Ignore policy creation when integration is disabled

“Subramanian · “Subramanian · commit 34fb90814b2e · 2023-05-29T15:22:14.000+08:00
diff --git a/data.tf b/data.tf
@@ -357,6 +357,8 @@ data "aws_iam_policy_document" "aqua_cspm_custom_trust" {
 }
 
 data "aws_iam_policy_document" "aquahub_sechub_trust" {
+  count = local.enable_security_hub_integration ? 1 : 0
+
   statement {
     effect = "Allow"
 
diff --git a/iam.tf b/iam.tf
@@ -74,7 +74,7 @@ resource "aws_iam_role" "aqua_cspm_sechub" {
   path                 = "/"
   max_session_duration = "3600"
 
-  assume_role_policy = data.aws_iam_policy_document.aquahub_sechub_trust.json
+  assume_role_policy = data.aws_iam_policy_document.aquahub_sechub_trust[0].json
 }
 
 resource "aws_iam_role_policy_attachment" "aqua_cspm_sechub" {

Original file line number	Diff line number	Diff line change
`@@ -357,6 +357,8 @@ data "aws_iam_policy_document" "aqua_cspm_custom_trust" {`
`357`	`357`	`}`
`358`	`358`
`359`	`359`	`data "aws_iam_policy_document" "aquahub_sechub_trust" {`
	`360`	`+ count = local.enable_security_hub_integration ? 1 : 0`
	`361`	`+`
`360`	`362`	`statement {`
`361`	`363`	`effect = "Allow"`
`362`	`364`
Original file line number	Diff line number	Diff line change
`@@ -74,7 +74,7 @@ resource "aws_iam_role" "aqua_cspm_sechub" {`
`74`	`74`	`path = "/"`
`75`	`75`	`max_session_duration = "3600"`
`76`	`76`
`77`		`- assume_role_policy = data.aws_iam_policy_document.aquahub_sechub_trust.json`
	`77`	`+ assume_role_policy = data.aws_iam_policy_document.aquahub_sechub_trust[0].json`
`78`	`78`	`}`
`79`	`79`
`80`	`80`	`resource "aws_iam_role_policy_attachment" "aqua_cspm_sechub" {`