Skip to content

Commit 4afbda7

Browse files
NogaNHSNogaNHS
committed
[PRMP-1400] missing indexes
1 parent f6e27e5 commit 4afbda7

File tree

3 files changed

+18
-11
lines changed

3 files changed

+18
-11
lines changed

infrastructure/README.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -219,7 +219,7 @@
219219
| [aws_iam_role_policy.mesh_sns_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy) | resource |
220220
| [aws_iam_role_policy.mesh_ssm_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy) | resource |
221221
| [aws_iam_role_policy.sns_failure_feedback](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy) | resource |
222-
| [aws_iam_role_policy.test_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy) | resource |
222+
| [aws_iam_role_policy.splunk_access_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy) | resource |
223223
| [aws_iam_role_policy_attachment.backup_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
224224
| [aws_iam_role_policy_attachment.cross_account_backup_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
225225
| [aws_iam_role_policy_attachment.cross_account_copy_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |

infrastructure/audit.tf

Lines changed: 4 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -20,9 +20,10 @@ resource "aws_iam_role" "splunk_sqs_forwarder" {
2020
assume_role_policy = data.aws_iam_policy_document.splunk_trust_policy.json
2121
}
2222

23-
resource "aws_iam_role_policy" "test_policy" {
24-
name = "${var.environment}_splunk_access_policy"
25-
role = aws_iam_role.splunk_sqs_forwarder.id
23+
resource "aws_iam_role_policy" "splunk_access_policy" {
24+
name = "${var.environment}_splunk_access_policy"
25+
count = local.is_sandbox ? 0 : 1
26+
role = aws_iam_role.splunk_sqs_forwarder[0].id
2627
policy = jsonencode({
2728
Version = "2012-10-17"
2829
Statement = [

infrastructure/mesh-forwarder.tf

Lines changed: 13 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -125,33 +125,38 @@ resource "aws_iam_role" "mesh_forwarder" {
125125
}
126126

127127
resource "aws_iam_role_policy" "mesh_kms_policy" {
128+
count = local.is_mesh_forwarder_enable ? 1 : 0
128129
name = "${var.environment}-${var.mesh_component_name}-kms"
129-
role = aws_iam_role.mesh_forwarder.id
130+
role = aws_iam_role.mesh_forwarder[0].id
130131
policy = data.aws_iam_policy_document.kms_policy_doc.json
131132
}
132133

133134
resource "aws_iam_role_policy" "mesh_ecr_policy" {
135+
count = local.is_mesh_forwarder_enable ? 1 : 0
134136
name = "${var.environment}-${var.mesh_component_name}-ecr"
135-
role = aws_iam_role.mesh_forwarder.id
137+
role = aws_iam_role.mesh_forwarder[0].id
136138
policy = data.aws_iam_policy_document.ecr_policy_doc.json
137139
}
138140

139141
resource "aws_iam_role_policy" "mesh_logs_policy" {
142+
count = local.is_mesh_forwarder_enable ? 1 : 0
140143
name = "${var.environment}-${var.mesh_component_name}-logs"
141144
policy = data.aws_iam_policy_document.logs_policy_doc.json
142-
role = aws_iam_role.mesh_forwarder.id
145+
role = aws_iam_role.mesh_forwarder[0].id
143146
}
144147

145148
resource "aws_iam_role_policy" "mesh_ssm_policy" {
149+
count = local.is_mesh_forwarder_enable ? 1 : 0
146150
name = "${var.environment}-${var.mesh_component_name}-ssm"
147151
policy = data.aws_iam_policy_document.ssm_policy_doc.json
148-
role = aws_iam_role.mesh_forwarder.id
152+
role = aws_iam_role.mesh_forwarder[0].id
149153
}
150154

151155
resource "aws_iam_role_policy" "mesh_sns_policy" {
156+
count = local.is_mesh_forwarder_enable ? 1 : 0
152157
name = "${var.environment}-${var.mesh_component_name}-sns"
153158
policy = data.aws_iam_policy_document.sns_policy_doc[0].json
154-
role = aws_iam_role.mesh_forwarder.id
159+
role = aws_iam_role.mesh_forwarder[0].id
155160
}
156161

157162
data "aws_iam_policy_document" "ecs-assume-role-policy" {
@@ -222,8 +227,9 @@ resource "aws_iam_role" "ecs_execution" {
222227
}
223228

224229
resource "aws_iam_role_policy" "ecs_execution" {
230+
count = local.is_mesh_forwarder_enable ? 1 : 0
225231
name = "${var.environment}-${var.mesh_component_name}-ecs-execution"
226-
role = aws_iam_role.ecs_execution.id
232+
role = aws_iam_role.ecs_execution[0].id
227233
policy = data.aws_iam_policy_document.ecs_execution[0].json
228234
}
229235

@@ -353,7 +359,7 @@ resource "aws_iam_role" "sns_failure_feedback_role" {
353359
resource "aws_iam_role_policy" "sns_failure_feedback" {
354360
name = "${var.environment}-${var.mesh_component_name}-sns-failure-feedback"
355361
policy = data.aws_iam_policy_document.sns_failure_feedback_policy.json
356-
role = aws_iam_role.sns_failure_feedback_role.id
362+
role = aws_iam_role.sns_failure_feedback_role[0].id
357363
}
358364

359365
data "aws_iam_policy_document" "sns_service_assume_role_policy" {

0 commit comments

Comments
 (0)