feat: Do not call data resources when create is false (#25)

bryantbiggs · web-flow · commit 4951c38f3cd5 · 2023-11-03T18:39:51.000-04:00
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
@@ -1,6 +1,6 @@
 repos:
   - repo: https://github.com/antonbabenko/pre-commit-terraform
-    rev: v1.77.1
+    rev: v1.83.5
     hooks:
       - id: terraform_fmt
       - id: terraform_validate
@@ -23,7 +23,7 @@ repos:
           - '--args=--only=terraform_standard_module_structure'
           - '--args=--only=terraform_workspace_remote'
   - repo: https://github.com/pre-commit/pre-commit-hooks
-    rev: v4.4.0
+    rev: v4.5.0
     hooks:
       - id: check-merge-conflict
       - id: end-of-file-fixer
diff --git a/main.tf b/main.tf
@@ -1,5 +1,15 @@
-data "aws_partition" "current" {}
-data "aws_caller_identity" "current" {}
+data "aws_partition" "current" {
+  count = var.create ? 1 : 0
+}
+data "aws_caller_identity" "current" {
+  count = var.create ? 1 : 0
+}
+
+locals {
+  account_id = try(data.aws_caller_identity.current[0].account_id, "")
+  partition  = try(data.aws_partition.current[0].partition, "")
+  dns_suffix = try(data.aws_partition.current[0].dns_suffix, "")
+}
 
 ################################################################################
 # Key
@@ -98,7 +108,7 @@ data "aws_iam_policy_document" "this" {
 
       principals {
         type        = "AWS"
-        identifiers = ["arn:${data.aws_partition.current.partition}:iam::${data.aws_caller_identity.current.account_id}:root"]
+        identifiers = ["arn:${local.partition}:iam::${local.account_id}:root"]
       }
     }
   }
@@ -342,7 +352,7 @@ data "aws_iam_policy_document" "this" {
 
       principals {
         type        = "Service"
-        identifiers = ["dnssec-route53.${data.aws_partition.current.dns_suffix}"]
+        identifiers = ["dnssec-route53.${local.dns_suffix}"]
       }
     }
   }
@@ -358,7 +368,7 @@ data "aws_iam_policy_document" "this" {
 
       principals {
         type        = "Service"
-        identifiers = ["dnssec-route53.${data.aws_partition.current.dns_suffix}"]
+        identifiers = ["dnssec-route53.${local.dns_suffix}"]
       }
 
       condition {
@@ -373,7 +383,7 @@ data "aws_iam_policy_document" "this" {
         content {
           test     = "StringEquals"
           variable = "aws:SourceAccount"
-          values   = try(condition.value.account_ids, [data.aws_caller_identity.current.account_id])
+          values   = try(condition.value.account_ids, [local.account_id])
         }
       }
 
@@ -383,7 +393,7 @@ data "aws_iam_policy_document" "this" {
         content {
           test     = "ArnLike"
           variable = "aws:SourceArn"
-          values   = [try(condition.value.hosted_zone_arn, "arn:${data.aws_partition.current.partition}:route53:::hostedzone/*")]
+          values   = [try(condition.value.hosted_zone_arn, "arn:${local.partition}:route53:::hostedzone/*")]
         }
       }
     }

Original file line number	Diff line number	Diff line change
`@@ -1,5 +1,15 @@`
`1`		`-data "aws_partition" "current" {}`
`2`		`-data "aws_caller_identity" "current" {}`
	`1`	`+data "aws_partition" "current" {`
	`2`	`+ count = var.create ? 1 : 0`
	`3`	`+}`
	`4`	`+data "aws_caller_identity" "current" {`
	`5`	`+ count = var.create ? 1 : 0`
	`6`	`+}`
	`7`	`+`
	`8`	`+locals {`
	`9`	`+ account_id = try(data.aws_caller_identity.current[0].account_id, "")`
	`10`	`+ partition = try(data.aws_partition.current[0].partition, "")`
	`11`	`+ dns_suffix = try(data.aws_partition.current[0].dns_suffix, "")`
	`12`	`+}`
`3`	`13`
`4`	`14`	`################################################################################`
`5`	`15`	`# Key`
`@@ -98,7 +108,7 @@ data "aws_iam_policy_document" "this" {`
`98`	`108`
`99`	`109`	`principals {`
`100`	`110`	`type = "AWS"`
`101`		`- identifiers = ["arn:${data.aws_partition.current.partition}:iam::${data.aws_caller_identity.current.account_id}:root"]`
	`111`	`+ identifiers = ["arn:${local.partition}:iam::${local.account_id}:root"]`
`102`	`112`	`}`
`103`	`113`	`}`
`104`	`114`	`}`
`@@ -342,7 +352,7 @@ data "aws_iam_policy_document" "this" {`
`342`	`352`
`343`	`353`	`principals {`
`344`	`354`	`type = "Service"`
`345`		`- identifiers = ["dnssec-route53.${data.aws_partition.current.dns_suffix}"]`
	`355`	`+ identifiers = ["dnssec-route53.${local.dns_suffix}"]`
`346`	`356`	`}`
`347`	`357`	`}`
`348`	`358`	`}`
`@@ -358,7 +368,7 @@ data "aws_iam_policy_document" "this" {`
`358`	`368`
`359`	`369`	`principals {`
`360`	`370`	`type = "Service"`
`361`		`- identifiers = ["dnssec-route53.${data.aws_partition.current.dns_suffix}"]`
	`371`	`+ identifiers = ["dnssec-route53.${local.dns_suffix}"]`
`362`	`372`	`}`
`363`	`373`
`364`	`374`	`condition {`
`@@ -373,7 +383,7 @@ data "aws_iam_policy_document" "this" {`
`373`	`383`	`content {`
`374`	`384`	`test = "StringEquals"`
`375`	`385`	`variable = "aws:SourceAccount"`
`376`		`- values = try(condition.value.account_ids, [data.aws_caller_identity.current.account_id])`
	`386`	`+ values = try(condition.value.account_ids, [local.account_id])`
`377`	`387`	`}`
`378`	`388`	`}`
`379`	`389`
`@@ -383,7 +393,7 @@ data "aws_iam_policy_document" "this" {`
`383`	`393`	`content {`
`384`	`394`	`test = "ArnLike"`
`385`	`395`	`variable = "aws:SourceArn"`
`386`		`- values = [try(condition.value.hosted_zone_arn, "arn:${data.aws_partition.current.partition}:route53:::hostedzone/*")]`
	`396`	`+ values = [try(condition.value.hosted_zone_arn, "arn:${local.partition}:route53:::hostedzone/*")]`
`387`	`397`	`}`
`388`	`398`	`}`
`389`	`399`	`}`