fix: Fixed Bucket Policy chain dependency with Public Access Block (#227)

Jean717p · cageyv · semantic-release-bot · web-flow · commit fa190740956f · 2023-04-28T12:58:19.000+02:00
Co-authored-by: Vladimir Samoylov &lt;51059484+cageyv@users.noreply.github.com&gt;
Co-authored-by: semantic-release-bot &lt;semantic-release-bot@martynus.net&gt;
diff --git a/main.tf b/main.tf
@@ -512,8 +512,16 @@ resource "aws_s3_bucket_replication_configuration" "this" {
 resource "aws_s3_bucket_policy" "this" {
   count = local.create_bucket && local.attach_policy ? 1 : 0
 
+  # Chain resources (s3_bucket -> s3_bucket_public_access_block -> s3_bucket_policy )
+  # to prevent "A conflicting conditional operation is currently in progress against this resource."
+  # Ref: https://github.com/hashicorp/terraform-provider-aws/issues/7628
+
   bucket = aws_s3_bucket.this[0].id
   policy = data.aws_iam_policy_document.combined[0].json
+
+  depends_on = [
+    aws_s3_bucket_public_access_block.this
+  ]
 }
 
 data "aws_iam_policy_document" "combined" {
@@ -789,11 +797,7 @@ data "aws_iam_policy_document" "require_latest_tls" {
 resource "aws_s3_bucket_public_access_block" "this" {
   count = local.create_bucket && var.attach_public_policy ? 1 : 0
 
-  # Chain resources (s3_bucket -> s3_bucket_policy -> s3_bucket_public_access_block)
-  # to prevent "A conflicting conditional operation is currently in progress against this resource."
-  # Ref: https://github.com/hashicorp/terraform-provider-aws/issues/7628
-
-  bucket = local.attach_policy ? aws_s3_bucket_policy.this[0].id : aws_s3_bucket.this[0].id
+  bucket = aws_s3_bucket.this[0].id
 
   block_public_acls       = var.block_public_acls
   block_public_policy     = var.block_public_policy
