Skip to content

Commit cbbcb1f

Browse files
PengyuanZhaoPengyuanZhao
authored
chore: remove iam role attributes from CloudTrail if Config org enabled (#1456)
1 parent 6f7ced5 commit cbbcb1f

File tree

1 file changed

+1
-1
lines changed

1 file changed

+1
-1
lines changed

lwgenerate/aws/aws.go

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -929,7 +929,7 @@ func createCloudtrail(args *GenerateAwsTfConfigurationArgs) (*hclwrite.Block, er
929929
attributes["sqs_encryption_enabled "] = false
930930
}
931931
}
932-
if args.ExistingIamRole.IsEmpty() && args.Config {
932+
if args.ExistingIamRole.IsEmpty() && args.Config && !args.AwsOrganization {
933933
attributes["use_existing_iam_role"] = true
934934
attributes["iam_role_name"] = lwgenerate.CreateSimpleTraversal(
935935
[]string{"module", "aws_config", "iam_role_name"})

0 commit comments

Comments
 (0)