TechQA.

AWS with Terraform - Error: "This value is null, so it does not have any attributes."

25 views Asked by At

I want to create a "aws_iam_role_policy_attachment" using a Terraform module and I get the following Error: "This value is null, so it does not have any attributes."

The folder structure I'm using is the one below:

Folder structure

The data flows as follows:

terraform.tfvars -> variables.tf -> main.tf -> variables.tf -> iam_role_policy_attachment.tf | <------- located in environment folder ------> | <------- located in modules/iam folder ------->

The content of the files is the following:

terraform.tfvars

iam_role = [
  {
    name = "EC2ConnectToSSMRole"
    tags = {
      Name = "Allows EC2 instances to connect to SSM"
    }
    # policy_arn = [
    #   "arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore",
    #   "arn:aws:iam::aws:policy/AmazonSSMPatchAssociation"
    # ]
  }
]

# list iam_role_policy_attachment
iam_rpa = [ 
  {
   role = "EC2ConnectToSSMRole"
   policy_arn = [ 
    "arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore",
    "arn:aws:iam::aws:policy/AmazonSSMPatchAssociation"
   ] 
  }
]

variables.tf

variable "iam_role" {
  type = list(
    object({
      name = string
      tags = map(string)
      #policy_arn = set(string)
    })
  )
}

#iam_role_policy_assignment
variable "iam_rpa" {
  type = list( 
    object({
      role       = string
      policy_arn = set(string)
    })
  )  
}

main.tf

module "iam_role" {
  for_each = { for iam_role in var.iam_role : iam_role.name => iam_role }
  source   = "../modules/iam/"
  iam_role = each.value
}

module "iam_rpa" {
  for_each = { for iam_rpa in var.iam_rpa : iam_rpa.role => iam_rpa}
  source = "../modules/iam/"
  iam_rpa = each.value
  depends_on = [ 
    module.iam_role 
  ]
}

variables.tf

variable "iam_role" {
  type = object({
    name       = string
    tags       = map(string)
  #  policy_arn = set(string)
  })
  default = null
}

#iam_role_policy_assignment
variable "iam_rpa" {
  type = object({
    role       = string
    policy_arn = list(string)
  })
  default = null
}

iam_role_policy_attachment.tf

resource "aws_iam_role_policy_attachment" "test-attach" {
  for_each   = var.iam_rpa.policy_arn
  role       = var.iam_rpa.role
  policy_arn = each.value
}

When I run "terraform plan" I get the following error:

╷
│ Error: Attempt to get attribute from null value
│ 
│   on ../modules/iam/iam_role_policy_attachment.tf line 3, in resource "aws_iam_role_policy_attachment" "test-attach":
│    3:   for_each   = var.iam_rpa.policy_arn
│     ├────────────────
│     │ var.iam_rpa is null
│ 
│ This value is null, so it does not have any attributes.
╵

If I declare a resource block "aws_iam_role_policy_attachment" in main.tf, everything works fine, which means the variables are declared right. I wrote the "aws_iam_role_policy_attachment" module just like all my other modules (I've written tens of modules until now, and they all work), following the same structure. I can't figure out why this module won't create the requested resource. I got a similar behavior when trying to create a "aws_autoscaling_policy". This led me to think there might be an issue with assigning policies in AWS with Terraform. I've been trying to figure this out for some time now but with no luck. Any hints or solutions are more than welcomed! Thanks!

amazon-web-services module null terraform-provider-aws
Original Q&A
0

There are 0 answers

Related Questions in AMAZON-WEB-SERVICES

Related Questions in MODULE

Related Questions in NULL

Related Questions in TERRAFORM-PROVIDER-AWS

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json

Trending Questions