fix: Ensure role_name_condition is set correctly (#389)

mstiri · bryantbiggs · web-flow · commit 0024928698ff · 2023-06-29T10:49:54.000-04:00
Co-authored-by: Bryant Biggs &lt;bryantbiggs@gmail.com&gt;
diff --git a/examples/iam-role-for-service-accounts-eks/main.tf b/examples/iam-role-for-service-accounts-eks/main.tf
@@ -31,7 +31,8 @@ module "disabled" {
 module "irsa_role" {
   source = "../../modules/iam-role-for-service-accounts-eks"
 
-  role_name = local.name
+  role_name              = local.name
+  allow_self_assume_role = true
 
   oidc_providers = {
     one = {
diff --git a/modules/iam-role-for-service-accounts-eks/main.tf b/modules/iam-role-for-service-accounts-eks/main.tf
@@ -7,7 +7,7 @@ locals {
   partition           = data.aws_partition.current.partition
   dns_suffix          = data.aws_partition.current.dns_suffix
   region              = data.aws_region.current.name
-  role_name_condition = try(coalesce(var.role_name, "${var.role_name_prefix}*"), null)
+  role_name_condition = var.role_name != null ? var.role_name : "${var.role_name_prefix}*"
 }
 
 data "aws_iam_policy_document" "this" {

Original file line number	Diff line number	Diff line change
`@@ -7,7 +7,7 @@ locals {`
`7`	`7`	`partition = data.aws_partition.current.partition`
`8`	`8`	`dns_suffix = data.aws_partition.current.dns_suffix`
`9`	`9`	`region = data.aws_region.current.name`
`10`		`- role_name_condition = try(coalesce(var.role_name, "${var.role_name_prefix}*"), null)`
	`10`	`+ role_name_condition = var.role_name != null ? var.role_name : "${var.role_name_prefix}*"`
`11`	`11`	`}`
`12`	`12`
`13`	`13`	`data "aws_iam_policy_document" "this" {`