diff --git a/iam.tf b/iam.tf index 085fc64..6a49ae9 100644 --- a/iam.tf +++ b/iam.tf @@ -1,4 +1,5 @@ resource "kubernetes_namespace" "alb_ingress" { + depends_on = [var.mod_dependency] count = (var.enabled && var.k8s_namespace != "kube-system") ? 1 : 0 metadata { @@ -9,6 +10,7 @@ resource "kubernetes_namespace" "alb_ingress" { ### iam ### # Policy data "aws_iam_policy_document" "alb_ingress" { + depends_on = [var.mod_dependency] count = var.enabled ? 1 : 0 statement { @@ -141,6 +143,7 @@ data "aws_iam_policy_document" "alb_ingress" { } resource "aws_iam_policy" "alb_ingress" { + depends_on = [var.mod_dependency] count = var.enabled ? 1 : 0 name = "${var.cluster_name}-alb-ingress" path = "/" @@ -151,6 +154,7 @@ resource "aws_iam_policy" "alb_ingress" { # Role data "aws_iam_policy_document" "alb_ingress_assume" { + depends_on = [var.mod_dependency] count = var.enabled ? 1 : 0 statement { @@ -175,12 +179,14 @@ data "aws_iam_policy_document" "alb_ingress_assume" { } resource "aws_iam_role" "alb_ingress" { + depends_on = [var.mod_dependency] count = var.enabled ? 1 : 0 name = "${var.cluster_name}-alb-ingress" assume_role_policy = data.aws_iam_policy_document.alb_ingress_assume[0].json } resource "aws_iam_role_policy_attachment" "alb_ingress" { + depends_on = [var.mod_dependency] count = var.enabled ? 1 : 0 role = aws_iam_role.alb_ingress[0].name policy_arn = aws_iam_policy.alb_ingress[0].arn diff --git a/main.tf b/main.tf index 5475e7a..8309a52 100644 --- a/main.tf +++ b/main.tf @@ -1,9 +1,11 @@ data "helm_repository" "default" { + depends_on = [var.mod_dependency] name = var.helm_repo_name url = var.helm_repo_url } resource "helm_release" "alb_ingress" { + depends_on = [var.mod_dependency] count = var.enabled ? 1 : 0 name = var.helm_release_name repository = data.helm_repository.default.metadata[0].name diff --git a/variables.tf b/variables.tf index 9d07247..0dcde03 100644 --- a/variables.tf +++ b/variables.tf @@ -47,3 +47,9 @@ variable "k8s_service_account_name" { default = "aws-alb-ingress-controller" description = "The k8s alb-ingress service account name" } + +#dependence variable binds all AWS resources allocated by +#this module. Dependent modules reference this variable +variable "mod_dependency" { + default = null +}