Fixed a bug when using multiple principals

blackbird-cloud · Nov 24, 2022 · 7a9ccd1 · 7a9ccd1
1 parent 81c639a
commit 7a9ccd1
Showing 1 changed file with 24 additions and 24 deletions.
diff --git a/data.tf b/data.tf
@@ -1,25 +1,25 @@
 locals {
   account_id = data.aws_caller_identity.current.account_id
-  iam_principals_bucket_actions = compact(flatten([
-    for principal in var.iam_principals : [
-      for action in var.bucket_actions : principal
-    ]
-  ]))
-  service_principals_bucket_actions = compact(flatten([
-    for principal in var.service_principals : [
-      for action in var.bucket_actions : principal
-    ]
-  ]))
-  iam_principals_object_actions = compact(flatten([
-    for principal in var.iam_principals : [
-      for action in var.object_actions : principal
-    ]
-  ]))
-  service_principals_object_actions = compact(flatten([
-    for principal in var.service_principals : [
-      for action in var.object_actions : principal
-    ]
-  ]))
+  # iam_principals_bucket_actions = compact(flatten([
+  #   for principal in var.iam_principals : [
+  #     for action in var.bucket_actions : principal
+  #   ]
+  # ]))
+  # service_principals_bucket_actions = compact(flatten([
+  #   for principal in var.service_principals : [
+  #     for action in var.bucket_actions : principal
+  #   ]
+  # ]))
+  # iam_principals_object_actions = compact(flatten([
+  #   for principal in var.iam_principals : [
+  #     for action in var.object_actions : principal
+  #   ]
+  # ]))
+  # service_principals_object_actions = compact(flatten([
+  #   for principal in var.service_principals : [
+  #     for action in var.object_actions : principal
+  #   ]
+  # ]))
 }
 
 data "aws_caller_identity" "current" {}
@@ -79,7 +79,7 @@ data "aws_iam_policy_document" "lb_log_delivery" {
 
 data "aws_iam_policy_document" "s3" {
   dynamic "statement" {
-    for_each = { for principal in local.service_principals_object_actions : principal => principal }
+    for_each = { for principal in var.service_principals : principal => principal }
     content {
       effect    = "Allow"
       actions   = var.object_actions
@@ -91,7 +91,7 @@ data "aws_iam_policy_document" "s3" {
     }
   }
   dynamic "statement" {
-    for_each = { for principal in local.iam_principals_object_actions : principal => principal }
+    for_each = { for principal in var.iam_principals : principal => principal }
     content {
       effect    = "Allow"
       actions   = var.object_actions
@@ -103,7 +103,7 @@ data "aws_iam_policy_document" "s3" {
     }
   }
   dynamic "statement" {
-    for_each = { for principal in local.service_principals_bucket_actions : principal => principal }
+    for_each = { for principal in var.service_principals : principal => principal }
     content {
       effect    = "Allow"
       actions   = var.bucket_actions
@@ -115,7 +115,7 @@ data "aws_iam_policy_document" "s3" {
     }
   }
   dynamic "statement" {
-    for_each = { for principal in local.iam_principals_bucket_actions : principal => principal }
+    for_each = { for principal in var.iam_principals : principal => principal }
     content {
       effect    = "Allow"
       actions   = var.bucket_actions