fix: Fix a null reference when enabled is false

unfunco · May 17, 2022 · 7f2bb73 · 7f2bb73
1 parent 8460146
commit 7f2bb73
Show file tree

Hide file tree

Showing 2 changed files with 5 additions and 3 deletions.
diff --git a/main.tf b/main.tf
@@ -14,15 +14,15 @@
 
 locals {
   github_organizations = [for repo in var.github_repositories : split("/", repo)[0]]
-  oidc_provider_arn    = var.create_oidc_provider ? aws_iam_openid_connect_provider.github[0].arn : data.aws_iam_openid_connect_provider.github[0].arn
+  oidc_provider_arn    = var.enabled ? (var.create_oidc_provider ? aws_iam_openid_connect_provider.github[0].arn : data.aws_iam_openid_connect_provider.github[0].arn) : ""
   partition            = data.aws_partition.current.partition
 }
 
 resource "aws_iam_role" "github" {
   count = var.enabled ? 1 : 0
 
   assume_role_policy    = data.aws_iam_policy_document.assume_role[0].json
-  description           = "Role used by the GitHub OIDC provider."
+  description           = "Role assumed by the GitHub OIDC provider."
   force_detach_policies = var.force_detach_policies
   max_session_duration  = var.max_session_duration
   name                  = var.iam_role_name
@@ -32,6 +32,7 @@ resource "aws_iam_role" "github" {
 
   dynamic "inline_policy" {
     for_each = var.iam_role_inline_policies
+
     content {
       name   = inline_policy.key
       policy = inline_policy.value

diff --git a/outputs.tf b/outputs.tf
@@ -13,6 +13,7 @@
 // limitations under the License.
 
 output "iam_role_arn" {
+  depends_on  = [aws_iam_role.github]
   description = "ARN of the IAM role."
-  value       = aws_iam_role.github[0].arn
+  value       = var.enabled ? aws_iam_role.github[0].arn : ""
 }