2 Answers
- Newest
- Most votes
- Most comments
1
Hello.
How about setting the SQS access policy a little wider as shown below?
{
"Version": "2012-10-17",
"Id": "__default_policy_ID",
"Statement": [
{
"Sid": "__owner_statement",
"Effect": "Allow",
"Principal": {
"AWS": "arn:aws:iam::012345678912:root"
},
"Action": "SQS:*",
"Resource": "arn:aws:sqs:us-east-1:012345678912:sqsqueue"
}
]
}
0
This turned out to be how Terraform creates resources, I had to take the policy out of IAM role so I ended up with 3 different resources, aws_iam_role
, aws_iam_policy
and aws_iam_role_policy_attachment
.
I declared a depends_on
for aws_iam_policy
in aws_iam_role
.
This is in addition to depends_on
for aws_iam_role
in aws_lambda_function
.
answered 4 months ago
You don’t need to use depends on unless in extreme circumstances. Terraform builds its own dependencies if used correctly. I don’t see why you would have issues here.
Relevant content
- asked 6 months ago
- AWS OFFICIALUpdated 5 months ago
- What's the difference between Lambda function execution role permissions and invocation permissions?AWS OFFICIALUpdated 2 years ago
thanks for replying, I did try while clicking through console, just to check if I had written the Terraform template wrong... this turned out to be Terraform dependency issue.