[NDR-190] add missing counter for iam roles

NogaNHS · NogaNHS · commit 5df11d81775a · 2025-07-28T11:21:52.000+01:00
diff --git a/infrastructure/iam.tf b/infrastructure/iam.tf
@@ -119,6 +119,7 @@ resource "aws_iam_role_policy_attachment" "manifest_presign_url" {
 
 resource "aws_iam_policy" "s3_document_data_policy_for_get_doc_ref_lambda" {
   name = "${terraform.workspace}_get_document_only_policy_for_get_doc_lambda"
+  count   = local.is_production ? 0 : 1
 
   policy = jsonencode({
     "Version" : "2012-10-17",
@@ -135,7 +136,7 @@ resource "aws_iam_policy" "s3_document_data_policy_for_get_doc_ref_lambda" {
 }
 
 data "aws_iam_policy_document" "assume_role_policy_for_get_doc_ref_lambda" {
-  count = 1
+  count   = local.is_production ? 0 : 1
   statement {
     actions = ["sts:AssumeRole"]
 
@@ -147,14 +148,14 @@ data "aws_iam_policy_document" "assume_role_policy_for_get_doc_ref_lambda" {
 }
 
 resource "aws_iam_role" "get_fhir_doc_presign_url_role" {
-  count              = 1
+  count   = local.is_production ? 0 : 1
   name               = "${terraform.workspace}_get_fhir_doc_presign_url_role"
   assume_role_policy = data.aws_iam_policy_document.assume_role_policy_for_get_doc_ref_lambda[0].json
 }
 
 
 resource "aws_iam_role_policy_attachment" "get_doc_presign_url" {
-  count      = 1
+  count   = local.is_production ? 0 : 1
   role       = aws_iam_role.get_fhir_doc_presign_url_role[0].name
   policy_arn = aws_iam_policy.s3_document_data_policy_for_get_doc_ref_lambda.arn
 }
