Merge pull request #4 from UKHomeOffice/terraform-0.12

Update module for Terraform 0.12
UKHomeOffice · Sep 10, 2019 · a358b41 · a358b41
2 parents 461f359 + 1a0d8d8
commit a358b41
Show file tree

Hide file tree

Showing 6 changed files with 459 additions and 435 deletions.
diff --git a/.drone.yml b/.drone.yml
@@ -1,6 +1,6 @@
 pipeline:
   validate:
-    image: quay.io/ukhomeofficedigital/terraform-toolset:v0.2.5
+    image: quay.io/ukhomeofficedigital/terraform-toolset:v0.12.6
     commands:
     - /acp/scripts/tf-validate.sh --no-docs
     when:

diff --git a/.gitignore b/.gitignore
@@ -0,0 +1 @@
+.terraform
diff --git a/iam.tf b/iam.tf
@@ -1,5 +1,5 @@
 data "aws_iam_policy_document" "assume_role" {
-  count = "${var.create}"
+  count = var.create ? 1 : 0
 
   statement {
     effect = "Allow"
@@ -14,7 +14,7 @@ data "aws_iam_policy_document" "assume_role" {
 }
 
 data "aws_iam_policy_document" "lambda_basic" {
-  count = "${var.create}"
+  count = var.create ? 1 : 0
 
   statement {
     sid = "AllowWriteToCloudwatchLogs"
@@ -32,9 +32,9 @@ data "aws_iam_policy_document" "lambda_basic" {
 }
 
 data "aws_iam_policy_document" "lambda" {
-  count = "${(var.create_with_kms_key == 1 ? 1 : 0) * var.create}"
+  count = var.create_with_kms_key && var.create ? 1 : 0
 
-  source_json = "${data.aws_iam_policy_document.lambda_basic.0.json}"
+  source_json = data.aws_iam_policy_document.lambda_basic[0].json
 
   statement {
     sid = "AllowKMSDecrypt"
@@ -48,17 +48,25 @@ data "aws_iam_policy_document" "lambda" {
 }
 
 resource "aws_iam_role" "lambda" {
-  count = "${var.create}"
+  count = var.create ? 1 : 0
 
   name_prefix        = "lambda"
-  assume_role_policy = "${data.aws_iam_policy_document.assume_role.0.json}"
+  assume_role_policy = data.aws_iam_policy_document.assume_role[0].json
 }
 
 resource "aws_iam_role_policy" "lambda" {
-  count = "${var.create}"
+  count = var.create ? 1 : 0
 
   name_prefix = "lambda-policy-"
-  role        = "${aws_iam_role.lambda.0.id}"
-
-  policy = "${element(compact(concat(data.aws_iam_policy_document.lambda.*.json, data.aws_iam_policy_document.lambda_basic.*.json)), 0)}"
+  role        = aws_iam_role.lambda[0].id
+
+  policy = element(
+    compact(
+      concat(
+        data.aws_iam_policy_document.lambda.*.json,
+        data.aws_iam_policy_document.lambda_basic.*.json,
+      ),
+    ),
+    0,
+  )
 }