aws_iam_policy_document" "log_retention" { } } - statement { - actions = ["kms:GenerateDataKey"] - resources = [var.kms_key_arn] + dynamic "statement" { + for_each = var.kms_key_arn == null ? [] : [var.kms_key_arn] + content { + actions = ["kms:GenerateDataKey"] + resources = [each.value] + } } statement {