NRL-1188 use compact to ignore nulls

jackleary · jackleary · commit 467e82515db9 · 2024-12-18T12:55:28.000Z
diff --git a/terraform/infrastructure/locals.tf b/terraform/infrastructure/locals.tf
@@ -29,7 +29,7 @@ locals {
   public_domain = local.is_sandbox_env ? var.public_sandbox_domain : var.public_domain
 
   # Logic / vars for reporting
-  reporting_bucket_arn = local.is_dev_env ? data.aws_s3_bucket.source-data-bucket[0].arn : data.aws_s3_bucket.source-data-bucket.arn
+  reporting_bucket_arn = local.is_dev_env ? data.aws_s3_bucket.source-data-bucket[0].arn : null
 
   # Logic / vars for splunk environment
   splunk_environment = local.is_sandbox_env ? "${var.account_name}sandbox" : var.account_name
diff --git a/terraform/infrastructure/modules/firehose/iam_firehose.tf b/terraform/infrastructure/modules/firehose/iam_firehose.tf
@@ -27,12 +27,12 @@ data "aws_iam_policy_document" "firehose" {
       "s3:PutObject",
     ]
 
-    resources = [
+    resources = compact([
       aws_s3_bucket.firehose.arn,
       "${aws_s3_bucket.firehose.arn}/*",
       var.reporting_bucket_arn,
       "${var.reporting_bucket_arn}/*",
-    ]
+    ])
     effect = "Allow"
   }
 
@@ -72,12 +72,12 @@ data "aws_iam_policy_document" "firehose" {
     actions = [
       "logs:PutLogEvents",
     ]
-    resources = [
+    resources = compact([
       aws_cloudwatch_log_group.firehose.arn,
       aws_cloudwatch_log_stream.firehose.arn,
       local.iam_firehose.cloudwatch_reporting_log_group_arn,
       local.iam_firehose.cloudwatch_reporting_log_stream_arn,
-    ]
+    ])
     effect = "Allow"
   }
 }
diff --git a/terraform/infrastructure/modules/firehose/iam_subscriptions.tf b/terraform/infrastructure/modules/firehose/iam_subscriptions.tf
@@ -20,10 +20,10 @@ data "aws_iam_policy_document" "firehose_subscription" {
       "firehose:*",
     ]
     effect = "Allow"
-    resources = [
+    resources = compact([
       aws_kinesis_firehose_delivery_stream.firehose.arn,
       local.iam_subscriptions.firehose_reporting_stream_arn,
-    ]
+    ])
   }
   statement {
     actions = [
diff --git a/terraform/infrastructure/modules/firehose/locals.tf b/terraform/infrastructure/modules/firehose/locals.tf
@@ -32,12 +32,12 @@ locals {
   }
 
   iam_firehose = {
-    cloudwatch_reporting_log_group_arn  = var.reporting_infra_toggle ? aws_cloudwatch_log_group.firehose_reporting[0].arn : aws_cloudwatch_log_group.firehose_reporting.arn
-    cloudwatch_reporting_log_stream_arn = var.reporting_infra_toggle ? aws_cloudwatch_log_stream.firehose_reporting[0].arn : aws_cloudwatch_log_stream.firehose_reporting.arn
+    cloudwatch_reporting_log_group_arn  = var.reporting_infra_toggle ? aws_cloudwatch_log_group.firehose_reporting[0].arn : null
+    cloudwatch_reporting_log_stream_arn = var.reporting_infra_toggle ? aws_cloudwatch_log_stream.firehose_reporting[0].arn : null
   }
 
   iam_subscriptions = {
-    firehose_reporting_stream_arn = var.reporting_infra_toggle ? aws_kinesis_firehose_delivery_stream.reporting_stream[0].arn : aws_kinesis_firehose_delivery_stream.reporting_stream.arn
+    firehose_reporting_stream_arn = var.reporting_infra_toggle ? aws_kinesis_firehose_delivery_stream.reporting_stream[0].arn : null
   }
 
 }

Original file line number	Diff line number	Diff line change
`@@ -27,12 +27,12 @@ data "aws_iam_policy_document" "firehose" {`
`27`	`27`	`"s3:PutObject",`
`28`	`28`	`]`
`29`	`29`
`30`		`- resources = [`
	`30`	`+ resources = compact([`
`31`	`31`	`aws_s3_bucket.firehose.arn,`
`32`	`32`	`"${aws_s3_bucket.firehose.arn}/*",`
`33`	`33`	`var.reporting_bucket_arn,`
`34`	`34`	`"${var.reporting_bucket_arn}/*",`
`35`		`- ]`
	`35`	`+ ])`
`36`	`36`	`effect = "Allow"`
`37`	`37`	`}`
`38`	`38`
`@@ -72,12 +72,12 @@ data "aws_iam_policy_document" "firehose" {`
`72`	`72`	`actions = [`
`73`	`73`	`"logs:PutLogEvents",`
`74`	`74`	`]`
`75`		`- resources = [`
	`75`	`+ resources = compact([`
`76`	`76`	`aws_cloudwatch_log_group.firehose.arn,`
`77`	`77`	`aws_cloudwatch_log_stream.firehose.arn,`
`78`	`78`	`local.iam_firehose.cloudwatch_reporting_log_group_arn,`
`79`	`79`	`local.iam_firehose.cloudwatch_reporting_log_stream_arn,`
`80`		`- ]`
	`80`	`+ ])`
`81`	`81`	`effect = "Allow"`
`82`	`82`	`}`
`83`	`83`	`}`
Original file line number	Diff line number	Diff line change
`@@ -20,10 +20,10 @@ data "aws_iam_policy_document" "firehose_subscription" {`
`20`	`20`	`"firehose:*",`
`21`	`21`	`]`
`22`	`22`	`effect = "Allow"`
`23`		`- resources = [`
	`23`	`+ resources = compact([`
`24`	`24`	`aws_kinesis_firehose_delivery_stream.firehose.arn,`
`25`	`25`	`local.iam_subscriptions.firehose_reporting_stream_arn,`
`26`		`- ]`
	`26`	`+ ])`
`27`	`27`	`}`
`28`	`28`	`statement {`
`29`	`29`	`actions = [`
Original file line number	Diff line number	Diff line change
`@@ -32,12 +32,12 @@ locals {`
`32`	`32`	`}`
`33`	`33`
`34`	`34`	`iam_firehose = {`
`35`		`- cloudwatch_reporting_log_group_arn = var.reporting_infra_toggle ? aws_cloudwatch_log_group.firehose_reporting[0].arn : aws_cloudwatch_log_group.firehose_reporting.arn`
`36`		`- cloudwatch_reporting_log_stream_arn = var.reporting_infra_toggle ? aws_cloudwatch_log_stream.firehose_reporting[0].arn : aws_cloudwatch_log_stream.firehose_reporting.arn`
	`35`	`+ cloudwatch_reporting_log_group_arn = var.reporting_infra_toggle ? aws_cloudwatch_log_group.firehose_reporting[0].arn : null`
	`36`	`+ cloudwatch_reporting_log_stream_arn = var.reporting_infra_toggle ? aws_cloudwatch_log_stream.firehose_reporting[0].arn : null`
`37`	`37`	`}`
`38`	`38`
`39`	`39`	`iam_subscriptions = {`
`40`		`- firehose_reporting_stream_arn = var.reporting_infra_toggle ? aws_kinesis_firehose_delivery_stream.reporting_stream[0].arn : aws_kinesis_firehose_delivery_stream.reporting_stream.arn`
	`40`	`+ firehose_reporting_stream_arn = var.reporting_infra_toggle ? aws_kinesis_firehose_delivery_stream.reporting_stream[0].arn : null`
`41`	`41`	`}`
`42`	`42`
`43`	`43`	`}`