Alternative solution for Error: Invalid for_each

[ArturasDB]

Is your request related to a new offering from AWS?

• No 🛑: please wait to file a request until the functionality is avaialble in the AWS provider

Is your request related to a problem? Please describe.

I've found an alternative solution for Error: Invalid for_each when adding nodegroup additional policy. Currently there are two solutions provided in faq, 1 is create it separately which can run into chicken-egg problem when run again, 2 is using -target approach which causes you to run two plans.

Describe the solution you'd like.

My solution would be to use data policy document, it doesn't trigger this error.

data "aws_iam_policy_document" "node" { statement { effect = "Allow" actions = ["ec2:AuthorizeSecurityGroupIngress", "ec2:RevokeSecurityGroupIngress"] resources = ["*"] } statement { effect = "Allow" actions = ["route53:ListHostedZones", "route53:ListResourceRecordSets", "route53:ListTagsForResource"] resources = ["*"] } }
Then assign it to module:
iam_role_additional_policies = ["${data.aws_iam_policy_document.node.json}"]

Describe alternatives you've considered.

Considered current solutions this seems least disruptive.

[github-actions]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.