Skip to content

Commit

Permalink
Modify code to use external roles conditionally
Browse files Browse the repository at this point in the history
  • Loading branch information
@klejejs
klejejs committed Sep 27, 2024
1 parent 6697ce0 commit bf182f5
Show file tree
Hide file tree
Showing 2 changed files with 4 additions and 4 deletions.
4 changes: 2 additions & 2 deletions .modules/service/ecs.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,8 +20,8 @@ resource "aws_ecs_task_definition" "task" {
family = var.service_name
cpu = var.ecs_cpu
memory = var.ecs_memory
execution_role_arn = coalesce(var.ecs_execution_role_arn, aws_iam_role.ecs-execution.arn)
task_role_arn = coalesce(var.ecs_task_execution_role_arn, aws_iam_role.task-execution.arn)
execution_role_arn = var.ecs_execution_role_arn != "" ? var.ecs_execution_role_arn : aws_iam_role.ecs-execution.arn
task_role_arn = var.ecs_task_execution_role_arn != "" ? var.ecs_task_execution_role_arn : aws_iam_role.task-execution.arn
network_mode = "awsvpc"
requires_compatibilities = [var.launch_type]

Expand Down
4 changes: 2 additions & 2 deletions .modules/service/policy.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ resource "aws_iam_role" "ecs-execution" {
resource "aws_iam_role_policy_attachment" "ecs-execution-managed" {
count = var.ecs_execution_role_arn == "" ? 1 : 0

role = aws_iam_role.ecs-execution.id
role = var.ecs_execution_role_arn == "" ? aws_iam_role.ecs-execution.id : ""
policy_arn = "arn:aws:iam::aws:policy/service-role/AmazonECSTaskExecutionRolePolicy"
}

Expand Down Expand Up @@ -60,5 +60,5 @@ resource "aws_iam_role_policy" "task-role" {
count = var.ecs_task_execution_role_arn == "" ? 1 : 0

policy = data.aws_iam_policy_document.task-policy.json
role = aws_iam_role.task-execution.id
role = var.ecs_task_execution_role_arn == "" ? aws_iam_role.task-execution.id : ""
}

0 comments on commit bf182f5

Please sign in to comment.