Skip to content

Commit

Permalink
add conditon for local external_id
Browse files Browse the repository at this point in the history
  • Loading branch information
@uchinda-sph
uchinda-sph committed Feb 28, 2023
1 parent 0aeae64 commit af38748
Show file tree
Hide file tree
Showing 3 changed files with 6 additions and 5 deletions.
8 changes: 4 additions & 4 deletions data.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -235,7 +235,7 @@ data "aws_iam_policy_document" "aqua_cspm_custom_trust" {
test = "StringEquals"
variable = "sts:ExternalId"
values = [
jsondecode(aws_lambda_invocation.external_id.result)["ExternalId"],
local.external_id,
]
}

Expand Down Expand Up @@ -264,7 +264,7 @@ data "aws_iam_policy_document" "aqua_cspm_custom_trust" {
test = "StringEquals"
variable = "sts:ExternalId"
values = [
jsondecode(aws_lambda_invocation.external_id.result)["ExternalId"],
local.external_id,
]
}

Expand Down Expand Up @@ -293,7 +293,7 @@ data "aws_iam_policy_document" "aqua_cspm_custom_trust" {
test = "StringEquals"
variable = "sts:ExternalId"
values = [
jsondecode(aws_lambda_invocation.external_id.result)["ExternalId"],
local.external_id,
]
}

Expand Down Expand Up @@ -322,7 +322,7 @@ data "aws_iam_policy_document" "aqua_cspm_custom_trust" {
test = "StringEquals"
variable = "sts:ExternalId"
values = [
jsondecode(aws_lambda_invocation.external_id.result)["ExternalId"],
local.external_id,
]
}

Expand Down
2 changes: 1 addition & 1 deletion lambda.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,7 @@ resource "aws_lambda_invocation" "onboarding" {
input = jsonencode({
ResourceProperties = {
Secret = local.secret_name,
ExtId = jsondecode(aws_lambda_invocation.external_id.result)["ExternalId"],
ExtId = local.external_id,
Group = var.aqua_group_name,
RoleArn = aws_iam_role.aqua_cspm.arn,
AccId = data.aws_caller_identity.current.account_id
Expand Down
1 change: 1 addition & 0 deletions locals.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@ locals {

secret_name = "/aquacspm/secret-cspm"

external_id = jsondecode(aws_lambda_invocation.external_id.result)["status"] == "FAILED" ? jsondecode(aws_lambda_invocation.external_id.result)["message"] : jsondecode(aws_lambda_invocation.external_id.result)["ExternalId"]
# public_ip = "13.215.18.141/32"

aqua_cspm_role_policy_arns = [
Expand Down

0 comments on commit af38748

Please sign in to comment.