diff --git a/.modules/service/ecs.tf b/.modules/service/ecs.tf index 696d508..c582599 100644 --- a/.modules/service/ecs.tf +++ b/.modules/service/ecs.tf @@ -20,8 +20,8 @@ resource "aws_ecs_task_definition" "task" { family = var.service_name cpu = var.ecs_cpu memory = var.ecs_memory - execution_role_arn = var.ecs_execution_role_arn != "" ? var.ecs_execution_role_arn : aws_iam_role.ecs-execution.arn - task_role_arn = var.ecs_task_execution_role_arn != "" ? var.ecs_task_execution_role_arn : aws_iam_role.task-execution.arn + execution_role_arn = element(concat(aws_iam_role.ecs-execution.*.arn, list(var.ecs_execution_role_arn)), var.ecs_execution_role_arn == "" ? 0 : 1) + task_role_arn = element(concat(aws_iam_role.task-execution.*.arn, list(var.ecs_task_execution_role_arn)), var.ecs_task_execution_role_arn == "" ? 0 : 1) network_mode = "awsvpc" requires_compatibilities = [var.launch_type] diff --git a/.modules/service/policy.tf b/.modules/service/policy.tf index 6b4035d..e45d89d 100644 --- a/.modules/service/policy.tf +++ b/.modules/service/policy.tf @@ -19,7 +19,7 @@ resource "aws_iam_role" "ecs-execution" { resource "aws_iam_role_policy_attachment" "ecs-execution-managed" { count = var.ecs_execution_role_arn == "" ? 1 : 0 - role = var.ecs_execution_role_arn == "" ? aws_iam_role.ecs-execution.id : "" + role = element(concat(aws_iam_role.ecs-execution.*.id, list("")), var.ecs_execution_role_arn == "" ? 0 : 1) policy_arn = "arn:aws:iam::aws:policy/service-role/AmazonECSTaskExecutionRolePolicy" } @@ -60,5 +60,5 @@ resource "aws_iam_role_policy" "task-role" { count = var.ecs_task_execution_role_arn == "" ? 1 : 0 policy = data.aws_iam_policy_document.task-policy.json - role = var.ecs_task_execution_role_arn == "" ? aws_iam_role.task-execution.id : "" + role = element(concat(aws_iam_role.task-execution.*.id, list("")), var.ecs_task_execution_role_arn == "" ? 0 : 1) }