feat: fixing legacy managed_policy_arns (#158)

marekaf · web-flow · commit 9ebfcecda547 · 2025-11-24T16:33:08.000+01:00
diff --git a/modules/github-oidc/main.tf b/modules/github-oidc/main.tf
@@ -46,6 +46,11 @@ resource "aws_iam_role" "github_actions" {
       }
     ]
   })
+}
+
+resource "aws_iam_role_policy_attachment" "github_actions" {
+  for_each = toset(var.managed_policy_arns)
 
-  managed_policy_arns = var.managed_policy_arns
+  role       = aws_iam_role.github_actions.name
+  policy_arn = each.value
 }

Original file line number	Diff line number	Diff line change
`@@ -46,6 +46,11 @@ resource "aws_iam_role" "github_actions" {`
`46`	`46`	`}`
`47`	`47`	`]`
`48`	`48`	`})`
	`49`	`+}`
	`50`	`+`
	`51`	`+resource "aws_iam_role_policy_attachment" "github_actions" {`
	`52`	`+ for_each = toset(var.managed_policy_arns)`
`49`	`53`
`50`		`- managed_policy_arns = var.managed_policy_arns`
	`54`	`+ role = aws_iam_role.github_actions.name`
	`55`	`+ policy_arn = each.value`
`51`	`56`	`}`