IAM Role issue

[skuriyadi]

Hi,

I am getting below error when using latest version of your module, please advise.

Error: Invalid for_each argument
│
│ on .terraform/modules/eks-cluster.aws_eks/main.tf line 250, in resource "aws_iam_role_policy_attachment" "this":
│ 250: for_each = local.create_iam_role ? toset(compact(distinct(concat([
│ 251: "${local.policy_arn_prefix}/AmazonEKSClusterPolicy",
│ 252: "${local.policy_arn_prefix}/AmazonEKSVPCResourceController",
│ 253: ], var.iam_role_additional_policies)))) : toset([])
│ ├────────────────
│ │ local.create_iam_role is true
│ │ local.policy_arn_prefix is a string, known only after apply
│ │ var.iam_role_additional_policies is empty list of string
│
│ The "for_each" value depends on resource attributes that cannot be determined until apply, so Terraform cannot predict how many instances will be created. To work around this, use the -target argument to first apply only the resources that the for_each depends on.

[askulkarni2]

Hi @skuriyadi this error is documented here. As documented there, this is an issue in Terraform Core.

If you remove the depends_on in your module definition like suggested this error should go away. On the flip side, you may have to do multiple passes over your terraform apply and destroy.

[grid-dev]

@askulkarni2 As this code is coming from the module, what are you usually doing to circumvent it here? As removing the dependency seems not really a solution.

[skuriyadi]

@askulkarni2 , I will continue using the older version for now, I guess the solution which is provided will beat the purpose of creating a complete automated infra setup.
Thank you,
Shiva

[bryantbiggs]

@skuriyadi can you share you current configuration?

[skuriyadi]

Hi @bryantbiggs I am using your module to create a EKS cluster with managed nodegroup and your addon module.
Sorry, I wont be able to share the configuration.

Thank you!

[grid-dev]

A bit unsatisfying, but thanks for your responses

[bryantbiggs]

there has been some recent movement on this issue so hopefully improvements in Terraform core are coming soon hashicorp/terraform#30937

[skuriyadi]

Hi Team,

Did any improvements come from Terraform on this issuue

[skuriyadi]

HI @bryantbiggs ,
Please let me know if here any update on this?

[bryantbiggs]

Hi @skuriyadi - you can track the progress in the linked issue above hashicorp/terraform#30937

[github-actions]

This issue has been automatically marked as stale because it has been open 30 days
with no activity. Remove stale label or comment or this issue will be closed in 10 days

[github-actions]

This issue has been automatically marked as stale because it has been open 30 days
with no activity. Remove stale label or comment or this issue will be closed in 10 days

[github-actions]

This issue has been automatically marked as stale because it has been open 30 days
with no activity. Remove stale label or comment or this issue will be closed in 10 days

[domeales-paloit]

I also had this issue. It turned up when I added a depends_on argument on the module resource using this module.

I worked out that if remove the depends_on and use an implicit dependency by using the outputs of the upstream resource in the tags of this module.

It worked for me. Bit of a hack, but I moved forward at least.

[github-actions]

This issue has been automatically marked as stale because it has been open 30 days
with no activity. Remove stale label or comment or this issue will be closed in 10 days

[bryantbiggs]

Please see #1319

This has been resolved in v19 of the terraform-aws-eks module